APIs


Red Hat Advanced Cluster Management for Kubernetes 2.12

APIs

Abstract

View a list of APIs that you can use to create and manage application resources, channels, subscriptions, and to query information.

Chapter 1. APIs

You can access APIs to create and manage application resources, channels, subscriptions, and to query information.

User required access: You can only perform actions that your role is assigned. Learn about access requirements from the Role-based access control documentation.

You can also access all APIs from the integrated console. From the local-cluster view, navigate to Home > API Explorer to explore API groups.

For more information, review the API documentation for each of the following resources:

1.1. Clusters API

1.1.1. Overview

This documentation is for the cluster resource for Red Hat Advanced Cluster Management for Kubernetes. Cluster resource has four possible requests: create, query, delete and update. ManagedCluster represents the desired state and current status of a managed cluster. ManagedCluster is a cluster-scoped resource.

1.1.1.1. Version information

Version : 2.12.0

1.1.1.2. URI scheme

BasePath : /kubernetes/apis
Schemes : HTTPS

1.1.1.3. Tags
  • cluster.open-cluster-management.io : Create and manage clusters

1.1.2. Paths

1.1.2.1. Query all clusters
GET /cluster.open-cluster-management.io/v1/managedclusters
1.1.2.1.1. Description

Query your clusters for more details.

1.1.2.1.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

1.1.2.1.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.1.2.1.4. Consumes
  • cluster/yaml
1.1.2.1.5. Tags
  • cluster.open-cluster-management.io
1.1.2.2. Create a cluster
POST /cluster.open-cluster-management.io/v1/managedclusters
1.1.2.2.1. Description

Create a cluster

1.1.2.2.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Body

body
required

Parameters describing the cluster to be created.

Cluster

1.1.2.2.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.1.2.2.4. Consumes
  • cluster/yaml
1.1.2.2.5. Tags
  • cluster.open-cluster-management.io
1.1.2.2.6. Example HTTP request
1.1.2.2.6.1. Request body
{
  "apiVersion" : "cluster.open-cluster-management.io/v1",
  "kind" : "ManagedCluster",
  "metadata" : {
    "labels" : {
      "vendor" : "OpenShift"
    },
    "name" : "cluster1"
  },
  "spec": {
    "hubAcceptsClient": true,
    "managedClusterClientConfigs": [
      {
        "caBundle": "test",
        "url": "https://test.com"
      }
    ]
  },
  "status" : { }
}
1.1.2.3. Query a single cluster
GET /cluster.open-cluster-management.io/v1/managedclusters/{cluster_name}
1.1.2.3.1. Description

Query a single cluster for more details.

1.1.2.3.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

cluster_name
required

Name of the cluster that you want to query.

string

1.1.2.3.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.1.2.3.4. Tags
  • cluster.open-cluster-management.io
1.1.2.4. Delete a cluster
DELETE /cluster.open-cluster-management.io/v1/managedclusters/{cluster_name}
DELETE /hive.openshift.io/v1/{cluster_name}/clusterdeployments/{cluster_name}
1.1.2.4.1. Description

Delete a single cluster

1.1.2.4.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

cluster_name
required

Name of the cluster that you want to delete.

string

1.1.2.4.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.1.2.4.4. Tags
  • cluster.open-cluster-management.io

1.1.3. Definitions

1.1.3.1. Cluster
NameDescriptionSchema

apiVersion
required

The versioned schema of the ManagedCluster.

string

kind
required

String value that represents the REST resource.

string

metadata
required

The metadata of the ManagedCluster.

object

spec
required

The specification of the ManagedCluster.

spec

spec

NameDescriptionSchema

hubAcceptsClient
required

Specifies whether the hub can establish a connection with the klusterlet agent on the managed cluster. The default value is false, and can only be changed to true when you have an RBAC rule configured on the hub cluster that allows you to make updates to the virtual subresource of managedclusters/accept.

bool

managedClusterClientConfigs
optional

Lists the apiserver addresses of the managed cluster.

managedClusterClientConfigs array

leaseDurationSeconds
optional

Specifies the lease update time interval of the klusterlet agents on the managed cluster. By default, the klusterlet agent updates its lease every 60 seconds.

integer (int32)

taints
optional

Prevents a managed cluster from being assigned to one or more managed cluster sets during scheduling.

taint array

managedClusterClientConfigs

NameDescriptionSchema

URL
required

 

string

CABundle
optional

Pattern :

"^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$"

string (byte)

taint

NameDescriptionSchema

key
required

The taint key that is applied to a cluster.

string

value
optional

The taint value that corresponds to the taint key.

string

effect
optional

Effect of the taint on placements that do not tolerate the taint. Valid values are NoSelect, PreferNoSelect, and NoSelectIfNew.

string

1.2. ClusterInstance API

1.2.1. Overview

This documentation is for the ClusterInstance resource for Red Hat Advanced Cluster Management for Kubernetes. The ClusterInstance resource has four possible requests: create, query, delete and update.

1.2.1.1. Version information

Version : 2.12.0

1.2.1.2. URI scheme

BasePath : /kubernetes/apis
Schemes : HTTPS

1.2.1.3. Tags
  • siteconfig.open-cluster-management.io : Create and manage clusters

1.2.2. Paths

1.2.2.1. Query all clusters
GET /siteconfig.open-cluster-management.io/v1alpha1/{clusterinstance_namespace}/{clusterinstance_name}
1.2.2.1.1. Description

Query your clusters for more details.

1.2.2.1.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

clusterinstance_namespace
required

The namespace of the ClusterInstance that you want to query.

string

Path

clusterinstance_name
required

The name of the ClusterInstance that you want to query.

string

1.2.2.1.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.2.2.1.4. Consumes
  • clusterinstance/json
1.2.2.1.5. Tags
  • siteconfig.open-cluster-management.io
1.2.2.2. Create installation manifests
POST /siteconfig.open-cluster-management.io/v1alpha1/<clusterinstance_namespace>/<clusterinstance_name>
1.2.2.2.1. Description

Create installation manifests with the SiteConfig operator for your choice of installation method.

1.2.2.2.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Body

body
required

Parameters describing the installation manifests to be created.

ClusterInstance

Path

clusterinstance_namespace
required

The namespace of the ClusterInstance that you want to use.

string

Path

clusterinstance_name
required

The name of the ClusterInstance that you want to use.

string

1.2.2.2.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.2.2.2.4. Consumes
  • clusterinstance/json
1.2.2.2.5. Tags
  • siteconfig.open-cluster-management.io
1.2.2.2.6. Example HTTP request
1.2.2.2.6.1. Request body
{
    "apiVersion": "siteconfig.open-cluster-management.io/v1alpha1",
    "kind": "ClusterInstance",
    "metadata": {
        "name": "site-sno-du-1",
        "namespace": "site-sno-du-1"
    },
    "spec": {
        "baseDomain": "example.com",
        "pullSecretRef": {
            "name": "pullSecretName"
        },
        "sshPublicKey": "ssh-rsa ",
        "clusterName": "site-sno-du-1",
        "proxy": {
            "noProxys": "foobar"
        },
        "caBundleRef": {
            "name": "my-bundle-ref"
        },
        "extraManifestsRefs": [
            {
                "name": "foobar1"
            },
            {
                "name": "foobar2"
            }
        ],
        "networkType": "OVNKubernetes",
        "installConfigOverrides": "{\"capabilities\":{\"baselineCapabilitySet\": \"None\", \"additionalEnabledCapabilities\": [ \"marketplace\", \"NodeTuning\" ] }}",
        "extraLabels": {
            "ManagedCluster": {
                "group-du-sno": "test",
                "common": "true",
                "sites": "site-sno-du-1"
            }
        },
        "clusterNetwork": [
            {
                "cidr": "203.0.113.0/24",
                "hostPrefix": 23
            }
        ],
        "machineNetwork": [
            {
                "cidr": "203.0.113.0/24"
            }
        ],
        "serviceNetwork": [
            {
                "cidr": "203.0.113.0/24"
            }
        ],
        "additionalNTPSources": [
            "NTP.server1",
            "198.51.100.100"
        ],
        "ignitionConfigOverride": "{\"ignition\": {\"version\": \"3.1.0\"}, \"storage\": {\"files\": [{\"path\": \"/etc/containers/registries.conf\", \"overwrite\": true, \"contents\": {\"source\": \"data:text/plain;base64,foobar==\"}}]}}",
        "diskEncryption": {
            "type": "nbde",
            "tang": [
                {
                    "url": "http://192.0.2.5:7500",
                    "thumbprint": "1234567890"
                }
            ]
        },
        "clusterType": "SNO",
        "templateRefs": [
            {
                "name": "ai-cluster-templates-v1",
                "namespace": "rhacm"
            }
        ],
        "nodes": [
            {
                "hostName": "node1",
                "role": "master",
                "templateRefs": [
                    {
                        "name": "ai-node-templates-v1",
                        "namespace": "rhacm"
                    }
                ],
                "ironicInspect": "",
                "bmcAddress": "idrac-virtualmedia+https://203.0.113.100/redfish/v1/Systems/System.Embedded.1",
                "bmcCredentialsName": {
                    "name": "<bmcCredentials_secre_name>"
                },
                "bootMACAddress": "00:00:5E:00:53:00",
                "bootMode": "UEFI",
                "installerArgs": "[\"--append-karg\", \"nameserver=8.8.8.8\", \"-n\"]",
                "ignitionConfigOverride": "{\"ignition\": {\"version\": \"3.1.0\"}, \"storage\": {\"files\": [{\"path\": \"/etc/containers/registries.conf\", \"overwrite\": true, \"contents\": {\"source\": \"data:text/plain;base64,foobar==\"}}]}}",
                "nodeNetwork": {
                    "interfaces": [
                        {
                            "name": "eno1",
                            "macAddress": "00:00:5E:00:53:01"
                        }
                    ],
                    "config": {
                        "interfaces": [
                            {
                                "name": "eno1",
                                "type": "ethernet",
                                "ipv4": {
                                    "enabled": true,
                                    "dhcp": false,
                                    "address": [
                                        {
                                            "ip": "192.0.2.1",
                                            "prefix-length": 24
                                        }
                                    ]
                                },
                                "ipv6": {
                                    "enabled": true,
                                    "dhcp": false,
                                    "address": [
                                        {
                                            "ip": "2001:0DB8:0:0:0:0:0:1",
                                            "prefix-length": 32
                                        }
                                    ]
                                }
                            }
                        ],
                        "dns-resolver": {
                            "config": {
                                "server": [
                                    "198.51.100.1"
                                ]
                            }
                        },
                        "routes": {
                            "config": [
                                {
                                    "destination": "0.0.0.0/0",
                                    "next-hop-address": "203.0.113.255",
                                    "next-hop-interface": "eno1",
                                    "table-id": 254
                                }
                            ]
                        }
                    }
                }
            }
        ]
    }
}
1.2.2.3. Query a single cluster
GET /siteconfig.open-cluster-management.io/v1alpha1/<clusterinstance_namespace>/<clusterinstance_name>
1.2.2.3.1. Description

Query a single cluster for more details.

1.2.2.3.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

clusterinstance_namespace
required

The namespace of the ClusterInstance that you want to query.

string

Path

clusterinstance_name
required

The name of the ClusterInstance that you want to query.

string

1.2.2.3.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.2.2.3.4. Tags
  • siteconfig.open-cluster-management.io

1.2.3. Definitions

1.2.3.1. ClusterInstance

Important: Certain fields are only relevant to a specific installation flow. Verify which fields are applicable to your choice of installation method by checking the relevant documentation. For Assisted Installer and Image Based Install, see the following documentation:

NameDescriptionSchema

apiVersion
required

The versioned schema of the ClusterInstance.

string

kind
required

String value that represents the REST resource.

string

metadata
required

The metadata of the ClusterInstance.

object

spec
required

The specification of the ClusterInstance.

spec

status
required

The status of the ClusterInstance.

status object

spec

NameDescriptionSchema

additionalNTPSources
optional

Specify the NTP sources that needs to be added to all cluster hosts. They are added to any NTP sources that were configured through other means.

array

baseDomain
required

Specify the base domain used for the deployed cluster.

string

caBundleRef
optional

Reference the ConfigMap object that contains the new bundle of trusted certificates for the host. The tls-ca-bundle.pem entry in the ConfigMap object is written to /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem.

string

clusterName
required

Specify the name of the cluster.

string

clusterNetwork
optional

Specify the list of the IP address pools for pods.

array

clusterType
optional

Specify the cluster type. The following values are supported:

SNO
single-node OpenShift
HighlyAvailable
Multi-node OpenShift

string

cpuPartitioningMode
optional

Determine clusters to be set up for CPU workload partitioning at install time. Configure workload partitioning by setting the value for cpuPartitioningMode to AllNodes. To complete the configuration, specify the isolated and reserved CPUs in the PerformanceProfile CR. The default value is None.

string

diskEncryption
optional

Enable or disable disk encryption for the cluster.

object

extraAnnotations
optional

Specify additional cluster-level annotations to be applied to the rendered templates by using the following format:

extraAnnotations:
  ClusterDeployment:
    myClusterAnnotation: success

object

extraLabels
optional

Specify additional cluster-level labels to be applied to the rendered templates by using the following format:

extraLabels:
  ManagedCluster:
    common: "true"
    label-a : "value-a"

object

extraManifestsRefs
optional

Specify the list of the ConfigMap object references that contain additional manifests to be applied to the cluster.

array

holdInstallation
optional

Set to true to prevent installation when using the Assisted Installer. You can complete the inspection and validation steps, but after the RequirementsMet condition becomes true, the installation does not begin until the holdInstallation field is set to false.

bool

ignitionConfigOverride
optional

Specify the user overrides for the initial Ignition configuration.

string

installConfigOverrides
optional

Define install configuration parameters.

string

machineNetwork
optional

Specify the list of the IP address pools for machines.

array

networkType
optional

Specify the Container Network Interface (CNI) plugin to install. The default value is OpenShiftSDN for IPv4, and OVNKubernetes for IPv6 or single-node OpenShift clusters.

string

platformType
optional

Define the name of the specific platform on which you want to install. The following values are supported:

  • BareMetal
  • VSphere
  • Nutanix
  • External
  • ""
  • None

string

proxy
optional

Define the proxy settings used for the install configuration of the cluster.

object

pruneManifests
optional

Define a list of cluster-level manifests to remove by specifying their apiVersion and Kind values.

array

pullSecretRef
required

Configure the pull-secret file for pulling images. When creating the pull-secret file, use the same namespace as the ClusterInstance CR that provisions the host.

object

serviceNetwork
optional

Specify the list of the IP address pools for services.

array

sshPublicKey
optional

Specify the public Secure Shell (SSH) key to provide access to instances. This key is added to the host to allow SSH access.

string

nodes
required

Specify the configuration parameters for each node.

nodes array

templateRefs
required

Specify the list of the references to cluster-level templates. A cluster-level template consists of a ConfigMap object, in which the keys of the data field represent the kind of the installation manifests. Cluster-level templates are instantiated once per cluster in the ClusterInstance CR.

array

nodes

NameDescriptionSchema

automatedCleaningMode
optional

Set the value to metadata to enable the removal of the disk’s partitioning table only, without fully wiping the disk. The default value is disabled.

string

bmcAddress
required

BMC address that you use to access the host. Applies to all cluster types. For more information about BMC addressing, see BMC addressing in Additional resources. Note: In far edge Telco use cases, only virtual media is supported for use with GitOps ZTP.

string

bmcCredentialsName
required

Configure the bmh-secret CR that you separately create with the host BMC credentials. When creating the bmh-secret CR, use the same namespace as the ClusterInstance CR that provisions the host.

string

bootMACAddress
required

Specify the MAC address that PXE boots. It is required for libvirt VMs driven by virtual BMC.

string

bootMode
optional

Set the boot mode for the host to UEFI. The default value is UEFI. Use UEFISecureBoot to enable secure boot on the host. The following values are supported:

  • UEFI
  • UEFISecureBoot
  • legacy

string

extraAnnotations
optional

Specify additional node-level annotations to be applied to the rendered templates by using the following format:

extraAnnotations:
  BareMetalHost:
    myNodeAnnotation: success

object

extraLabels
optional

Specify additional node-level labels to be applied to the rendered templates.

extraLabels:
  ManagedCluster:
    common: "true"
    label-a : "value-a"

object

hostName
required

Define the host name.

string

installerArgs
optional

Specify the user overrides for the host’s :op-system-first: installer arguments.

string

ignitionConfigOverride
optional

Specify the user overrides for the initial Ignition configuration. Use this field to assign partitions for persistent storage. Adjust disk ID and size to the specific hardware.

string

ironicInspect
optional

Specify if automatic introspection runs during registration of the bare metal host.

string

nodeLabels
optional

Specify custom node labels for your nodes in your managed clusters. These are additional labels that are not used by any Red Hat Advanced Cluster Management components, only by the user. When you add a custom node label, it can be associated with a custom machine config pool that references a specific configuration for that label. Adding custom node labels during installation makes the deployment process more effective and prevents the need for additional reboots after the installation is complete.

Note: When used in the BareMetalHost template, the custom labels are appended to the BareMetalHost annotations with the bmac.agent-install.openshift.io prefix.

object

nodeNetwork
optional

Configure the network settings for nodes that have static networks.

object

pruneManifests
optional

Define a list of node-level manifests to remove by specifying their apiVersion and Kind values.

array

role
optional

Configure the role of the node, such as master or worker.

string

rootDeviceHints
optional

Specify the device for deployment. Identifiers that are stable across reboots are recommended. For example, wwn: <disk_wwn> or deviceName: /dev/disk/by-path/<device_path>. <by-path> values are preferred. For a detailed list of stable identifiers, see "About root device hints". You can also specify the name, model, size, or vendor of the device.

object

templateRefs
required

Specify the list of the references to node-level templates. A node-level template consists of a ConfigMap object, in which the keys of the data field represent the kind of the installation manifests. Node-level templates are instantiated once for each node in the ClusterInstance CR.

array

status

NameDescriptionSchema

conditions
optional

Lists the conditions that pertain to actions performed on the ClusterInstance resource.

conditions array

deploymentConditions
optional

Lists the hive status conditions that are associated with the ClusterDeployment resource.

deploymentConditions array

manifestsRendered
optional

Lists the manifests that have been rendered and their statuses.

array

observedGeneration
optional

Tracks the observed generation of the ClusterInstance object.

integer

conditions

TypeDescription

ClusterInstanceValidated

Indicates that the SiteConfig operator validated the ClusterInstance spec fields and verified that the required artifacts, such as secrets and extra manifest ConfigMaps objects are present.

RenderedTemplates

Indicates that SiteConfig operator successfully validated the referenced Golang cluster templates.

RenderedTemplatesValidated

Indicates that the SiteConfig operator rendered the installation manifests and the dry run was successful.

RenderedTemplatesApplied

Indicates that the SiteConfig operator created the installation manifests and the underlying Operators consumed them.

Provisioned

Indicates that the underlying Operators are provisioning the clusters.

deploymentConditions

TypeDescription

ClusterInstallRequirementsMet

Indicates that the installation can start.

ClusterInstallCompleted

Indicates that the cluster installation was successful.

ClusterInstallFailed

Indicates that the cluster installation failed.

ClusterInstallStopped

Indicates that the cluster installation stopped.

Additional resources

1.3. Clustersets API (v1beta2)

1.3.1. Overview

This documentation is for the ClusterSet resource for Red Hat Advanced Cluster Management for Kubernetes. The ClusterSet resource has four possible requests: create, query, delete, and update. The ManagedClusterSet defines a group of ManagedClusters. You can assign a ManagedCluster to a specific ManagedClusterSet by adding a label with the name cluster.open-cluster-management.io/clusterset on the ManagedCluster that refers to the ManagedClusterSet. You can only add or remove this label on a ManagedCluster when you have an RBAC rule that allows the create permissions on a virtual subresource of managedclustersets/join. You must have this permission on both the source and the target ManagedClusterSets to update this label.

1.3.1.1. Version information

Version : 2.12.0

1.3.1.2. URI scheme

BasePath : /kubernetes/apis
Schemes : HTTPS

1.3.1.3. Tags
  • cluster.open-cluster-management.io : Create and manage Clustersets

1.3.2. Paths

1.3.2.1. Query all clustersets
GET /cluster.open-cluster-management.io/v1beta2/managedclustersets
1.3.2.1.1. Description

Query your Clustersets for more details.

1.3.2.1.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

1.3.2.1.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.3.2.1.4. Consumes
  • clusterset/yaml
1.3.2.1.5. Tags
  • cluster.open-cluster-management.io
1.3.2.2. Create a clusterset
POST /cluster.open-cluster-management.io/v1beta2/managedclustersets
1.3.2.2.1. Description

Create a Clusterset.

1.3.2.2.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Body

body
required

Parameters describing the clusterset to be created.

Clusterset

1.3.2.2.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.3.2.2.4. Consumes
  • clusterset/yaml
1.3.2.2.5. Tags
  • cluster.open-cluster-management.io
1.3.2.2.6. Example HTTP request
1.3.2.2.6.1. Request body
{
  "apiVersion": "cluster.open-cluster-management.io/v1beta2",
  "kind": "ManagedClusterSet",
  "metadata": {
    "name": "clusterset1"
  },
  "spec": {
    "clusterSelector": {
      "selectorType": "ExclusiveClusterSetLabel"
    }
  },
  "status": {}
}
1.3.2.3. Query a single clusterset
GET /cluster.open-cluster-management.io/v1beta2/managedclustersets/{clusterset_name}
1.3.2.3.1. Description

Query a single clusterset for more details.

1.3.2.3.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

clusterset_name
required

Name of the clusterset that you want to query.

string

1.3.2.3.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.3.2.3.4. Tags
  • cluster.open-cluster-management.io
1.3.2.4. Delete a clusterset
DELETE /cluster.open-cluster-management.io/v1beta2/managedclustersets/{clusterset_name}
1.3.2.4.1. Description

Delete a single clusterset.

1.3.2.4.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

clusterset_name
required

Name of the clusterset that you want to delete.

string

1.3.2.4.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.3.2.4.4. Tags
  • cluster.open-cluster-management.io

1.3.3. Definitions

1.3.3.1. Clusterset
NameSchema

apiVersion
required

string

kind
required

string

metadata
required

object

1.4. Clustersetbindings API (v1beta2)

1.4.1. Overview

This documentation is for the ClusterSetBinding resource for Red Hat Advanced Cluster Management for Kubernetes. The ClusterSetBinding resource has four possible requests: create, query, delete, and update. ManagedClusterSetBinding projects a ManagedClusterSet into a certain namespace. You can create a ManagedClusterSetBinding in a namespace and bind it to a ManagedClusterSet if you have an RBAC rule that allows you to create on the virtual subresource of managedclustersets/bind.

1.4.1.1. Version information

Version : 2.12.0

1.4.1.2. URI scheme

BasePath : /kubernetes/apis
Schemes : HTTPS

1.4.1.3. Tags
  • cluster.open-cluster-management.io : Create and manage clustersetbindings

1.4.2. Paths

1.4.2.1. Query all clustersetbindings
GET /cluster.open-cluster-management.io/v1beta2/namespaces/{namespace}/managedclustersetbindings
1.4.2.1.1. Description

Query your clustersetbindings for more details.

1.4.2.1.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

1.4.2.1.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.4.2.1.4. Consumes
  • clustersetbinding/yaml
1.4.2.1.5. Tags
  • cluster.open-cluster-management.io
1.4.2.2. Create a clustersetbinding
POST /cluster.open-cluster-management.io/v1beta2/namespaces/{namespace}/managedclustersetbindings
1.4.2.2.1. Description

Create a clustersetbinding.

1.4.2.2.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

Body

body
required

Parameters describing the clustersetbinding to be created.

Clustersetbinding

1.4.2.2.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.4.2.2.4. Consumes
  • clustersetbinding/yaml
1.4.2.2.5. Tags
  • cluster.open-cluster-management.io
1.4.2.2.6. Example HTTP request
1.4.2.2.6.1. Request body
{
  "apiVersion" : "cluster.open-cluster-management.io/v1beta2",
  "kind" : "ManagedClusterSetBinding",
  "metadata" : {
    "name" : "clusterset1",
    "namespace" : "ns1"
  },
 "spec": {
    "clusterSet": "clusterset1"
  },
  "status" : { }
}
1.4.2.3. Query a single clustersetbinding
GET /cluster.open-cluster-management.io/v1beta2/namespaces/{namespace}/managedclustersetbindings/{clustersetbinding_name}
1.4.2.3.1. Description

Query a single clustersetbinding for more details.

1.4.2.3.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

Path

clustersetbinding_name
required

Name of the clustersetbinding that you want to query.

string

1.4.2.3.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.4.2.3.4. Tags
  • cluster.open-cluster-management.io
1.4.2.4. Delete a clustersetbinding
DELETE /cluster.open-cluster-management.io/v1beta2/managedclustersetbindings/{clustersetbinding_name}
1.4.2.4.1. Description

Delete a single clustersetbinding.

1.4.2.4.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

Path

clustersetbinding_name
required

Name of the clustersetbinding that you want to delete.

string

1.4.2.4.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.4.2.4.4. Tags
  • cluster.open-cluster-management.io

1.4.3. Definitions

1.4.3.1. Clustersetbinding
NameDescriptionSchema

apiVersion
required

Versioned schema of the ManagedClusterSetBinding.

string

kind
required

String value that represents the REST resource.

string

metadata
required

Metadata of the ManagedClusterSetBinding.

object

spec
required

Specification of the ManagedClusterSetBinding.

spec

spec

NameDescriptionSchema

clusterSet
required

Name of the ManagedClusterSet to bind. It must match the instance name of the ManagedClusterSetBinding and cannot change after it is created.

string

1.5. Clusterview API (v1alpha1)

1.5.1. Overview

This documentation is for the clusterview resource for Red Hat Advanced Cluster Management for Kubernetes. The clusterview resource provides a CLI command that enables you to view a list of the managed clusters and managed cluster sets that that you can access. The three possible requests are: list, get, and watch.

1.5.1.1. Version information

Version : 2.12.0

1.5.1.2. URI scheme

BasePath : /kubernetes/apis
Schemes : HTTPS

1.5.1.3. Tags
  • clusterview.open-cluster-management.io : View a list of managed clusters that your ID can access.

1.5.2. Paths

1.5.2.1. Get managed clusters
GET /managedclusters.clusterview.open-cluster-management.io
1.5.2.1.1. Description

View a list of the managed clusters that you can access.

1.5.2.1.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

1.5.2.1.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.5.2.1.4. Consumes
  • managedcluster/yaml
1.5.2.1.5. Tags
  • clusterview.open-cluster-management.io
1.5.2.2. List managed clusters
LIST /managedclusters.clusterview.open-cluster-management.io
1.5.2.2.1. Description

View a list of the managed clusters that you can access.

1.5.2.2.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Body

body
optional

Name of the user ID for which you want to list the managed clusters.

string

1.5.2.2.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.5.2.2.4. Consumes
  • managedcluster/yaml
1.5.2.2.5. Tags
  • clusterview.open-cluster-management.io
1.5.2.2.6. Example HTTP request
1.5.2.2.6.1. Request body
{
  "apiVersion" : "clusterview.open-cluster-management.io/v1alpha1",
  "kind" : "ClusterView",
  "metadata" : {
    "name" : "<user_ID>"
  },
  "spec": { },
  "status" : { }
}
1.5.2.3. Watch the managed cluster sets
WATCH /managedclusters.clusterview.open-cluster-management.io
1.5.2.3.1. Description

Watch the managed clusters that you can access.

1.5.2.3.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

clusterview_name
optional

Name of the user ID that you want to watch.

string

1.5.2.3.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.5.2.4. List the managed cluster sets.
GET /managedclustersets.clusterview.open-cluster-management.io
1.5.2.4.1. Description

List the managed clusters that you can access.

1.5.2.4.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

clusterview_name
optional

Name of the user ID that you want to watch.

string

1.5.2.4.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.5.2.5. List the managed cluster sets.
LIST /managedclustersets.clusterview.open-cluster-management.io
1.5.2.5.1. Description

List the managed clusters that you can access.

1.5.2.5.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

clusterview_name
optional

Name of the user ID that you want to watch.

string

1.5.2.5.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.5.2.6. Watch the managed cluster sets.
WATCH /managedclustersets.clusterview.open-cluster-management.io
1.5.2.6.1. Description

Watch the managed clusters that you can access.

1.5.2.6.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

clusterview_name
optional

Name of the user ID that you want to watch.

string

1.5.2.6.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.6. Channels API

1.6.1. Overview

This documentation is for the Channel resource for Red Hat Advanced Cluster Management for Kubernetes. The Channel resource has four possible requests: create, query, delete and update.

1.6.1.1. Version information

Version : 2.12.0

1.6.1.2. URI scheme

BasePath : /kubernetes/apis
Schemes : HTTPS

1.6.1.3. Tags
  • channels.apps.open-cluster-management.io : Create and manage deployables

1.6.2. Paths

1.6.2.1. Create a channel
POST /apps.open-cluster-management.io/v1/namespaces/{namespace}/channels
1.6.2.1.1. Description

Create a channel.

1.6.2.1.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

Body

body
required

Parameters describing the deployable to be created.

Channel

1.6.2.1.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.6.2.1.4. Consumes
  • application/yaml
1.6.2.1.5. Tags
  • channels.apps.open-cluster-management.io
1.6.2.1.6. Example HTTP request
1.6.2.1.6.1. Request body
{
  "apiVersion": "apps.open-cluster-management.io/v1",
  "kind": "Channel",
  "metadata": {
    "name": "sample-channel",
    "namespace": "default"
  },
  "spec": {
    "configMapRef": {
      "kind": "configmap",
      "name": "bookinfo-resource-filter-configmap"
    },
    "pathname": "https://charts.helm.sh/stable",
    "type": "HelmRepo"
  }
}
1.6.2.2. Query all channels for the target namespace
GET /apps.open-cluster-management.io/v1/namespaces/{namespace}/channels
1.6.2.2.1. Description

Query your channels for more details.

1.6.2.2.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

1.6.2.2.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.6.2.2.4. Consumes
  • application/yaml
1.6.2.2.5. Tags
  • channels.apps.open-cluster-management.io
1.6.2.3. Query a single channels of a namespace
GET /apps.open-cluster-management.io/v1/namespaces/{namespace}/channels/{channel_name}
1.6.2.3.1. Description

Query a single channels for more details.

1.6.2.3.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

channel_name
required

Name of the deployable that you wan to query.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

1.6.2.3.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.6.2.3.4. Tags
  • channels.apps.open-cluster-management.io
1.6.2.4. Delete a Channel
DELETE /apps.open-cluster-management.io/v1/namespaces/{namespace}/channels/{channel_name}
1.6.2.4.1. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

channel_name
required

Name of the Channel that you want to delete.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

1.6.2.4.2. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.6.2.4.3. Tags
  • channels.apps.open-cluster-management.io

1.6.3. Definitions

1.6.3.1. Channel
NameSchema

apiVersion
required

string

kind
required

string

metadata
required

object

spec
required

spec

spec

NameDescriptionSchema

configMapRef
optional

ObjectReference contains enough information to let you inspect or modify the referred object.

configMapRef

gates
optional

ChannelGate defines criteria for promote to channel

gates

pathname
required

 

string

secretRef
optional

ObjectReference contains enough information to let you inspect or modify the referred object.

secretRef

sourceNamespaces
optional

 

enum (Namespace, HelmRepo, ObjectBucket, Git, namespace, helmrepo, objectbucket, github) array

configMapRef

NameDescriptionSchema

apiVersion
optional

API version of the referent.

string

fieldPath
optional

If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.

string

kind
optional

Kind of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/kubernetes-objects/

name
optional

Name of the referent. More info: Names

string

namespace
optional

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

string

resourceVersion
optional

Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency

string

uid
optional

gates

NameDescriptionSchema

annotations
optional

typical annotations of k8s

annotations

labelSelector
optional

A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.

labelSelector

name
optional

 

string

annotations

NameSchema

key
optional

string

value
optional

string

labelSelector

NameDescriptionSchema

matchExpressions
optional

matchExpressions is a list of label selector requirements. The requirements are ANDed.

matchExpressions array

matchLabels
optional

matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

string, string map

matchExpressions

NameDescriptionSchema

key
required

key is the label key that the selector applies to.

string

operator
required

operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

string

values
optional

values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

string array

secretRef

NameDescriptionSchema

apiVersion
optional

API version of the referent.

string

fieldPath
optional

If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.

string

kind
optional

Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

string

name
optional

Name of the referent. More info: Names

string

namespace
optional

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

string

resourceVersion
optional

Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency

string

uid
optional

UID of the referent. More info: UIIDs

string

1.7. Subscriptions API

1.7.1. Overview

This documentation is for the Subscription resource for Red Hat Advanced Cluster Management for Kubernetes. The Subscription resource has four possible requests: create, query, delete and update. Deprecated: PlacementRule

1.7.1.1. Version information

Version : 2.12.0

1.7.1.2. URI scheme

BasePath : /kubernetes/apis
Schemes : HTTPS

1.7.1.3. Tags
  • subscriptions.apps.open-cluster-management.io : Create and manage subscriptions

1.7.2. Paths

1.7.2.1. Create a subscription
POST /apps.open-cluster-management.io/v1/namespaces/{namespace}/subscriptions
1.7.2.1.1. Description

Create a subscription.

1.7.2.1.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

Body

body
required

Parameters describing the subscription to be created.

Subscription

1.7.2.1.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.7.2.1.4. Consumes
  • subscription/yaml
1.7.2.1.5. Tags
  • subscriptions.apps.open-cluster-management.io
1.7.2.1.6. Example HTTP request
1.7.2.1.6.1. Request body
{
  "apiVersion" : "apps.open-cluster-management.io/v1",
  "kind" : "Subscription",
  "metadata" : {
    "name" : "sample_subscription",
    "namespace" : "default",
    "labels" : {
      "app" : "sample_subscription-app"
    },
    "annotations" : {
      "apps.open-cluster-management.io/git-path" : "apps/sample/",
      "apps.open-cluster-management.io/git-branch" : "sample_branch"
    }
  },
  "spec" : {
    "channel" : "channel_namespace/sample_channel",
    "packageOverrides" : [ {
      "packageName" : "my-sample-application",
      "packageAlias" : "the-sample-app",
      "packageOverrides" : [ {
        "path" : "spec",
        "value" : {
          "persistence" : {
            "enabled" : false,
            "useDynamicProvisioning" : false
          },
          "license" : "accept",
          "tls" : {
            "hostname" : "my-mcm-cluster.icp"
          },
          "sso" : {
            "registrationImage" : {
              "pullSecret" : "hub-repo-docker-secret"
            }
          }
        }
      } ]
    } ],
    "placement" : {
      "placementRef" : {
        "kind" : "PlacementRule",
        "name" : "demo-clusters"
      }
    }
  }
}
1.7.2.2. Query all subscriptions
GET /apps.open-cluster-management.io/v1/namespaces/{namespace}/subscriptions
1.7.2.2.1. Description

Query your subscriptions for more details.

1.7.2.2.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

1.7.2.2.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.7.2.2.4. Consumes
  • subscription/yaml
1.7.2.2.5. Tags
  • subscriptions.apps.open-cluster-management.io
1.7.2.3. Query a single subscription
GET /apps.open-cluster-management.io/v1/namespaces/{namespace}/subscriptions/{subscription_name}
1.7.2.3.1. Description

Query a single subscription for more details.

1.7.2.3.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

Path

subscription_name
required

Name of the subscription that you wan to query.

string

1.7.2.3.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.7.2.3.4. Tags
  • subscriptions.apps.open-cluster-management.io
1.7.2.4. Delete a subscription
DELETE /apps.open-cluster-management.io/v1/namespaces/{namespace}/subscriptions/{subscription_name}
1.7.2.4.1. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

Path

subscription_name
required

Name of the subscription that you want to delete.

string

1.7.2.4.2. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.7.2.4.3. Tags
  • subscriptions.apps.open-cluster-management.io

1.7.3. Definitions

1.7.3.1. Subscription
NameSchema

apiVersion
required

string

kind
required

string

metadata
required

metadata

spec
required

spec

status
optional

status

metadata

NameSchema

annotations
optional

object

labels
optional

object

name
optional

string

namespace
optional

string

spec

NameSchema

channel
required

string

name
optional

string

overrides
optional

overrides array

packageFilter
optional

packageFilter

packageOverrides
optional

packageOverrides array

placement
optional

placement

timewindow
optional

timewindow

overrides

NameSchema

clusterName
required

string

clusterOverrides
required

object array

packageFilter

NameDescriptionSchema

annotations
optional

 

string, string map

filterRef
optional

 

filterRef

labelSelector
optional

 

labelSelector

version
optional

Pattern : "()((\\.[0-9])(\\.)|(\\.[0-9])?(\\.[xX]))$"

string

filterRef

NameSchema

name
optional

string

labelSelector

NameSchema

matchExpressions
optional

matchExpressions array

matchLabels
optional

string, string map

matchExpressions

NameSchema

key
required

string

operator
required

string

values
optional

string array

packageOverrides

NameSchema

packageAlias
optional

string

packageName
required

string

packageOverrides
optional

object array

placement

NameSchema

clusterSelector
optional

clusterSelector

clusters
optional

clusters array

local
optional

boolean

placementRef
optional

placementRef

clusterSelector

NameSchema

matchExpressions
optional

matchExpressions array

matchLabels
optional

string, string map

matchExpressions

NameSchema

key
required

string

operator
required

string

values
optional

string array

clusters

NameSchema

name
required

string

placementRef

NameSchema

apiVersion
optional

string

fieldPath
optional

string

kind
optional

string

name
optional

string

namespace
optional

string

resourceVersion
optional

string

uid
optional

string

timewindow

NameSchema

daysofweek
optional

string array

hours
optional

hours array

location
optional

string

windowtype
optional

enum (active, blocked, Active, Blocked)

hours

NameSchema

end
optional

string

start
optional

string

status

NameSchema

lastUpdateTime
optional

string (date-time)

message
optional

string

phase
optional

string

reason
optional

string

statuses
optional

object

1.8. PlacementRules API (deprecated)

1.8.1. Overview

This documentation is for the PlacementRule resource for Red Hat Advanced Cluster Management for Kubernetes. The PlacementRule resource has four possible requests: create, query, delete and update.

1.8.1.1. Version information

Version : 2.12.0

1.8.1.2. URI scheme

BasePath : /kubernetes/apis
Schemes : HTTPS

1.8.1.3. Tags
  • placementrules.apps.open-cluster-management.io : Create and manage placement rules

1.8.2. Paths

1.8.2.1. Create a placement rule
POST /apps.open-cluster-management.io/v1/namespaces/{namespace}/placementrules
1.8.2.1.1. Description

Create a placement rule.

1.8.2.1.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

Body

body
required

Parameters describing the placement rule to be created.

PlacementRule

1.8.2.1.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.8.2.1.4. Consumes
  • application/yaml
1.8.2.1.5. Tags
  • placementrules.apps.open-cluster-management.io
1.8.2.1.6. Example HTTP request
1.8.2.1.6.1. Request body
{
  "apiVersion" : "apps.open-cluster-management.io/v1",
  "kind" : "PlacementRule",
  "metadata" : {
    "name" : "towhichcluster",
    "namespace" : "ns-sub-1"
  },
  "spec" : {
    "clusterConditions" : [ {
      "type": "ManagedClusterConditionAvailable",
      "status": "True"
    } ],
    "clusterSelector" : { }
  }
}
1.8.2.2. Query all placement rules
GET /apps.open-cluster-management.io/v1/namespaces/{namespace}/placementrules
1.8.2.2.1. Description

Query your placement rules for more details.

1.8.2.2.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

1.8.2.2.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.8.2.2.4. Consumes
  • application/yaml
1.8.2.2.5. Tags
  • placementrules.apps.open-cluster-management.io
1.8.2.3. Query a single placementrule
GET /apps.open-cluster-management.io/v1/namespaces/{namespace}/placementrules/{placementrule_name}
1.8.2.3.1. Description

Query a single placement rule for more details.

1.8.2.3.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

Path

placementrule_name
required

Name of the placementrule that you want to query.

string

1.8.2.3.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.8.2.3.4. Tags
  • placementrules.apps.open-cluster-management.io
1.8.2.4. Delete a placementrule
DELETE /apps.open-cluster-management.io/v1/namespaces/{namespace}/placementrules/{placementrule_name}
1.8.2.4.1. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

Path

placementrule_name
required

Name of the placementrule that you want to delete.

string

1.8.2.4.2. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.8.2.4.3. Tags
  • placementrules.apps.open-cluster-management.io

1.8.3. Definitions

1.8.3.1. Placementrule
NameSchema

apiVersion
required

string

kind
required

string

metadata
required

object

spec
required

spec

spec

NameSchema

clusterConditions
optional

clusterConditions array

clusterReplicas
optional

integer

clusterSelector
optional

clusterSelector

clusters
optional

clusters array

policies
optional

policies array

resourceHint
optional

resourceHint

schedulerName
optional

string

clusterConditions

NameSchema

status
optional

string

type
optional

string

clusterSelector

NameSchema

matchExpressions
optional

matchExpressions array

matchLabels
optional

string, string map

matchExpressions

NameSchema

key
optional

string

operator
optional

string

values
optional

string array

clusters

NameSchema

name
optional

string

policies

NameSchema

apiVersion
optional

string

fieldPath
optional

string

kind
optional

string

name
optional

string

namespace
optional

string

resourceVersion
optional

string

uid
optional

string

resourceHint

NameSchema

order
optional

string

type
optional

string

1.9. Applications API

1.9.1. Overview

This documentation is for the Application resource for Red Hat Advanced Cluster Management for Kubernetes. Application resource has four possible requests: create, query, delete and update.

1.9.1.1. Version information

Version : 2.12.0

1.9.1.2. URI scheme

BasePath : /kubernetes/apis
Schemes : HTTPS

1.9.1.3. Tags
  • applications.app.k8s.io : Create and manage applications

1.9.2. Paths

1.9.2.1. Create a application
POST /app.k8s.io/v1beta1/namespaces/{namespace}/applications
1.9.2.1.1. Description

Create a application.

1.9.2.1.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

Body

body
required

Parameters describing the application to be created.

Application

1.9.2.1.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.9.2.1.4. Consumes
  • application/yaml
1.9.2.1.5. Tags
  • applications.app.k8s.io
1.9.2.1.6. Example HTTP request
1.9.2.1.6.1. Request body
{
  "apiVersion" : "app.k8s.io/v1beta1",
  "kind" : "Application",
  "metadata" : {
    "labels" : {
      "app" : "nginx-app-details"
    },
    "name" : "nginx-app-3",
    "namespace" : "ns-sub-1"
  },
  "spec" : {
    "componentKinds" : [ {
      "group" : "apps.open-cluster-management.io",
      "kind" : "Subscription"
    } ]
  },
  "selector" : {
    "matchLabels" : {
      "app" : "nginx-app-details"
    }
  },
  "status" : { }
}
1.9.2.2. Query all applications
GET /app.k8s.io/v1beta1/namespaces/{namespace}/applications
1.9.2.2.1. Description

Query your applications for more details.

1.9.2.2.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

1.9.2.2.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.9.2.2.4. Consumes
  • application/yaml
1.9.2.2.5. Tags
  • applications.app.k8s.io
1.9.2.3. Query a single application
GET /app.k8s.io/v1beta1/namespaces/{namespace}/applications/{application_name}
1.9.2.3.1. Description

Query a single application for more details.

1.9.2.3.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

application_name
required

Name of the application that you wan to query.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

1.9.2.3.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.9.2.3.4. Tags
  • applications.app.k8s.io
1.9.2.4. Delete a application
DELETE /app.k8s.io/v1beta1/namespaces/{namespace}/applications/{application_name}
1.9.2.4.1. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

application_name
required

Name of the application that you want to delete.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

1.9.2.4.2. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.9.2.4.3. Tags
  • applications.app.k8s.io

1.9.3. Definitions

1.9.3.1. Application
NameSchema

apiVersion
required

string

kind
required

string

metadata
required

object

spec
required

spec

spec

NameSchema

assemblyPhase
optional

string

componentKinds
optional

object array

descriptor
optional

descriptor

info
optional

info array

selector
optional

object

descriptor

NameSchema

description
optional

string

icons
optional

icons array

keywords
optional

string array

links
optional

links array

maintainers
optional

maintainers array

notes
optional

string

owners
optional

owners array

type
optional

string

version
optional

string

icons

NameSchema

size
optional

string

src
required

string

type
optional

string

NameSchema

description
optional

string

url
optional

string

maintainers

NameSchema

email
optional

string

name
optional

string

url
optional

string

owners

NameSchema

email
optional

string

name
optional

string

url
optional

string

info

NameSchema

name
optional

string

type
optional

string

value
optional

string

valueFrom
optional

valueFrom

valueFrom

NameSchema

configMapKeyRef
optional

configMapKeyRef

ingressRef
optional

ingressRef

secretKeyRef
optional

secretKeyRef

serviceRef
optional

serviceRef

type
optional

string

configMapKeyRef

NameSchema

apiVersion
optional

string

fieldPath
optional

string

key
optional

string

kind
optional

string

name
optional

string

namespace
optional

string

resourceVersion
optional

string

uid
optional

string

ingressRef

NameSchema

apiVersion
optional

string

fieldPath
optional

string

host
optional

string

kind
optional

string

name
optional

string

namespace
optional

string

path
optional

string

resourceVersion
optional

string

uid
optional

string

secretKeyRef

NameSchema

apiVersion
optional

string

fieldPath
optional

string

key
optional

string

kind
optional

string

name
optional

string

namespace
optional

string

resourceVersion
optional

string

uid
optional

string

serviceRef

NameSchema

apiVersion
optional

string

fieldPath
optional

string

kind
optional

string

name
optional

string

namespace
optional

string

path
optional

string

port
optional

integer (int32)

resourceVersion
optional

string

uid
optional

string

1.10. Helm API

1.10.1. Overview

This documentation is for the HelmRelease resource for Red Hat Advanced Cluster Management for Kubernetes. The HelmRelease resource has four possible requests: create, query, delete and update.

1.10.1.1. Version information

Version : 2.12.0

1.10.1.2. URI scheme

BasePath : /kubernetes/apis
Schemes : HTTPS

1.10.1.3. Tags
  • helmreleases.apps.open-cluster-management.io : Create and manage helmreleases

1.10.2. Paths

1.10.2.1. Create a helmrelease
POST /apps.open-cluster-management.io/v1/namespaces/{namespace}/helmreleases
1.10.2.1.1. Description

Create a helmrelease.

1.10.2.1.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

Body

body
required

Parameters describing the helmrelease to be created.

HelmRelease

1.10.2.1.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.10.2.1.4. Consumes
  • application/yaml
1.10.2.1.5. Tags
  • helmreleases.apps.open-cluster-management.io
1.10.2.1.6. Example HTTP request
1.10.2.1.6.1. Request body
{
  "apiVersion" : "apps.open-cluster-management.io/v1",
  "kind" : "HelmRelease",
  "metadata" : {
    "name" : "nginx-ingress",
    "namespace" : "default"
  },
  "repo" : {
    "chartName" : "nginx-ingress",
    "source" : {
      "helmRepo" : {
        "urls" : [ "https://kubernetes-charts.storage.googleapis.com/nginx-ingress-1.26.0.tgz" ]
      },
      "type" : "helmrepo"
    },
    "version" : "1.26.0"
  },
  "spec" : {
    "defaultBackend" : {
      "replicaCount" : 3
    }
  }
}
1.10.2.2. Query all helmreleases
GET /apps.open-cluster-management.io/v1/namespaces/{namespace}/helmreleases
1.10.2.2.1. Description

Query your helmreleases for more details.

1.10.2.2.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

1.10.2.2.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.10.2.2.4. Consumes
  • application/yaml
1.10.2.2.5. Tags
  • helmreleases.apps.open-cluster-management.io
1.10.2.3. Query a single helmrelease
GET /apps.open-cluster-management.io/v1/namespaces/{namespace}/helmreleases/{helmrelease_name}
1.10.2.3.1. Description

Query a single helmrelease for more details.

1.10.2.3.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

helmrelease_name
required

Name of the helmrelease that you wan to query.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

1.10.2.3.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.10.2.3.4. Tags
  • helmreleases.apps.open-cluster-management.io
1.10.2.4. Delete a helmrelease
DELETE /apps.open-cluster-management.io/v1/namespaces/{namespace}/helmreleases/{helmrelease_name}
1.10.2.4.1. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

helmrelease_name
required

Name of the helmrelease that you want to delete.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

1.10.2.4.2. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.10.2.4.3. Tags
  • helmreleases.apps.open-cluster-management.io

1.10.3. Definitions

1.10.3.1. HelmRelease
NameSchema

apiVersion
required

string

kind
required

string

metadata
required

object

repo
required

repo

spec
required

object

status
required

status

repo

NameSchema

chartName
optional

string

configMapRef
optional

configMapRef

secretRef
optional

secretRef

source
optional

source

version
optional

string

configMapRef

NameSchema

apiVersion
optional

string

fieldPath
optional

string

kind
optional

string

name
optional

string

namespace
optional

string

resourceVersion
optional

string

uid
optional

string

secretRef

NameSchema

apiVersion
optional

string

fieldPath
optional

string

kind
optional

string

name
optional

string

namespace
optional

string

resourceVersion
optional

string

uid
optional

string

source

NameSchema

github
optional

github

helmRepo
optional

helmRepo

type
optional

string

github

NameSchema

branch
optional

string

chartPath
optional

string

urls
optional

string array

helmRepo

NameSchema

urls
optional

string array

status

NameSchema

conditions
required

conditions array

deployedRelease
optional

deployedRelease

conditions

NameSchema

lastTransitionTime
optional

string (date-time)

message
optional

string

reason
optional

string

status
required

string

type
required

string

deployedRelease

NameSchema

manifest
optional

string

name
optional

string

1.11. Policy API

1.11.1. Overview

This documentation is for the Policy resource for Red Hat Advanced Cluster Management for Kubernetes. The Policy resource has four possible requests: create, query, delete and update.

1.11.1.1. Version information

Version : 2.12.0

1.11.1.2. URI scheme

BasePath : /kubernetes/apis
Schemes : HTTPS

1.11.1.3. Tags
  • policy.open-cluster-management.io/v1 : Create and manage policies

1.11.2. Paths

1.11.2.1. Create a policy
POST /policy.open-cluster-management.io/v1/v1alpha1/namespaces/{namespace}/policies/{policy_name}
1.11.2.1.1. Description

Create a policy.

1.11.2.1.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

Body

body
required

Parameters describing the policy to be created.

Policy

1.11.2.1.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.11.2.1.4. Consumes
  • application/json
1.11.2.1.5. Tags
  • policy.open-cluster-management.io
1.11.2.1.6. Example HTTP request
1.11.2.1.6.1. Request body
{
  "apiVersion": "policy.open-cluster-management.io/v1",
  "kind": "Policy",
  "metadata": {
    "name": "test-policy-swagger",
    "description": "Example body for Policy API Swagger docs"
  },
  "spec": {
    "remediationAction": "enforce",
    "customMessage": {
      "compliant": [],
      "noncompliant": []
    },
    "namespaces": {
      "include": [
        "default"
      ],
      "exclude": [
        "kube*"
      ]
    },
    "policy-templates": {
    "kind": "ConfigurationPolicy",
    "apiVersion": "policy.open-cluster-management.io/v1",
    "complianceType": "musthave",
    "metadataComplianceType": "musthave",
    "metadata": {
      "namespace": null,
      "name": "test-role"
    },
    "selector": {
      "matchLabels": {
        "cloud": "IBM"
      }
    },
    "spec" : {
      "object-templates": {
        "complianceType": "musthave",
        "metadataComplianceType": "musthave",
        "objectDefinition": {
          "apiVersion": "rbac.authorization.k8s.io/v1",
          "kind": "Role",
          "metadata": {
            "name": "role-policy",
          },
          "rules": [
            {
              "apiGroups": [
                "extensions",
                "apps"
              ],
              "resources": [
                "deployments"
              ],
              "verbs": [
                "get",
                "list",
                "watch",
                "delete"
              ]
            },
            {
              "apiGroups": [
                "core"
              ],
              "resources": [
                "pods"
              ],
              "verbs": [
                "create",
                "update",
                "patch"
              ]
            },
            {
              "apiGroups": [
                "core"
              ],
              "resources": [
                "secrets"
              ],
              "verbs": [
                "get",
                "watch",
                "list",
                "create",
                "delete",
                "update",
                "patch"
              ],
            },
          ],
        },
      },
    },
  },
1.11.2.2. Query all policies
GET /policy.open-cluster-management.io/v1/namespaces/{namespace}/policies/{policy_name}
1.11.2.2.1. Description

Query your policies for more details.

1.11.2.2.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

namespace
required

Namespace that you want to apply the policy to, for example, default.

string

1.11.2.2.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.11.2.2.4. Consumes
  • application/json
1.11.2.2.5. Tags
  • policy.open-cluster-management.io
1.11.2.3. Query a single policy
GET /policy.open-cluster-management.io/v1/namespaces/{namespace}/policies/{policy_name}
1.11.2.3.1. Description

Query a single policy for more details.

1.11.2.3.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

policy_name
required

Name of the policy that you want to query.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

1.11.2.3.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.11.2.3.4. Tags
  • policy.open-cluster-management.io
1.11.2.4. Delete a policy
DELETE /policy.open-cluster-management.io/v1/namespaces/{namespace}/policies/{policy_name}
1.11.2.4.1. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

policy_name
required

Name of the policy that you want to delete.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

1.11.2.4.2. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.11.2.4.3. Tags
  • policy.open-cluster-management.io

1.11.3. Definitions

1.11.3.1. Policy
NameDescriptionSchema

apiVersion
required

The versioned schema of Policy.

string

kind
required

String value that represents the REST resource.

string

metadata
required

Describes rules that define the policy.

object

spec

NameDescriptionSchema

remediationAction
optional

Value that represents how violations are handled as defined in the resource.

string

customMessage
optional

Parameter field where you can configure custom messages from your configuration policies, based on the compliance status. You can use the default message from the .DefaultMessage parameter and .Policy object variable of the current state of the policy from the configuration policy controller. The state of each related object is available at the .Policy.status.relatedObjects[*].object parameter section of the configuration policy controller. If you set an evaluationInterval, only identifiable information is available.

string

namespaceSelector
required

Value that represents which namespaces the policy is applied.

string

policy-templates

NameDescriptionSchema

apiVersion
required

The versioned schema of Policy.

string

kind
optional

String value that represents the REST resource.

string

metadata
required

Describes rules that define the policy.

object

complianceType

Used to list expected behavior for roles and other Kubernetes object that must be evaluated or applied to the managed clusters.

string

metadataComplianceType
optional

Provides a way for users to process labels and annotations of an object differently than the other fields. The parameter value defaults to the same value of the ComplianceType parameter.

string

clusterConditions
optional

Section to define labels.

string

rules
optional

 

string

clusterConditions

NameDescriptionSchema

matchLabels
optional

The label that is required for the policy to be applied to a namespace.

object

cloud
optional

The label that is required for the policy to be applied to a cloud provider.

string

rules

NameDescriptionSchema

apiGroups
required

List of APIs that the rule applies to.

string

resources
required

A list of resource types.

object

verbs
required

A list of verbs.

string

1.12. Observability API

1.12.1. Overview

This documentation is for the MultiClusterObservability resource for Red Hat Advanced Cluster Management for Kubernetes. The MultiClusterObservability resource has four possible requests: create, query, delete and update.

1.12.1.1. Version information

Version : 2.12.0

1.12.1.2. URI scheme

BasePath : /kubernetes/apis
Schemes : HTTPS

1.12.1.3. Tags
  • observability.open-cluster-management.io : Create and manage multiclusterobservabilities

1.12.2. Paths

1.12.2.1. Create a multiclusterobservability resource
POST /apis/observability.open-cluster-management.io/v1beta2/multiclusterobservabilities
1.12.2.1.1. Description

Create a MultiClusterObservability resource.

1.12.2.1.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Body

body
required

Parameters describing the MultiClusterObservability resource to be created.

MultiClusterObservability

1.12.2.1.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.12.2.1.4. Consumes
  • application/yaml
1.12.2.1.5. Tags
  • observability.apps.open-cluster-management.io
1.12.2.1.6. Example HTTP request
1.12.2.1.6.1. Request body
{
  "apiVersion": "observability.open-cluster-management.io/v1beta2",
  "kind": "MultiClusterObservability",
  "metadata": {
    "name": "example"
  },
  "spec": {
    "observabilityAddonSpec": {}
    "storageConfig": {
      "metricObjectStorage": {
        "name": "thanos-object-storage",
        "key": "thanos.yaml"
      "writeStorage": {
        - "key": " ",
          "name" : " "
        - "key": " ",
          "name" : " "
         }
       }
   }
}
1.12.2.2. Query all multiclusterobservabilities
GET /apis/observability.open-cluster-management.io/v1beta2/multiclusterobservabilities
1.12.2.2.1. Description

Query your MultiClusterObservability resources for more details.

1.12.2.2.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

1.12.2.2.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.12.2.2.4. Consumes
  • application/yaml
1.12.2.2.5. Tags
  • observability.apps.open-cluster-management.io
1.12.2.3. Query a single multiclusterobservability
GET /apis/observability.open-cluster-management.io/v1beta2/multiclusterobservabilities/{multiclusterobservability_name}
1.12.2.3.1. Description

Query a single MultiClusterObservability resource for more details.

1.12.2.3.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

multiclusterobservability_name
required

Name of the multiclusterobservability that you want to query.

string

1.12.2.3.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.12.2.3.4. Tags
  • observability.apps.open-cluster-management.io
1.12.2.4. Delete a multiclusterobservability resource
DELETE /apis/observability.open-cluster-management.io/v1beta2/multiclusterobservabilities/{multiclusterobservability_name}
1.12.2.4.1. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

multiclusterobservability_name
required

Name of the multiclusterobservability that you want to delete.

string

1.12.2.4.2. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.12.2.4.3. Tags
  • observability.apps.open-cluster-management.io

1.12.3. Definitions

1.12.3.1. MultiClusterObservability
NameDescriptionSchema

apiVersion
required

The versioned schema of the MultiClusterObservability.

string

kind
required

String value that represents the REST resource, MultiClusterObservability.

string

metadata
required

Describes rules that define the policy.

object

spec

NameDescriptionSchema

enableDownsampling
optional

Enable or disable the downsample. Default value is true. If there is no downsample data, the query is unavailable.

boolean

imagePullPolicy
optional

Pull policy for the MultiClusterObservability images. The default value is Always.

corev1.PullPolicy

imagePullSecret
optional

Pull secret for the MultiClusterObservability images. The default value is multiclusterhub-operator-pull-secret

string

nodeSelector
optional

Specification of the node selector.

map[string]string

observabilityAddonSpec
required

The global settings for all managed clusters, which have the observability add-on installed.

observabilityAddonSpec

storageConfig
required

Specifies the storage configuration to be used by observability.

StorageConfig

tolerations
optional

Provided the ability for all components to tolerate any taints.

[]corev1.Toleration

advanced
optional

The advanced configuration settings for observability.

advanced

resources
optional

Compute resources required by MultiClusterObservability.

corev1.ResourceRequirements

replicas
optional

Replicas for MultiClusterObservability.

integer

storageConfig

NameDescriptionSchema

alertmanagerStorageSize
optional

The amount of storage applied to the alertmanager stateful sets. Default value is 1Gi.

string

compactStorageSize
optional

The amount of storage applied to the thanos compact stateful sets. Default value is 100Gi.

string

metricObjectStorage
required

Object store to configure secrets for metrics.

metricObjectStorage

receiveStorageSize
optional

The amount of storage applied to thanos receive stateful sets. Default value is 100Gi.

string

ruleStorageSize
optional

The amount of storage applied to thanos rule stateful sets. Default value is 1Gi.

string

storageClass
optional

Specify the storageClass stateful sets. This storage is used for the object storage if metricObjectStorage is configured for your operating system to create storage. Default value is gp2.

string

storeStorageSize
optional

The amount of storage applied to thanos store stateful sets. Default value is 10Gi.

string

writeStorage
optional

A list of endpoint access information.

[ ]WriteStorage

writeStorage

NameDescriptionSchema

name
required

The name of the secret with endpoint access information.

string

key
required

The key of the secret to select from.

string

metricObjectStorage

NameDescriptionSchema

key
required

The key of the secret to select from. Must be a valid secret key. See Thanos documentation.

string

name
required

Name of the metricObjectStorage. See Kubernetes Names for more information.

string

observabilityAddonSpec

NameDescriptionSchema

enableMetrics
optional

Indicates if the observability add-on sends metrics to the hub cluster. Default value is true.

boolean

interval
optional

Interval for when the observability add-on sends metrics to the hub cluster. Default value is 300 seconds (300s).

integer

resources
optional

Resource for the metrics collector resource requirement. The default CPU request is 100m, memory request is 100Mi.

corev1.ResourceRequirements

advanced

NameDescriptionSchema

retentionConfig
optional

Specifies the data retention configuration to be used by observability.

RetentionConfig

rbacQueryProxy
optional

Specifies the replicas and resources for the rbac-query-proxy deployment.

CommonSpec

grafana
optional

Specifies the replicas and resources for the grafana deployment

CommonSpec

alertmanager
optional

Specifies the replicas and resources for alertmanager statefulset.

CommonSpec

observatoriumAPI
optional

Specifies the replicas and resources for the observatorium-api deployment.

CommonSpec

queryFrontend
optional

Specifies the replicas and resources for the query-frontend deployment.

CommonSpec

query
optional

Specifies the replicas and resources for the query deployment.

CommonSpec

receive
optional

Specifies the replicas and resources for the receive statefulset.

CommonSpec

rule
optional

Specifies the replicas and resources for rule statefulset.

CommonSpec

store
optional

Specifies the replicas and resources for the store statefulset.

CommonSpec

CompactSpec
optional

Specifies the resources for compact statefulset.

compact

storeMemcached
optional

Specifies the replicas, resources, etc. for store-memcached.

storeMemcached

queryFrontendMemcached
optional

Specifies the replicas, resources, etc for query-frontend-memcached.

CacheConfig

retentionConfig

NameDescriptionSchema

blockDuration
optional

The amount of time to block the duration for Time Series Database (TSDB) block. Default value is 2h.

string

deleteDelay
optional

The amount of time until a block marked for deletion is deleted from a bucket. Default value is 48h.

string

retentionInLocal
optional

The amount of time to retain raw samples from the local storage. Default value is 24h.

string

retentionResolutionRaw
optional

The amount of time to retain raw samples of resolution in a bucket. Default value is 365 days (365d)

string

retentionResolution5m
optional

The amount of time to retain samples of resolution 1 (5 minutes) in a bucket. Default value is 365 days (365d).

string

retentionResolution1h
optional

The amount of time to retain samples of resolution 2 (1 hour) in a bucket. Default value is 365 days (365d).

string

CompactSpec

NameDescriptionSchema

resources
optional

Compute resources required by thanos compact.

corev1.ResourceRequirements

serviceAccountAnnotations
optional

Annotations is an unstructured key value map stored with the compact service account.

map[string]string

storeMemcached

NameDescriptionSchema

resources
optional

Compute resources required by MultiCLusterObservability.

corev1.ResourceRequirements

replicas
optional

Replicas for MultiClusterObservability.

integer

memoryLimitMb
optional

Memory limit of Memcached in megabytes.

integer

maxItemSize
optional

Max item size of Memcached. The default value is 1m, min:1k, max:1024m.

string

connectionLimit
optional

Max simultaneous connections of Memcached. The default value is

integer

status

NameDescriptionSchema

status
optional

Status contains the different condition statuses for MultiClusterObservability.

metav1.Condition

CommonSpec

NameDescriptionSchema

resources
optional

Compute resources required by the component.

corev1.ResourceRequirements

replicas
optional

Replicas for the component.

integer

QuerySpec

Name

Description

Schema

CommonSpec
optional

Specifies the replicas and resources for the query deployment.

CommonSpec

serviceAccountAnnotations
optional

Annotations is an unstructured key value map stored with the query service account.

map[string]string

ReceiveSpec

Name

Description

Schema

CommonSpec
optional

Specifies the replicas and resources for the query deployment.

CommonSpec

serviceAccountAnnotations
optional

Annotations is an unstructured key value map stored with the query service account.

map[string]string

StoreSpec

Name

Description

Schema

CommonSpec
optional

Specifies the replicas and resources for the query deployment.

CommonSpec

serviceAccountAnnotations
optional

Annotations is an unstructured key value map stored with the query service account.

map[string]string

RuleSpec

Name

Description

Schema

CommonSpec
optional

Specifies the replicas and resources for the query deployment.

CommonSpec

evalInterval
optional

Specifies the evaluation interval for the rules.

string

serviceAccountAnnotations
optional

Annotations is an unstructured key value map stored with the query service account.

map[string]string

1.13. Search query API

The search query API is not a Kubernetes API, therefore is not displayed through the Red Hat OpenShift Container Platform API Explorer. Continue reading to understand the search query API capabilities.

1.13.1. Overview

You can expose the search query API with a route and use the API to resolve search queries. The API is a GraphQL endpoint. You can use any client such as curl or Postman.

1.13.1.1. Version information

Version : 2.10.0

1.13.1.2. URI scheme

BasePath : /searchapi/graphql
Schemes : HTTPS

1.13.1.3. Configure API access

Create a route to access the Search API external from your cluster with the following command:

oc create route passthrough search-api --service=search-search-api -n open-cluster-management

Important: You must configure your route to secure your environment. See Route configuration in the OpenShift Container Platform documentation for more details.

1.13.2. Schema design

input SearchFilter {
  property: String!
  values: [String]!
}
input SearchInput {
  keywords: [String]
  filters: [SearchFilter]
  limit: Int
  relatedKinds: [String]
}
type SearchResult {
count: Int
items: [Map]
related: [SearchRelatedResult]
}
type SearchRelatedResult {
kind: String!
count: Int
items: [Map]
}

Parameters with ! indicates that the field is required.

1.13.2.1. Description table of query inputs
TypeDescriptionProperty

SearchFilter

Defines a key and value to filter results. When you provide many values for a property, the API interpret the values as an "OR" operation. When you provide many filters, results match all filters and the API interprets as an "AND" operation.

string

SearchInput

Enter key words to receive a list of resources. When you provide many keywords, the API interprets it as an "AND" operation.

String

limit

Determine the maximum number of results returned after you enter the query. The default value is 10,000. A value of -1 means that the limit is removed.

Integer

1.13.2.2. Schema example
{
  "query": "type SearchResult {count: Intitems: [Map]related: [SearchRelatedResult]} type SearchRelatedResult {kind: String!count: Intitems: [Map]}",
  "variables": {
    "input": [
      {
        "keywords": [],
        "filters": [
          {
            "property": "kind",
            "values": [
              "Deployment"
            ]
          }
        ],
        "limit": 10
      }
    ]
  }
}

1.13.3. Generic schema

type Query {
  search(input: [SearchInput]): [SearchResult]
  searchComplete(property: String!, query: SearchInput, limit: Int): [String]
  searchSchema: Map
  messages: [Message]
}

1.13.4. Supported queries

Continue reading to see the query types that are supported in JSON format.

1.13.4.1. Search for deployments

Query:

query mySearch($input: [SearchInput]) {
    search(input: $input) {
    		items
        }
}

Variables:

{"input":[
    {
        "keywords":[],
        "filters":[
            {"property":"kind","values":["Deployment"]}],
        "limit":10
    }
]}
1.13.4.2. Search for pods

Query:

query mySearch($input: [SearchInput]) {
    search(input: $input) {
    		items
        }
}

Variables:

{"input":[
    {
        "keywords":[],
        "filters":[
            {"property":"kind","values":["Pod"]}],
        "limit":10
    }
]}

1.14. MultiClusterHub API

1.14.1. Overview

This documentation is for the MultiClusterHub resource for Red Hat Advanced Cluster Management for Kubernetes. MultiClusterHub resource has four possible requests: create, query, delete and update.

1.14.1.1. Version information

Version : 2.12.0

1.14.1.2. URI scheme

BasePath : /kubernetes/apis
Schemes : HTTPS

1.14.1.3. Tags
  • multiclusterhubs.operator.open-cluster-management.io : Create and manage multicluster hub operators

1.14.2. Paths

1.14.2.1. Create a MultiClusterHub resource
POST /operator.open-cluster-management.io/v1beta1/namespaces/{namespace}/mch
1.14.2.1.1. Description

Create a MultiClusterHub resource to define the configuration for an instance of the multicluster hub.

1.14.2.1.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

Body

body
required

Parameters describing the multicluster hub to be created.

Definitions

1.14.2.1.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.14.2.1.4. Consumes
  • multiclusterhubs/yaml
1.14.2.1.5. Tags
  • multiclusterhubs.operator.open-cluster-management.io
1.14.2.1.6. Example HTTP request
1.14.2.1.6.1. Request body
{
  "apiVersion": "apiextensions.k8s.io/v1",
  "kind": "CustomResourceDefinition",
  "metadata": {
    "name": "multiclusterhubs.operator.open-cluster-management.io"
    },
  "spec": {
    "group": "operator.open-cluster-management.io",
    "names": {
      "kind": "MultiClusterHub",
      "listKind": "MultiClusterHubList",
      "plural": "multiclusterhubs",
      "shortNames": [
          "mch"
	  ],
     "singular": "multiclusterhub"
     },
    "scope": "Namespaced",
    "versions": [
        {
	    "additionalPrinterColumns": [
                {
		   "description": "The overall status of the multicluster hub.",
                   "jsonPath": ".status.phase",
                   "name": "Status",
                   "type": "string"
		   },
               {
	           "jsonPath": ".metadata.creationTimestamp",
                   "name": "Age",
                   "type": "date"
		   }
            ],
            "name": "v1",
            "schema": {
                "openAPIV3Schema": {
                    "description": "MultiClusterHub defines the configuration for an instance of
          the multiCluster hub, a central point for managing multiple Kubernetes-based
          clusters. The deployment of multicluster hub components is determined based
          on the configuration that is defined in this resource.",
        "properties": {
            "apiVersion": {
                "description": "APIVersion defines the versioned schema of this representation
              of an object. Servers should convert recognized schemas to the latest
              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources",
                "type": "string"
            },
            "kind": {
                "description": "Kind is a string value representing the REST resource this
              object represents. Servers may infer this from the endpoint the client
              submits requests to. Cannot be updated. The value is in CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds",
                "type": "string"
            },
            "metadata": {
                "type": "object"
            },
            "spec": {
                "description": "MultiClusterHubSpec defines the desired state of MultiClusterHub.",
                "properties": {
                    "availabilityConfig": {
                        "description": "Specifies deployment replication for improved availability.
                  Options are: Basic and High (default).",
                        "type": "string"
                },
                "customCAConfigmap": {
                    "description": "Provide the customized OpenShift default ingress CA certificate
                  to Red Hat Advanced Cluster Management.",
                  }
                    "type": "string"
                },
        "disableHubSelfManagement": {
                    "description": "Disable automatic import of the hub cluster as a managed
                  cluster.",
                    "type": "boolean"
                },
        "disableUpdateClusterImageSets": {
                    "description": "Disable automatic update of ClusterImageSets.",
                    "type": "boolean"
                },
                "hive": {
                    "description": "(Deprecated) Overrides for the default HiveConfig specification.",
                    "properties": {
        "additionalCertificateAuthorities": {
        "description": "(Deprecated) AdditionalCertificateAuthorities is
                      a list of references to secrets in the 'hive' namespace that
                      contain an additional Certificate Authority to use when communicating
                      with target clusters. These certificate authorities are
                      used in addition to any self-signed CA generated by each cluster
                      on installation.",
                           "items": {
                    "description": "LocalObjectReference contains the information
                        to let you locate the referenced object inside the same namespace.",
                    "properties": {
                    "name": {
                        "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
                        "type": "string"
                     }
		             },
                    "type": "object"
                      },
                           "type": "array"
                    },
                       "backup": {
                    "description": "(Deprecated) Backup specifies configuration for backup
                      integration. If absent, backup integration is disabled.",
                    "properties": {
                    "minBackupPeriodSeconds": {
                    "description": "(Deprecated) MinBackupPeriodSeconds specifies
                          that a minimum of MinBackupPeriodSeconds occurs in between
                          each backup. This is used to rate limit backups. This potentially
                          batches together multiple changes into one backup. No backups
                          are lost for changes that happen during the interval
                          that is queued up, and results in a backup once
                          the interval has been completed.",
                    "type": "integer"
                        },
                    "velero": {
                    "description": "(Deprecated) Velero specifies configuration for the Velero backup integration.",
		    "properties": {
			"enabled": {
			    "description": "(Deprecated) Enabled dictates if the Velero backup integration is enabled. If not specified, the default is disabled.",
			    "type": "boolean"
			}
		   },
		    "type": "object"
				        }
				  },
				        "type": "object"
				     },
		    "externalDNS": {
		    "description": "(Deprecated) ExternalDNS specifies configuration for external-dns if it is to be deployed by Hive. If absent, external-dns is not deployed.",
		    "properties": {
		    "aws": {
		    "description": "(Deprecated) AWS contains AWS-specific settings for external DNS.",
		    "properties": {
		        "credentials": {
			    "description": "(Deprecated) Credentials reference a secret that is used to authenticate with AWS Route53. It needs permission to manage entries in each of the managed domains for this cluster. Secret should have AWS keys named 'aws_access_key_id' and 'aws_secret_access_key'.",
			    "properties": {
				"name": {
																		            "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
																		                             "type": "string"
						    }
					},
			    "type": "object"
			}
		},
		   "type": "object"
					},
		   "gcp": {
		   "description": "(Deprecated) GCP contains Google Cloud Platform specific settings for external DNS.",
		   "properties": {
		       "credentials": {
			   "description": "(Deprecated) Credentials reference a secret that is used to authenticate with GCP DNS. It needs permission to manage entries in each of the managed domains for this cluster. Secret should have a key names 'osServiceAccount.json'. The credentials must specify the project to use.",
			   "properties": {
			       "name": {
		   "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
				   "type": "string"
							}
						},
			   "type": "object"
			}
		},
		"type": "object"
					}
				},
				      "type": "object"
					},
		"failedProvisionConfig": {
		"description": "(Deprecated) FailedProvisionConfig is used to configure settings related to handling provision failures.",
		"properties": {
		"skipGatherLogs": {
		"description": "(Deprecated) SkipGatherLogs disables functionality that attempts to gather full logs from the cluster if an installation fails for any reason. The logs are stored in a persistent volume for up to seven days.",
	        "type": "boolean"
				   }
				},
				  "type": "object"
				  },
		"globalPullSecret": {
		"description": "(Deprecated) GlobalPullSecret is used to specify a pull secret that is used globally by all of the cluster deployments. For each cluster deployment, the contents of GlobalPullSecret are merged with the specific pull secret for a cluster deployment(if specified), with precedence given to the contents of the pull secret for the cluster deployment.",
		"properties": {
		"name": {
		"description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
		"type": "string"
			                }
				},
				  "type": "object"
							},
		"maintenanceMode": {
	        "description": "(Deprecated) MaintenanceMode can be set to true to disable the Hive controllers in situations where you need to ensure nothing is running that adds or act upon finalizers on Hive types. This should rarely be needed. Sets replicas to zero for the 'hive-controllers' deployment to accomplish this.",
				  "type": "boolean"
							}
						},
			  "required": [
				         "failedProvisionConfig"
						     ],
			  "type": "object"
						 },
		"imagePullSecret": {
		    "description": "Override pull secret for accessing MultiClusterHub operand and endpoint images.",
		    "type": "string"
					},
		"ingress": {
		    "description": "Configuration options for ingress management.",
		    "properties": {
			"sslCiphers": {
	"description": "List of SSL ciphers enabled for management ingress. Defaults to full list of supported ciphers.",
			    "items": {
		    "type": "string"
					},
			    "type": "array"
						}
					},
			       "type": "object"
						},
			   "nodeSelector": {
		   "additionalProperties": {
				   "type": "string"
						},
			       "description": "Set the node selectors..",
			       "type": "object"
			},
			   "overrides": {
			       "description": "Developer overrides.",
			       "properties": {
		   "imagePullPolicy": {
		   "description": "Pull policy of the multicluster hub images.",
			               "type": "string"
							}
						},
			      "type": "object"
									},
		   "separateCertificateManagement": {
				     "description": "(Deprecated) Install cert-manager into its own namespace.",
				     "type": "boolean"
						    }
					   },
			   "type": "object"
		       },
		       "status": {
			 "description": "MulticlusterHubStatus defines the observed state of MultiClusterHub.",
			 "properties": {
			     "components": {
		      "additionalProperties": {
		      "description": "StatusCondition contains condition information.",
				      "properties": {
		      "lastTransitionTime": {
		      "description": "LastTransitionTime is the last time the condition changed from one status to another.",
		      "format": "date-time",
		      "type": "string"
					},
		      "message": {
		      "description": "Message is a human-readable message indicating\ndetails about the last status change.",
		      "type": "string"
						},
				          "reason": {
		      "description": "Reason is a (brief) reason for the last status change of the condition.",
		      "type": "string"
						},
					  "status": {
		      "description": "Status is the status of the condition. One of True, False, Unknown.",
		      "type": "string"
					},
					  "type": {
		      "description": "Type is the type of the cluster condition.",
		      "type": "string"
					}
				},
				     "type": "object"
						      },
				  "description": "Components []ComponentCondition `json:\"manifests,omitempty\"`",
				  "type": "object"
							},
			      "conditions": {
				  "description": "Conditions contain the different condition statuses for the MultiClusterHub.",
				  "items": {
		      "description": "StatusCondition contains condition information.",
				      "properties": {
		      "lastTransitionTime": {
		      "description": "LastTransitionTime is the last time the condition changed from one status to another.",
		      "format": "date-time",
		      "type": "string"
					},
		      "lastUpdateTime": {
		      "description": "The last time this condition was updated.",
		      "format": "date-time",
		      "type": "string"
					},
		      "message": {
		      "description": "Message is a human-readable message indicating details about the last status change.",
		      "type": "string"
						},
				          "reason": {
		      "description": "Reason is a (brief) reason for the last status change of the condition.",
		      "type": "string"
					},
					  "status": {
		      "description": "Status is the status of the condition. One of True, False, Unknown.",
		      "type": "string"
						},
					  "type": {
		      "description": "Type is the type of the cluster condition.",
		      "type": "string"
					}
				},
				     "type": "object"
						      },
				 "type": "array"
					},
			     "currentVersion": {
				 "description": "CurrentVersion indicates the current version..",
				 "type": "string"
						},
			     "desiredVersion": {
				 "description": "DesiredVersion indicates the desired version.",
				 "type": "string"
						 },
			     "phase": {
				 "description": "Represents the running phase of the MultiClusterHub",
				 "type": "string"
							}
						},
	                 "type": "object"
					   }
				   },
                "type": "object"
			        }
		         },
        "served": true,
        "storage": true,
        "subresources": {
	    "status": {}
	    }
	}
    ]
  }
}
1.14.2.2. Query all MultiClusterHubs
GET /operator.open-cluster-management.io/v1beta1/namespaces/{namespace}/operator
1.14.2.2.1. Description

Query your multicluster hub operator for more details.

1.14.2.2.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

1.14.2.2.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.14.2.2.4. Consumes
  • operator/yaml
1.14.2.2.5. Tags
  • multiclusterhubs.operator.open-cluster-management.io
1.14.2.3. Query a MultiClusterHub operator
GET /operator.open-cluster-management.io/v1beta1/namespaces/{namespace}/operator/{multiclusterhub_name}
1.14.2.3.1. Description

Query a single multicluster hub operator for more details.

1.14.2.3.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

application_name
required

Name of the application that you want to query.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

1.14.2.3.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.14.2.3.4. Tags
  • multiclusterhubs.operator.open-cluster-management.io
1.14.2.4. Delete a MultiClusterHub operator
DELETE /operator.open-cluster-management.io/v1beta1/namespaces/{namespace}/operator/{multiclusterhub_name}
1.14.2.4.1. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

application_name
required

Name of the multicluster hub operator that you want to delete.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

1.14.2.4.2. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.14.2.4.3. Tags
  • multiclusterhubs.operator.open-cluster-management.io

1.14.3. Definitions

1.14.3.1. Multicluster hub operator
NameDescriptionSchema

apiVersion
required

The versioned schema of the MultiClusterHub.

string

kind
required

String value that represents the REST resource.

string

metadata
required

Describes rules that define the resource.

object

spec
required

The resource specification.

spec

spec

availabilityConfig
optional
Specifies deployment replication for improved availability. The default value is High.string

customCAConfigmap
optional

Provide the customized OpenShift default ingress CA certificate to Red Hat Advanced Cluster Management.

string

disableHubSelfManagement
optional

Disable automatic import of the hub cluster as a managed cluster.

boolean

disableUpdateClusterImageSets
optional

Disable automatic update of ClusterImageSets.

boolean

hive
optional

(Deprecated) An object that overrides for the default HiveConfig specification.

hive

imagePullSecret
optional

Overrides pull secret for accessing MultiClusterHub operand and endpoint images.

string

ingress
optional

Configuration options for ingress management.

ingress

nodeSelector
optional

Set the node selectors.

string

separateCertificateManagement
optional

(Deprecated) Install cert-manager into its own namespace.

boolean

hive

additionalCertificateAuthorities
optional
(Deprecated) A list of references to secrets in the hive namespace that contain an additional Certificate Authority to use when communicating with target clusters. These certificate authorities are used in addition to any self-signed CA generated by each cluster on installation.object

backup
optional

(Deprecated) Specifies the configuration for backup integration. If absent, backup integration is disabled.

backup

externalDNS
optional

(Deprecated) Specifies configuration for external-dns if it is to be deployed by Hive. If absent, external-dns is not be deployed.

object

failedProvisionConfig
required

(Deprecated) Used to configure settings related to handling provision failures.

failedProvisionConfig

globalPullSecret
optional

(Deprecated) Used to specify a pull secret that is used globally by all of the cluster deployments. For each cluster deployment, the contents of globalPullSecret are merged with the specific pull secret for a cluster deployment (if specified), with precedence given to the contents of the pull secret for the cluster deployment.

object

maintenanceMode
optional

(Deprecated) Can be set to true to disable the hive controllers in situations where you need to ensure nothing is running that adds or acts upon finalizers on Hive types. This should rarely be needed. Sets replicas to 0 for the hive-controllers deployment to accomplish this.

boolean

ingress

sslCiphers
optional
List of SSL ciphers enabled for management ingress. Defaults to full list of supported ciphers.string

backup

minBackupPeriodSeconds
optional
(Deprecated) Specifies that a minimum of MinBackupPeriodSeconds occurs in between each backup. This is used to rate limit backups. This potentially batches together multiple changes into one backup. No backups are lost as changes happen during this interval are queued up and result in a backup happening once the interval has been completed.integer

velero
optional

(Deprecated) Velero specifies configuration for the Velero backup integration.

object

failedProvisionConfig

skipGatherLogs
optional
(Deprecated) Disables functionality that attempts to gather full logs from the cluster if an installation fails for any reason. The logs are stored in a persistent volume for up to seven days.boolean

status

components
optional
The components of the status configuration.object

conditions
optional

Contains the different conditions for the multicluster hub.

conditions

desiredVersion
optional

Indicates the desired version.

string

phase
optional

Represents the active phase of the MultiClusterHub resource. The values that are used for this parameter are: Pending, Running, Installing, Updating, Uninstalling

string

conditions

lastTransitionTime
optional
The last time the condition changed from one status to another.string

lastUpdateTime
optional

The last time this condition was updated.

string

message
required

Message is a human-readable message indicating details about the last status change.

string

reason
required

A brief reason for why the condition status changed.

string

status
required

The status of the condition.

string

type
required

The type of the cluster condition.

string

StatusConditions

kind
required
The resource kind that represents this status.string

available
required

Indicates whether this component is properly running.

boolean

lastTransitionTime
optional

The last time the condition changed from one status to another.

metav1.time

lastUpdateTime
optional

The last time this condition was updated.

metav1.time

message
required

Message is a human-readable message indicating details about the last status change.

string

reason
optional

A brief reason for why the condition status changed.

string

status
optional

The status of the condition.

string

type
optional

The type of the cluster condition.

string

1.15. Placement API (v1beta1)

1.15.1. Overview

This documentation is for the Placement resource for Red Hat Advanced Cluster Management for Kubernetes. The Placement resource has four possible requests: create, query, delete, and update. Placement defines a rule to select a set of ManagedClusters from the ManagedClusterSets that are bound to the placement namespace. A slice of PlacementDecisions with the label cluster.open-cluster-management.io/placement={placement name} is created to represent the ManagedClusters that are selected by this placement.

1.15.1.1. Version information

Version : 2.12.0

1.15.1.2. URI scheme

BasePath : /kubernetes/apis
Schemes : HTTPS

1.15.1.3. Tags
  • cluster.open-cluster-management.io : Create and manage Placements

1.15.2. Paths

1.15.2.1. Query all Placements
GET /cluster.open-cluster-management.io/v1beta1/namespaces/{namespace}/placement
1.15.2.1.1. Description

Query your Placements for more details.

1.15.2.1.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

1.15.2.1.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.15.2.1.4. Consumes
  • placement/yaml
1.15.2.1.5. Tags
  • cluster.open-cluster-management.io
1.15.2.2. Create a Placement
POST /cluster.open-cluster-management.io/v1beta1/namespaces/{namespace}/placements
1.15.2.2.1. Description

Create a Placement.

1.15.2.2.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Body

body
required

Parameters describing the placement binding to be created.

Placement

1.15.2.2.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.15.2.2.4. Consumes
  • placement/yaml
1.15.2.2.5. Tags
  • cluster.open-cluster-management.io
1.15.2.2.6. Example HTTP request
1.15.2.2.6.1. Request body
{
  "apiVersion" : "cluster.open-cluster-management.io/v1beta1",
  "kind" : "Placement",
  "metadata" : {
    "name" : "placement1",
    "namespace": "ns1"
  },
  "spec": {
    "predicates": [
      {
        "requiredClusterSelector": {
          "labelSelector": {
            "matchLabels": {
              "vendor": "OpenShift"
            }
          }
        }
      }
    ]
  },
  "status" : { }
}
1.15.2.3. Query a single Placement
GET /cluster.open-cluster-management.io/v1beta1/namespaces/{namespace}/placements/{placement_name}
1.15.2.3.1. Description

Query a single Placement for more details.

1.15.2.3.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

placement_name
required

Name of the Placement that you want to query.

string

1.15.2.3.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.15.2.3.4. Tags
  • cluster.open-cluster-management.io
1.15.2.4. Delete a Placement
DELETE /cluster.open-cluster-management.io/v1beta1/namespaces/{namespace}/placements/{placement_name}
1.15.2.4.1. Description

Delete a single Placement.

1.15.2.4.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

placement_name
required

Name of the Placement that you want to delete.

string

1.15.2.4.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.15.2.4.4. Tags
  • cluster.open-cluster-management.io

1.15.3. Definitions

1.15.3.1. Placement
NameDescriptionSchema

apiVersion
required

Versioned schema of the Placement.

string

kind
required

String value that represents the REST resource.

string

metadata
required

Metadata of the Placement.

object

spec
required

Specification of the Placement.

spec

spec

NameDescriptionSchema

clusterSets
optional

A subset of ManagedClusterSets from which the ManagedClusters are selected. If the ManagedClusterSet is empty, ManagedClusters are selected from the ManagedClusterSets that are bound to the Placement namespace. If the ManagedClusterSet contains ManagedClusters, ManagedClusters are selected from the intersection of this subset. The selected ManagedClusterSets are bound to the placement namespace.

string array

numberOfClusters
optional

Number of ManagedClusters that you want to be selected.

integer (int32)

predicates
optional

Subset of cluster predicates that select ManagedClusters. The conditional logic is OR.

clusterPredicate array

prioritizerPolicy
optional

Policy of the prioritizers.

prioritizerPolicy

tolerations
optional

Value that allows, but does not require, the managed clusters with certain taints to be selected by placements with matching tolerations.

toleration array

clusterPredicate

NameDescriptionSchema

requiredClusterSelector
optional

A cluster selector to select ManagedClusters with a label and cluster claim.

clusterSelector

clusterSelector

NameDescriptionSchema

labelSelector
optional

Selector of ManagedClusters by label.

object

claimSelector
optional

Selector of ManagedClusters by claim.

clusterClaimSelector

clusterClaimSelector

NameDescriptionSchema

matchExpressions
optional

Subset of the cluster claim selector requirements. The conditional logic is AND.

< object > array

prioritizerPolicy

NameDescriptionSchema

mode
optional

Either Exact, Additive, or "". The default value of "" is Additive.

string

configurations
optional

Configuration of the prioritizer.

prioritizerConfig array

prioritizerConfig

NameDescriptionSchema

scoreCoordinate
required

Configuration of the prioritizer and score source.

scoreCoordinate

weight
optional

Weight of the prioritizer score. The value must be within the range: [-10,10].

int32

scoreCoordinate

NameDescriptionSchema

type
required

Type of the prioritizer score. Valid values are "BuiltIn" or "AddOn".

string

builtIn
optional

Name of a BuiltIn prioritizer from the following options: 1) Balance: Balance the decisions among the clusters. 2) Steady: Ensure the existing decision is stabilized. 3) ResourceAllocatableCPU & ResourceAllocatableMemory: Sort clusters based on the allocatable resources. 4) Spread: Spread the workload evenly to topologies.

string

addOn
optional

When type is AddOn, AddOn defines the resource name and score name.

object

toleration

NameDescriptionSchema

key
optional

Taint key that the toleration applies to. Empty means match all of the taint keys.

string

operator
optional

Relationship of a key to the value. Valid operators are Exists and Equal. The default value is Equal.

string

value
optional

Taint value that matches the toleration.

string

effect
optional

Taint effect to match. Empty means match all of the taint effects. When specified, allowed values are NoSelect, PreferNoSelect, and NoSelectIfNew.

string

tolerationSeconds
optional

Length of time that a taint is tolerated, after which the taint is not tolerated. The default value is nil, which indicates that there is no time limit on how long the taint is tolerated.

int64

1.16. PlacementDecisions API (v1beta1)

1.16.1. Overview

This documentation is for the PlacementDecision resource for Red Hat Advanced Cluster Management for Kubernetes. The PlacementDecision resource has four possible requests: create, query, delete, and update. A PlacementDecision indicates a decision from a placement. A PlacementDecision uses the label cluster.open-cluster-management.io/placement={placement name} to reference a certain placement.

1.16.1.1. Version information

Version : 2.12.0

1.16.1.2. URI scheme

BasePath : /kubernetes/apis
Schemes : HTTPS

1.16.1.3. Tags
  • cluster.open-cluster-management.io : Create and manage PlacementDecisions.

1.16.2. Paths

1.16.2.1. Query all PlacementDecisions
GET /cluster.open-cluster-management.io/v1beta1/namespaces/{namespace}/placementdecisions
1.16.2.1.1. Description

Query your PlacementDecisions for more details.

1.16.2.1.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

1.16.2.1.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.16.2.1.4. Consumes
  • placementdecision/yaml
1.16.2.1.5. Tags
  • cluster.open-cluster-management.io
1.16.2.2. Create a PlacementDecision
POST /cluster.open-cluster-management.io/v1beta1/namespaces/{namespace}/placementdecisions
1.16.2.2.1. Description

Create a PlacementDecision.

1.16.2.2.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Body

body
required

Parameters describing the PlacementDecision to be created.

PlacementDecision

1.16.2.2.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.16.2.2.4. Consumes
  • placementdecision/yaml
1.16.2.2.5. Tags
  • cluster.open-cluster-management.io
1.16.2.2.6. Example HTTP request
1.16.2.2.6.1. Request body
{
  "apiVersion" : "cluster.open-cluster-management.io/v1beta1",
  "kind" : "PlacementDecision",
  "metadata" : {
    "labels" : {
      "cluster.open-cluster-management.io/placement" : "placement1"
    },
    "name" : "placement1-decision1",
    "namespace": "ns1"
  },
  "status" : { }
}
1.16.2.3. Query a single PlacementDecision
GET /cluster.open-cluster-management.io/v1beta1/namespaces/{namespace}/placementdecisions/{placementdecision_name}
1.16.2.3.1. Description

Query a single PlacementDecision for more details.

1.16.2.3.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

placementdecision_name
required

Name of the PlacementDecision that you want to query.

string

1.16.2.3.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.16.2.3.4. Tags
  • cluster.open-cluster-management.io
1.16.2.4. Delete a PlacementDecision
DELETE /cluster.open-cluster-management.io/v1beta1/namespaces/{namespace}/placementdecisions/{placementdecision_name}
1.16.2.4.1. Description

Delete a single PlacementDecision.

1.16.2.4.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

placementdecision_name
required

Name of the PlacementDecision that you want to delete.

string

1.16.2.4.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.16.2.4.4. Tags
  • cluster.open-cluster-management.io

1.16.3. Definitions

1.16.3.1. PlacementDecision
NameDescriptionSchema

apiVersion
required

Versioned schema of PlacementDecision.

string

kind
required

String value that represents the REST resource.

string

metadata
required

Metadata of PlacementDecision.

object

status
optional

Current status of the PlacementDecision.

PlacementStatus

PlacementStatus

NameDescriptionSchema

Decisions
required

Slice of decisions according to a placement.

ClusterDecision array

ClusterDecision

NameDescriptionSchema

clusterName
required

Name of the ManagedCluster.

string

reason
required

Reason why the ManagedCluster is selected.

string

1.17. DiscoveryConfig API

1.17.1. Overview

This documentation is for the DiscoveryConfig resource for Red Hat Advanced Cluster Management for Kubernetes. The DiscoveryConfig resource has four possible requests: create, query, delete, and update.

1.17.1.1. Version information

Version : 2.12.0

1.17.1.2. URI scheme

BasePath : /kubernetes/apis
Schemes : HTTPS

1.17.1.3. Tags
  • discoveryconfigs.discovery.open-cluster-management.io : Create and manage DiscoveryConfigs

1.17.2. Paths

1.17.2.1. Create a DiscoveryConfig
POST /app.k8s.io/v1/namespaces/{namespace}/discoveryconfigs
1.17.2.1.1. Description

Create a DiscoveryConfig.

1.17.2.1.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

Body

body
required

Parameters describing the DiscoveryConfig to be created.

DiscoveryConfig

1.17.2.1.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.17.2.1.4. Consumes
  • discoveryconfigs/yaml
1.17.2.1.5. Tags
  • discoveryconfigs.discovery.open-cluster-management.io
1.17.2.1.5.1. Request body
{
  "apiVersion": "apiextensions.k8s.io/v1",
  "kind": "CustomResourceDefinition",
  "metadata": {
    "annotations": {
      "controller-gen.kubebuilder.io/version": "v0.4.1",
    },
    "creationTimestamp": null,
    "name": "discoveryconfigs.discovery.open-cluster-management.io",
  },
  "spec": {
    "group": "discovery.open-cluster-management.io",
    "names": {
      "kind": "DiscoveryConfig",
      "listKind": "DiscoveryConfigList",
      "plural": "discoveryconfigs",
      "singular": "discoveryconfig"
    },
    "scope": "Namespaced",
    "versions": [
      {
        "name": "v1",
        "schema": {
          "openAPIV3Schema": {
            "description": "DiscoveryConfig is the Schema for the discoveryconfigs API",
            "properties": {
              "apiVersion": {
                "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources",
                "type": "string"
              },
              "kind": {
                "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds",
                "type": "string"
              },
              "metadata": {
                "type": "object"
              },
              "spec": {
                "description": "DiscoveryConfigSpec defines the desired state of DiscoveryConfig",
                "properties": {
                  "credential": {
                    "description": "Credential is the secret containing credentials to connect to the OCM api on behalf of a user",
                    "type": "string"
                  },
                  "filters": {
                    "description": "Sets restrictions on what kind of clusters to discover",
                    "properties": {
                      "lastActive": {
                        "description": "LastActive is the last active in days of clusters to discover, determined by activity timestamp",
                        "type": "integer"
                      },
                      "openShiftVersions": {
                        "description": "OpenShiftVersions is the list of release versions of OpenShift of the form \"<Major>.<Minor>\"",
                        "items": {
                          "description": "Semver represents a partial semver string with the major and minor version in the form \"<Major>.<Minor>\". For example: \"4.15\"",
                          "pattern": "^(?:0|[1-9]\\d*)\\.(?:0|[1-9]\\d*)$",
                          "type": "string"
                        },
                        "type": "array"
                      }
                    },
                    "type": "object"
                  }
                },
                "required": [
                  "credential"
                ],
                "type": "object"
              },
              "status": {
                "description": "DiscoveryConfigStatus defines the observed state of DiscoveryConfig",
                "type": "object"
              }
            },
            "type": "object"
          }
        },
        "served": true,
        "storage": true,
        "subresources": {
          "status": {}
        }
      }
    ]
  },
  "status": {
    "acceptedNames": {
      "kind": "",
      "plural": ""
    },
    "conditions": [],
    "storedVersions": []
  }
}
1.17.2.2. Query all DiscoveryConfigs
GET /operator.open-cluster-management.io/v1/namespaces/{namespace}/operator
1.17.2.2.1. Description

Query your discovery config operator for more details.

1.17.2.2.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

1.17.2.2.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.17.2.2.4. Consumes
  • operator/yaml
1.17.2.2.5. Tags
  • discoveryconfigs.discovery.open-cluster-management.io
1.17.2.3. Delete a DiscoveryConfig operator
DELETE /operator.open-cluster-management.io/v1/namespaces/{namespace}/operator/{discoveryconfigs_name}
1.17.2.3.1. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

application_name
required

Name of the Discovery Config operator that you want to delete.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

1.17.2.3.2. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.17.2.3.3. Tags
  • discoveryconfigs.operator.open-cluster-management.io

1.17.3. Definitions

1.17.3.1. DiscoveryConfig
NameDescriptionSchema

apiVersion
required

The versioned schema of the discoveryconfigs.

string

kind
required

String value that represents the REST resource.

string

metadata
required

Describes rules that define the resource.

object

spec
required

Defines the desired state of DiscoveryConfig.

See List of specs

1.17.3.2. List of specs
NameDescriptionSchema

credential
required

Credential is the secret containing credentials to connect to the OCM API on behalf of a user.

string

filters
optional

Sets restrictions on what kind of clusters to discover.

See List of filters

1.17.3.3. List of filters
NameDescriptionSchema

lastActive
required

LastActive is the last active in days of clusters to discover, determined by activity timestamp.

integer

openShiftVersions
optional

OpenShiftVersions is the list of release versions of OpenShift of the form "<Major>.<Minor>"

object

1.18. DiscoveredCluster API

1.18.1. Overview

This documentation is for the DiscoveredCluster resource for Red Hat Advanced Cluster Management for Kubernetes. The DiscoveredCluster resource has four possible requests: create, query, delete, and update.

1.18.1.1. Version information

Version : 2.12.0

1.18.1.2. URI scheme

BasePath : /kubernetes/apis
Schemes : HTTPS

1.18.1.3. Tags
  • discoveredclusters.discovery.open-cluster-management.io : Create and manage DiscoveredClusters

1.18.2. Paths

1.18.2.1. Create a DiscoveredCluster
POST /app.k8s.io/v1/namespaces/{namespace}/discoveredclusters
1.18.2.1.1. Description

Create a DiscoveredCluster.

1.18.2.1.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

Body

body
required

Parameters describing the DiscoveredCluster to be created.

DiscoveredCluster

1.18.2.1.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.18.2.1.4. Consumes
  • discoveredclusters/yaml
1.18.2.1.5. Tags
  • discoveredclusters.discovery.open-cluster-management.io
1.18.2.1.5.1. Request body
{
  "apiVersion": "apiextensions.k8s.io/v1",
  "kind": "CustomResourceDefinition",
  "metadata": {
    "annotations": {
      "controller-gen.kubebuilder.io/version": "v0.4.1",\
    },
    "creationTimestamp": null,
    "name": "discoveredclusters.discovery.open-cluster-management.io",
  },
  "spec": {
    "group": "discovery.open-cluster-management.io",
    "names": {
      "kind": "DiscoveredCluster",
      "listKind": "DiscoveredClusterList",
      "plural": "discoveredclusters",
      "singular": "discoveredcluster"
    },
    "scope": "Namespaced",
    "versions": [
      {
        "name": "v1",
        "schema": {
          "openAPIV3Schema": {
            "description": "DiscoveredCluster is the Schema for the discoveredclusters API",
            "properties": {
              "apiVersion": {
                "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources",
                "type": "string"
              },
              "kind": {
                "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds",
                "type": "string"
              },
              "metadata": {
                "type": "object"
              },
              "spec": {
                "description": "DiscoveredClusterSpec defines the desired state of DiscoveredCluster",
                "properties": {
                  "activityTimestamp": {
                    "format": "date-time",
                    "type": "string"
                  },
                  "apiUrl": {
                    "type": "string"
                  },
                  "cloudProvider": {
                    "type": "string"
                  },
                  "console": {
                    "type": "string"
                  },
                  "creationTimestamp": {
                    "format": "date-time",
                    "type": "string"
                  },
                  "credential": {
                    "description": "ObjectReference contains enough information to let you inspect or modify the referred object. --- New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs.  1. Ignored fields.  It includes many fields which are not generally honored.  For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage.  2. Invalid usage help.  It is impossible to add specific help for individual usage.  In most embedded usages, there are particular     restrictions like, \"must refer only to types A and B\" or \"UID not honored\" or \"name must be restricted\".     Those cannot be well described when embedded.  3. Inconsistent validation.  Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen.  4. The fields are both imprecise and overly precise.  Kind is not a precise mapping to a URL. This can produce ambiguity     during interpretation and require a REST mapping.  In most cases, the dependency is on the group,resource tuple     and the version of the actual struct is irrelevant.  5. We cannot easily change it.  Because this type is embedded in many locations, updates to this type     will affect numerous schemas.  Don't make new APIs embed an underspecified API type they do not control. Instead of using this type, create a locally provided and used type that is well-focused on your reference. For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 .",
                    "properties": {
                      "apiVersion": {
                        "description": "API version of the referent.",
                        "type": "string"
                      },
                      "fieldPath": {
                        "description": "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.",
                        "type": "string"
                      },
                      "kind": {
                        "description": "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds",
                        "type": "string"
                      },
                      "name": {
                        "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
                        "type": "string"
                      },
                      "namespace": {
                        "description": "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/",
                        "type": "string"
                      },
                      "resourceVersion": {
                        "description": "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency",
                        "type": "string"
                      },
                      "uid": {
                        "description": "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids",
                        "type": "string"
                      }
                    },
                    "type": "object"
                  },
                  "displayName": {
                    "type": "string"
                  },
                  "isManagedCluster": {
                    "type": "boolean"
                  },
                  "name": {
                    "type": "string"
                  },
                  "openshiftVersion": {
                    "type": "string"
                  },
                  "status": {
                    "type": "string"
                  },
                  "type": {
                    "type": "string"
                  }
                },
                "required": [
                  "apiUrl",
                  "displayName",
                  "isManagedCluster",
                  "name",
                  "type"
                ],
                "type": "object"
              },
              "status": {
                "description": "DiscoveredClusterStatus defines the observed state of DiscoveredCluster",
                "type": "object"
              }
            },
            "type": "object"
          }
        },
        "served": true,
        "storage": true,
        "subresources": {
          "status": {}
        }
      }
    ]
  },
  "status": {
    "acceptedNames": {
      "kind": "",
      "plural": ""
    },
    "conditions": [],
    "storedVersions": []
  }
}
1.18.2.2. Query all DiscoveredClusters
GET /operator.open-cluster-management.io/v1/namespaces/{namespace}/operator
1.18.2.2.1. Description

Query your discovered clusters operator for more details.

1.18.2.2.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

1.18.2.2.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.18.2.2.4. Consumes
  • operator/yaml
1.18.2.2.5. Tags
  • discoveredclusters.discovery.open-cluster-management.io
1.18.2.3. Delete a DiscoveredCluster operator
DELETE /operator.open-cluster-management.io/v1/namespaces/{namespace}/operator/{discoveredclusters_name}
1.18.2.3.1. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

application_name
required

Name of the Discovered Cluster operator that you want to delete.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

1.18.2.3.2. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.18.2.3.3. Tags
  • discoveredclusters.operator.open-cluster-management.io

1.18.3. Definitions

1.18.3.1. DiscoveredCluster
NameDescriptionSchema

apiVersion
required

The versioned schema of the discoveredclusters.

string

kind
required

String value that represents the REST resource.

string

metadata
required

Describes rules that define the resource.

object

spec
required

DiscoveredClusterSpec defines the desired state of DiscoveredCluster.

See List of specs

1.18.3.2. List of specs
NameDescriptionSchema

activityTimestamp
optional

Discoveredclusters last available activity timestamp.

metav1.time

apiUrl
required

Discoveredclusters API URL endpoint.

string

cloudProvider
optional

Cloud provider of discoveredcluster.

string

console
optional

Discoveredclusters console URL endpoint.

string

creationTimestamp
optional

Discoveredclusters creation timestamp.

metav1.time

credential
optional

The reference to the credential from which the cluster was discovered.

corev1.ObjectReference

displayName
required

The display name of the discovered cluster.

string

isManagedCluster
required

If true, cluster is managed by ACM.

boolean

name
required

The name of the discoveredcluster.

string

openshiftVersion
optional

The OpenShift version of the discovered cluster.

string

status
optional

The status of the discovered cluster.

string

type
required

The OpenShift flavor (ex. OCP, ROSA, etc.).

string

1.19. AddOnDeploymentConfig API (v1alpha1)

1.19.1. Overview

This documentation is for the AddOnDeploymentConfig resource for Red Hat Advanced Cluster Management for Kubernetes. The AddOnDeploymentConfig resource has four possible requests: create, query, delete, and update. AddOnDeploymentConfig represents a deployment configuration for an add-on.

1.19.1.1. Version information

Version : 2.12.0

1.19.1.2. URI scheme

BasePath : /kubernetes/apis
Schemes : HTTPS

1.19.1.3. Tags
  • addon.open-cluster-management.io : Create and manage AddOnDeploymentConfigs

1.19.2. Paths

1.19.2.1. Query all AddOnDeploymentConfigs
GET /addon.open-cluster-management.io/v1alpha1/namespaces/{namespace}/addondeploymentconfigs
1.19.2.1.1. Description

Query your AddOnDeploymentConfigs for more details.

1.19.2.1.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

1.19.2.1.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.19.2.1.4. Consumes
  • addondeploymentconfig/yaml
1.19.2.1.5. Tags
  • addon.open-cluster-management.io
1.19.2.2. Create a AddOnDeploymentConfig
POST /addon.open-cluster-management.io/v1alpha1/namespaces/{namespace}/addondeploymentconfigs
1.19.2.2.1. Description

Create a AddOnDeploymentConfig.

1.19.2.2.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Body

body
required

Parameters describing the AddOnDeploymentConfig binding to be created.

AddOnDeploymentConfig

1.19.2.2.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.19.2.2.4. Consumes
  • addondeploymentconfig/yaml
1.19.2.2.5. Tags
  • addon.open-cluster-management.io
1.19.2.2.6. Example HTTP request
1.19.2.2.6.1. Request body
{
  "apiVersion": "addon.open-cluster-management.io/v1alpha1",
  "kind": "AddOnDeploymentConfig",
  "metadata": {
    "name": "deploy-config",
    "namespace": "open-cluster-management-hub"
  },
  "spec": {
    "nodePlacement": {
      "nodeSelector": {
        "node-dedicated": "acm-addon"
      },
      "tolerations": [
        {
          "effect": "NoSchedule",
          "key": "node-dedicated",
          "operator": "Equal",
          "value": "acm-addon"
        }
      ]
    }
  }
}
1.19.2.3. Query a single AddOnDeploymentConfig
GET /addon.open-cluster-management.io/v1alpha1/namespaces/{namespace}/addondeploymentconfigs/{addondeploymentconfig_name}
1.19.2.3.1. Description

Query a single AddOnDeploymentConfig for more details.

1.19.2.3.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

addondeploymentconfig_name
required

Name of the AddOnDeploymentConfig that you want to query.

string

1.19.2.3.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.19.2.3.4. Tags
  • addon.open-cluster-management.io
1.19.2.4. Delete a AddOnDeploymentConfig
DELETE /addon.open-cluster-management.io/v1alpha1/namespaces/{namespace}/addondeploymentconfigs/{addondeploymentconfig_name}
1.19.2.4.1. Description

Delete a single AddOnDeploymentConfig.

1.19.2.4.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

addondeploymentconfig_name
required

Name of the AddOnDeploymentConfig that you want to delete.

string

1.19.2.4.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.19.2.4.4. Tags
  • addon.open-cluster-management.io

1.19.3. Definitions

1.19.3.1. AddOnDeploymentConfig
NameDescriptionSchema

apiVersion
required

Versioned schema of the AddOnDeploymentConfig.

string

kind
required

String value that represents the REST resource.

string

metadata
required

Metadata of the AddOnDeploymentConfig.

object

spec
required

Specification of the AddOnDeploymentConfig.

spec

spec

NameDescriptionSchema

customizedVariables
optional

A list of name-value variables for the current add-on deployment. The add-on implementation can use these variables to render its add-on deployment.

customizedVariable array

nodePlacement
required

Enables explicit control over the scheduling of the add-on agents on the managed cluster.

nodePlacement

customizedVariable

NameDescriptionSchema

name
required

Name of this variable.

string

value
optional

Value of this variable.

string

nodePlacement

NameDescriptionSchema

nodeSelector
optional

Define which nodes the pods are scheduled to run on. When the nodeSelector is empty, the nodeSelector selects all nodes.

map[string]string

tolerations
optional

Applied to pods and used to schedule pods to any taint that matches the <key,value,effect> toleration using the matching operator (<operator>).

[]corev1.Toleration

1.20. ClusterManagementAddOn API (v1alpha1)

1.20.1. Overview

This documentation is for the ClusterManagementAddOn resource for Red Hat Advanced Cluster Management for Kubernetes. The ClusterManagementAddOn resource has four possible requests: create, query, delete, and update.

ClusterManagementAddOn represents the registration of an add-on to the cluster manager. This resource allows the user to discover which add-on is available for the cluster manager and also provides metadata information about the add-on. This resource also provides a reference to ManagedClusterAddOn, the name of the ClusterManagementAddOn resource that is used for the namespace-scoped ManagedClusterAddOn resource. ClusterManagementAddOn is a cluster-scoped resource.

1.20.1.1. Version information

Version : 2.12.0

1.20.1.2. URI scheme

BasePath : /kubernetes/apis
Schemes : HTTPS

1.20.1.3. Tags
  • addon.open-cluster-management.io : Create and manage ClusterManagementAddOns

1.20.2. Paths

1.20.2.1. Query all ClusterManagementAddOns
GET /addon.open-cluster-management.io/v1alpha1/clustermanagementaddons
1.20.2.1.1. Description

Query your ClusterManagementAddOns for more details.

1.20.2.1.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

1.20.2.1.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.20.2.1.4. Consumes
  • clustermanagementaddon/yaml
1.20.2.1.5. Tags
  • addon.open-cluster-management.io
1.20.2.2. Create a ClusterManagementAddOn
POST /addon.open-cluster-management.io/v1alpha1/clustermanagementaddons
1.20.2.2.1. Description

Create a ClusterManagementAddOn.

1.20.2.2.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Body

body
required

Parameters describing the ClusterManagementAddon binding to be created.

ClusterManagementAddOn

1.20.2.2.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.20.2.2.4. Consumes
  • clustermanagementaddon/yaml
1.20.2.2.5. Tags
  • addon.open-cluster-management.io
1.20.2.2.6. Example HTTP request
1.20.2.2.6.1. Request body
{
  "apiVersion": "addon.open-cluster-management.io/v1alpha1",
  "kind": "ClusterManagementAddOn",
  "metadata": {
    "name": "helloworld"
  },
  "spec": {
    "supportedConfigs": [
      {
        "defaultConfig": {
          "name": "deploy-config",
          "namespace": "open-cluster-management-hub"
        },
        "group": "addon.open-cluster-management.io",
        "resource": "addondeploymentconfigs"
      }
    ]
  },
  "status" : { }
}
1.20.2.3. Query a single ClusterManagementAddOn
GET /addon.open-cluster-management.io/v1alpha1/clustermanagementaddons/{clustermanagementaddon_name}
1.20.2.3.1. Description

Query a single ClusterManagementAddOn for more details.

1.20.2.3.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

clustermanagementaddon_name
required

Name of the ClusterManagementAddOn that you want to query.

string

1.20.2.3.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.20.2.3.4. Tags
  • addon.open-cluster-management.io
1.20.2.4. Delete a ClusterManagementAddOn
DELETE /addon.open-cluster-management.io/v1alpha1/clustermanagementaddons/{clustermanagementaddon_name}
1.20.2.4.1. Description

Delete a single ClusterManagementAddOn.

1.20.2.4.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

clustermanagementaddon_name
required

Name of the ClusterManagementAddOn that you want to delete.

string

1.20.2.4.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.20.2.4.4. Tags
  • addon.open-cluster-management.io

1.20.3. Definitions

1.20.3.1. ClusterManagementAddOn
NameDescriptionSchema

apiVersion
required

Versioned schema of the ClusterManagementAddOn.

string

kind
required

String value that represents the REST resource.

string

metadata
required

Metadata of the ClusterManagementAddOn.

object

spec
required

Specification of the ClusterManagementAddOn.

spec

spec

NameDescriptionSchema

addOnMeta
optional

AddOnMeta is a reference to the metadata information for the add-on.

addOnMeta

supportedConfigs
optional

SupportedConfigs is a list of configuration types supported by add-on.

configMeta array

addOnMeta

NameDescriptionSchema

displayName
optional

Represents the name of add-on that is displayed.

string

description
optional

Represents the detailed description of the add-on.

string

configMeta

NameDescriptionSchema

group
optional

Group of the add-on configuration.

string

resource
required

Resource of the add-on configuration.

string

defaultConfig
required

Represents the namespace and name of the default add-on configuration. This is where all add-ons have a same configuration.

configReferent

configReferent

NameDescriptionSchema

namespace
optional

Namespace of the add-on configuration. If this field is not set, the configuration is cluster-scope.

string

name
required

Name of the add-on configuration.

string

1.21. ManagedClusterAddOn API (v1alpha1)

1.21.1. Overview

This documentation is for the ManagedClusterAddOn resource for Red Hat Advanced Cluster Management for Kubernetes. The ManagedClusterAddOn resource has four possible requests: create, query, delete, and update. ManagedClusterAddOn is the custom resource object which holds the current state of an add-on. This resource should be created in the ManagedCluster namespace.

1.21.1.1. Version information

Version : 2.12.0

1.21.1.2. URI scheme

BasePath : /kubernetes/apis
Schemes : HTTPS

1.21.1.3. Tags
  • addon.open-cluster-management.io : Create and manage ManagedClusterAddOns

1.21.2. Paths

1.21.2.1. Query all ManagedClusterAddOns
GET /addon.open-cluster-management.io/v1alpha1/namespaces/{namespace}/managedclusteraddons
1.21.2.1.1. Description

Query your ManagedClusterAddOns for more details.

1.21.2.1.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

1.21.2.1.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.21.2.1.4. Consumes
  • managedclusteraddon/yaml
1.21.2.1.5. Tags
  • addon.open-cluster-management.io
1.21.2.2. Create a ManagedClusterAddOn
POST /addon.open-cluster-management.io/v1alpha1/namespaces/{namespace}/managedclusteraddons
1.21.2.2.1. Description

Create a ManagedClusterAddOn.

1.21.2.2.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Body

body
required

Parameters that describe the ManagedClusterAddOn binding to be created.

ManagedClusterAddOn

1.21.2.2.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.21.2.2.4. Consumes
  • managedclusteraddon/yaml
1.21.2.2.5. Tags
  • addon.open-cluster-management.io
1.21.2.2.6. Example HTTP request
1.21.2.2.6.1. Request body
{
  "apiVersion": "addon.open-cluster-management.io/v1alpha1",
  "kind": "ManagedClusterAddOn",
  "metadata": {
    "name": "helloworld",
    "namespace": "cluster1"
  },
  "spec": {
    "configs": [
      {
        "group": "addon.open-cluster-management.io",
        "name": "cluster-deploy-config",
        "namespace": "open-cluster-management-hub",
        "resource": "addondeploymentconfigs"
      }
    ],
    "installNamespace": "default"
  },
 "status" : { }
}
1.21.2.3. Query a single ManagedClusterAddOn
GET /addon.open-cluster-management.io/v1alpha1/namespaces/{namespace}/managedclusteraddons/{managedclusteraddon_name}
1.21.2.3.1. Description

Query a single ManagedClusterAddOn for more details.

1.21.2.3.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

managedclusteraddon_name
required

Name of the ManagedClusterAddOn that you want to query.

string

1.21.2.3.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.21.2.3.4. Tags
  • addon.open-cluster-management.io
1.21.2.4. Delete a ManagedClusterAddOn
DELETE /addon.open-cluster-management.io/v1alpha1/namespaces/{namespace}/managedclusteraddons/{managedclusteraddon_name}
1.21.2.4.1. Description

Delete a single ManagedClusterAddOn.

1.21.2.4.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

managedclusteraddon_name
required

Name of the ManagedClusterAddOn that you want to delete.

string

1.21.2.4.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.21.2.4.4. Tags
  • addon.open-cluster-management.io

1.21.3. Definitions

1.21.3.1. ManagedClusterAddOn
NameDescriptionSchema

apiVersion
required

Versioned schema of the ManagedClusterAddOn.

string

kind
required

String value that represents the REST resource.

string

metadata
required

Metadata of the ManagedClusterAddOn.

object

spec
required

Specification of the ManagedClusterAddOn.

spec

spec

NameDescriptionSchema

installNamespace
optional

The namespace on the managed cluster to install the add-on agent. If it is not set, the open-cluster-management-agent-addon namespace is used to install the add-on agent.

string

configs
optional

A list of add-on configurations where the current add-on has its own configurations.

addOnConfig array

addOnConfig

NameDescriptionSchema

group
optional

Group of the add-on configuration.

string

resource
required

Resource of the add-on configuration.

string

namespace
optional

Namespace of the add-on configuration. If this field is not set, the configuration is cluster-scope.

string

name
required

Name of the add-on configuration.

string

1.22. ManagedClusterSet API (v1beta2)

1.22.1. Overview

This documentation is for the ManagedClusterSet resource for Red Hat Advanced Cluster Management for Kubernetes. The ManagedClusterSet resource has four possible requests: create, query, delete, and update. ManagedClusterSet groups two or more managed clusters into a set that you can operate together. Managed clusters that belong to a set can have similar attributes, such as shared use purposes or the same deployment region.

1.22.1.1. Version information

Version : 2.12.0

1.22.1.2. URI scheme

BasePath : /kubernetes/apis
Schemes : HTTPS

1.22.1.3. Tags
  • cluster.open-cluster-management.io : Create and manage ManagedClusterSets

1.22.2. Paths

1.22.2.1. Query all managedclustersets
GET /cluster.open-cluster-management.io/v1beta2/namespaces/{namespace}/managedclustersets
1.22.2.1.1. Description

Query your managedclustersets for more details.

1.22.2.1.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

1.22.2.1.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.22.2.1.4. Consumes
  • managedclusterset/yaml
1.22.2.1.5. Tags
  • cluster.open-cluster-management.io
1.22.2.2. Create a managedclusterset
POST /cluster.open-cluster-management.io/v1beta2/namespaces/{namespace}/managedclustersets
1.22.2.2.1. Description

Create a managedclusterset.

1.22.2.2.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

Body

body
required

Parameters describing the managedclusterset to be created.

Managedclusterset

1.22.2.2.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.22.2.2.4. Consumes
  • managedclusterset/yaml
1.22.2.2.5. Tags
  • cluster.open-cluster-management.io
1.22.2.2.6. Example HTTP request
1.22.2.2.6.1. Request body
{
  "apiVersion" : "cluster.open-cluster-management.io/v1beta2",
  "kind" : "ManagedClusterSet",
  "metadata" : {
    "name" : "example-clusterset",
  },
 "spec": {
  },
  "status" : { }
}
1.22.2.3. Query a single managedclusterset
GET /cluster.open-cluster-management.io/v1beta2/namespaces/{namespace}/managedclustersets/{managedclusterset_name}
1.22.2.3.1. Description

Query a single managedclusterset for more details.

1.22.2.3.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

Path

managedclusterset_name
required

Name of the managedclusterset that you want to query.

string

1.22.2.3.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.22.2.3.4. Tags
  • cluster.open-cluster-management.io
1.22.2.4. Delete a managedclusterset
DELETE /cluster.open-cluster-management.io/v1beta2/managedclustersets/{managedclusterset_name}
1.22.2.4.1. Description

Delete a single managedclusterset.

1.22.2.4.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

namespace
required

Namespace that you want to use, for example, default.

string

Path

managedclusterset_name
required

Name of the managedclusterset that you want to delete.

string

1.22.2.4.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.22.2.4.4. Tags
  • cluster.open-cluster-management.io

1.22.3. Definitions

1.22.3.1. ManagedClusterSet
NameDescriptionSchema

apiVersion
required

Versioned schema of the ManagedClusterSet.

string

kind
required

String value that represents the REST resource.

string

metadata
required

Metadata of the ManagedClusterSet.

object

specrequired

Specification of the ManagedClusterSet.

spec

1.23. KlusterletConfig API (v1alpha1)

1.23.1. Overview

This documentation is for the KlusterletConfig resource for Red Hat Advanced Cluster Management for Kubernetes. The KlusterletConfig resource has four possible requests: create, query, delete, and update. KlusterletConfig contains configuration information about a klusterlet, such as nodeSelector, tolerations, and pullSecret. KlusterletConfig is a cluster-scoped resource and only works on klusterlet pods in the open-cluster-managemnet-agent namespace. KlusterletConfig does not affect add-on deployment configurations.

1.23.1.1. Version information

Version : 2.12.0

1.23.1.2. URI scheme

BasePath : /kubernetes/apis
Schemes : HTTPS

1.23.1.3. Tags
  • config.open-cluster-management.io : Create and manage KlusterletConfig

1.23.2. Paths

1.23.2.1. Query all KlusterletConfig
GET /config.open-cluster-management.io/v1alpha1/namespaces/{namespace}/klusterletconfigs
1.23.2.1.1. Description

Query your KlusterletConfigs for more details.

1.23.2.1.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

1.23.2.1.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.23.2.1.4. Consumes
  • klusterletconfig/yaml
1.23.2.1.5. Tags
  • config.open-cluster-management.io
1.23.2.2. Create a KlusterletConfig
POST /config.open-cluster-management.io/v1alpha1/namespaces/{namespace}/klusterletconfigs
1.23.2.2.1. Description

Create a KlusterletConfig.

1.23.2.2.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Body

body
required

Parameters describing the KlusterletConfig binding to be created.

KlusterletConfig

1.23.2.2.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.23.2.2.4. Consumes
  • klusterletconfig/yaml
1.23.2.2.5. Tags
  • config.open-cluster-management.io
1.23.2.2.6. Example HTTP request
1.23.2.2.6.1. Request body
{
  "apiVersion": "apiextensions.k8s.io/v1",
  "kind": "CustomResourceDefinition",
  "metadata": {
    "annotations": {
      "controller-gen.kubebuilder.io/version": "v0.7.0"
    },
    "creationTimestamp": null,
    "name": "klusterletconfigs.config.open-cluster-management.io"
  },
  "spec": {
    "group": "config.open-cluster-management.io",
    "names": {
      "kind": "KlusterletConfig",
      "listKind": "KlusterletConfigList",
      "plural": "klusterletconfigs",
      "singular": "klusterletconfig"
    },
    "preserveUnknownFields": false,
    "scope": "Cluster",
    "versions": [
      {
        "name": "v1alpha1",
        "schema": {
          "openAPIV3Schema": {
            "description": "KlusterletConfig contains the configuration of a klusterlet including the upgrade strategy, config overrides, proxy configurations etc.",
            "properties": {
              "apiVersion": {
                "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources",
                "type": "string"
              },
              "kind": {
                "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds",
                "type": "string"
              },
              "metadata": {
                "type": "object"
              },
              "spec": {
                "description": "Spec defines the desired state of KlusterletConfig",
                "properties": {
                  "hubKubeAPIServerProxyConfig": {
                    "description": "HubKubeAPIServerProxyConfig holds proxy settings for connections between klusterlet/add-on agents on the managed cluster and the kube-apiserver on the hub cluster. Empty means no proxy settings is available.",
                    "properties": {
                      "caBundle": {
                        "description": "CABundle is a CA certificate bundle to verify the proxy server. It will be ignored if only HTTPProxy is set; And it is required when HTTPSProxy is set and self signed CA certificate is used by the proxy server.",
                        "format": "byte",
                        "type": "string"
                      },
                      "httpProxy": {
                        "description": "HTTPProxy is the URL of the proxy for HTTP requests",
                        "type": "string"
                      },
                      "httpsProxy": {
                        "description": "HTTPSProxy is the URL of the proxy for HTTPS requests HTTPSProxy will be chosen if both HTTPProxy and HTTPSProxy are set.",
                        "type": "string"
                      }
                    },
                    "type": "object"
                  },
                  "nodePlacement": {
                    "description": "NodePlacement enables explicit control over the scheduling of the agent components. If the placement is nil, the placement is not specified, it will be omitted. If the placement is an empty object, the placement will match all nodes and tolerate nothing.",
                    "properties": {
                      "nodeSelector": {
                        "additionalProperties": {
                          "type": "string"
                        },
                        "description": "NodeSelector defines which Nodes the Pods are scheduled on. The default is an empty list.",
                        "type": "object"
                      },
                      "tolerations": {
                        "description": "Tolerations is attached by pods to tolerate any taint that matches the triple <key,value,effect> using the matching operator <operator>. The default is an empty list.",
                        "items": {
                          "description": "The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.",
                          "properties": {
                            "effect": {
                              "description": "Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.",
                              "type": "string"
                            },
                            "key": {
                              "description": "Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.",
                              "type": "string"
                            },
                            "operator": {
                              "description": "Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.",
                              "type": "string"
                            },
                            "tolerationSeconds": {
                              "description": "TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.",
                              "format": "int64",
                              "type": "integer"
                            },
                            "value": {
                              "description": "Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.",
                              "type": "string"
                            }
                          },
                          "type": "object"
                        },
                        "type": "array"
                      }
                    },
                    "type": "object"
                  },
                  "pullSecret": {
                    "description": "PullSecret is the name of image pull secret.",
                    "properties": {
                      "apiVersion": {
                        "description": "API version of the referent.",
                        "type": "string"
                      },
                      "fieldPath": {
                        "description": "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.",
                        "type": "string"
                      },
                      "kind": {
                        "description": "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds",
                        "type": "string"
                      },
                      "name": {
                        "description": "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
                        "type": "string"
                      },
                      "namespace": {
                        "description": "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/",
                        "type": "string"
                      },
                      "resourceVersion": {
                        "description": "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency",
                        "type": "string"
                      },
                      "uid": {
                        "description": "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids",
                        "type": "string"
                      }
                    },
                    "type": "object"
                  },
                  "registries": {
                    "description": "Registries includes the mirror and source registries. The source registry will be replaced by the Mirror.",
                    "items": {
                      "properties": {
                        "mirror": {
                          "description": "Mirror is the mirrored registry of the Source. Will be ignored if Mirror is empty.",
                          "type": "string"
                        },
                        "source": {
                          "description": "Source is the source registry. All image registries will be replaced by Mirror if Source is empty.",
                          "type": "string"
                        }
                      },
                      "required": [
                        "mirror"
                      ],
                      "type": "object"
                    },
                    "type": "array"
                  }
                },
                "type": "object"
              },
              "status": {
                "description": "Status defines the observed state of KlusterletConfig",
                "type": "object"
              }
            },
            "type": "object"
          }
        },
        "served": true,
        "storage": true,
        "subresources": {
          "status": {}
        }
      }
    ]
  },
  "status": {
    "acceptedNames": {
      "kind": "",
      "plural": ""
    },
    "conditions": [],
    "storedVersions": []
  }
}
1.23.2.3. Query a single KlusterletConfig
GET /config.open-cluster-management.io/v1alpha1/namespaces/{namespace}/klusterletconfigs/{klusterletconfig_name}
1.23.2.3.1. Description

Query a single KlusterletConfig for more details.

1.23.2.3.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

klusterletconfig_name
required

Name of the KlusterletConfig that you want to query.

string

1.23.2.3.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.23.2.3.4. Tags
  • config.open-cluster-management.io
1.23.2.4. Delete a KlusterletConfig
DELETE /addon.open-cluster-management.io/v1alpha1/namespaces/{namespace}/klusterletconfigs/{klusterletconfig_name}
1.23.2.4.1. Description

Delete a single klusterletconfig.

1.23.2.4.2. Parameters
TypeNameDescriptionSchema

Header

COOKIE
required

Authorization: Bearer {ACCESS_TOKEN} ; ACCESS_TOKEN is the user access token.

string

Path

klusterletconfig_name
required

Name of the KlusterletConfig that you want to delete.

string

1.23.2.4.3. Responses
HTTP CodeDescriptionSchema

200

Success

No Content

403

Access forbidden

No Content

404

Resource not found

No Content

500

Internal service error

No Content

503

Service unavailable

No Content

1.23.2.4.4. Tags
  • config.open-cluster-management.io

1.23.3. Definitions

1.23.3.1. KlusterletConfig
NameDescriptionSchema

apiVersion
required

Versioned schema of the KlusterletConfig.

string

kind
required

String value that represents the REST resource.

string

metadata
required

Metadata of the KlusterletConfig.

object

spec
required

Specification of the KlusterletConfig.

spec

spec

NameDescriptionSchema

registries
optional

Includes the mirror and source registries. The source registry is replaced by the mirror.

registry

pullSecret
optional

The name of image pull secret.

object

nodePlacement
required

Enables scheduling control of add-on agents on the managed cluster.

nodePlacement

hubKubeAPIServerProxyConfig
required

Contains proxy settings for the connections between the klusterlet or add-on agents on the managed cluster and the kube-apiserver on the hub cluster. Empty means no proxy setting is available.

kubeAPIServerProxyConfig

nodePlacement

NameDescriptionSchema

nodeSelector
optional

Define which nodes the pods are scheduled to run on. When the nodeSelector is empty, the nodeSelector selects all nodes.

map[string]string

tolerations
optional

Applied to pods and used to schedule pods to any taint that matches the <key,value,effect> toleration using the matching operator (<operator>).

[]corev1.Toleration

kubeAPIServerProxyConfig

NameDescriptionSchema

caBundle
optional

A CA certificate bundle to verify the proxy server. The bundle is ignored if only HTTPProxy is set. The bundle is required when HTTPSProxy is set and a self signed CA certificate is used by the proxy server.

map[string]string

httpProxy
optional

The URL of the proxy for HTTP requests

map[string]string

httpsProxy
optional

The URL of the proxy for HTTPS requests. HTTPSProxy is chosen if both HTTPProxy and HTTPSProxy are set.

map[string]string

1.24. Policy compliance history (Technology Preview) (Deprecated)

1.24.1. Overview

The policy compliance history API is an optional technical preview feature if you want long-term storage of Red Hat Advanced Cluster Management for Kubernetes policy compliance events in a queryable format. You can use the API to get additional details such as the spec field to audit and troubleshoot your policy, and get compliance events when a policy is disabled or removed from a cluster. The policy compliance history API can also generate a comma-separated values (CSV) spreadsheet of policy compliance events to help you with auditing and troubleshooting.

1.24.1.1. Version information

Version : 2.12.0

1.24.2. API Endpoints

1.24.2.1. Listing policy compliance events

/api/v1/compliance-events

This lists all policy compliance events that you have access to by default. The response format is as follows and is sorted by event.timestamp in descending order by default:

{
  "data": [
    {
      "id": 2,
      "cluster": {
        "name": "cluster1",
        "cluster_id": "215ce184-8dee-4cab-b99b-1f8f29dff611"
      },
      "parent_policy": {
        "id": 3,
        "name": "configure-custom-app",
        "namespace": "policies",
        "catageories": ["CM Configuration Management"],
        "controls": ["CM-2 Baseline Configuration"],
        "standards": ["NIST SP 800-53"]
      },
      "policy": {
        "apiGroup": "policy.open-cluster-management.io",
        "id": 2,
        "kind": "ConfigurationPolicy",
        "name": "configure-custom-app",
        "namespace": "",
        // Only shown with `?include_spec`
        "spec": {}
      },
      "event": {
        "compliance": "NonCompliant",
        "message": "configmaps [app-data] not found in namespace default",
        "timestamp": "2023-07-19T18:25:43.511Z",
        "metadata": {}
      }
    },
    {
      "id": 1,
      "cluster": {
        "name": "cluster2",
        "cluster_id": "415ce234-8dee-4cab-b99b-1f8f29dff461"
      },
      "parent_policy": {
        "id": 3,
        "name": "configure-custom-app",
        "namespace": "policies",
        "catageories": ["CM Configuration Management"],
        "controls": ["CM-2 Baseline Configuration"],
        "standards": ["NIST SP 800-53"]
      },
      "policy": {
        "apiGroup": "policy.open-cluster-management.io",
        "id": 4,
        "kind": "ConfigurationPolicy",
        "name": "configure-custom-app",
        "namespace": "",
        // Only shown with `?include_spec`
        "spec": {}
      },
      "event": {
        "compliance": "Compliant",
        "message": "configmaps [app-data] found as specified in namespace default",
        "timestamp": "2023-07-19T18:25:41.523Z",
        "metadata": {}
      }
    }
  ],
  "metadata": {
    "page": 1,
    "pages": 7,
    "per_page": 20,
    "total": 123
  }
}

The following optional query parameters are accepted. Notice that those without descriptions just filter on the field it references. The parameter value null represents no value. Additionally, multiple values can be specified with commas. For example, ?cluster.name=cluster1,cluster2 for "or" filtering. Commas can be escaped with \, if necessary.

Table 1.1. Table of query parameters
Query argumentDescription

cluster.cluster_id

 

cluster.name

 

direction

The direction to sort by. This defaults to desc, which represents descending order. The supported values are asc and desc.

event.compliance

 

event.message_includes

A filter for compliance messages that include the input string. Only a single value is supported.

event.message_like

A SQL LIKE filter for compliance messages. The percent sign (%) represents a wildcard of zero or more characters. The underscore sign (_) represents a wildcard of a single character. For example %configmaps [%my-configmap%]% matches any configuration policy compliance message that refers to the config map my-configmap.

event.reported_by

 

event.timestamp

 

event.timestamp_after

An RFC 3339 timestamp to indicate only compliance events after this time should be shown. For example, 2024-02-28T16:32:57Z.

event.timestamp_before

An RFC 3339 timestamp to indicate only compliance events before this time should be shown. For example, 2024-02-28T16:32:57Z.

id

 

include_spec

A flag to include the spec field of the policy in the return value. This is not set by default.

page

The page number in the query. This defaults to 1.

parent_policy.categories

 

parent_policy.controls

 

parent_policy.id

 

parent_policy.name

 

parent_policy.namespace

 

parent_policy.standards

 

per_page

The number of compliance events returned per page. This defaults to 20 and cannot be larger than 100.

policy.apiGroup

 

policy.id

 

policy.kind

 

policy.name

 

policy.namespace

 

policy.severity

 

sort

The field to sort by. This defaults to event.timestamp. All fields except policy.spec and event.metadata are sortable by using dot notation. To specify multiple sort options, use commas such as ?sort=policy.name,policy.namespace.

1.24.2.2. Selecting a single policy compliance event

/api/v1/compliance-events/<id>

You can select a single policy compliance event by specifying its database ID. For example, /api/v1/compliance-events/1 selects the compliance event with the ID of 1. The format of the return value is the following JSON:

{
  "id": 1,
  "cluster": {
    "name": "cluster2",
    "cluster_id": "415ce234-8dee-4cab-b99b-1f8f29dff461"
  },
  "parent_policy": {
    "id": 2,
    "name": "etcd-encryption",
    "namespace": "policies",
    "catageories": ["CM Configuration Management"],
    "controls": ["CM-2 Baseline Configuration"],
    "standards": ["NIST SP 800-53"]
  },
  "policy": {
    "apiGroup": "policy.open-cluster-management.io",
    "id": 4,
    "kind": "ConfigurationPolicy",
    "name": "etcd-encryption",
    "namespace": "",
    "spec": {}
  },
  "event": {
    "compliance": "Compliant",
    "message": "configmaps [app-data] found as specified in namespace default",
    "timestamp": "2023-07-19T18:25:41.523Z",
    "metadata": {}
  }
}
1.24.2.3. Generating a spreadsheet

/api/v1/reports/compliance-events

You can generate a comma separated value (CSV) spreadsheet of compliance events for auditing and troubleshooting. It outputs the same and accepts the same query arguments as the /api/v1/compliance-events API endpoint. By default there is no per_page limitation set and there is no maximum for the per_page query argument. All the CSV headers are the same as the /api/v1/compliance-events API endpoint with underscores separating JSON objects. For example, the event timestamp has a header of event_timestamp.

1.24.3. Authentication and Authorization

The policy compliance history API utilizes the OpenShift instance used by the Red Hat Advanced Cluster Management hub cluster for authentication and authorization. You must provide your OpenShift token in the Authorization header of the HTTPS request.

To find your token, run the following command:

oc whoami --show-token
1.24.3.1. Viewing compliance events

To view the compliance events for a managed cluster, you need access to complete the get verb for the ManagedCluster object on the Red Hat Advanced Cluster Management hub cluster. For example, to view the compliance events of the local-cluster cluster, you might use the open-cluster-management:view:local-cluster ClusterRole or create your own resource as the following example:

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
 name: local-cluster-view
rules:
- apiGroups:
 - cluster.open-cluster-management.io
 resources:
 - managedclusters
 resourceNames:
 - local-cluster
 verbs:
 - get

To verify your access to a particular managed cluster, use the oc auth can-i command. For example, to check if you have access to the local-cluster managed cluster, run the following command:

oc auth can-i get managedclusters.cluster.open-cluster-management.io/local-cluster
1.24.3.2. Recording a compliance event

Users or service accounts with patch verb access in the policies.policy.open-cluster-management.io/status resource in the corresponding managed cluster namespace have access to record policy compliance events. The governance-policy-framework pod on managed clusters utilizes the open-cluster-management-compliance-history-api-recorder service account in the corresponding managed cluster namespace on the Red Hat Advanced Cluster Management hub cluster to record compliance events. Each service account has the open-cluster-management:compliance-history-api-recorder ClusterRole bound to the managed cluster namespace. Restrict user and service account patch verb access to the policy status to ensure the trustworthiness of the data stored in the policy compliance history API.

Legal Notice

Copyright © 2024 Red Hat, Inc.
The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
Node.js® is an official trademark of Joyent. Red Hat is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
The OpenStack® Word Mark and OpenStack logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community.
All other trademarks are the property of their respective owners.
Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.