Chapter 5. Extension APIs


5.1. API Extensions APIs

5.1.1. CustomResourceDefinition [apiextensions.k8s.io/v1]

Description
CustomResourceDefinition represents a resource that should be exposed on the API server. Its name MUST be in the format <.spec.name>.<.spec.group>.
Type
object

5.2. CustomResourceDefinition [apiextensions.k8s.io/v1]

Description
CustomResourceDefinition represents a resource that should be exposed on the API server. Its name MUST be in the format <.spec.name>.<.spec.group>.
Type
object
Required
  • spec

5.2.1. Specification

PropertyTypeDescription

apiVersion

string

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

kind

string

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

metadata

ObjectMeta

Standard object’s metadata More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

spec

object

CustomResourceDefinitionSpec describes how a user wants their resource to appear

status

object

CustomResourceDefinitionStatus indicates the state of the CustomResourceDefinition

5.2.1.1. .spec

Description
CustomResourceDefinitionSpec describes how a user wants their resource to appear
Type
object
Required
  • group
  • names
  • scope
  • versions
PropertyTypeDescription

conversion

object

CustomResourceConversion describes how to convert different versions of a CR.

group

string

group is the API group of the defined custom resource. The custom resources are served under /apis/<group>/…​. Must match the name of the CustomResourceDefinition (in the form <names.plural>.<group>).

names

object

CustomResourceDefinitionNames indicates the names to serve this CustomResourceDefinition

preserveUnknownFields

boolean

preserveUnknownFields indicates that object fields which are not specified in the OpenAPI schema should be preserved when persisting to storage. apiVersion, kind, metadata and known fields inside metadata are always preserved. This field is deprecated in favor of setting x-preserve-unknown-fields to true in spec.versions[*].schema.openAPIV3Schema. See https://kubernetes.io/docs/tasks/extend-kubernetes/custom-resources/custom-resource-definitions/#field-pruning for details.

scope

string

scope indicates whether the defined custom resource is cluster- or namespace-scoped. Allowed values are Cluster and Namespaced.

versions

array

versions is the list of all API versions of the defined custom resource. Version names are used to compute the order in which served versions are listed in API discovery. If the version string is "kube-like", it will sort above non "kube-like" version strings, which are ordered lexicographically. "Kube-like" versions start with a "v", then are followed by a number (the major version), then optionally the string "alpha" or "beta" and another number (the minor version). These are sorted first by GA > beta > alpha (where GA is a version with no suffix such as beta or alpha), and then by comparing major version, then minor version. An example sorted list of versions: v10, v2, v1, v11beta2, v10beta3, v3beta1, v12alpha1, v11alpha2, foo1, foo10.

versions[]

object

CustomResourceDefinitionVersion describes a version for CRD.

5.2.1.2. .spec.conversion

Description
CustomResourceConversion describes how to convert different versions of a CR.
Type
object
Required
  • strategy
PropertyTypeDescription

strategy

string

strategy specifies how custom resources are converted between versions. Allowed values are: - "None": The converter only change the apiVersion and would not touch any other field in the custom resource. - "Webhook": API Server will call to an external webhook to do the conversion. Additional information is needed for this option. This requires spec.preserveUnknownFields to be false, and spec.conversion.webhook to be set.

webhook

object

WebhookConversion describes how to call a conversion webhook

5.2.1.3. .spec.conversion.webhook

Description
WebhookConversion describes how to call a conversion webhook
Type
object
Required
  • conversionReviewVersions
PropertyTypeDescription

clientConfig

object

WebhookClientConfig contains the information to make a TLS connection with the webhook.

conversionReviewVersions

array (string)

conversionReviewVersions is an ordered list of preferred ConversionReview versions the Webhook expects. The API server will use the first version in the list which it supports. If none of the versions specified in this list are supported by API server, conversion will fail for the custom resource. If a persisted Webhook configuration specifies allowed versions and does not include any versions known to the API Server, calls to the webhook will fail.

5.2.1.4. .spec.conversion.webhook.clientConfig

Description
WebhookClientConfig contains the information to make a TLS connection with the webhook.
Type
object
PropertyTypeDescription

caBundle

string

caBundle is a PEM encoded CA bundle which will be used to validate the webhook’s server certificate. If unspecified, system trust roots on the apiserver are used.

service

object

ServiceReference holds a reference to Service.legacy.k8s.io

url

string

url gives the location of the webhook, in standard URL form (scheme://host:port/path). Exactly one of url or service must be specified.

The host should not refer to a service running in the cluster; use the service field instead. The host might be resolved via external DNS in some apiservers (e.g., kube-apiserver cannot resolve in-cluster DNS as that would be a layering violation). host may also be an IP address.

Please note that using localhost or 127.0.0.1 as a host is risky unless you take great care to run this webhook on all hosts which run an apiserver which might need to make calls to this webhook. Such installs are likely to be non-portable, i.e., not easy to turn up in a new cluster.

The scheme must be "https"; the URL must begin with "https://".

A path is optional, and if present may be any string permissible in a URL. You may use the path to pass an arbitrary string to the webhook, for example, a cluster identifier.

Attempting to use a user or basic auth e.g. "user:password@" is not allowed. Fragments ("#…​") and query parameters ("?…​") are not allowed, either.

5.2.1.5. .spec.conversion.webhook.clientConfig.service

Description
ServiceReference holds a reference to Service.legacy.k8s.io
Type
object
Required
  • namespace
  • name
PropertyTypeDescription

name

string

name is the name of the service. Required

namespace

string

namespace is the namespace of the service. Required

path

string

path is an optional URL path at which the webhook will be contacted.

port

integer

port is an optional service port at which the webhook will be contacted. port should be a valid port number (1-65535, inclusive). Defaults to 443 for backward compatibility.

5.2.1.6. .spec.names

Description
CustomResourceDefinitionNames indicates the names to serve this CustomResourceDefinition
Type
object
Required
  • plural
  • kind
PropertyTypeDescription

categories

array (string)

categories is a list of grouped resources this custom resource belongs to (e.g. 'all'). This is published in API discovery documents, and used by clients to support invocations like kubectl get all.

kind

string

kind is the serialized kind of the resource. It is normally CamelCase and singular. Custom resource instances will use this value as the kind attribute in API calls.

listKind

string

listKind is the serialized kind of the list for this resource. Defaults to "`kind`List".

plural

string

plural is the plural name of the resource to serve. The custom resources are served under /apis/<group>/<version>/…​/<plural>. Must match the name of the CustomResourceDefinition (in the form <names.plural>.<group>). Must be all lowercase.

shortNames

array (string)

shortNames are short names for the resource, exposed in API discovery documents, and used by clients to support invocations like kubectl get <shortname>. It must be all lowercase.

singular

string

singular is the singular name of the resource. It must be all lowercase. Defaults to lowercased kind.

5.2.1.7. .spec.versions

Description
versions is the list of all API versions of the defined custom resource. Version names are used to compute the order in which served versions are listed in API discovery. If the version string is "kube-like", it will sort above non "kube-like" version strings, which are ordered lexicographically. "Kube-like" versions start with a "v", then are followed by a number (the major version), then optionally the string "alpha" or "beta" and another number (the minor version). These are sorted first by GA > beta > alpha (where GA is a version with no suffix such as beta or alpha), and then by comparing major version, then minor version. An example sorted list of versions: v10, v2, v1, v11beta2, v10beta3, v3beta1, v12alpha1, v11alpha2, foo1, foo10.
Type
array

5.2.1.8. .spec.versions[]

Description
CustomResourceDefinitionVersion describes a version for CRD.
Type
object
Required
  • name
  • served
  • storage
PropertyTypeDescription

additionalPrinterColumns

array

additionalPrinterColumns specifies additional columns returned in Table output. See https://kubernetes.io/docs/reference/using-api/api-concepts/#receiving-resources-as-tables for details. If no columns are specified, a single column displaying the age of the custom resource is used.

additionalPrinterColumns[]

object

CustomResourceColumnDefinition specifies a column for server side printing.

deprecated

boolean

deprecated indicates this version of the custom resource API is deprecated. When set to true, API requests to this version receive a warning header in the server response. Defaults to false.

deprecationWarning

string

deprecationWarning overrides the default warning returned to API clients. May only be set when deprecated is true. The default warning indicates this version is deprecated and recommends use of the newest served version of equal or greater stability, if one exists.

name

string

name is the version name, e.g. “v1”, “v2beta1”, etc. The custom resources are served under this version at /apis/<group>/<version>/…​ if served is true.

schema

object

CustomResourceValidation is a list of validation methods for CustomResources.

served

boolean

served is a flag enabling/disabling this version from being served via REST APIs

storage

boolean

storage indicates this version should be used when persisting custom resources to storage. There must be exactly one version with storage=true.

subresources

object

CustomResourceSubresources defines the status and scale subresources for CustomResources.

5.2.1.9. .spec.versions[].additionalPrinterColumns

Description
additionalPrinterColumns specifies additional columns returned in Table output. See https://kubernetes.io/docs/reference/using-api/api-concepts/#receiving-resources-as-tables for details. If no columns are specified, a single column displaying the age of the custom resource is used.
Type
array

5.2.1.10. .spec.versions[].additionalPrinterColumns[]

Description
CustomResourceColumnDefinition specifies a column for server side printing.
Type
object
Required
  • name
  • type
  • jsonPath
PropertyTypeDescription

description

string

description is a human readable description of this column.

format

string

format is an optional OpenAPI type definition for this column. The 'name' format is applied to the primary identifier column to assist in clients identifying column is the resource name. See https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#data-types for details.

jsonPath

string

jsonPath is a simple JSON path (i.e. with array notation) which is evaluated against each custom resource to produce the value for this column.

name

string

name is a human readable name for the column.

priority

integer

priority is an integer defining the relative importance of this column compared to others. Lower numbers are considered higher priority. Columns that may be omitted in limited space scenarios should be given a priority greater than 0.

type

string

type is an OpenAPI type definition for this column. See https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#data-types for details.

5.2.1.11. .spec.versions[].schema

Description
CustomResourceValidation is a list of validation methods for CustomResources.
Type
object
PropertyTypeDescription

openAPIV3Schema

JSONSchemaProps

openAPIV3Schema is the OpenAPI v3 schema to use for validation and pruning.

5.2.1.12. .spec.versions[].subresources

Description
CustomResourceSubresources defines the status and scale subresources for CustomResources.
Type
object
PropertyTypeDescription

scale

object

CustomResourceSubresourceScale defines how to serve the scale subresource for CustomResources.

status

object

CustomResourceSubresourceStatus defines how to serve the status subresource for CustomResources. Status is represented by the .status JSON path inside of a CustomResource. When set, * exposes a /status subresource for the custom resource * PUT requests to the /status subresource take a custom resource object, and ignore changes to anything except the status stanza * PUT/POST/PATCH requests to the custom resource ignore changes to the status stanza

5.2.1.13. .spec.versions[].subresources.scale

Description
CustomResourceSubresourceScale defines how to serve the scale subresource for CustomResources.
Type
object
Required
  • specReplicasPath
  • statusReplicasPath
PropertyTypeDescription

labelSelectorPath

string

labelSelectorPath defines the JSON path inside of a custom resource that corresponds to Scale status.selector. Only JSON paths without the array notation are allowed. Must be a JSON Path under .status or .spec. Must be set to work with HorizontalPodAutoscaler. The field pointed by this JSON path must be a string field (not a complex selector struct) which contains a serialized label selector in string form. More info: https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions#scale-subresource If there is no value under the given path in the custom resource, the status.selector value in the /scale subresource will default to the empty string.

specReplicasPath

string

specReplicasPath defines the JSON path inside of a custom resource that corresponds to Scale spec.replicas. Only JSON paths without the array notation are allowed. Must be a JSON Path under .spec. If there is no value under the given path in the custom resource, the /scale subresource will return an error on GET.

statusReplicasPath

string

statusReplicasPath defines the JSON path inside of a custom resource that corresponds to Scale status.replicas. Only JSON paths without the array notation are allowed. Must be a JSON Path under .status. If there is no value under the given path in the custom resource, the status.replicas value in the /scale subresource will default to 0.

5.2.1.14. .spec.versions[].subresources.status

Description
CustomResourceSubresourceStatus defines how to serve the status subresource for CustomResources. Status is represented by the .status JSON path inside of a CustomResource. When set, * exposes a /status subresource for the custom resource * PUT requests to the /status subresource take a custom resource object, and ignore changes to anything except the status stanza * PUT/POST/PATCH requests to the custom resource ignore changes to the status stanza
Type
object

5.2.1.15. .status

Description
CustomResourceDefinitionStatus indicates the state of the CustomResourceDefinition
Type
object
PropertyTypeDescription

acceptedNames

object

CustomResourceDefinitionNames indicates the names to serve this CustomResourceDefinition

conditions

array

conditions indicate state for particular aspects of a CustomResourceDefinition

conditions[]

object

CustomResourceDefinitionCondition contains details for the current condition of this pod.

storedVersions

array (string)

storedVersions lists all versions of CustomResources that were ever persisted. Tracking these versions allows a migration path for stored versions in etcd. The field is mutable so a migration controller can finish a migration to another version (ensuring no old objects are left in storage), and then remove the rest of the versions from this list. Versions may not be removed from spec.versions while they exist in this list.

5.2.1.16. .status.acceptedNames

Description
CustomResourceDefinitionNames indicates the names to serve this CustomResourceDefinition
Type
object
Required
  • plural
  • kind
PropertyTypeDescription

categories

array (string)

categories is a list of grouped resources this custom resource belongs to (e.g. 'all'). This is published in API discovery documents, and used by clients to support invocations like kubectl get all.

kind

string

kind is the serialized kind of the resource. It is normally CamelCase and singular. Custom resource instances will use this value as the kind attribute in API calls.

listKind

string

listKind is the serialized kind of the list for this resource. Defaults to "`kind`List".

plural

string

plural is the plural name of the resource to serve. The custom resources are served under /apis/<group>/<version>/…​/<plural>. Must match the name of the CustomResourceDefinition (in the form <names.plural>.<group>). Must be all lowercase.

shortNames

array (string)

shortNames are short names for the resource, exposed in API discovery documents, and used by clients to support invocations like kubectl get <shortname>. It must be all lowercase.

singular

string

singular is the singular name of the resource. It must be all lowercase. Defaults to lowercased kind.

5.2.1.17. .status.conditions

Description
conditions indicate state for particular aspects of a CustomResourceDefinition
Type
array

5.2.1.18. .status.conditions[]

Description
CustomResourceDefinitionCondition contains details for the current condition of this pod.
Type
object
Required
  • type
  • status
PropertyTypeDescription

lastTransitionTime

Time

lastTransitionTime last time the condition transitioned from one status to another.

message

string

message is a human-readable message indicating details about last transition.

reason

string

reason is a unique, one-word, CamelCase reason for the condition’s last transition.

status

string

status is the status of the condition. Can be True, False, Unknown.

type

string

type is the type of the condition. Types include Established, NamesAccepted and Terminating.

5.2.2. API endpoints

The following API endpoints are available:

  • /apis/apiextensions.k8s.io/v1/customresourcedefinitions

    • DELETE: delete collection of CustomResourceDefinition
    • GET: list or watch objects of kind CustomResourceDefinition
    • POST: create a CustomResourceDefinition
  • /apis/apiextensions.k8s.io/v1/watch/customresourcedefinitions

    • GET: watch individual changes to a list of CustomResourceDefinition. deprecated: use the 'watch' parameter with a list operation instead.
  • /apis/apiextensions.k8s.io/v1/customresourcedefinitions/{name}

    • DELETE: delete a CustomResourceDefinition
    • GET: read the specified CustomResourceDefinition
    • PATCH: partially update the specified CustomResourceDefinition
    • PUT: replace the specified CustomResourceDefinition
  • /apis/apiextensions.k8s.io/v1/watch/customresourcedefinitions/{name}

    • GET: watch changes to an object of kind CustomResourceDefinition. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
  • /apis/apiextensions.k8s.io/v1/customresourcedefinitions/{name}/status

    • GET: read status of the specified CustomResourceDefinition
    • PATCH: partially update status of the specified CustomResourceDefinition
    • PUT: replace status of the specified CustomResourceDefinition

5.2.2.1. /apis/apiextensions.k8s.io/v1/customresourcedefinitions

Table 5.1. Global query parameters
ParameterTypeDescription

pretty

string

If 'true', then the output is pretty printed.

HTTP method
DELETE
Description
delete collection of CustomResourceDefinition
Table 5.2. Query parameters
ParameterTypeDescription

continue

string

The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".

This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.

dryRun

string

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

fieldSelector

string

A selector to restrict the list of returned objects by their fields. Defaults to everything.

gracePeriodSeconds

integer

The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.

labelSelector

string

A selector to restrict the list of returned objects by their labels. Defaults to everything.

limit

integer

limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.

The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.

orphanDependents

boolean

Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.

propagationPolicy

string

Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.

resourceVersion

string

resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

resourceVersionMatch

string

resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

sendInitialEvents

boolean

`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.

When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan is interpreted as "data at least as new as the provided `resourceVersion`" and the bookmark event is send when the state is synced to a `resourceVersion` at least as fresh as the one provided by the ListOptions. If `resourceVersion` is unset, this is interpreted as "consistent read" and the bookmark event is send when the state is synced at least to the moment when request started being processed. - `resourceVersionMatch` set to any other value or unset Invalid error is returned.

Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.

timeoutSeconds

integer

Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.

Table 5.3. Body parameters
ParameterTypeDescription

body

DeleteOptions schema

 
Table 5.4. HTTP responses
HTTP codeReponse body

200 - OK

Status schema

401 - Unauthorized

Empty

HTTP method
GET
Description
list or watch objects of kind CustomResourceDefinition
Table 5.5. Query parameters
ParameterTypeDescription

allowWatchBookmarks

boolean

allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.

continue

string

The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".

This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.

fieldSelector

string

A selector to restrict the list of returned objects by their fields. Defaults to everything.

labelSelector

string

A selector to restrict the list of returned objects by their labels. Defaults to everything.

limit

integer

limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.

The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.

resourceVersion

string

resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

resourceVersionMatch

string

resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

sendInitialEvents

boolean

`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.

When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan is interpreted as "data at least as new as the provided `resourceVersion`" and the bookmark event is send when the state is synced to a `resourceVersion` at least as fresh as the one provided by the ListOptions. If `resourceVersion` is unset, this is interpreted as "consistent read" and the bookmark event is send when the state is synced at least to the moment when request started being processed. - `resourceVersionMatch` set to any other value or unset Invalid error is returned.

Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.

timeoutSeconds

integer

Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.

watch

boolean

Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

Table 5.6. HTTP responses
HTTP codeReponse body

200 - OK

CustomResourceDefinitionList schema

401 - Unauthorized

Empty

HTTP method
POST
Description
create a CustomResourceDefinition
Table 5.7. Query parameters
ParameterTypeDescription

dryRun

string

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

fieldManager

string

fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.

fieldValidation

string

fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 5.8. Body parameters
ParameterTypeDescription

body

CustomResourceDefinition schema

 
Table 5.9. HTTP responses
HTTP codeReponse body

200 - OK

CustomResourceDefinition schema

201 - Created

CustomResourceDefinition schema

202 - Accepted

CustomResourceDefinition schema

401 - Unauthorized

Empty

5.2.2.2. /apis/apiextensions.k8s.io/v1/watch/customresourcedefinitions

Table 5.10. Global query parameters
ParameterTypeDescription

allowWatchBookmarks

boolean

allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.

continue

string

The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".

This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.

fieldSelector

string

A selector to restrict the list of returned objects by their fields. Defaults to everything.

labelSelector

string

A selector to restrict the list of returned objects by their labels. Defaults to everything.

limit

integer

limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.

The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.

pretty

string

If 'true', then the output is pretty printed.

resourceVersion

string

resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

resourceVersionMatch

string

resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

sendInitialEvents

boolean

`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.

When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan is interpreted as "data at least as new as the provided `resourceVersion`" and the bookmark event is send when the state is synced to a `resourceVersion` at least as fresh as the one provided by the ListOptions. If `resourceVersion` is unset, this is interpreted as "consistent read" and the bookmark event is send when the state is synced at least to the moment when request started being processed. - `resourceVersionMatch` set to any other value or unset Invalid error is returned.

Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.

timeoutSeconds

integer

Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.

watch

boolean

Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

HTTP method
GET
Description
watch individual changes to a list of CustomResourceDefinition. deprecated: use the 'watch' parameter with a list operation instead.
Table 5.11. HTTP responses
HTTP codeReponse body

200 - OK

WatchEvent schema

401 - Unauthorized

Empty

5.2.2.3. /apis/apiextensions.k8s.io/v1/customresourcedefinitions/{name}

Table 5.12. Global path parameters
ParameterTypeDescription

name

string

name of the CustomResourceDefinition

Table 5.13. Global query parameters
ParameterTypeDescription

pretty

string

If 'true', then the output is pretty printed.

HTTP method
DELETE
Description
delete a CustomResourceDefinition
Table 5.14. Query parameters
ParameterTypeDescription

dryRun

string

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

gracePeriodSeconds

integer

The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately.

orphanDependents

boolean

Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both.

propagationPolicy

string

Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground.

Table 5.15. Body parameters
ParameterTypeDescription

body

DeleteOptions schema

 
Table 5.16. HTTP responses
HTTP codeReponse body

200 - OK

Status schema

202 - Accepted

Status schema

401 - Unauthorized

Empty

HTTP method
GET
Description
read the specified CustomResourceDefinition
Table 5.17. HTTP responses
HTTP codeReponse body

200 - OK

CustomResourceDefinition schema

401 - Unauthorized

Empty

HTTP method
PATCH
Description
partially update the specified CustomResourceDefinition
Table 5.18. Query parameters
ParameterTypeDescription

dryRun

string

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

fieldManager

string

fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).

fieldValidation

string

fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

force

boolean

Force is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.

Table 5.19. Body parameters
ParameterTypeDescription

body

Patch schema

 
Table 5.20. HTTP responses
HTTP codeReponse body

200 - OK

CustomResourceDefinition schema

201 - Created

CustomResourceDefinition schema

401 - Unauthorized

Empty

HTTP method
PUT
Description
replace the specified CustomResourceDefinition
Table 5.21. Query parameters
ParameterTypeDescription

dryRun

string

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

fieldManager

string

fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.

fieldValidation

string

fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 5.22. Body parameters
ParameterTypeDescription

body

CustomResourceDefinition schema

 
Table 5.23. HTTP responses
HTTP codeReponse body

200 - OK

CustomResourceDefinition schema

201 - Created

CustomResourceDefinition schema

401 - Unauthorized

Empty

5.2.2.4. /apis/apiextensions.k8s.io/v1/watch/customresourcedefinitions/{name}

Table 5.24. Global path parameters
ParameterTypeDescription

name

string

name of the CustomResourceDefinition

Table 5.25. Global query parameters
ParameterTypeDescription

allowWatchBookmarks

boolean

allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored.

continue

string

The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key".

This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications.

fieldSelector

string

A selector to restrict the list of returned objects by their fields. Defaults to everything.

labelSelector

string

A selector to restrict the list of returned objects by their labels. Defaults to everything.

limit

integer

limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true.

The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned.

pretty

string

If 'true', then the output is pretty printed.

resourceVersion

string

resourceVersion sets a constraint on what resource versions a request may be served from. See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

resourceVersionMatch

string

resourceVersionMatch determines how resourceVersion is applied to list calls. It is highly recommended that resourceVersionMatch be set for list calls where resourceVersion is set See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for details.

Defaults to unset

sendInitialEvents

boolean

`sendInitialEvents=true` may be set together with `watch=true`. In that case, the watch stream will begin with synthetic events to produce the current state of objects in the collection. Once all such events have been sent, a synthetic "Bookmark" event will be sent. The bookmark will report the ResourceVersion (RV) corresponding to the set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation. Afterwards, the watch stream will proceed as usual, sending watch events corresponding to changes (subsequent to the RV) to objects watched.

When `sendInitialEvents` option is set, we require `resourceVersionMatch` option to also be set. The semantic of the watch request is as following: - `resourceVersionMatch` = NotOlderThan is interpreted as "data at least as new as the provided `resourceVersion`" and the bookmark event is send when the state is synced to a `resourceVersion` at least as fresh as the one provided by the ListOptions. If `resourceVersion` is unset, this is interpreted as "consistent read" and the bookmark event is send when the state is synced at least to the moment when request started being processed. - `resourceVersionMatch` set to any other value or unset Invalid error is returned.

Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward compatibility reasons) and to false otherwise.

timeoutSeconds

integer

Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity.

watch

boolean

Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion.

HTTP method
GET
Description
watch changes to an object of kind CustomResourceDefinition. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
Table 5.26. HTTP responses
HTTP codeReponse body

200 - OK

WatchEvent schema

401 - Unauthorized

Empty

5.2.2.5. /apis/apiextensions.k8s.io/v1/customresourcedefinitions/{name}/status

Table 5.27. Global path parameters
ParameterTypeDescription

name

string

name of the CustomResourceDefinition

Table 5.28. Global query parameters
ParameterTypeDescription

pretty

string

If 'true', then the output is pretty printed.

HTTP method
GET
Description
read status of the specified CustomResourceDefinition
Table 5.29. HTTP responses
HTTP codeReponse body

200 - OK

CustomResourceDefinition schema

401 - Unauthorized

Empty

HTTP method
PATCH
Description
partially update status of the specified CustomResourceDefinition
Table 5.30. Query parameters
ParameterTypeDescription

dryRun

string

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

fieldManager

string

fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).

fieldValidation

string

fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

force

boolean

Force is going to "force" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.

Table 5.31. Body parameters
ParameterTypeDescription

body

Patch schema

 
Table 5.32. HTTP responses
HTTP codeReponse body

200 - OK

CustomResourceDefinition schema

201 - Created

CustomResourceDefinition schema

401 - Unauthorized

Empty

HTTP method
PUT
Description
replace status of the specified CustomResourceDefinition
Table 5.33. Query parameters
ParameterTypeDescription

dryRun

string

When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

fieldManager

string

fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.

fieldValidation

string

fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 5.34. Body parameters
ParameterTypeDescription

body

CustomResourceDefinition schema

 
Table 5.35. HTTP responses
HTTP codeReponse body

200 - OK

CustomResourceDefinition schema

201 - Created

CustomResourceDefinition schema

401 - Unauthorized

Empty

Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.