Dieser Inhalt ist in der von Ihnen ausgewählten Sprache nicht verfügbar.
APIs
APIs
Abstract
Chapter 1. APIs
You can access APIs to create and manage application resources, channels, subscriptions, and to query information.
User required access: You can only perform actions that your role is assigned. Learn about access requirements from the Role-based access control documentation.
You can also access all APIs from the integrated console. From the local-cluster
view, navigate to Home > API Explorer to explore API groups.
For more information, review the API documentation for each of the following resources:
- Clusters API
- ClusterInstance API
- ClusterSets API (v1beta2)
- ClusterSetBindings API (v1beta2)
- Channels API
- Subscriptions API
- PlacementRules API (deprecated)
- Applications API
- Helm API
- Policy API
- Observability API
- Search query API
- MultiClusterHub API
- Placements API (v1beta1)
- PlacementDecisions API (v1beta1)
- DiscoveryConfig API
- DiscoveredCluster API
- AddOnDeploymentConfig API (v1alpha1)
- ClusterManagementAddOn API (v1alpha1)
- ManagedClusterAddOn API (v1alpha1)
- ManagedClusterSet API
- KlusterletConfig API (v1alpha1)
- Policy compliance API (Technology Preview)
1.1. Clusters API
1.1.1. Overview
This documentation is for the cluster resource for Red Hat Advanced Cluster Management for Kubernetes. Cluster resource has four possible requests: create, query, delete and update. ManagedCluster
represents the desired state and current status of a managed cluster. ManagedCluster
is a cluster-scoped resource.
1.1.1.1. Version information
Version : 2.12.0
1.1.1.2. URI scheme
BasePath : /kubernetes/apis
Schemes : HTTPS
1.1.1.3. Tags
- cluster.open-cluster-management.io : Create and manage clusters
1.1.2. Paths
1.1.2.1. Query all clusters
GET /cluster.open-cluster-management.io/v1/managedclusters
1.1.2.1.1. Description
Query your clusters for more details.
1.1.2.1.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
1.1.2.1.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.1.2.1.4. Consumes
-
cluster/yaml
1.1.2.1.5. Tags
- cluster.open-cluster-management.io
1.1.2.2. Create a cluster
POST /cluster.open-cluster-management.io/v1/managedclusters
1.1.2.2.1. Description
Create a cluster
1.1.2.2.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Body |
body | Parameters describing the cluster to be created. |
1.1.2.2.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.1.2.2.4. Consumes
-
cluster/yaml
1.1.2.2.5. Tags
- cluster.open-cluster-management.io
1.1.2.2.6. Example HTTP request
1.1.2.2.6.1. Request body
{ "apiVersion" : "cluster.open-cluster-management.io/v1", "kind" : "ManagedCluster", "metadata" : { "labels" : { "vendor" : "OpenShift" }, "name" : "cluster1" }, "spec": { "hubAcceptsClient": true, "managedClusterClientConfigs": [ { "caBundle": "test", "url": "https://test.com" } ] }, "status" : { } }
1.1.2.3. Query a single cluster
GET /cluster.open-cluster-management.io/v1/managedclusters/{cluster_name}
1.1.2.3.1. Description
Query a single cluster for more details.
1.1.2.3.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
cluster_name | Name of the cluster that you want to query. | string |
1.1.2.3.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.1.2.3.4. Tags
- cluster.open-cluster-management.io
1.1.2.4. Delete a cluster
DELETE /cluster.open-cluster-management.io/v1/managedclusters/{cluster_name}
DELETE /hive.openshift.io/v1/{cluster_name}/clusterdeployments/{cluster_name}
1.1.2.4.1. Description
Delete a single cluster
1.1.2.4.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
cluster_name | Name of the cluster that you want to delete. | string |
1.1.2.4.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.1.2.4.4. Tags
- cluster.open-cluster-management.io
1.1.3. Definitions
1.1.3.1. Cluster
Name | Description | Schema |
---|---|---|
apiVersion |
The versioned schema of the | string |
kind | String value that represents the REST resource. | string |
metadata |
The metadata of the | object |
spec |
The specification of the |
spec
Name | Description | Schema |
---|---|---|
hubAcceptsClient |
Specifies whether the hub can establish a connection with the klusterlet agent on the managed cluster. The default value is | bool |
managedClusterClientConfigs | Lists the apiserver addresses of the managed cluster. | |
leaseDurationSeconds | Specifies the lease update time interval of the klusterlet agents on the managed cluster. By default, the klusterlet agent updates its lease every 60 seconds. | integer (int32) |
taints | Prevents a managed cluster from being assigned to one or more managed cluster sets during scheduling. | taint array |
managedClusterClientConfigs
Name | Description | Schema |
---|---|---|
URL | string | |
CABundle | Pattern : "^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$" | string (byte) |
taint
Name | Description | Schema |
---|---|---|
key | The taint key that is applied to a cluster. | string |
value | The taint value that corresponds to the taint key. | string |
effect |
Effect of the taint on placements that do not tolerate the taint. Valid values are | string |
1.2. ClusterInstance API
1.2.1. Overview
This documentation is for the ClusterInstance resource for Red Hat Advanced Cluster Management for Kubernetes. The ClusterInstance resource has four possible requests: create, query, delete and update.
1.2.1.1. Version information
Version : 2.12.0
1.2.1.2. URI scheme
BasePath : /kubernetes/apis
Schemes : HTTPS
1.2.1.3. Tags
- siteconfig.open-cluster-management.io : Create and manage clusters
1.2.2. Paths
1.2.2.1. Query all clusters
GET /siteconfig.open-cluster-management.io/v1alpha1/{clusterinstance_namespace}/{clusterinstance_name}
1.2.2.1.1. Description
Query your clusters for more details.
1.2.2.1.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
clusterinstance_namespace | The namespace of the ClusterInstance that you want to query. | string |
Path |
clusterinstance_name | The name of the ClusterInstance that you want to query. | string |
1.2.2.1.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.2.2.1.4. Consumes
-
clusterinstance/json
1.2.2.1.5. Tags
- siteconfig.open-cluster-management.io
1.2.2.2. Create installation manifests
POST /siteconfig.open-cluster-management.io/v1alpha1/<clusterinstance_namespace>/<clusterinstance_name>
1.2.2.2.1. Description
Create installation manifests with the SiteConfig operator for your choice of installation method.
1.2.2.2.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Body |
body | Parameters describing the installation manifests to be created. | |
Path |
clusterinstance_namespace | The namespace of the ClusterInstance that you want to use. | string |
Path |
clusterinstance_name | The name of the ClusterInstance that you want to use. | string |
1.2.2.2.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.2.2.2.4. Consumes
-
clusterinstance/json
1.2.2.2.5. Tags
- siteconfig.open-cluster-management.io
1.2.2.2.6. Example HTTP request
1.2.2.2.6.1. Request body
{ "apiVersion": "siteconfig.open-cluster-management.io/v1alpha1", "kind": "ClusterInstance", "metadata": { "name": "site-sno-du-1", "namespace": "site-sno-du-1" }, "spec": { "baseDomain": "example.com", "pullSecretRef": { "name": "pullSecretName" }, "sshPublicKey": "ssh-rsa ", "clusterName": "site-sno-du-1", "proxy": { "noProxys": "foobar" }, "caBundleRef": { "name": "my-bundle-ref" }, "extraManifestsRefs": [ { "name": "foobar1" }, { "name": "foobar2" } ], "networkType": "OVNKubernetes", "installConfigOverrides": "{\"capabilities\":{\"baselineCapabilitySet\": \"None\", \"additionalEnabledCapabilities\": [ \"marketplace\", \"NodeTuning\" ] }}", "extraLabels": { "ManagedCluster": { "group-du-sno": "test", "common": "true", "sites": "site-sno-du-1" } }, "clusterNetwork": [ { "cidr": "203.0.113.0/24", "hostPrefix": 23 } ], "machineNetwork": [ { "cidr": "203.0.113.0/24" } ], "serviceNetwork": [ { "cidr": "203.0.113.0/24" } ], "additionalNTPSources": [ "NTP.server1", "198.51.100.100" ], "ignitionConfigOverride": "{\"ignition\": {\"version\": \"3.1.0\"}, \"storage\": {\"files\": [{\"path\": \"/etc/containers/registries.conf\", \"overwrite\": true, \"contents\": {\"source\": \"data:text/plain;base64,foobar==\"}}]}}", "diskEncryption": { "type": "nbde", "tang": [ { "url": "http://192.0.2.5:7500", "thumbprint": "1234567890" } ] }, "clusterType": "SNO", "templateRefs": [ { "name": "ai-cluster-templates-v1", "namespace": "rhacm" } ], "nodes": [ { "hostName": "node1", "role": "master", "templateRefs": [ { "name": "ai-node-templates-v1", "namespace": "rhacm" } ], "ironicInspect": "", "bmcAddress": "idrac-virtualmedia+https://203.0.113.100/redfish/v1/Systems/System.Embedded.1", "bmcCredentialsName": { "name": "<bmcCredentials_secre_name>" }, "bootMACAddress": "00:00:5E:00:53:00", "bootMode": "UEFI", "installerArgs": "[\"--append-karg\", \"nameserver=8.8.8.8\", \"-n\"]", "ignitionConfigOverride": "{\"ignition\": {\"version\": \"3.1.0\"}, \"storage\": {\"files\": [{\"path\": \"/etc/containers/registries.conf\", \"overwrite\": true, \"contents\": {\"source\": \"data:text/plain;base64,foobar==\"}}]}}", "nodeNetwork": { "interfaces": [ { "name": "eno1", "macAddress": "00:00:5E:00:53:01" } ], "config": { "interfaces": [ { "name": "eno1", "type": "ethernet", "ipv4": { "enabled": true, "dhcp": false, "address": [ { "ip": "192.0.2.1", "prefix-length": 24 } ] }, "ipv6": { "enabled": true, "dhcp": false, "address": [ { "ip": "2001:0DB8:0:0:0:0:0:1", "prefix-length": 32 } ] } } ], "dns-resolver": { "config": { "server": [ "198.51.100.1" ] } }, "routes": { "config": [ { "destination": "0.0.0.0/0", "next-hop-address": "203.0.113.255", "next-hop-interface": "eno1", "table-id": 254 } ] } } } } ] } }
1.2.2.3. Query a single cluster
GET /siteconfig.open-cluster-management.io/v1alpha1/<clusterinstance_namespace>/<clusterinstance_name>
1.2.2.3.1. Description
Query a single cluster for more details.
1.2.2.3.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
clusterinstance_namespace | The namespace of the ClusterInstance that you want to query. | string |
Path |
clusterinstance_name | The name of the ClusterInstance that you want to query. | string |
1.2.2.3.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.2.2.3.4. Tags
- siteconfig.open-cluster-management.io
1.2.3. Definitions
1.2.3.1. ClusterInstance
Important: Certain fields are only relevant to a specific installation flow. Verify which fields are applicable to your choice of installation method by checking the relevant documentation. For Assisted Installer and Image Based Install, see the following documentation:
Name | Description | Schema |
---|---|---|
apiVersion |
The versioned schema of the | string |
kind | String value that represents the REST resource. | string |
metadata |
The metadata of the | object |
spec |
The specification of the | |
status |
The status of the | status object |
spec
Name | Description | Schema |
---|---|---|
additionalNTPSources | Specify the NTP sources that needs to be added to all cluster hosts. They are added to any NTP sources that were configured through other means. | array |
baseDomain | Specify the base domain used for the deployed cluster. | string |
caBundleRef |
Reference the | string |
clusterName | Specify the name of the cluster. | string |
clusterNetwork | Specify the list of the IP address pools for pods. | array |
clusterType | Specify the cluster type. The following values are supported:
| string |
cpuPartitioningMode |
Determine clusters to be set up for CPU workload partitioning at install time. Configure workload partitioning by setting the value for | string |
diskEncryption | Enable or disable disk encryption for the cluster. | object |
extraAnnotations |
Specify additional cluster-level annotations to be applied to the rendered templates by using the following format: extraAnnotations: ClusterDeployment: myClusterAnnotation: success | object |
extraLabels |
Specify additional cluster-level labels to be applied to the rendered templates by using the following format: extraLabels: ManagedCluster: common: "true" label-a : "value-a" | object |
extraManifestsRefs |
Specify the list of the | array |
holdInstallation |
Set to | bool |
ignitionConfigOverride |
Specify the user overrides for the initial Ignition configuration. | string |
installConfigOverrides | Define install configuration parameters. | string |
machineNetwork | Specify the list of the IP address pools for machines. | array |
networkType |
Specify the Container Network Interface (CNI) plugin to install. The default value is | string |
platformType | Define the name of the specific platform on which you want to install. The following values are supported:
| string |
proxy | Define the proxy settings used for the install configuration of the cluster. | object |
pruneManifests |
Define a list of cluster-level manifests to remove by specifying their | array |
pullSecretRef |
Configure the | object |
serviceNetwork | Specify the list of the IP address pools for services. | array |
sshPublicKey | Specify the public Secure Shell (SSH) key to provide access to instances. This key is added to the host to allow SSH access. | string |
nodes | Specify the configuration parameters for each node. | nodes array |
templateRefs |
Specify the list of the references to cluster-level templates. A cluster-level template consists of a | array |
nodes
Name | Description | Schema |
---|---|---|
automatedCleaningMode |
Set the value to | string |
bmcAddress | BMC address that you use to access the host. Applies to all cluster types. For more information about BMC addressing, see BMC addressing in Additional resources. Note: In far edge Telco use cases, only virtual media is supported for use with GitOps ZTP. | string |
bmcCredentialsName |
Configure the | string |
bootMACAddress |
Specify the MAC address that PXE boots. It is required for | string |
bootMode |
Set the boot mode for the host to
| string |
extraAnnotations |
Specify additional node-level annotations to be applied to the rendered templates by using the following format: extraAnnotations: BareMetalHost: myNodeAnnotation: success | object |
extraLabels |
Specify additional node-level labels to be applied to the rendered templates. extraLabels: ManagedCluster: common: "true" label-a : "value-a" | object |
hostName | Define the host name. | string |
installerArgs | Specify the user overrides for the host’s :op-system-first: installer arguments. | string |
ignitionConfigOverride | Specify the user overrides for the initial Ignition configuration. Use this field to assign partitions for persistent storage. Adjust disk ID and size to the specific hardware. | string |
ironicInspect | Specify if automatic introspection runs during registration of the bare metal host. | string |
nodeLabels | Specify custom node labels for your nodes in your managed clusters. These are additional labels that are not used by any Red Hat Advanced Cluster Management components, only by the user. When you add a custom node label, it can be associated with a custom machine config pool that references a specific configuration for that label. Adding custom node labels during installation makes the deployment process more effective and prevents the need for additional reboots after the installation is complete.
Note: When used in the | object |
nodeNetwork | Configure the network settings for nodes that have static networks. | object |
pruneManifests |
Define a list of node-level manifests to remove by specifying their | array |
role |
Configure the role of the node, such as | string |
rootDeviceHints |
Specify the device for deployment. Identifiers that are stable across reboots are recommended. For example, | object |
templateRefs |
Specify the list of the references to node-level templates. A node-level template consists of a | array |
status
Name | Description | Schema |
---|---|---|
conditions |
Lists the conditions that pertain to actions performed on the | conditions array |
deploymentConditions |
Lists the hive status conditions that are associated with the | deploymentConditions array |
manifestsRendered | Lists the manifests that have been rendered and their statuses. | array |
observedGeneration |
Tracks the observed generation of the | integer |
conditions
Type | Description |
---|---|
ClusterInstanceValidated |
Indicates that the SiteConfig operator validated the |
RenderedTemplates | Indicates that SiteConfig operator successfully validated the referenced Golang cluster templates. |
RenderedTemplatesValidated | Indicates that the SiteConfig operator rendered the installation manifests and the dry run was successful. |
RenderedTemplatesApplied | Indicates that the SiteConfig operator created the installation manifests and the underlying Operators consumed them. |
Provisioned | Indicates that the underlying Operators are provisioning the clusters. |
deploymentConditions
Type | Description |
---|---|
ClusterInstallRequirementsMet | Indicates that the installation can start. |
ClusterInstallCompleted | Indicates that the cluster installation was successful. |
ClusterInstallFailed | Indicates that the cluster installation failed. |
ClusterInstallStopped | Indicates that the cluster installation stopped. |
Additional resources
1.3. Clustersets API (v1beta2)
1.3.1. Overview
This documentation is for the ClusterSet resource for Red Hat Advanced Cluster Management for Kubernetes. The ClusterSet resource has four possible requests: create, query, delete, and update. The ManagedClusterSet defines a group of ManagedClusters. You can assign a ManagedCluster to a specific ManagedClusterSet by adding a label with the name cluster.open-cluster-management.io/clusterset
on the ManagedCluster that refers to the ManagedClusterSet. You can only add or remove this label on a ManagedCluster when you have an RBAC rule that allows the create
permissions on a virtual subresource of managedclustersets/join
. You must have this permission on both the source and the target ManagedClusterSets to update this label.
1.3.1.1. Version information
Version : 2.12.0
1.3.1.2. URI scheme
BasePath : /kubernetes/apis
Schemes : HTTPS
1.3.1.3. Tags
- cluster.open-cluster-management.io : Create and manage Clustersets
1.3.2. Paths
1.3.2.1. Query all clustersets
GET /cluster.open-cluster-management.io/v1beta2/managedclustersets
1.3.2.1.1. Description
Query your Clustersets for more details.
1.3.2.1.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
1.3.2.1.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.3.2.1.4. Consumes
-
clusterset/yaml
1.3.2.1.5. Tags
- cluster.open-cluster-management.io
1.3.2.2. Create a clusterset
POST /cluster.open-cluster-management.io/v1beta2/managedclustersets
1.3.2.2.1. Description
Create a Clusterset.
1.3.2.2.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Body |
body | Parameters describing the clusterset to be created. |
1.3.2.2.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.3.2.2.4. Consumes
-
clusterset/yaml
1.3.2.2.5. Tags
- cluster.open-cluster-management.io
1.3.2.2.6. Example HTTP request
1.3.2.2.6.1. Request body
{ "apiVersion": "cluster.open-cluster-management.io/v1beta2", "kind": "ManagedClusterSet", "metadata": { "name": "clusterset1" }, "spec": { "clusterSelector": { "selectorType": "ExclusiveClusterSetLabel" } }, "status": {} }
1.3.2.3. Query a single clusterset
GET /cluster.open-cluster-management.io/v1beta2/managedclustersets/{clusterset_name}
1.3.2.3.1. Description
Query a single clusterset for more details.
1.3.2.3.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
clusterset_name | Name of the clusterset that you want to query. | string |
1.3.2.3.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.3.2.3.4. Tags
- cluster.open-cluster-management.io
1.3.2.4. Delete a clusterset
DELETE /cluster.open-cluster-management.io/v1beta2/managedclustersets/{clusterset_name}
1.3.2.4.1. Description
Delete a single clusterset.
1.3.2.4.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
clusterset_name | Name of the clusterset that you want to delete. | string |
1.3.2.4.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.3.2.4.4. Tags
- cluster.open-cluster-management.io
1.3.3. Definitions
1.3.3.1. Clusterset
Name | Schema |
---|---|
apiVersion | string |
kind | string |
metadata | object |
1.4. Clustersetbindings API (v1beta2)
1.4.1. Overview
This documentation is for the ClusterSetBinding resource for Red Hat Advanced Cluster Management for Kubernetes. The ClusterSetBinding resource has four possible requests: create, query, delete, and update. ManagedClusterSetBinding projects a ManagedClusterSet into a certain namespace. You can create a ManagedClusterSetBinding in a namespace and bind it to a ManagedClusterSet if you have an RBAC rule that allows you to create
on the virtual subresource of managedclustersets/bind
.
1.4.1.1. Version information
Version : 2.12.0
1.4.1.2. URI scheme
BasePath : /kubernetes/apis
Schemes : HTTPS
1.4.1.3. Tags
- cluster.open-cluster-management.io : Create and manage clustersetbindings
1.4.2. Paths
1.4.2.1. Query all clustersetbindings
GET /cluster.open-cluster-management.io/v1beta2/namespaces/{namespace}/managedclustersetbindings
1.4.2.1.1. Description
Query your clustersetbindings for more details.
1.4.2.1.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
namespace | Namespace that you want to use, for example, default. | string |
1.4.2.1.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.4.2.1.4. Consumes
-
clustersetbinding/yaml
1.4.2.1.5. Tags
- cluster.open-cluster-management.io
1.4.2.2. Create a clustersetbinding
POST /cluster.open-cluster-management.io/v1beta2/namespaces/{namespace}/managedclustersetbindings
1.4.2.2.1. Description
Create a clustersetbinding.
1.4.2.2.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
namespace |
Namespace that you want to use, for example, | string |
Body |
body | Parameters describing the clustersetbinding to be created. |
1.4.2.2.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.4.2.2.4. Consumes
-
clustersetbinding/yaml
1.4.2.2.5. Tags
- cluster.open-cluster-management.io
1.4.2.2.6. Example HTTP request
1.4.2.2.6.1. Request body
{ "apiVersion" : "cluster.open-cluster-management.io/v1beta2", "kind" : "ManagedClusterSetBinding", "metadata" : { "name" : "clusterset1", "namespace" : "ns1" }, "spec": { "clusterSet": "clusterset1" }, "status" : { } }
1.4.2.3. Query a single clustersetbinding
GET /cluster.open-cluster-management.io/v1beta2/namespaces/{namespace}/managedclustersetbindings/{clustersetbinding_name}
1.4.2.3.1. Description
Query a single clustersetbinding for more details.
1.4.2.3.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
namespace |
Namespace that you want to use, for example, | string |
Path |
clustersetbinding_name | Name of the clustersetbinding that you want to query. | string |
1.4.2.3.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.4.2.3.4. Tags
- cluster.open-cluster-management.io
1.4.2.4. Delete a clustersetbinding
DELETE /cluster.open-cluster-management.io/v1beta2/managedclustersetbindings/{clustersetbinding_name}
1.4.2.4.1. Description
Delete a single clustersetbinding.
1.4.2.4.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
namespace |
Namespace that you want to use, for example, | string |
Path |
clustersetbinding_name | Name of the clustersetbinding that you want to delete. | string |
1.4.2.4.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.4.2.4.4. Tags
- cluster.open-cluster-management.io
1.4.3. Definitions
1.4.3.1. Clustersetbinding
Name | Description | Schema |
---|---|---|
apiVersion |
Versioned schema of the | string |
kind | String value that represents the REST resource. | string |
metadata |
Metadata of the | object |
spec |
Specification of the |
spec
Name | Description | Schema |
---|---|---|
clusterSet |
Name of the | string |
1.5. Clusterview API (v1alpha1)
1.5.1. Overview
This documentation is for the clusterview
resource for Red Hat Advanced Cluster Management for Kubernetes. The clusterview
resource provides a CLI command that enables you to view a list of the managed clusters and managed cluster sets that that you can access. The three possible requests are: list, get, and watch.
1.5.1.1. Version information
Version : 2.12.0
1.5.1.2. URI scheme
BasePath : /kubernetes/apis
Schemes : HTTPS
1.5.1.3. Tags
- clusterview.open-cluster-management.io : View a list of managed clusters that your ID can access.
1.5.2. Paths
1.5.2.1. Get managed clusters
GET /managedclusters.clusterview.open-cluster-management.io
1.5.2.1.1. Description
View a list of the managed clusters that you can access.
1.5.2.1.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
1.5.2.1.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.5.2.1.4. Consumes
-
managedcluster/yaml
1.5.2.1.5. Tags
- clusterview.open-cluster-management.io
1.5.2.2. List managed clusters
LIST /managedclusters.clusterview.open-cluster-management.io
1.5.2.2.1. Description
View a list of the managed clusters that you can access.
1.5.2.2.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Body |
body | Name of the user ID for which you want to list the managed clusters. | string |
1.5.2.2.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.5.2.2.4. Consumes
-
managedcluster/yaml
1.5.2.2.5. Tags
- clusterview.open-cluster-management.io
1.5.2.2.6. Example HTTP request
1.5.2.2.6.1. Request body
{ "apiVersion" : "clusterview.open-cluster-management.io/v1alpha1", "kind" : "ClusterView", "metadata" : { "name" : "<user_ID>" }, "spec": { }, "status" : { } }
1.5.2.3. Watch the managed cluster sets
WATCH /managedclusters.clusterview.open-cluster-management.io
1.5.2.3.1. Description
Watch the managed clusters that you can access.
1.5.2.3.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
clusterview_name | Name of the user ID that you want to watch. | string |
1.5.2.3.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.5.2.4. List the managed cluster sets.
GET /managedclustersets.clusterview.open-cluster-management.io
1.5.2.4.1. Description
List the managed clusters that you can access.
1.5.2.4.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
clusterview_name | Name of the user ID that you want to watch. | string |
1.5.2.4.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.5.2.5. List the managed cluster sets.
LIST /managedclustersets.clusterview.open-cluster-management.io
1.5.2.5.1. Description
List the managed clusters that you can access.
1.5.2.5.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
clusterview_name | Name of the user ID that you want to watch. | string |
1.5.2.5.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.5.2.6. Watch the managed cluster sets.
WATCH /managedclustersets.clusterview.open-cluster-management.io
1.5.2.6.1. Description
Watch the managed clusters that you can access.
1.5.2.6.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
clusterview_name | Name of the user ID that you want to watch. | string |
1.5.2.6.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.6. Channels API
1.6.1. Overview
This documentation is for the Channel resource for Red Hat Advanced Cluster Management for Kubernetes. The Channel resource has four possible requests: create, query, delete and update.
1.6.1.1. Version information
Version : 2.12.0
1.6.1.2. URI scheme
BasePath : /kubernetes/apis
Schemes : HTTPS
1.6.1.3. Tags
- channels.apps.open-cluster-management.io : Create and manage deployables
1.6.2. Paths
1.6.2.1. Create a channel
POST /apps.open-cluster-management.io/v1/namespaces/{namespace}/channels
1.6.2.1.1. Description
Create a channel.
1.6.2.1.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
namespace | Namespace that you want to use, for example, default. | string |
Body |
body | Parameters describing the deployable to be created. |
1.6.2.1.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.6.2.1.4. Consumes
-
application/yaml
1.6.2.1.5. Tags
- channels.apps.open-cluster-management.io
1.6.2.1.6. Example HTTP request
1.6.2.1.6.1. Request body
{ "apiVersion": "apps.open-cluster-management.io/v1", "kind": "Channel", "metadata": { "name": "sample-channel", "namespace": "default" }, "spec": { "configMapRef": { "kind": "configmap", "name": "bookinfo-resource-filter-configmap" }, "pathname": "https://charts.helm.sh/stable", "type": "HelmRepo" } }
1.6.2.2. Query all channels for the target namespace
GET /apps.open-cluster-management.io/v1/namespaces/{namespace}/channels
1.6.2.2.1. Description
Query your channels for more details.
1.6.2.2.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
namespace | Namespace that you want to use, for example, default. | string |
1.6.2.2.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.6.2.2.4. Consumes
-
application/yaml
1.6.2.2.5. Tags
- channels.apps.open-cluster-management.io
1.6.2.3. Query a single channels of a namespace
GET /apps.open-cluster-management.io/v1/namespaces/{namespace}/channels/{channel_name}
1.6.2.3.1. Description
Query a single channels for more details.
1.6.2.3.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
channel_name | Name of the deployable that you wan to query. | string |
Path |
namespace | Namespace that you want to use, for example, default. | string |
1.6.2.3.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.6.2.3.4. Tags
- channels.apps.open-cluster-management.io
1.6.2.4. Delete a Channel
DELETE /apps.open-cluster-management.io/v1/namespaces/{namespace}/channels/{channel_name}
1.6.2.4.1. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
channel_name | Name of the Channel that you want to delete. | string |
Path |
namespace | Namespace that you want to use, for example, default. | string |
1.6.2.4.2. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.6.2.4.3. Tags
- channels.apps.open-cluster-management.io
1.6.3. Definitions
1.6.3.1. Channel
Name | Schema |
---|---|
apiVersion | string |
kind | string |
metadata | object |
spec |
spec
Name | Description | Schema |
---|---|---|
configMapRef | ObjectReference contains enough information to let you inspect or modify the referred object. | |
gates | ChannelGate defines criteria for promote to channel | |
pathname | string | |
secretRef | ObjectReference contains enough information to let you inspect or modify the referred object. | |
sourceNamespaces | enum (Namespace, HelmRepo, ObjectBucket, Git, namespace, helmrepo, objectbucket, github) array |
configMapRef
Name | Description | Schema |
---|---|---|
apiVersion | API version of the referent. | string |
fieldPath | If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future. | string |
kind | Kind of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/kubernetes-objects/ |
name |
Name of the referent. More info: Names | string |
namespace |
Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ | string |
resourceVersion |
Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency | string |
uid |
gates
Name | Description | Schema |
---|---|---|
annotations | typical annotations of k8s | |
labelSelector | A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects. | |
name | string |
annotations
Name | Schema |
---|---|
key | string |
value | string |
labelSelector
Name | Description | Schema |
---|---|---|
matchExpressions | matchExpressions is a list of label selector requirements. The requirements are ANDed. | matchExpressions array |
matchLabels | matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. | string, string map |
matchExpressions
Name | Description | Schema |
---|---|---|
key | key is the label key that the selector applies to. | string |
operator | operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. | string |
values | values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. | string array |
secretRef
Name | Description | Schema |
---|---|---|
apiVersion | API version of the referent. | string |
fieldPath | If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future. | string |
kind | Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds | string |
name | Name of the referent. More info: Names | string |
namespace | Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ | string |
resourceVersion | Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency | string |
uid | UID of the referent. More info: UIIDs | string |
1.7. Subscriptions API
1.7.1. Overview
This documentation is for the Subscription resource for Red Hat Advanced Cluster Management for Kubernetes. The Subscription resource has four possible requests: create, query, delete and update. Deprecated: PlacementRule
1.7.1.1. Version information
Version : 2.12.0
1.7.1.2. URI scheme
BasePath : /kubernetes/apis
Schemes : HTTPS
1.7.1.3. Tags
- subscriptions.apps.open-cluster-management.io : Create and manage subscriptions
1.7.2. Paths
1.7.2.1. Create a subscription
POST /apps.open-cluster-management.io/v1/namespaces/{namespace}/subscriptions
1.7.2.1.1. Description
Create a subscription.
1.7.2.1.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
namespace | Namespace that you want to use, for example, default. | string |
Body |
body | Parameters describing the subscription to be created. |
1.7.2.1.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.7.2.1.4. Consumes
-
subscription/yaml
1.7.2.1.5. Tags
- subscriptions.apps.open-cluster-management.io
1.7.2.1.6. Example HTTP request
1.7.2.1.6.1. Request body
{ "apiVersion" : "apps.open-cluster-management.io/v1", "kind" : "Subscription", "metadata" : { "name" : "sample_subscription", "namespace" : "default", "labels" : { "app" : "sample_subscription-app" }, "annotations" : { "apps.open-cluster-management.io/git-path" : "apps/sample/", "apps.open-cluster-management.io/git-branch" : "sample_branch" } }, "spec" : { "channel" : "channel_namespace/sample_channel", "packageOverrides" : [ { "packageName" : "my-sample-application", "packageAlias" : "the-sample-app", "packageOverrides" : [ { "path" : "spec", "value" : { "persistence" : { "enabled" : false, "useDynamicProvisioning" : false }, "license" : "accept", "tls" : { "hostname" : "my-mcm-cluster.icp" }, "sso" : { "registrationImage" : { "pullSecret" : "hub-repo-docker-secret" } } } } ] } ], "placement" : { "placementRef" : { "kind" : "PlacementRule", "name" : "demo-clusters" } } } }
1.7.2.2. Query all subscriptions
GET /apps.open-cluster-management.io/v1/namespaces/{namespace}/subscriptions
1.7.2.2.1. Description
Query your subscriptions for more details.
1.7.2.2.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
namespace | Namespace that you want to use, for example, default. | string |
1.7.2.2.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.7.2.2.4. Consumes
-
subscription/yaml
1.7.2.2.5. Tags
- subscriptions.apps.open-cluster-management.io
1.7.2.3. Query a single subscription
GET /apps.open-cluster-management.io/v1/namespaces/{namespace}/subscriptions/{subscription_name}
1.7.2.3.1. Description
Query a single subscription for more details.
1.7.2.3.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
namespace | Namespace that you want to use, for example, default. | string |
Path |
subscription_name | Name of the subscription that you wan to query. | string |
1.7.2.3.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.7.2.3.4. Tags
- subscriptions.apps.open-cluster-management.io
1.7.2.4. Delete a subscription
DELETE /apps.open-cluster-management.io/v1/namespaces/{namespace}/subscriptions/{subscription_name}
1.7.2.4.1. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
namespace | Namespace that you want to use, for example, default. | string |
Path |
subscription_name | Name of the subscription that you want to delete. | string |
1.7.2.4.2. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.7.2.4.3. Tags
- subscriptions.apps.open-cluster-management.io
1.7.3. Definitions
1.7.3.1. Subscription
Name | Schema |
---|---|
apiVersion | string |
kind | string |
metadata | |
spec | |
status |
metadata
Name | Schema |
---|---|
annotations | object |
labels | object |
name | string |
namespace | string |
spec
Name | Schema |
---|---|
channel | string |
name | string |
overrides | overrides array |
packageFilter | |
packageOverrides | packageOverrides array |
placement | |
timewindow |
overrides
Name | Schema |
---|---|
clusterName | string |
clusterOverrides | object array |
packageFilter
Name | Description | Schema |
---|---|---|
annotations | string, string map | |
filterRef | ||
labelSelector | ||
version |
Pattern : | string |
filterRef
Name | Schema |
---|---|
name | string |
labelSelector
Name | Schema |
---|---|
matchExpressions | matchExpressions array |
matchLabels | string, string map |
matchExpressions
Name | Schema |
---|---|
key | string |
operator | string |
values | string array |
packageOverrides
Name | Schema |
---|---|
packageAlias | string |
packageName | string |
packageOverrides | object array |
placement
Name | Schema |
---|---|
clusterSelector | |
clusters | clusters array |
local | boolean |
placementRef |
clusterSelector
Name | Schema |
---|---|
matchExpressions | matchExpressions array |
matchLabels | string, string map |
matchExpressions
Name | Schema |
---|---|
key | string |
operator | string |
values | string array |
clusters
Name | Schema |
---|---|
name | string |
placementRef
Name | Schema |
---|---|
apiVersion | string |
fieldPath | string |
kind | string |
name | string |
namespace | string |
resourceVersion | string |
uid | string |
timewindow
Name | Schema |
---|---|
daysofweek | string array |
hours | hours array |
location | string |
windowtype | enum (active, blocked, Active, Blocked) |
hours
Name | Schema |
---|---|
end | string |
start | string |
status
Name | Schema |
---|---|
lastUpdateTime | string (date-time) |
message | string |
phase | string |
reason | string |
statuses | object |
1.8. PlacementRules API (deprecated)
1.8.1. Overview
This documentation is for the PlacementRule resource for Red Hat Advanced Cluster Management for Kubernetes. The PlacementRule resource has four possible requests: create, query, delete and update.
1.8.1.1. Version information
Version : 2.12.0
1.8.1.2. URI scheme
BasePath : /kubernetes/apis
Schemes : HTTPS
1.8.1.3. Tags
- placementrules.apps.open-cluster-management.io : Create and manage placement rules
1.8.2. Paths
1.8.2.1. Create a placement rule
POST /apps.open-cluster-management.io/v1/namespaces/{namespace}/placementrules
1.8.2.1.1. Description
Create a placement rule.
1.8.2.1.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
namespace | Namespace that you want to use, for example, default. | string |
Body |
body | Parameters describing the placement rule to be created. |
1.8.2.1.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.8.2.1.4. Consumes
-
application/yaml
1.8.2.1.5. Tags
- placementrules.apps.open-cluster-management.io
1.8.2.1.6. Example HTTP request
1.8.2.1.6.1. Request body
{ "apiVersion" : "apps.open-cluster-management.io/v1", "kind" : "PlacementRule", "metadata" : { "name" : "towhichcluster", "namespace" : "ns-sub-1" }, "spec" : { "clusterConditions" : [ { "type": "ManagedClusterConditionAvailable", "status": "True" } ], "clusterSelector" : { } } }
1.8.2.2. Query all placement rules
GET /apps.open-cluster-management.io/v1/namespaces/{namespace}/placementrules
1.8.2.2.1. Description
Query your placement rules for more details.
1.8.2.2.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
namespace | Namespace that you want to use, for example, default. | string |
1.8.2.2.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.8.2.2.4. Consumes
-
application/yaml
1.8.2.2.5. Tags
- placementrules.apps.open-cluster-management.io
1.8.2.3. Query a single placementrule
GET /apps.open-cluster-management.io/v1/namespaces/{namespace}/placementrules/{placementrule_name}
1.8.2.3.1. Description
Query a single placement rule for more details.
1.8.2.3.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
namespace | Namespace that you want to use, for example, default. | string |
Path |
placementrule_name | Name of the placementrule that you want to query. | string |
1.8.2.3.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.8.2.3.4. Tags
- placementrules.apps.open-cluster-management.io
1.8.2.4. Delete a placementrule
DELETE /apps.open-cluster-management.io/v1/namespaces/{namespace}/placementrules/{placementrule_name}
1.8.2.4.1. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
namespace | Namespace that you want to use, for example, default. | string |
Path |
placementrule_name | Name of the placementrule that you want to delete. | string |
1.8.2.4.2. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.8.2.4.3. Tags
- placementrules.apps.open-cluster-management.io
1.8.3. Definitions
1.8.3.1. Placementrule
Name | Schema |
---|---|
apiVersion | string |
kind | string |
metadata | object |
spec |
spec
Name | Schema |
---|---|
clusterConditions | clusterConditions array |
clusterReplicas | integer |
clusterSelector | |
clusters | clusters array |
policies | policies array |
resourceHint | |
schedulerName | string |
clusterConditions
Name | Schema |
---|---|
status | string |
type | string |
clusterSelector
Name | Schema |
---|---|
matchExpressions | matchExpressions array |
matchLabels | string, string map |
matchExpressions
Name | Schema |
---|---|
key | string |
operator | string |
values | string array |
clusters
Name | Schema |
---|---|
name | string |
policies
Name | Schema |
---|---|
apiVersion | string |
fieldPath | string |
kind | string |
name | string |
namespace | string |
resourceVersion | string |
uid | string |
resourceHint
Name | Schema |
---|---|
order | string |
type | string |
1.9. Applications API
1.9.1. Overview
This documentation is for the Application resource for Red Hat Advanced Cluster Management for Kubernetes. Application resource has four possible requests: create, query, delete and update.
1.9.1.1. Version information
Version : 2.12.0
1.9.1.2. URI scheme
BasePath : /kubernetes/apis
Schemes : HTTPS
1.9.1.3. Tags
- applications.app.k8s.io : Create and manage applications
1.9.2. Paths
1.9.2.1. Create a application
POST /app.k8s.io/v1beta1/namespaces/{namespace}/applications
1.9.2.1.1. Description
Create a application.
1.9.2.1.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
namespace | Namespace that you want to use, for example, default. | string |
Body |
body | Parameters describing the application to be created. |
1.9.2.1.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.9.2.1.4. Consumes
-
application/yaml
1.9.2.1.5. Tags
- applications.app.k8s.io
1.9.2.1.6. Example HTTP request
1.9.2.1.6.1. Request body
{ "apiVersion" : "app.k8s.io/v1beta1", "kind" : "Application", "metadata" : { "labels" : { "app" : "nginx-app-details" }, "name" : "nginx-app-3", "namespace" : "ns-sub-1" }, "spec" : { "componentKinds" : [ { "group" : "apps.open-cluster-management.io", "kind" : "Subscription" } ] }, "selector" : { "matchLabels" : { "app" : "nginx-app-details" } }, "status" : { } }
1.9.2.2. Query all applications
GET /app.k8s.io/v1beta1/namespaces/{namespace}/applications
1.9.2.2.1. Description
Query your applications for more details.
1.9.2.2.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
namespace | Namespace that you want to use, for example, default. | string |
1.9.2.2.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.9.2.2.4. Consumes
-
application/yaml
1.9.2.2.5. Tags
- applications.app.k8s.io
1.9.2.3. Query a single application
GET /app.k8s.io/v1beta1/namespaces/{namespace}/applications/{application_name}
1.9.2.3.1. Description
Query a single application for more details.
1.9.2.3.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
application_name | Name of the application that you wan to query. | string |
Path |
namespace | Namespace that you want to use, for example, default. | string |
1.9.2.3.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.9.2.3.4. Tags
- applications.app.k8s.io
1.9.2.4. Delete a application
DELETE /app.k8s.io/v1beta1/namespaces/{namespace}/applications/{application_name}
1.9.2.4.1. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
application_name | Name of the application that you want to delete. | string |
Path |
namespace | Namespace that you want to use, for example, default. | string |
1.9.2.4.2. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.9.2.4.3. Tags
- applications.app.k8s.io
1.9.3. Definitions
1.9.3.1. Application
Name | Schema |
---|---|
apiVersion | string |
kind | string |
metadata | object |
spec |
spec
Name | Schema |
---|---|
assemblyPhase | string |
componentKinds | object array |
descriptor | |
info | info array |
selector | object |
descriptor
Name | Schema |
---|---|
description | string |
icons | icons array |
keywords | string array |
links | links array |
maintainers | maintainers array |
notes | string |
owners | owners array |
type | string |
version | string |
icons
Name | Schema |
---|---|
size | string |
src | string |
type | string |
links
Name | Schema |
---|---|
description | string |
url | string |
maintainers
Name | Schema |
---|---|
email | string |
name | string |
url | string |
owners
Name | Schema |
---|---|
email | string |
name | string |
url | string |
info
Name | Schema |
---|---|
name | string |
type | string |
value | string |
valueFrom |
valueFrom
Name | Schema |
---|---|
configMapKeyRef | |
ingressRef | |
secretKeyRef | |
serviceRef | |
type | string |
configMapKeyRef
Name | Schema |
---|---|
apiVersion | string |
fieldPath | string |
key | string |
kind | string |
name | string |
namespace | string |
resourceVersion | string |
uid | string |
ingressRef
Name | Schema |
---|---|
apiVersion | string |
fieldPath | string |
host | string |
kind | string |
name | string |
namespace | string |
path | string |
resourceVersion | string |
uid | string |
secretKeyRef
Name | Schema |
---|---|
apiVersion | string |
fieldPath | string |
key | string |
kind | string |
name | string |
namespace | string |
resourceVersion | string |
uid | string |
serviceRef
Name | Schema |
---|---|
apiVersion | string |
fieldPath | string |
kind | string |
name | string |
namespace | string |
path | string |
port | integer (int32) |
resourceVersion | string |
uid | string |
1.10. Helm API
1.10.1. Overview
This documentation is for the HelmRelease resource for Red Hat Advanced Cluster Management for Kubernetes. The HelmRelease resource has four possible requests: create, query, delete and update.
1.10.1.1. Version information
Version : 2.12.0
1.10.1.2. URI scheme
BasePath : /kubernetes/apis
Schemes : HTTPS
1.10.1.3. Tags
- helmreleases.apps.open-cluster-management.io : Create and manage helmreleases
1.10.2. Paths
1.10.2.1. Create a helmrelease
POST /apps.open-cluster-management.io/v1/namespaces/{namespace}/helmreleases
1.10.2.1.1. Description
Create a helmrelease.
1.10.2.1.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
namespace | Namespace that you want to use, for example, default. | string |
Body |
body | Parameters describing the helmrelease to be created. |
1.10.2.1.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.10.2.1.4. Consumes
-
application/yaml
1.10.2.1.5. Tags
- helmreleases.apps.open-cluster-management.io
1.10.2.1.6. Example HTTP request
1.10.2.1.6.1. Request body
{ "apiVersion" : "apps.open-cluster-management.io/v1", "kind" : "HelmRelease", "metadata" : { "name" : "nginx-ingress", "namespace" : "default" }, "repo" : { "chartName" : "nginx-ingress", "source" : { "helmRepo" : { "urls" : [ "https://kubernetes-charts.storage.googleapis.com/nginx-ingress-1.26.0.tgz" ] }, "type" : "helmrepo" }, "version" : "1.26.0" }, "spec" : { "defaultBackend" : { "replicaCount" : 3 } } }
1.10.2.2. Query all helmreleases
GET /apps.open-cluster-management.io/v1/namespaces/{namespace}/helmreleases
1.10.2.2.1. Description
Query your helmreleases for more details.
1.10.2.2.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
namespace | Namespace that you want to use, for example, default. | string |
1.10.2.2.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.10.2.2.4. Consumes
-
application/yaml
1.10.2.2.5. Tags
- helmreleases.apps.open-cluster-management.io
1.10.2.3. Query a single helmrelease
GET /apps.open-cluster-management.io/v1/namespaces/{namespace}/helmreleases/{helmrelease_name}
1.10.2.3.1. Description
Query a single helmrelease for more details.
1.10.2.3.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
helmrelease_name | Name of the helmrelease that you wan to query. | string |
Path |
namespace | Namespace that you want to use, for example, default. | string |
1.10.2.3.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.10.2.3.4. Tags
- helmreleases.apps.open-cluster-management.io
1.10.2.4. Delete a helmrelease
DELETE /apps.open-cluster-management.io/v1/namespaces/{namespace}/helmreleases/{helmrelease_name}
1.10.2.4.1. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
helmrelease_name | Name of the helmrelease that you want to delete. | string |
Path |
namespace | Namespace that you want to use, for example, default. | string |
1.10.2.4.2. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.10.2.4.3. Tags
- helmreleases.apps.open-cluster-management.io
1.10.3. Definitions
1.10.3.1. HelmRelease
Name | Schema |
---|---|
apiVersion | string |
kind | string |
metadata | object |
repo | |
spec | object |
status |
repo
Name | Schema |
---|---|
chartName | string |
configMapRef | |
secretRef | |
source | |
version | string |
configMapRef
Name | Schema |
---|---|
apiVersion | string |
fieldPath | string |
kind | string |
name | string |
namespace | string |
resourceVersion | string |
uid | string |
secretRef
Name | Schema |
---|---|
apiVersion | string |
fieldPath | string |
kind | string |
name | string |
namespace | string |
resourceVersion | string |
uid | string |
source
Name | Schema |
---|---|
github | |
helmRepo | |
type | string |
github
Name | Schema |
---|---|
branch | string |
chartPath | string |
urls | string array |
helmRepo
Name | Schema |
---|---|
urls | string array |
status
Name | Schema |
---|---|
conditions | conditions array |
deployedRelease |
conditions
Name | Schema |
---|---|
lastTransitionTime | string (date-time) |
message | string |
reason | string |
status | string |
type | string |
deployedRelease
Name | Schema |
---|---|
manifest | string |
name | string |
1.11. Policy API
1.11.1. Overview
This documentation is for the Policy resource for Red Hat Advanced Cluster Management for Kubernetes. The Policy resource has four possible requests: create, query, delete and update.
1.11.1.1. Version information
Version : 2.12.0
1.11.1.2. URI scheme
BasePath : /kubernetes/apis
Schemes : HTTPS
1.11.1.3. Tags
- policy.open-cluster-management.io/v1 : Create and manage policies
1.11.2. Paths
1.11.2.1. Create a policy
POST /policy.open-cluster-management.io/v1/v1alpha1/namespaces/{namespace}/policies/{policy_name}
1.11.2.1.1. Description
Create a policy.
1.11.2.1.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
namespace | Namespace that you want to use, for example, default. | string |
Body |
body | Parameters describing the policy to be created. |
1.11.2.1.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.11.2.1.4. Consumes
-
application/json
1.11.2.1.5. Tags
- policy.open-cluster-management.io
1.11.2.1.6. Example HTTP request
1.11.2.1.6.1. Request body
{ "apiVersion": "policy.open-cluster-management.io/v1", "kind": "Policy", "metadata": { "name": "test-policy-swagger", "description": "Example body for Policy API Swagger docs" }, "spec": { "remediationAction": "enforce", "customMessage": { "compliant": [], "noncompliant": [] }, "namespaces": { "include": [ "default" ], "exclude": [ "kube*" ] }, "policy-templates": { "kind": "ConfigurationPolicy", "apiVersion": "policy.open-cluster-management.io/v1", "complianceType": "musthave", "metadataComplianceType": "musthave", "metadata": { "namespace": null, "name": "test-role" }, "selector": { "matchLabels": { "cloud": "IBM" } }, "spec" : { "object-templates": { "complianceType": "musthave", "metadataComplianceType": "musthave", "objectDefinition": { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "Role", "metadata": { "name": "role-policy", }, "rules": [ { "apiGroups": [ "extensions", "apps" ], "resources": [ "deployments" ], "verbs": [ "get", "list", "watch", "delete" ] }, { "apiGroups": [ "core" ], "resources": [ "pods" ], "verbs": [ "create", "update", "patch" ] }, { "apiGroups": [ "core" ], "resources": [ "secrets" ], "verbs": [ "get", "watch", "list", "create", "delete", "update", "patch" ], }, ], }, }, }, },
1.11.2.2. Query all policies
GET /policy.open-cluster-management.io/v1/namespaces/{namespace}/policies/{policy_name}
1.11.2.2.1. Description
Query your policies for more details.
1.11.2.2.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
namespace | Namespace that you want to apply the policy to, for example, default. | string |
1.11.2.2.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.11.2.2.4. Consumes
-
application/json
1.11.2.2.5. Tags
- policy.open-cluster-management.io
1.11.2.3. Query a single policy
GET /policy.open-cluster-management.io/v1/namespaces/{namespace}/policies/{policy_name}
1.11.2.3.1. Description
Query a single policy for more details.
1.11.2.3.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
policy_name | Name of the policy that you want to query. | string |
Path |
namespace | Namespace that you want to use, for example, default. | string |
1.11.2.3.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.11.2.3.4. Tags
- policy.open-cluster-management.io
1.11.2.4. Delete a policy
DELETE /policy.open-cluster-management.io/v1/namespaces/{namespace}/policies/{policy_name}
1.11.2.4.1. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
policy_name | Name of the policy that you want to delete. | string |
Path |
namespace | Namespace that you want to use, for example, default. | string |
1.11.2.4.2. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.11.2.4.3. Tags
- policy.open-cluster-management.io
1.11.3. Definitions
1.11.3.1. Policy
Name | Description | Schema |
---|---|---|
apiVersion | The versioned schema of Policy. | string |
kind | String value that represents the REST resource. | string |
metadata | Describes rules that define the policy. | object |
spec
Name | Description | Schema |
---|---|---|
remediationAction | Value that represents how violations are handled as defined in the resource. | string |
customMessage |
Parameter field where you can configure custom messages from your configuration policies, based on the compliance status. You can use the default message from the | string |
namespaceSelector | Value that represents which namespaces the policy is applied. | string |
policy-templates
Name | Description | Schema |
---|---|---|
apiVersion | The versioned schema of Policy. | string |
kind | String value that represents the REST resource. | string |
metadata | Describes rules that define the policy. | object |
complianceType | Used to list expected behavior for roles and other Kubernetes object that must be evaluated or applied to the managed clusters. | string |
metadataComplianceType |
Provides a way for users to process labels and annotations of an object differently than the other fields. The parameter value defaults to the same value of the | string |
clusterConditions | Section to define labels. | string |
rules | string |
clusterConditions
Name | Description | Schema |
---|---|---|
matchLabels | The label that is required for the policy to be applied to a namespace. | object |
cloud | The label that is required for the policy to be applied to a cloud provider. | string |
rules
Name | Description | Schema |
---|---|---|
apiGroups | List of APIs that the rule applies to. | string |
resources | A list of resource types. | object |
verbs | A list of verbs. | string |
1.12. Observability API
1.12.1. Overview
This documentation is for the MultiClusterObservability resource for Red Hat Advanced Cluster Management for Kubernetes. The MultiClusterObservability resource has four possible requests: create, query, delete and update.
1.12.1.1. Version information
Version : 2.12.0
1.12.1.2. URI scheme
BasePath : /kubernetes/apis
Schemes : HTTPS
1.12.1.3. Tags
- observability.open-cluster-management.io : Create and manage multiclusterobservabilities
1.12.2. Paths
1.12.2.1. Create a multiclusterobservability resource
POST /apis/observability.open-cluster-management.io/v1beta2/multiclusterobservabilities
1.12.2.1.1. Description
Create a MultiClusterObservability resource.
1.12.2.1.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Body |
body | Parameters describing the MultiClusterObservability resource to be created. |
1.12.2.1.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.12.2.1.4. Consumes
-
application/yaml
1.12.2.1.5. Tags
- observability.apps.open-cluster-management.io
1.12.2.1.6. Example HTTP request
1.12.2.1.6.1. Request body
{ "apiVersion": "observability.open-cluster-management.io/v1beta2", "kind": "MultiClusterObservability", "metadata": { "name": "example" }, "spec": { "observabilityAddonSpec": {} "storageConfig": { "metricObjectStorage": { "name": "thanos-object-storage", "key": "thanos.yaml" "writeStorage": { - "key": " ", "name" : " " - "key": " ", "name" : " " } } } }
1.12.2.2. Query all multiclusterobservabilities
GET /apis/observability.open-cluster-management.io/v1beta2/multiclusterobservabilities
1.12.2.2.1. Description
Query your MultiClusterObservability resources for more details.
1.12.2.2.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
1.12.2.2.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.12.2.2.4. Consumes
-
application/yaml
1.12.2.2.5. Tags
- observability.apps.open-cluster-management.io
1.12.2.3. Query a single multiclusterobservability
GET /apis/observability.open-cluster-management.io/v1beta2/multiclusterobservabilities/{multiclusterobservability_name}
1.12.2.3.1. Description
Query a single MultiClusterObservability resource for more details.
1.12.2.3.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
multiclusterobservability_name | Name of the multiclusterobservability that you want to query. | string |
1.12.2.3.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.12.2.3.4. Tags
- observability.apps.open-cluster-management.io
1.12.2.4. Delete a multiclusterobservability resource
DELETE /apis/observability.open-cluster-management.io/v1beta2/multiclusterobservabilities/{multiclusterobservability_name}
1.12.2.4.1. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
multiclusterobservability_name | Name of the multiclusterobservability that you want to delete. | string |
1.12.2.4.2. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.12.2.4.3. Tags
- observability.apps.open-cluster-management.io
1.12.3. Definitions
1.12.3.1. MultiClusterObservability
Name | Description | Schema |
---|---|---|
apiVersion | The versioned schema of the MultiClusterObservability. | string |
kind | String value that represents the REST resource, MultiClusterObservability. | string |
metadata | Describes rules that define the policy. | object |
spec
Name | Description | Schema |
---|---|---|
enableDownsampling |
Enable or disable the downsample. Default value is | boolean |
imagePullPolicy |
Pull policy for the MultiClusterObservability images. The default value is | corev1.PullPolicy |
imagePullSecret |
Pull secret for the MultiClusterObservability images. The default value is | string |
nodeSelector | Specification of the node selector. | map[string]string |
observabilityAddonSpec | The global settings for all managed clusters, which have the observability add-on installed. | |
storageConfig | Specifies the storage configuration to be used by observability. | StorageConfig |
tolerations | Provided the ability for all components to tolerate any taints. | []corev1.Toleration |
advanced | The advanced configuration settings for observability. | |
resources | Compute resources required by MultiClusterObservability. | corev1.ResourceRequirements |
replicas | Replicas for MultiClusterObservability. | integer |
storageConfig
Name | Description | Schema |
---|---|---|
alertmanagerStorageSize |
The amount of storage applied to the alertmanager stateful sets. Default value is | string |
compactStorageSize |
The amount of storage applied to the thanos compact stateful sets. Default value is | string |
metricObjectStorage | Object store to configure secrets for metrics. | |
receiveStorageSize |
The amount of storage applied to thanos receive stateful sets. Default value is | string |
ruleStorageSize |
The amount of storage applied to thanos rule stateful sets. Default value is | string |
storageClass |
Specify the | string |
storeStorageSize |
The amount of storage applied to thanos store stateful sets. Default value is | string |
writeStorage | A list of endpoint access information. | [ ]WriteStorage |
writeStorage
Name | Description | Schema |
---|---|---|
name | The name of the secret with endpoint access information. | string |
key | The key of the secret to select from. | string |
metricObjectStorage
Name | Description | Schema |
---|---|---|
key | The key of the secret to select from. Must be a valid secret key. See Thanos documentation. | string |
name |
Name of the | string |
observabilityAddonSpec
Name | Description | Schema |
---|---|---|
enableMetrics |
Indicates if the observability add-on sends metrics to the hub cluster. Default value is | boolean |
interval |
Interval for when the observability add-on sends metrics to the hub cluster. Default value is 300 seconds ( | integer |
resources |
Resource for the metrics collector resource requirement. The default CPU request is | corev1.ResourceRequirements |
advanced
Name | Description | Schema |
---|---|---|
retentionConfig | Specifies the data retention configuration to be used by observability. |
|
rbacQueryProxy | Specifies the replicas and resources for the rbac-query-proxy deployment. | CommonSpec |
grafana | Specifies the replicas and resources for the grafana deployment | CommonSpec |
alertmanager | Specifies the replicas and resources for alertmanager statefulset. | CommonSpec |
observatoriumAPI |
Specifies the replicas and resources for the | CommonSpec |
queryFrontend | Specifies the replicas and resources for the query-frontend deployment. | CommonSpec |
query | Specifies the replicas and resources for the query deployment. | CommonSpec |
receive | Specifies the replicas and resources for the receive statefulset. | CommonSpec |
rule | Specifies the replicas and resources for rule statefulset. | CommonSpec |
store | Specifies the replicas and resources for the store statefulset. | CommonSpec |
CompactSpec | Specifies the resources for compact statefulset. | |
storeMemcached | Specifies the replicas, resources, etc. for store-memcached. | |
queryFrontendMemcached | Specifies the replicas, resources, etc for query-frontend-memcached. | CacheConfig |
retentionConfig
Name | Description | Schema |
---|---|---|
blockDuration |
The amount of time to block the duration for Time Series Database (TSDB) block. Default value is | string |
deleteDelay |
The amount of time until a block marked for deletion is deleted from a bucket. Default value is | string |
retentionInLocal |
The amount of time to retain raw samples from the local storage. Default value is | string |
retentionResolutionRaw |
The amount of time to retain raw samples of resolution in a bucket. Default value is 365 days ( | string |
retentionResolution5m |
The amount of time to retain samples of resolution 1 (5 minutes) in a bucket. Default value is 365 days ( | string |
retentionResolution1h |
The amount of time to retain samples of resolution 2 (1 hour) in a bucket. Default value is 365 days ( | string |
CompactSpec
Name | Description | Schema |
---|---|---|
resources | Compute resources required by thanos compact. | corev1.ResourceRequirements |
serviceAccountAnnotations | Annotations is an unstructured key value map stored with the compact service account. | map[string]string |
storeMemcached
Name | Description | Schema |
---|---|---|
resources | Compute resources required by MultiCLusterObservability. | corev1.ResourceRequirements |
replicas | Replicas for MultiClusterObservability. | integer |
memoryLimitMb | Memory limit of Memcached in megabytes. | integer |
maxItemSize |
Max item size of Memcached. The default value is | string |
connectionLimit | Max simultaneous connections of Memcached. The default value is | integer |
status
Name | Description | Schema |
---|---|---|
status | Status contains the different condition statuses for MultiClusterObservability. | metav1.Condition |
CommonSpec
Name | Description | Schema |
---|---|---|
resources | Compute resources required by the component. | corev1.ResourceRequirements |
replicas | Replicas for the component. | integer |
QuerySpec
Name | Description | Schema |
CommonSpec | Specifies the replicas and resources for the query deployment. | CommonSpec |
serviceAccountAnnotations | Annotations is an unstructured key value map stored with the query service account. | map[string]string |
ReceiveSpec
Name | Description | Schema |
CommonSpec | Specifies the replicas and resources for the query deployment. | CommonSpec |
serviceAccountAnnotations | Annotations is an unstructured key value map stored with the query service account. | map[string]string |
StoreSpec
Name | Description | Schema |
CommonSpec | Specifies the replicas and resources for the query deployment. | CommonSpec |
serviceAccountAnnotations | Annotations is an unstructured key value map stored with the query service account. | map[string]string |
RuleSpec
Name | Description | Schema |
CommonSpec | Specifies the replicas and resources for the query deployment. | CommonSpec |
evalInterval | Specifies the evaluation interval for the rules. | string |
serviceAccountAnnotations | Annotations is an unstructured key value map stored with the query service account. | map[string]string |
1.13. Search query API
The search query API is not a Kubernetes API, therefore is not displayed through the Red Hat OpenShift Container Platform API Explorer. Continue reading to understand the search query API capabilities.
1.13.1. Overview
You can expose the search query API with a route and use the API to resolve search queries. The API is a GraphQL endpoint. You can use any client such as curl or Postman.
1.13.1.1. Version information
Version : 2.10.0
1.13.1.2. URI scheme
BasePath : /searchapi/graphql
Schemes : HTTPS
1.13.1.3. Configure API access
Create a route to access the Search API external from your cluster with the following command:
oc create route passthrough search-api --service=search-search-api -n open-cluster-management
Important: You must configure your route to secure your environment. See Route configuration in the OpenShift Container Platform documentation for more details.
1.13.2. Schema design
input SearchFilter { property: String! values: [String]! } input SearchInput { keywords: [String] filters: [SearchFilter] limit: Int relatedKinds: [String] } type SearchResult { count: Int items: [Map] related: [SearchRelatedResult] } type SearchRelatedResult { kind: String! count: Int items: [Map] }
Parameters with !
indicates that the field is required.
1.13.2.1. Description table of query inputs
Type | Description | Property |
---|---|---|
SearchFilter | Defines a key and value to filter results. When you provide many values for a property, the API interpret the values as an "OR" operation. When you provide many filters, results match all filters and the API interprets as an "AND" operation. | string |
SearchInput | Enter key words to receive a list of resources. When you provide many keywords, the API interprets it as an "AND" operation. | String |
limit |
Determine the maximum number of results returned after you enter the query. The default value is | Integer |
1.13.2.2. Schema example
{ "query": "type SearchResult {count: Intitems: [Map]related: [SearchRelatedResult]} type SearchRelatedResult {kind: String!count: Intitems: [Map]}", "variables": { "input": [ { "keywords": [], "filters": [ { "property": "kind", "values": [ "Deployment" ] } ], "limit": 10 } ] } }
1.13.3. Generic schema
type Query { search(input: [SearchInput]): [SearchResult] searchComplete(property: String!, query: SearchInput, limit: Int): [String] searchSchema: Map messages: [Message] }
1.13.4. Supported queries
Continue reading to see the query types that are supported in JSON format.
1.13.4.1. Search for deployments
Query:
query mySearch($input: [SearchInput]) { search(input: $input) { items } }
Variables:
{"input":[ { "keywords":[], "filters":[ {"property":"kind","values":["Deployment"]}], "limit":10 } ]}
1.13.4.2. Search for pods
Query:
query mySearch($input: [SearchInput]) { search(input: $input) { items } }
Variables:
{"input":[ { "keywords":[], "filters":[ {"property":"kind","values":["Pod"]}], "limit":10 } ]}
1.14. MultiClusterHub API
1.14.1. Overview
This documentation is for the MultiClusterHub resource for Red Hat Advanced Cluster Management for Kubernetes. MultiClusterHub resource has four possible requests: create, query, delete and update.
1.14.1.1. Version information
Version : 2.12.0
1.14.1.2. URI scheme
BasePath : /kubernetes/apis
Schemes : HTTPS
1.14.1.3. Tags
- multiclusterhubs.operator.open-cluster-management.io : Create and manage multicluster hub operators
1.14.2. Paths
1.14.2.1. Create a MultiClusterHub resource
POST /operator.open-cluster-management.io/v1beta1/namespaces/{namespace}/mch
1.14.2.1.1. Description
Create a MultiClusterHub resource to define the configuration for an instance of the multicluster hub.
1.14.2.1.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
namespace | Namespace that you want to use, for example, default. | string |
Body |
body | Parameters describing the multicluster hub to be created. |
1.14.2.1.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.14.2.1.4. Consumes
-
multiclusterhubs/yaml
1.14.2.1.5. Tags
- multiclusterhubs.operator.open-cluster-management.io
1.14.2.1.6. Example HTTP request
1.14.2.1.6.1. Request body
{ "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "name": "multiclusterhubs.operator.open-cluster-management.io" }, "spec": { "group": "operator.open-cluster-management.io", "names": { "kind": "MultiClusterHub", "listKind": "MultiClusterHubList", "plural": "multiclusterhubs", "shortNames": [ "mch" ], "singular": "multiclusterhub" }, "scope": "Namespaced", "versions": [ { "additionalPrinterColumns": [ { "description": "The overall status of the multicluster hub.", "jsonPath": ".status.phase", "name": "Status", "type": "string" }, { "jsonPath": ".metadata.creationTimestamp", "name": "Age", "type": "date" } ], "name": "v1", "schema": { "openAPIV3Schema": { "description": "MultiClusterHub defines the configuration for an instance of the multiCluster hub, a central point for managing multiple Kubernetes-based clusters. The deployment of multicluster hub components is determined based on the configuration that is defined in this resource.", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. The value is in CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "MultiClusterHubSpec defines the desired state of MultiClusterHub.", "properties": { "availabilityConfig": { "description": "Specifies deployment replication for improved availability. Options are: Basic and High (default).", "type": "string" }, "customCAConfigmap": { "description": "Provide the customized OpenShift default ingress CA certificate to Red Hat Advanced Cluster Management.", } "type": "string" }, "disableHubSelfManagement": { "description": "Disable automatic import of the hub cluster as a managed cluster.", "type": "boolean" }, "disableUpdateClusterImageSets": { "description": "Disable automatic update of ClusterImageSets.", "type": "boolean" }, "hive": { "description": "(Deprecated) Overrides for the default HiveConfig specification.", "properties": { "additionalCertificateAuthorities": { "description": "(Deprecated) AdditionalCertificateAuthorities is a list of references to secrets in the 'hive' namespace that contain an additional Certificate Authority to use when communicating with target clusters. These certificate authorities are used in addition to any self-signed CA generated by each cluster on installation.", "items": { "description": "LocalObjectReference contains the information to let you locate the referenced object inside the same namespace.", "properties": { "name": { "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", "type": "string" } }, "type": "object" }, "type": "array" }, "backup": { "description": "(Deprecated) Backup specifies configuration for backup integration. If absent, backup integration is disabled.", "properties": { "minBackupPeriodSeconds": { "description": "(Deprecated) MinBackupPeriodSeconds specifies that a minimum of MinBackupPeriodSeconds occurs in between each backup. This is used to rate limit backups. This potentially batches together multiple changes into one backup. No backups are lost for changes that happen during the interval that is queued up, and results in a backup once the interval has been completed.", "type": "integer" }, "velero": { "description": "(Deprecated) Velero specifies configuration for the Velero backup integration.", "properties": { "enabled": { "description": "(Deprecated) Enabled dictates if the Velero backup integration is enabled. If not specified, the default is disabled.", "type": "boolean" } }, "type": "object" } }, "type": "object" }, "externalDNS": { "description": "(Deprecated) ExternalDNS specifies configuration for external-dns if it is to be deployed by Hive. If absent, external-dns is not deployed.", "properties": { "aws": { "description": "(Deprecated) AWS contains AWS-specific settings for external DNS.", "properties": { "credentials": { "description": "(Deprecated) Credentials reference a secret that is used to authenticate with AWS Route53. It needs permission to manage entries in each of the managed domains for this cluster. Secret should have AWS keys named 'aws_access_key_id' and 'aws_secret_access_key'.", "properties": { "name": { "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", "type": "string" } }, "type": "object" } }, "type": "object" }, "gcp": { "description": "(Deprecated) GCP contains Google Cloud Platform specific settings for external DNS.", "properties": { "credentials": { "description": "(Deprecated) Credentials reference a secret that is used to authenticate with GCP DNS. It needs permission to manage entries in each of the managed domains for this cluster. Secret should have a key names 'osServiceAccount.json'. The credentials must specify the project to use.", "properties": { "name": { "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", "type": "string" } }, "type": "object" } }, "type": "object" } }, "type": "object" }, "failedProvisionConfig": { "description": "(Deprecated) FailedProvisionConfig is used to configure settings related to handling provision failures.", "properties": { "skipGatherLogs": { "description": "(Deprecated) SkipGatherLogs disables functionality that attempts to gather full logs from the cluster if an installation fails for any reason. The logs are stored in a persistent volume for up to seven days.", "type": "boolean" } }, "type": "object" }, "globalPullSecret": { "description": "(Deprecated) GlobalPullSecret is used to specify a pull secret that is used globally by all of the cluster deployments. For each cluster deployment, the contents of GlobalPullSecret are merged with the specific pull secret for a cluster deployment(if specified), with precedence given to the contents of the pull secret for the cluster deployment.", "properties": { "name": { "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", "type": "string" } }, "type": "object" }, "maintenanceMode": { "description": "(Deprecated) MaintenanceMode can be set to true to disable the Hive controllers in situations where you need to ensure nothing is running that adds or act upon finalizers on Hive types. This should rarely be needed. Sets replicas to zero for the 'hive-controllers' deployment to accomplish this.", "type": "boolean" } }, "required": [ "failedProvisionConfig" ], "type": "object" }, "imagePullSecret": { "description": "Override pull secret for accessing MultiClusterHub operand and endpoint images.", "type": "string" }, "ingress": { "description": "Configuration options for ingress management.", "properties": { "sslCiphers": { "description": "List of SSL ciphers enabled for management ingress. Defaults to full list of supported ciphers.", "items": { "type": "string" }, "type": "array" } }, "type": "object" }, "nodeSelector": { "additionalProperties": { "type": "string" }, "description": "Set the node selectors..", "type": "object" }, "overrides": { "description": "Developer overrides.", "properties": { "imagePullPolicy": { "description": "Pull policy of the multicluster hub images.", "type": "string" } }, "type": "object" }, "separateCertificateManagement": { "description": "(Deprecated) Install cert-manager into its own namespace.", "type": "boolean" } }, "type": "object" }, "status": { "description": "MulticlusterHubStatus defines the observed state of MultiClusterHub.", "properties": { "components": { "additionalProperties": { "description": "StatusCondition contains condition information.", "properties": { "lastTransitionTime": { "description": "LastTransitionTime is the last time the condition changed from one status to another.", "format": "date-time", "type": "string" }, "message": { "description": "Message is a human-readable message indicating\ndetails about the last status change.", "type": "string" }, "reason": { "description": "Reason is a (brief) reason for the last status change of the condition.", "type": "string" }, "status": { "description": "Status is the status of the condition. One of True, False, Unknown.", "type": "string" }, "type": { "description": "Type is the type of the cluster condition.", "type": "string" } }, "type": "object" }, "description": "Components []ComponentCondition `json:\"manifests,omitempty\"`", "type": "object" }, "conditions": { "description": "Conditions contain the different condition statuses for the MultiClusterHub.", "items": { "description": "StatusCondition contains condition information.", "properties": { "lastTransitionTime": { "description": "LastTransitionTime is the last time the condition changed from one status to another.", "format": "date-time", "type": "string" }, "lastUpdateTime": { "description": "The last time this condition was updated.", "format": "date-time", "type": "string" }, "message": { "description": "Message is a human-readable message indicating details about the last status change.", "type": "string" }, "reason": { "description": "Reason is a (brief) reason for the last status change of the condition.", "type": "string" }, "status": { "description": "Status is the status of the condition. One of True, False, Unknown.", "type": "string" }, "type": { "description": "Type is the type of the cluster condition.", "type": "string" } }, "type": "object" }, "type": "array" }, "currentVersion": { "description": "CurrentVersion indicates the current version..", "type": "string" }, "desiredVersion": { "description": "DesiredVersion indicates the desired version.", "type": "string" }, "phase": { "description": "Represents the running phase of the MultiClusterHub", "type": "string" } }, "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] } }
1.14.2.2. Query all MultiClusterHubs
GET /operator.open-cluster-management.io/v1beta1/namespaces/{namespace}/operator
1.14.2.2.1. Description
Query your multicluster hub operator for more details.
1.14.2.2.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
namespace | Namespace that you want to use, for example, default. | string |
1.14.2.2.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.14.2.2.4. Consumes
-
operator/yaml
1.14.2.2.5. Tags
- multiclusterhubs.operator.open-cluster-management.io
1.14.2.3. Query a MultiClusterHub operator
GET /operator.open-cluster-management.io/v1beta1/namespaces/{namespace}/operator/{multiclusterhub_name}
1.14.2.3.1. Description
Query a single multicluster hub operator for more details.
1.14.2.3.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
application_name | Name of the application that you want to query. | string |
Path |
namespace | Namespace that you want to use, for example, default. | string |
1.14.2.3.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.14.2.3.4. Tags
- multiclusterhubs.operator.open-cluster-management.io
1.14.2.4. Delete a MultiClusterHub operator
DELETE /operator.open-cluster-management.io/v1beta1/namespaces/{namespace}/operator/{multiclusterhub_name}
1.14.2.4.1. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
application_name | Name of the multicluster hub operator that you want to delete. | string |
Path |
namespace | Namespace that you want to use, for example, default. | string |
1.14.2.4.2. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.14.2.4.3. Tags
- multiclusterhubs.operator.open-cluster-management.io
1.14.3. Definitions
1.14.3.1. Multicluster hub operator
Name | Description | Schema |
---|---|---|
apiVersion | The versioned schema of the MultiClusterHub. | string |
kind | String value that represents the REST resource. | string |
metadata | Describes rules that define the resource. | object |
spec | The resource specification. |
spec
availabilityConfig optional | Specifies deployment replication for improved availability. The default value is High . | string |
---|---|---|
customCAConfigmap | Provide the customized OpenShift default ingress CA certificate to Red Hat Advanced Cluster Management. | string |
disableHubSelfManagement | Disable automatic import of the hub cluster as a managed cluster. | boolean |
disableUpdateClusterImageSets | Disable automatic update of ClusterImageSets. | boolean |
hive | (Deprecated) An object that overrides for the default HiveConfig specification. | |
imagePullSecret | Overrides pull secret for accessing MultiClusterHub operand and endpoint images. | string |
ingress | Configuration options for ingress management. | |
nodeSelector | Set the node selectors. | string |
separateCertificateManagement |
(Deprecated) Install | boolean |
hive
additionalCertificateAuthorities optional | (Deprecated) A list of references to secrets in the hive namespace that contain an additional Certificate Authority to use when communicating with target clusters. These certificate authorities are used in addition to any self-signed CA generated by each cluster on installation. | object |
---|---|---|
backup | (Deprecated) Specifies the configuration for backup integration. If absent, backup integration is disabled. | |
externalDNS |
(Deprecated) Specifies configuration for | object |
failedProvisionConfig | (Deprecated) Used to configure settings related to handling provision failures. | |
globalPullSecret |
(Deprecated) Used to specify a pull secret that is used globally by all of the cluster deployments. For each cluster deployment, the contents of | object |
maintenanceMode |
(Deprecated) Can be set to true to disable the hive controllers in situations where you need to ensure nothing is running that adds or acts upon finalizers on Hive types. This should rarely be needed. Sets replicas to | boolean |
ingress
sslCiphers optional | List of SSL ciphers enabled for management ingress. Defaults to full list of supported ciphers. | string |
---|
backup
minBackupPeriodSeconds optional | (Deprecated) Specifies that a minimum of MinBackupPeriodSeconds occurs in between each backup. This is used to rate limit backups. This potentially batches together multiple changes into one backup. No backups are lost as changes happen during this interval are queued up and result in a backup happening once the interval has been completed. | integer |
---|---|---|
velero | (Deprecated) Velero specifies configuration for the Velero backup integration. | object |
failedProvisionConfig
skipGatherLogs optional | (Deprecated) Disables functionality that attempts to gather full logs from the cluster if an installation fails for any reason. The logs are stored in a persistent volume for up to seven days. | boolean |
---|
status
components optional | The components of the status configuration. | object |
---|---|---|
conditions | Contains the different conditions for the multicluster hub. | |
desiredVersion | Indicates the desired version. | string |
phase |
Represents the active phase of the MultiClusterHub resource. The values that are used for this parameter are: | string |
conditions
lastTransitionTime optional | The last time the condition changed from one status to another. | string |
---|---|---|
lastUpdateTime | The last time this condition was updated. | string |
message | Message is a human-readable message indicating details about the last status change. | string |
reason | A brief reason for why the condition status changed. | string |
status | The status of the condition. | string |
type | The type of the cluster condition. | string |
StatusConditions
kind required | The resource kind that represents this status. | string |
---|---|---|
available | Indicates whether this component is properly running. | boolean |
lastTransitionTime | The last time the condition changed from one status to another. | metav1.time |
lastUpdateTime | The last time this condition was updated. | metav1.time |
message | Message is a human-readable message indicating details about the last status change. | string |
reason | A brief reason for why the condition status changed. | string |
status | The status of the condition. | string |
type | The type of the cluster condition. | string |
1.15. Placement API (v1beta1)
1.15.1. Overview
This documentation is for the Placement resource for Red Hat Advanced Cluster Management for Kubernetes. The Placement resource has four possible requests: create, query, delete, and update. Placement defines a rule to select a set of ManagedClusters from the ManagedClusterSets that are bound to the placement namespace. A slice of PlacementDecisions with the label cluster.open-cluster-management.io/placement={placement name}
is created to represent the ManagedClusters that are selected by this placement.
1.15.1.1. Version information
Version : 2.12.0
1.15.1.2. URI scheme
BasePath : /kubernetes/apis
Schemes : HTTPS
1.15.1.3. Tags
- cluster.open-cluster-management.io : Create and manage Placements
1.15.2. Paths
1.15.2.1. Query all Placements
GET /cluster.open-cluster-management.io/v1beta1/namespaces/{namespace}/placement
1.15.2.1.1. Description
Query your Placements for more details.
1.15.2.1.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
1.15.2.1.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.15.2.1.4. Consumes
-
placement/yaml
1.15.2.1.5. Tags
- cluster.open-cluster-management.io
1.15.2.2. Create a Placement
POST /cluster.open-cluster-management.io/v1beta1/namespaces/{namespace}/placements
1.15.2.2.1. Description
Create a Placement.
1.15.2.2.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Body |
body | Parameters describing the placement binding to be created. |
1.15.2.2.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.15.2.2.4. Consumes
-
placement/yaml
1.15.2.2.5. Tags
- cluster.open-cluster-management.io
1.15.2.2.6. Example HTTP request
1.15.2.2.6.1. Request body
{ "apiVersion" : "cluster.open-cluster-management.io/v1beta1", "kind" : "Placement", "metadata" : { "name" : "placement1", "namespace": "ns1" }, "spec": { "predicates": [ { "requiredClusterSelector": { "labelSelector": { "matchLabels": { "vendor": "OpenShift" } } } } ] }, "status" : { } }
1.15.2.3. Query a single Placement
GET /cluster.open-cluster-management.io/v1beta1/namespaces/{namespace}/placements/{placement_name}
1.15.2.3.1. Description
Query a single Placement for more details.
1.15.2.3.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
placement_name | Name of the Placement that you want to query. | string |
1.15.2.3.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.15.2.3.4. Tags
- cluster.open-cluster-management.io
1.15.2.4. Delete a Placement
DELETE /cluster.open-cluster-management.io/v1beta1/namespaces/{namespace}/placements/{placement_name}
1.15.2.4.1. Description
Delete a single Placement.
1.15.2.4.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
placement_name | Name of the Placement that you want to delete. | string |
1.15.2.4.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.15.2.4.4. Tags
- cluster.open-cluster-management.io
1.15.3. Definitions
1.15.3.1. Placement
Name | Description | Schema |
---|---|---|
apiVersion | Versioned schema of the Placement. | string |
kind | String value that represents the REST resource. | string |
metadata | Metadata of the Placement. | object |
spec | Specification of the Placement. |
spec
Name | Description | Schema |
---|---|---|
clusterSets |
A subset of | string array |
numberOfClusters |
Number of | integer (int32) |
predicates |
Subset of cluster predicates that select | clusterPredicate array |
prioritizerPolicy | Policy of the prioritizers. | |
tolerations | Value that allows, but does not require, the managed clusters with certain taints to be selected by placements with matching tolerations. | toleration array |
clusterPredicate
Name | Description | Schema |
---|---|---|
requiredClusterSelector |
A cluster selector to select |
clusterSelector
Name | Description | Schema |
---|---|---|
labelSelector |
Selector of | object |
claimSelector |
Selector of |
clusterClaimSelector
Name | Description | Schema |
---|---|---|
matchExpressions | Subset of the cluster claim selector requirements. The conditional logic is AND. | < object > array |
prioritizerPolicy
Name | Description | Schema |
---|---|---|
mode |
Either | string |
configurations | Configuration of the prioritizer. | prioritizerConfig array |
prioritizerConfig
Name | Description | Schema |
---|---|---|
scoreCoordinate | Configuration of the prioritizer and score source. | |
weight | Weight of the prioritizer score. The value must be within the range: [-10,10]. | int32 |
scoreCoordinate
Name | Description | Schema |
---|---|---|
type | Type of the prioritizer score. Valid values are "BuiltIn" or "AddOn". | string |
builtIn |
Name of a | string |
addOn |
When type is | object |
toleration
Name | Description | Schema |
---|---|---|
key | Taint key that the toleration applies to. Empty means match all of the taint keys. | string |
operator |
Relationship of a key to the value. Valid operators are | string |
value | Taint value that matches the toleration. | string |
effect |
Taint effect to match. Empty means match all of the taint effects. When specified, allowed values are | string |
tolerationSeconds | Length of time that a taint is tolerated, after which the taint is not tolerated. The default value is nil, which indicates that there is no time limit on how long the taint is tolerated. | int64 |
1.16. PlacementDecisions API (v1beta1)
1.16.1. Overview
This documentation is for the PlacementDecision resource for Red Hat Advanced Cluster Management for Kubernetes. The PlacementDecision resource has four possible requests: create, query, delete, and update. A PlacementDecision indicates a decision from a placement. A PlacementDecision uses the label cluster.open-cluster-management.io/placement={placement name}
to reference a certain placement.
1.16.1.1. Version information
Version : 2.12.0
1.16.1.2. URI scheme
BasePath : /kubernetes/apis
Schemes : HTTPS
1.16.1.3. Tags
- cluster.open-cluster-management.io : Create and manage PlacementDecisions.
1.16.2. Paths
1.16.2.1. Query all PlacementDecisions
GET /cluster.open-cluster-management.io/v1beta1/namespaces/{namespace}/placementdecisions
1.16.2.1.1. Description
Query your PlacementDecisions for more details.
1.16.2.1.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
1.16.2.1.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.16.2.1.4. Consumes
-
placementdecision/yaml
1.16.2.1.5. Tags
- cluster.open-cluster-management.io
1.16.2.2. Create a PlacementDecision
POST /cluster.open-cluster-management.io/v1beta1/namespaces/{namespace}/placementdecisions
1.16.2.2.1. Description
Create a PlacementDecision.
1.16.2.2.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Body |
body | Parameters describing the PlacementDecision to be created. |
1.16.2.2.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.16.2.2.4. Consumes
-
placementdecision/yaml
1.16.2.2.5. Tags
- cluster.open-cluster-management.io
1.16.2.2.6. Example HTTP request
1.16.2.2.6.1. Request body
{ "apiVersion" : "cluster.open-cluster-management.io/v1beta1", "kind" : "PlacementDecision", "metadata" : { "labels" : { "cluster.open-cluster-management.io/placement" : "placement1" }, "name" : "placement1-decision1", "namespace": "ns1" }, "status" : { } }
1.16.2.3. Query a single PlacementDecision
GET /cluster.open-cluster-management.io/v1beta1/namespaces/{namespace}/placementdecisions/{placementdecision_name}
1.16.2.3.1. Description
Query a single PlacementDecision for more details.
1.16.2.3.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
placementdecision_name | Name of the PlacementDecision that you want to query. | string |
1.16.2.3.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.16.2.3.4. Tags
- cluster.open-cluster-management.io
1.16.2.4. Delete a PlacementDecision
DELETE /cluster.open-cluster-management.io/v1beta1/namespaces/{namespace}/placementdecisions/{placementdecision_name}
1.16.2.4.1. Description
Delete a single PlacementDecision.
1.16.2.4.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
placementdecision_name | Name of the PlacementDecision that you want to delete. | string |
1.16.2.4.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.16.2.4.4. Tags
- cluster.open-cluster-management.io
1.16.3. Definitions
1.16.3.1. PlacementDecision
Name | Description | Schema |
---|---|---|
apiVersion |
Versioned schema of | string |
kind | String value that represents the REST resource. | string |
metadata |
Metadata of | object |
status |
Current status of the |
PlacementStatus
Name | Description | Schema |
---|---|---|
Decisions | Slice of decisions according to a placement. | ClusterDecision array |
ClusterDecision
Name | Description | Schema |
---|---|---|
clusterName |
Name of the | string |
reason |
Reason why the | string |
1.17. DiscoveryConfig API
1.17.1. Overview
This documentation is for the DiscoveryConfig resource for Red Hat Advanced Cluster Management for Kubernetes. The DiscoveryConfig resource has four possible requests: create, query, delete, and update.
1.17.1.1. Version information
Version : 2.12.0
1.17.1.2. URI scheme
BasePath : /kubernetes/apis
Schemes : HTTPS
1.17.1.3. Tags
- discoveryconfigs.discovery.open-cluster-management.io : Create and manage DiscoveryConfigs
1.17.2. Paths
1.17.2.1. Create a DiscoveryConfig
POST /app.k8s.io/v1/namespaces/{namespace}/discoveryconfigs
1.17.2.1.1. Description
Create a DiscoveryConfig.
1.17.2.1.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
namespace | Namespace that you want to use, for example, default. | string |
Body |
body | Parameters describing the DiscoveryConfig to be created. | DiscoveryConfig |
1.17.2.1.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.17.2.1.4. Consumes
-
discoveryconfigs/yaml
1.17.2.1.5. Tags
- discoveryconfigs.discovery.open-cluster-management.io
1.17.2.1.5.1. Request body
{ "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.4.1", }, "creationTimestamp": null, "name": "discoveryconfigs.discovery.open-cluster-management.io", }, "spec": { "group": "discovery.open-cluster-management.io", "names": { "kind": "DiscoveryConfig", "listKind": "DiscoveryConfigList", "plural": "discoveryconfigs", "singular": "discoveryconfig" }, "scope": "Namespaced", "versions": [ { "name": "v1", "schema": { "openAPIV3Schema": { "description": "DiscoveryConfig is the Schema for the discoveryconfigs API", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "DiscoveryConfigSpec defines the desired state of DiscoveryConfig", "properties": { "credential": { "description": "Credential is the secret containing credentials to connect to the OCM api on behalf of a user", "type": "string" }, "filters": { "description": "Sets restrictions on what kind of clusters to discover", "properties": { "lastActive": { "description": "LastActive is the last active in days of clusters to discover, determined by activity timestamp", "type": "integer" }, "openShiftVersions": { "description": "OpenShiftVersions is the list of release versions of OpenShift of the form \"<Major>.<Minor>\"", "items": { "description": "Semver represents a partial semver string with the major and minor version in the form \"<Major>.<Minor>\". For example: \"4.15\"", "pattern": "^(?:0|[1-9]\\d*)\\.(?:0|[1-9]\\d*)$", "type": "string" }, "type": "array" } }, "type": "object" } }, "required": [ "credential" ], "type": "object" }, "status": { "description": "DiscoveryConfigStatus defines the observed state of DiscoveryConfig", "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] }, "status": { "acceptedNames": { "kind": "", "plural": "" }, "conditions": [], "storedVersions": [] } }
1.17.2.2. Query all DiscoveryConfigs
GET /operator.open-cluster-management.io/v1/namespaces/{namespace}/operator
1.17.2.2.1. Description
Query your discovery config operator for more details.
1.17.2.2.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
namespace | Namespace that you want to use, for example, default. | string |
1.17.2.2.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.17.2.2.4. Consumes
-
operator/yaml
1.17.2.2.5. Tags
- discoveryconfigs.discovery.open-cluster-management.io
1.17.2.3. Delete a DiscoveryConfig operator
DELETE /operator.open-cluster-management.io/v1/namespaces/{namespace}/operator/{discoveryconfigs_name}
1.17.2.3.1. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
application_name | Name of the Discovery Config operator that you want to delete. | string |
Path |
namespace | Namespace that you want to use, for example, default. | string |
1.17.2.3.2. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.17.2.3.3. Tags
- discoveryconfigs.operator.open-cluster-management.io
1.17.3. Definitions
1.17.3.1. DiscoveryConfig
Name | Description | Schema |
---|---|---|
apiVersion | The versioned schema of the discoveryconfigs. | string |
kind | String value that represents the REST resource. | string |
metadata | Describes rules that define the resource. | object |
spec | Defines the desired state of DiscoveryConfig. | See List of specs |
1.17.3.2. List of specs
Name | Description | Schema |
---|---|---|
credential | Credential is the secret containing credentials to connect to the OCM API on behalf of a user. | string |
filters | Sets restrictions on what kind of clusters to discover. | See List of filters |
1.17.3.3. List of filters
Name | Description | Schema |
---|---|---|
lastActive | LastActive is the last active in days of clusters to discover, determined by activity timestamp. | integer |
openShiftVersions | OpenShiftVersions is the list of release versions of OpenShift of the form "<Major>.<Minor>" | object |
1.18. DiscoveredCluster API
1.18.1. Overview
This documentation is for the DiscoveredCluster resource for Red Hat Advanced Cluster Management for Kubernetes. The DiscoveredCluster resource has four possible requests: create, query, delete, and update.
1.18.1.1. Version information
Version : 2.12.0
1.18.1.2. URI scheme
BasePath : /kubernetes/apis
Schemes : HTTPS
1.18.1.3. Tags
- discoveredclusters.discovery.open-cluster-management.io : Create and manage DiscoveredClusters
1.18.2. Paths
1.18.2.1. Create a DiscoveredCluster
POST /app.k8s.io/v1/namespaces/{namespace}/discoveredclusters
1.18.2.1.1. Description
Create a DiscoveredCluster.
1.18.2.1.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
namespace | Namespace that you want to use, for example, default. | string |
Body |
body | Parameters describing the DiscoveredCluster to be created. | DiscoveredCluster |
1.18.2.1.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.18.2.1.4. Consumes
-
discoveredclusters/yaml
1.18.2.1.5. Tags
- discoveredclusters.discovery.open-cluster-management.io
1.18.2.1.5.1. Request body
{ "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.4.1",\ }, "creationTimestamp": null, "name": "discoveredclusters.discovery.open-cluster-management.io", }, "spec": { "group": "discovery.open-cluster-management.io", "names": { "kind": "DiscoveredCluster", "listKind": "DiscoveredClusterList", "plural": "discoveredclusters", "singular": "discoveredcluster" }, "scope": "Namespaced", "versions": [ { "name": "v1", "schema": { "openAPIV3Schema": { "description": "DiscoveredCluster is the Schema for the discoveredclusters API", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "DiscoveredClusterSpec defines the desired state of DiscoveredCluster", "properties": { "activityTimestamp": { "format": "date-time", "type": "string" }, "apiUrl": { "type": "string" }, "cloudProvider": { "type": "string" }, "console": { "type": "string" }, "creationTimestamp": { "format": "date-time", "type": "string" }, "credential": { "description": "ObjectReference contains enough information to let you inspect or modify the referred object. --- New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular restrictions like, \"must refer only to types A and B\" or \"UID not honored\" or \"name must be restricted\". Those cannot be well described when embedded. 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple and the version of the actual struct is irrelevant. 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. Instead of using this type, create a locally provided and used type that is well-focused on your reference. For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 .", "properties": { "apiVersion": { "description": "API version of the referent.", "type": "string" }, "fieldPath": { "description": "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.", "type": "string" }, "kind": { "description": "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "name": { "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", "type": "string" }, "namespace": { "description": "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/", "type": "string" }, "resourceVersion": { "description": "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency", "type": "string" }, "uid": { "description": "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids", "type": "string" } }, "type": "object" }, "displayName": { "type": "string" }, "isManagedCluster": { "type": "boolean" }, "name": { "type": "string" }, "openshiftVersion": { "type": "string" }, "status": { "type": "string" }, "type": { "type": "string" } }, "required": [ "apiUrl", "displayName", "isManagedCluster", "name", "type" ], "type": "object" }, "status": { "description": "DiscoveredClusterStatus defines the observed state of DiscoveredCluster", "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] }, "status": { "acceptedNames": { "kind": "", "plural": "" }, "conditions": [], "storedVersions": [] } }
1.18.2.2. Query all DiscoveredClusters
GET /operator.open-cluster-management.io/v1/namespaces/{namespace}/operator
1.18.2.2.1. Description
Query your discovered clusters operator for more details.
1.18.2.2.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
namespace | Namespace that you want to use, for example, default. | string |
1.18.2.2.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.18.2.2.4. Consumes
-
operator/yaml
1.18.2.2.5. Tags
- discoveredclusters.discovery.open-cluster-management.io
1.18.2.3. Delete a DiscoveredCluster operator
DELETE /operator.open-cluster-management.io/v1/namespaces/{namespace}/operator/{discoveredclusters_name}
1.18.2.3.1. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
application_name | Name of the Discovered Cluster operator that you want to delete. | string |
Path |
namespace | Namespace that you want to use, for example, default. | string |
1.18.2.3.2. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.18.2.3.3. Tags
- discoveredclusters.operator.open-cluster-management.io
1.18.3. Definitions
1.18.3.1. DiscoveredCluster
Name | Description | Schema |
---|---|---|
apiVersion | The versioned schema of the discoveredclusters. | string |
kind | String value that represents the REST resource. | string |
metadata | Describes rules that define the resource. | object |
spec | DiscoveredClusterSpec defines the desired state of DiscoveredCluster. | See List of specs |
1.18.3.2. List of specs
Name | Description | Schema |
---|---|---|
activityTimestamp | Discoveredclusters last available activity timestamp. | metav1.time |
apiUrl | Discoveredclusters API URL endpoint. | string |
cloudProvider | Cloud provider of discoveredcluster. | string |
console | Discoveredclusters console URL endpoint. | string |
creationTimestamp | Discoveredclusters creation timestamp. | metav1.time |
credential | The reference to the credential from which the cluster was discovered. | corev1.ObjectReference |
displayName | The display name of the discovered cluster. | string |
isManagedCluster | If true, cluster is managed by ACM. | boolean |
name | The name of the discoveredcluster. | string |
openshiftVersion | The OpenShift version of the discovered cluster. | string |
status | The status of the discovered cluster. | string |
type | The OpenShift flavor (ex. OCP, ROSA, etc.). | string |
1.19. AddOnDeploymentConfig API (v1alpha1)
1.19.1. Overview
This documentation is for the AddOnDeploymentConfig resource for Red Hat Advanced Cluster Management for Kubernetes. The AddOnDeploymentConfig resource has four possible requests: create, query, delete, and update. AddOnDeploymentConfig represents a deployment configuration for an add-on.
1.19.1.1. Version information
Version : 2.12.0
1.19.1.2. URI scheme
BasePath : /kubernetes/apis
Schemes : HTTPS
1.19.1.3. Tags
- addon.open-cluster-management.io : Create and manage AddOnDeploymentConfigs
1.19.2. Paths
1.19.2.1. Query all AddOnDeploymentConfigs
GET /addon.open-cluster-management.io/v1alpha1/namespaces/{namespace}/addondeploymentconfigs
1.19.2.1.1. Description
Query your AddOnDeploymentConfigs for more details.
1.19.2.1.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
1.19.2.1.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.19.2.1.4. Consumes
-
addondeploymentconfig/yaml
1.19.2.1.5. Tags
- addon.open-cluster-management.io
1.19.2.2. Create a AddOnDeploymentConfig
POST /addon.open-cluster-management.io/v1alpha1/namespaces/{namespace}/addondeploymentconfigs
1.19.2.2.1. Description
Create a AddOnDeploymentConfig.
1.19.2.2.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Body |
body | Parameters describing the AddOnDeploymentConfig binding to be created. |
1.19.2.2.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.19.2.2.4. Consumes
-
addondeploymentconfig/yaml
1.19.2.2.5. Tags
- addon.open-cluster-management.io
1.19.2.2.6. Example HTTP request
1.19.2.2.6.1. Request body
{ "apiVersion": "addon.open-cluster-management.io/v1alpha1", "kind": "AddOnDeploymentConfig", "metadata": { "name": "deploy-config", "namespace": "open-cluster-management-hub" }, "spec": { "nodePlacement": { "nodeSelector": { "node-dedicated": "acm-addon" }, "tolerations": [ { "effect": "NoSchedule", "key": "node-dedicated", "operator": "Equal", "value": "acm-addon" } ] } } }
1.19.2.3. Query a single AddOnDeploymentConfig
GET /addon.open-cluster-management.io/v1alpha1/namespaces/{namespace}/addondeploymentconfigs/{addondeploymentconfig_name}
1.19.2.3.1. Description
Query a single AddOnDeploymentConfig for more details.
1.19.2.3.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
addondeploymentconfig_name | Name of the AddOnDeploymentConfig that you want to query. | string |
1.19.2.3.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.19.2.3.4. Tags
- addon.open-cluster-management.io
1.19.2.4. Delete a AddOnDeploymentConfig
DELETE /addon.open-cluster-management.io/v1alpha1/namespaces/{namespace}/addondeploymentconfigs/{addondeploymentconfig_name}
1.19.2.4.1. Description
Delete a single AddOnDeploymentConfig.
1.19.2.4.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
addondeploymentconfig_name | Name of the AddOnDeploymentConfig that you want to delete. | string |
1.19.2.4.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.19.2.4.4. Tags
- addon.open-cluster-management.io
1.19.3. Definitions
1.19.3.1. AddOnDeploymentConfig
Name | Description | Schema |
---|---|---|
apiVersion | Versioned schema of the AddOnDeploymentConfig. | string |
kind | String value that represents the REST resource. | string |
metadata | Metadata of the AddOnDeploymentConfig. | object |
spec | Specification of the AddOnDeploymentConfig. |
spec
Name | Description | Schema |
---|---|---|
customizedVariables | A list of name-value variables for the current add-on deployment. The add-on implementation can use these variables to render its add-on deployment. | customizedVariable array |
nodePlacement | Enables explicit control over the scheduling of the add-on agents on the managed cluster. |
customizedVariable
Name | Description | Schema |
---|---|---|
name | Name of this variable. | string |
value | Value of this variable. | string |
nodePlacement
Name | Description | Schema |
---|---|---|
nodeSelector |
Define which nodes the pods are scheduled to run on. When the | map[string]string |
tolerations |
Applied to pods and used to schedule pods to any taint that matches the | []corev1.Toleration |
1.20. ClusterManagementAddOn API (v1alpha1)
1.20.1. Overview
This documentation is for the ClusterManagementAddOn resource for Red Hat Advanced Cluster Management for Kubernetes. The ClusterManagementAddOn resource has four possible requests: create, query, delete, and update.
ClusterManagementAddOn represents the registration of an add-on to the cluster manager. This resource allows the user to discover which add-on is available for the cluster manager and also provides metadata information about the add-on. This resource also provides a reference to ManagedClusterAddOn, the name of the ClusterManagementAddOn resource that is used for the namespace-scoped ManagedClusterAddOn resource. ClusterManagementAddOn is a cluster-scoped resource.
1.20.1.1. Version information
Version : 2.12.0
1.20.1.2. URI scheme
BasePath : /kubernetes/apis
Schemes : HTTPS
1.20.1.3. Tags
- addon.open-cluster-management.io : Create and manage ClusterManagementAddOns
1.20.2. Paths
1.20.2.1. Query all ClusterManagementAddOns
GET /addon.open-cluster-management.io/v1alpha1/clustermanagementaddons
1.20.2.1.1. Description
Query your ClusterManagementAddOns for more details.
1.20.2.1.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
1.20.2.1.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.20.2.1.4. Consumes
-
clustermanagementaddon/yaml
1.20.2.1.5. Tags
- addon.open-cluster-management.io
1.20.2.2. Create a ClusterManagementAddOn
POST /addon.open-cluster-management.io/v1alpha1/clustermanagementaddons
1.20.2.2.1. Description
Create a ClusterManagementAddOn.
1.20.2.2.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Body |
body | Parameters describing the ClusterManagementAddon binding to be created. |
1.20.2.2.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.20.2.2.4. Consumes
-
clustermanagementaddon/yaml
1.20.2.2.5. Tags
- addon.open-cluster-management.io
1.20.2.2.6. Example HTTP request
1.20.2.2.6.1. Request body
{ "apiVersion": "addon.open-cluster-management.io/v1alpha1", "kind": "ClusterManagementAddOn", "metadata": { "name": "helloworld" }, "spec": { "supportedConfigs": [ { "defaultConfig": { "name": "deploy-config", "namespace": "open-cluster-management-hub" }, "group": "addon.open-cluster-management.io", "resource": "addondeploymentconfigs" } ] }, "status" : { } }
1.20.2.3. Query a single ClusterManagementAddOn
GET /addon.open-cluster-management.io/v1alpha1/clustermanagementaddons/{clustermanagementaddon_name}
1.20.2.3.1. Description
Query a single ClusterManagementAddOn for more details.
1.20.2.3.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
clustermanagementaddon_name | Name of the ClusterManagementAddOn that you want to query. | string |
1.20.2.3.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.20.2.3.4. Tags
- addon.open-cluster-management.io
1.20.2.4. Delete a ClusterManagementAddOn
DELETE /addon.open-cluster-management.io/v1alpha1/clustermanagementaddons/{clustermanagementaddon_name}
1.20.2.4.1. Description
Delete a single ClusterManagementAddOn.
1.20.2.4.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
clustermanagementaddon_name | Name of the ClusterManagementAddOn that you want to delete. | string |
1.20.2.4.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.20.2.4.4. Tags
- addon.open-cluster-management.io
1.20.3. Definitions
1.20.3.1. ClusterManagementAddOn
Name | Description | Schema |
---|---|---|
apiVersion | Versioned schema of the ClusterManagementAddOn. | string |
kind | String value that represents the REST resource. | string |
metadata | Metadata of the ClusterManagementAddOn. | object |
spec | Specification of the ClusterManagementAddOn. |
spec
Name | Description | Schema |
---|---|---|
addOnMeta | AddOnMeta is a reference to the metadata information for the add-on. | |
supportedConfigs | SupportedConfigs is a list of configuration types supported by add-on. | configMeta array |
addOnMeta
Name | Description | Schema |
---|---|---|
displayName | Represents the name of add-on that is displayed. | string |
description | Represents the detailed description of the add-on. | string |
configMeta
Name | Description | Schema |
---|---|---|
group | Group of the add-on configuration. | string |
resource | Resource of the add-on configuration. | string |
defaultConfig | Represents the namespace and name of the default add-on configuration. This is where all add-ons have a same configuration. |
configReferent
Name | Description | Schema |
---|---|---|
namespace | Namespace of the add-on configuration. If this field is not set, the configuration is cluster-scope. | string |
name | Name of the add-on configuration. | string |
1.21. ManagedClusterAddOn API (v1alpha1)
1.21.1. Overview
This documentation is for the ManagedClusterAddOn resource for Red Hat Advanced Cluster Management for Kubernetes. The ManagedClusterAddOn resource has four possible requests: create, query, delete, and update. ManagedClusterAddOn is the custom resource object which holds the current state of an add-on. This resource should be created in the ManagedCluster namespace.
1.21.1.1. Version information
Version : 2.12.0
1.21.1.2. URI scheme
BasePath : /kubernetes/apis
Schemes : HTTPS
1.21.1.3. Tags
- addon.open-cluster-management.io : Create and manage ManagedClusterAddOns
1.21.2. Paths
1.21.2.1. Query all ManagedClusterAddOns
GET /addon.open-cluster-management.io/v1alpha1/namespaces/{namespace}/managedclusteraddons
1.21.2.1.1. Description
Query your ManagedClusterAddOns for more details.
1.21.2.1.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
1.21.2.1.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.21.2.1.4. Consumes
-
managedclusteraddon/yaml
1.21.2.1.5. Tags
- addon.open-cluster-management.io
1.21.2.2. Create a ManagedClusterAddOn
POST /addon.open-cluster-management.io/v1alpha1/namespaces/{namespace}/managedclusteraddons
1.21.2.2.1. Description
Create a ManagedClusterAddOn.
1.21.2.2.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Body |
body | Parameters that describe the ManagedClusterAddOn binding to be created. |
1.21.2.2.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.21.2.2.4. Consumes
-
managedclusteraddon/yaml
1.21.2.2.5. Tags
- addon.open-cluster-management.io
1.21.2.2.6. Example HTTP request
1.21.2.2.6.1. Request body
{ "apiVersion": "addon.open-cluster-management.io/v1alpha1", "kind": "ManagedClusterAddOn", "metadata": { "name": "helloworld", "namespace": "cluster1" }, "spec": { "configs": [ { "group": "addon.open-cluster-management.io", "name": "cluster-deploy-config", "namespace": "open-cluster-management-hub", "resource": "addondeploymentconfigs" } ], "installNamespace": "default" }, "status" : { } }
1.21.2.3. Query a single ManagedClusterAddOn
GET /addon.open-cluster-management.io/v1alpha1/namespaces/{namespace}/managedclusteraddons/{managedclusteraddon_name}
1.21.2.3.1. Description
Query a single ManagedClusterAddOn for more details.
1.21.2.3.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
managedclusteraddon_name | Name of the ManagedClusterAddOn that you want to query. | string |
1.21.2.3.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.21.2.3.4. Tags
- addon.open-cluster-management.io
1.21.2.4. Delete a ManagedClusterAddOn
DELETE /addon.open-cluster-management.io/v1alpha1/namespaces/{namespace}/managedclusteraddons/{managedclusteraddon_name}
1.21.2.4.1. Description
Delete a single ManagedClusterAddOn.
1.21.2.4.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
managedclusteraddon_name | Name of the ManagedClusterAddOn that you want to delete. | string |
1.21.2.4.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.21.2.4.4. Tags
- addon.open-cluster-management.io
1.21.3. Definitions
1.21.3.1. ManagedClusterAddOn
Name | Description | Schema |
---|---|---|
apiVersion | Versioned schema of the ManagedClusterAddOn. | string |
kind | String value that represents the REST resource. | string |
metadata | Metadata of the ManagedClusterAddOn. | object |
spec | Specification of the ManagedClusterAddOn. |
spec
Name | Description | Schema |
---|---|---|
installNamespace | The namespace on the managed cluster to install the add-on agent. If it is not set, the open-cluster-management-agent-addon namespace is used to install the add-on agent. | string |
configs | A list of add-on configurations where the current add-on has its own configurations. | addOnConfig array |
addOnConfig
Name | Description | Schema |
---|---|---|
group | Group of the add-on configuration. | string |
resource | Resource of the add-on configuration. | string |
namespace | Namespace of the add-on configuration. If this field is not set, the configuration is cluster-scope. | string |
name | Name of the add-on configuration. | string |
1.22. ManagedClusterSet API (v1beta2)
1.22.1. Overview
This documentation is for the ManagedClusterSet resource for Red Hat Advanced Cluster Management for Kubernetes. The ManagedClusterSet resource has four possible requests: create, query, delete, and update. ManagedClusterSet groups two or more managed clusters into a set that you can operate together. Managed clusters that belong to a set can have similar attributes, such as shared use purposes or the same deployment region.
1.22.1.1. Version information
Version : 2.12.0
1.22.1.2. URI scheme
BasePath : /kubernetes/apis
Schemes : HTTPS
1.22.1.3. Tags
- cluster.open-cluster-management.io : Create and manage ManagedClusterSets
1.22.2. Paths
1.22.2.1. Query all managedclustersets
GET /cluster.open-cluster-management.io/v1beta2/namespaces/{namespace}/managedclustersets
1.22.2.1.1. Description
Query your managedclustersets for more details.
1.22.2.1.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
namespace | Namespace that you want to use, for example, default. | string |
1.22.2.1.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.22.2.1.4. Consumes
-
managedclusterset/yaml
1.22.2.1.5. Tags
- cluster.open-cluster-management.io
1.22.2.2. Create a managedclusterset
POST /cluster.open-cluster-management.io/v1beta2/namespaces/{namespace}/managedclustersets
1.22.2.2.1. Description
Create a managedclusterset.
1.22.2.2.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
namespace |
Namespace that you want to use, for example, | string |
Body |
body | Parameters describing the managedclusterset to be created. |
1.22.2.2.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.22.2.2.4. Consumes
-
managedclusterset/yaml
1.22.2.2.5. Tags
- cluster.open-cluster-management.io
1.22.2.2.6. Example HTTP request
1.22.2.2.6.1. Request body
{ "apiVersion" : "cluster.open-cluster-management.io/v1beta2", "kind" : "ManagedClusterSet", "metadata" : { "name" : "example-clusterset", }, "spec": { }, "status" : { } }
1.22.2.3. Query a single managedclusterset
GET /cluster.open-cluster-management.io/v1beta2/namespaces/{namespace}/managedclustersets/{managedclusterset_name}
1.22.2.3.1. Description
Query a single managedclusterset for more details.
1.22.2.3.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
namespace |
Namespace that you want to use, for example, | string |
Path |
managedclusterset_name | Name of the managedclusterset that you want to query. | string |
1.22.2.3.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.22.2.3.4. Tags
- cluster.open-cluster-management.io
1.22.2.4. Delete a managedclusterset
DELETE /cluster.open-cluster-management.io/v1beta2/managedclustersets/{managedclusterset_name}
1.22.2.4.1. Description
Delete a single managedclusterset.
1.22.2.4.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
namespace |
Namespace that you want to use, for example, | string |
Path |
managedclusterset_name | Name of the managedclusterset that you want to delete. | string |
1.22.2.4.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.22.2.4.4. Tags
- cluster.open-cluster-management.io
1.22.3. Definitions
1.22.3.1. ManagedClusterSet
Name | Description | Schema |
---|---|---|
apiVersion |
Versioned schema of the | string |
kind | String value that represents the REST resource. | string |
metadata |
Metadata of the | object |
specrequired |
Specification of the | spec |
1.23. KlusterletConfig API (v1alpha1)
1.23.1. Overview
This documentation is for the KlusterletConfig resource for Red Hat Advanced Cluster Management for Kubernetes. The KlusterletConfig resource has four possible requests: create, query, delete, and update. KlusterletConfig contains configuration information about a klusterlet, such as nodeSelector
, tolerations
, and pullSecret
. KlusterletConfig is a cluster-scoped resource and only works on klusterlet pods in the open-cluster-managemnet-agent
namespace. KlusterletConfig does not affect add-on deployment configurations.
1.23.1.1. Version information
Version : 2.12.0
1.23.1.2. URI scheme
BasePath : /kubernetes/apis
Schemes : HTTPS
1.23.1.3. Tags
- config.open-cluster-management.io : Create and manage KlusterletConfig
1.23.2. Paths
1.23.2.1. Query all KlusterletConfig
GET /config.open-cluster-management.io/v1alpha1/namespaces/{namespace}/klusterletconfigs
1.23.2.1.1. Description
Query your KlusterletConfigs for more details.
1.23.2.1.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
1.23.2.1.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.23.2.1.4. Consumes
-
klusterletconfig/yaml
1.23.2.1.5. Tags
- config.open-cluster-management.io
1.23.2.2. Create a KlusterletConfig
POST /config.open-cluster-management.io/v1alpha1/namespaces/{namespace}/klusterletconfigs
1.23.2.2.1. Description
Create a KlusterletConfig.
1.23.2.2.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Body |
body | Parameters describing the KlusterletConfig binding to be created. |
1.23.2.2.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.23.2.2.4. Consumes
-
klusterletconfig/yaml
1.23.2.2.5. Tags
- config.open-cluster-management.io
1.23.2.2.6. Example HTTP request
1.23.2.2.6.1. Request body
{ "apiVersion": "apiextensions.k8s.io/v1", "kind": "CustomResourceDefinition", "metadata": { "annotations": { "controller-gen.kubebuilder.io/version": "v0.7.0" }, "creationTimestamp": null, "name": "klusterletconfigs.config.open-cluster-management.io" }, "spec": { "group": "config.open-cluster-management.io", "names": { "kind": "KlusterletConfig", "listKind": "KlusterletConfigList", "plural": "klusterletconfigs", "singular": "klusterletconfig" }, "preserveUnknownFields": false, "scope": "Cluster", "versions": [ { "name": "v1alpha1", "schema": { "openAPIV3Schema": { "description": "KlusterletConfig contains the configuration of a klusterlet including the upgrade strategy, config overrides, proxy configurations etc.", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "Spec defines the desired state of KlusterletConfig", "properties": { "hubKubeAPIServerProxyConfig": { "description": "HubKubeAPIServerProxyConfig holds proxy settings for connections between klusterlet/add-on agents on the managed cluster and the kube-apiserver on the hub cluster. Empty means no proxy settings is available.", "properties": { "caBundle": { "description": "CABundle is a CA certificate bundle to verify the proxy server. It will be ignored if only HTTPProxy is set; And it is required when HTTPSProxy is set and self signed CA certificate is used by the proxy server.", "format": "byte", "type": "string" }, "httpProxy": { "description": "HTTPProxy is the URL of the proxy for HTTP requests", "type": "string" }, "httpsProxy": { "description": "HTTPSProxy is the URL of the proxy for HTTPS requests HTTPSProxy will be chosen if both HTTPProxy and HTTPSProxy are set.", "type": "string" } }, "type": "object" }, "nodePlacement": { "description": "NodePlacement enables explicit control over the scheduling of the agent components. If the placement is nil, the placement is not specified, it will be omitted. If the placement is an empty object, the placement will match all nodes and tolerate nothing.", "properties": { "nodeSelector": { "additionalProperties": { "type": "string" }, "description": "NodeSelector defines which Nodes the Pods are scheduled on. The default is an empty list.", "type": "object" }, "tolerations": { "description": "Tolerations is attached by pods to tolerate any taint that matches the triple <key,value,effect> using the matching operator <operator>. The default is an empty list.", "items": { "description": "The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.", "properties": { "effect": { "description": "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.", "type": "string" }, "key": { "description": "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.", "type": "string" }, "operator": { "description": "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.", "type": "string" }, "tolerationSeconds": { "description": "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.", "format": "int64", "type": "integer" }, "value": { "description": "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.", "type": "string" } }, "type": "object" }, "type": "array" } }, "type": "object" }, "pullSecret": { "description": "PullSecret is the name of image pull secret.", "properties": { "apiVersion": { "description": "API version of the referent.", "type": "string" }, "fieldPath": { "description": "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.", "type": "string" }, "kind": { "description": "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "name": { "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names", "type": "string" }, "namespace": { "description": "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/", "type": "string" }, "resourceVersion": { "description": "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency", "type": "string" }, "uid": { "description": "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids", "type": "string" } }, "type": "object" }, "registries": { "description": "Registries includes the mirror and source registries. The source registry will be replaced by the Mirror.", "items": { "properties": { "mirror": { "description": "Mirror is the mirrored registry of the Source. Will be ignored if Mirror is empty.", "type": "string" }, "source": { "description": "Source is the source registry. All image registries will be replaced by Mirror if Source is empty.", "type": "string" } }, "required": [ "mirror" ], "type": "object" }, "type": "array" } }, "type": "object" }, "status": { "description": "Status defines the observed state of KlusterletConfig", "type": "object" } }, "type": "object" } }, "served": true, "storage": true, "subresources": { "status": {} } } ] }, "status": { "acceptedNames": { "kind": "", "plural": "" }, "conditions": [], "storedVersions": [] } }
1.23.2.3. Query a single KlusterletConfig
GET /config.open-cluster-management.io/v1alpha1/namespaces/{namespace}/klusterletconfigs/{klusterletconfig_name}
1.23.2.3.1. Description
Query a single KlusterletConfig for more details.
1.23.2.3.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
klusterletconfig_name | Name of the KlusterletConfig that you want to query. | string |
1.23.2.3.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.23.2.3.4. Tags
- config.open-cluster-management.io
1.23.2.4. Delete a KlusterletConfig
DELETE /addon.open-cluster-management.io/v1alpha1/namespaces/{namespace}/klusterletconfigs/{klusterletconfig_name}
1.23.2.4.1. Description
Delete a single klusterletconfig.
1.23.2.4.2. Parameters
Type | Name | Description | Schema |
---|---|---|---|
Header |
COOKIE | Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token. | string |
Path |
klusterletconfig_name | Name of the KlusterletConfig that you want to delete. | string |
1.23.2.4.3. Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Success | No Content |
403 | Access forbidden | No Content |
404 | Resource not found | No Content |
500 | Internal service error | No Content |
503 | Service unavailable | No Content |
1.23.2.4.4. Tags
- config.open-cluster-management.io
1.23.3. Definitions
1.23.3.1. KlusterletConfig
Name | Description | Schema |
---|---|---|
apiVersion | Versioned schema of the KlusterletConfig. | string |
kind | String value that represents the REST resource. | string |
metadata | Metadata of the KlusterletConfig. | object |
spec | Specification of the KlusterletConfig. |
spec
Name | Description | Schema |
---|---|---|
registries | Includes the mirror and source registries. The source registry is replaced by the mirror. | registry |
pullSecret | The name of image pull secret. | object |
nodePlacement | Enables scheduling control of add-on agents on the managed cluster. | |
hubKubeAPIServerProxyConfig | Contains proxy settings for the connections between the klusterlet or add-on agents on the managed cluster and the kube-apiserver on the hub cluster. Empty means no proxy setting is available. |
nodePlacement
Name | Description | Schema |
---|---|---|
nodeSelector |
Define which nodes the pods are scheduled to run on. When the | map[string]string |
tolerations |
Applied to pods and used to schedule pods to any taint that matches the | []corev1.Toleration |
kubeAPIServerProxyConfig
Name | Description | Schema |
---|---|---|
caBundle | A CA certificate bundle to verify the proxy server. The bundle is ignored if only HTTPProxy is set. The bundle is required when HTTPSProxy is set and a self signed CA certificate is used by the proxy server. | map[string]string |
httpProxy | The URL of the proxy for HTTP requests | map[string]string |
httpsProxy | The URL of the proxy for HTTPS requests. HTTPSProxy is chosen if both HTTPProxy and HTTPSProxy are set. | map[string]string |
1.24. Policy compliance history (Technology Preview) (Deprecated)
1.24.1. Overview
The policy compliance history API is an optional technical preview feature if you want long-term storage of Red Hat Advanced Cluster Management for Kubernetes policy compliance events in a queryable format. You can use the API to get additional details such as the spec
field to audit and troubleshoot your policy, and get compliance events when a policy is disabled or removed from a cluster. The policy compliance history API can also generate a comma-separated values (CSV) spreadsheet of policy compliance events to help you with auditing and troubleshooting.
1.24.1.1. Version information
Version : 2.12.0
1.24.2. API Endpoints
1.24.2.1. Listing policy compliance events
/api/v1/compliance-events
This lists all policy compliance events that you have access to by default. The response format is as follows and is sorted by event.timestamp
in descending order by default:
{ "data": [ { "id": 2, "cluster": { "name": "cluster1", "cluster_id": "215ce184-8dee-4cab-b99b-1f8f29dff611" }, "parent_policy": { "id": 3, "name": "configure-custom-app", "namespace": "policies", "catageories": ["CM Configuration Management"], "controls": ["CM-2 Baseline Configuration"], "standards": ["NIST SP 800-53"] }, "policy": { "apiGroup": "policy.open-cluster-management.io", "id": 2, "kind": "ConfigurationPolicy", "name": "configure-custom-app", "namespace": "", // Only shown with `?include_spec` "spec": {} }, "event": { "compliance": "NonCompliant", "message": "configmaps [app-data] not found in namespace default", "timestamp": "2023-07-19T18:25:43.511Z", "metadata": {} } }, { "id": 1, "cluster": { "name": "cluster2", "cluster_id": "415ce234-8dee-4cab-b99b-1f8f29dff461" }, "parent_policy": { "id": 3, "name": "configure-custom-app", "namespace": "policies", "catageories": ["CM Configuration Management"], "controls": ["CM-2 Baseline Configuration"], "standards": ["NIST SP 800-53"] }, "policy": { "apiGroup": "policy.open-cluster-management.io", "id": 4, "kind": "ConfigurationPolicy", "name": "configure-custom-app", "namespace": "", // Only shown with `?include_spec` "spec": {} }, "event": { "compliance": "Compliant", "message": "configmaps [app-data] found as specified in namespace default", "timestamp": "2023-07-19T18:25:41.523Z", "metadata": {} } } ], "metadata": { "page": 1, "pages": 7, "per_page": 20, "total": 123 } }
The following optional query parameters are accepted. Notice that those without descriptions just filter on the field it references. The parameter value null
represents no value. Additionally, multiple values can be specified with commas. For example, ?cluster.name=cluster1,cluster2
for "or" filtering. Commas can be escaped with \
, if necessary.
Query argument | Description |
---|---|
cluster.cluster_id | |
cluster.name | |
direction |
The direction to sort by. This defaults to |
event.compliance | |
event.message_includes | A filter for compliance messages that include the input string. Only a single value is supported. |
event.message_like |
A SQL |
event.reported_by | |
event.timestamp | |
event.timestamp_after |
An RFC 3339 timestamp to indicate only compliance events after this time should be shown. For example, |
event.timestamp_before |
An RFC 3339 timestamp to indicate only compliance events before this time should be shown. For example, |
id | |
include_spec |
A flag to include the |
page |
The page number in the query. This defaults to |
parent_policy.categories | |
parent_policy.controls | |
parent_policy.id | |
parent_policy.name | |
parent_policy.namespace | |
parent_policy.standards | |
per_page |
The number of compliance events returned per page. This defaults to |
policy.apiGroup | |
policy.id | |
policy.kind | |
policy.name | |
policy.namespace | |
policy.severity | |
sort |
The field to sort by. This defaults to |
1.24.2.2. Selecting a single policy compliance event
/api/v1/compliance-events/<id>
You can select a single policy compliance event by specifying its database ID. For example, /api/v1/compliance-events/1
selects the compliance event with the ID of 1. The format of the return value is the following JSON:
{ "id": 1, "cluster": { "name": "cluster2", "cluster_id": "415ce234-8dee-4cab-b99b-1f8f29dff461" }, "parent_policy": { "id": 2, "name": "etcd-encryption", "namespace": "policies", "catageories": ["CM Configuration Management"], "controls": ["CM-2 Baseline Configuration"], "standards": ["NIST SP 800-53"] }, "policy": { "apiGroup": "policy.open-cluster-management.io", "id": 4, "kind": "ConfigurationPolicy", "name": "etcd-encryption", "namespace": "", "spec": {} }, "event": { "compliance": "Compliant", "message": "configmaps [app-data] found as specified in namespace default", "timestamp": "2023-07-19T18:25:41.523Z", "metadata": {} } }
1.24.2.3. Generating a spreadsheet
/api/v1/reports/compliance-events
You can generate a comma separated value (CSV) spreadsheet of compliance events for auditing and troubleshooting. It outputs the same and accepts the same query arguments as the /api/v1/compliance-events
API endpoint. By default there is no per_page
limitation set and there is no maximum for the per_page
query argument. All the CSV headers are the same as the /api/v1/compliance-events
API endpoint with underscores separating JSON objects. For example, the event timestamp has a header of event_timestamp
.
1.24.3. Authentication and Authorization
The policy compliance history API utilizes the OpenShift instance used by the Red Hat Advanced Cluster Management hub cluster for authentication and authorization. You must provide your OpenShift token in the Authorization
header of the HTTPS request.
To find your token, run the following command:
oc whoami --show-token
1.24.3.1. Viewing compliance events
To view the compliance events for a managed cluster, you need access to complete the get
verb
for the ManagedCluster
object on the Red Hat Advanced Cluster Management hub cluster. For example, to view the compliance events of the local-cluster
cluster, you might use the open-cluster-management:view:local-cluster
ClusterRole
or create your own resource as the following example:
apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: local-cluster-view rules: - apiGroups: - cluster.open-cluster-management.io resources: - managedclusters resourceNames: - local-cluster verbs: - get
To verify your access to a particular managed cluster, use the oc auth can-i
command. For example, to check if you have access to the local-cluster
managed cluster, run the following command:
oc auth can-i get managedclusters.cluster.open-cluster-management.io/local-cluster
1.24.3.2. Recording a compliance event
Users or service accounts with patch
verb
access in the policies.policy.open-cluster-management.io/status
resource in the corresponding managed cluster namespace have access to record policy compliance events. The governance-policy-framework
pod on managed clusters utilizes the open-cluster-management-compliance-history-api-recorder
service account in the corresponding managed cluster namespace on the Red Hat Advanced Cluster Management hub cluster to record compliance events. Each service account has the open-cluster-management:compliance-history-api-recorder
ClusterRole
bound to the managed cluster namespace. Restrict user and service account patch
verb access to the policy status
to ensure the trustworthiness of the data stored in the policy compliance history API.