modulepackage
2.12.1
Repository: https://github.com/cdk8s-team/cdk8s-plus-go.git
Documentation: pkg.go.dev
# README
cdk8s+ (cdk8s-plus)
High level constructs for Kubernetes
| k8s version | npm (JS/TS) | PyPI (Python) | Maven (Java) | Go |
|---|---|---|---|---|
| 1.22.0 | Link | Link | Link | Link |
| 1.23.0 | Link | Link | Link | Link |
| 1.24.0 | Link | Link | Link | Link |
cdk8s+ is a software development framework that provides high level abstractions for authoring Kubernetes applications. Built on top of the auto generated building blocks provided by cdk8s, this library includes a hand crafted construct for each native kubernetes object, exposing richer API's with reduced complexity.
:books: Documentation
See cdk8s.io.
:raised_hand: Contributing
If you'd like to add a new feature or fix a bug, please visit CONTRIBUTING.md!
:balance_scale: License
This project is distributed under the Apache License, Version 2.0.
This module is part of the cdk8s project.
# Functions
Checks if `x` is a construct.
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
API resource information for a custom resource type.
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
Imports a pv from the cluster as a reference.
Checks if `x` is a construct.
Imports a pv from the cluster as a reference.
Checks if `x` is a construct.
Imports a secret from the cluster as a reference.
Checks if `x` is a construct.
Imports a role from the cluster as a reference.
Checks if `x` is a construct.
Checks if `x` is a construct.
Represents a ConfigMap created elsewhere.
Checks if `x` is a construct.
No description provided by the author
No description provided by the author
Checks if `x` is a construct.
Checks if `x` is a construct.
Checks if `x` is a construct.
All existing Pods are killed before new ones are created.
No description provided by the author
Imports a secret from the cluster as a reference.
Checks if `x` is a construct.
Selects a ConfigMap to populate the environment variables with.
Selects a Secret to populate the environment variables with.
Create a value by reading a specific key inside a config map.
Create a value from a field reference.
Create a value from a key in the current process environment.
Create a value from a resource.
Defines an environment value from a secret JSON value.
Create a value from the given argument.
Imports a pv from the cluster as a reference.
Checks if `x` is a construct.
Reference a group by name.
Checks if `x` is a construct.
Defines a handler based on a command which is executed within the container.
Defines a handler based on an HTTP GET request to the IP address of the container.
Defines a handler based opening a connection to a TCP socket on the container.
Checks if `x` is a construct.
Checks if `x` is a construct.
A Resource backend is an ObjectRef to another Kubernetes resource within the same namespace as the Ingress object.
A Kubernetes `Service` to use as the backend for this path.
Checks if `x` is a construct.
Requires label `key` to not exist.
Requires label `key` to exist.
Requires value of label `key` to be one of `values`.
Requires value of label `key` to be none of `values`.
No description provided by the author
Metric that tracks the CPU of a container.
Metric that tracks the local ephemeral storage of a container.
Metric that tracks the Memory of a container.
Metric that tracks the volume size of a container.
A global metric that is not associated with any Kubernetes object.
Metric that describes a metric of a kubernetes object.
A pod metric that will be averaged across all pods of the current scale target.
Tracks the available CPU of the pods in a target.
Tracks the available Ephemeral Storage of the pods in a target.
Tracks the available Memory of the pods in a target.
Tracks the available Storage of the pods in a target.
Target a percentage value across all relevant pods.
Target the average value across all relevant pods.
Target a specific target value.
Checks if `x` is a construct.
No description provided by the author
Select all namespaces.
Checks if `x` is a construct.
Select specific namespaces.
Checks if `x` is a construct.
Any IPv4 address.
Any IPv6 address.
Create an IPv4 peer from a CIDR.
Create an IPv6 peer from a CIDR.
Checks if `x` is a construct.
Any TCP traffic.
Any UDP traffic.
Custom port configuration.
Distinct TCP ports.
A TCP port range.
Distinct UDP ports.
A UDP port range.
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
No description provided by the author
Match a node by its labels.
Match a node by its name.
Match a node by its taints.
Requires label `key` to not exist.
Requires label `key` to exist.
Requires value of label `key` to greater than all elements in `values`.
Requires value of label `key` to be one of `values`.
Requires value of label `key` to equal `value`.
Requires value of label `key` to less than all elements in `values`.
Requires value of label `key` to be none of `values`.
Matches any taint.
Matches a tain with any value of a specific key.
Matches a taint with a specific key and value.
No description provided by the author
Absolute number.
Percent ratio.
Imports a pv from the cluster as a reference.
Checks if `x` is a construct.
Imports a pvc from the cluster as a reference.
Checks if `x` is a construct.
No description provided by the author
Checks if `x` is a construct.
Select all pods.
Checks if `x` is a construct.
Select pods in the cluster with various selectors.
Defines a probe based on a command which is executed within the container.
Defines a probe based on an HTTP GET request to the IP address of the container.
Defines a probe based opening a connection to a TCP socket on the container.
Changes the pods by a percentage of the it's current value.
Changes the pods by a percentage of the it's current value.
Checks if `x` is a construct.
Imports a role from the cluster as a reference.
Checks if `x` is a construct.
Checks if `x` is a construct.
Imports a secret from the cluster as a reference.
Checks if `x` is a construct.
Checks if `x` is a construct.
Imports a service account from the cluster as a reference.
Checks if `x` is a construct.
Imports a secret from the cluster as a reference.
Checks if `x` is a construct.
Imports a secret from the cluster as a reference.
Checks if `x` is a construct.
Checks if `x` is a construct.
The controller will not automatically update the Pods in a StatefulSet.
The controller will delete and recreate each Pod in the StatefulSet.
Imports a secret from the cluster as a reference.
Checks if `x` is a construct.
Custom key for the node label that the system uses to denote the topology domain.
No description provided by the author
No description provided by the author
No description provided by the author
Reference a user in the cluster by name.
Checks if `x` is a construct.
Mounts an Amazon Web Services (AWS) EBS volume into your pod.
Mounts a Microsoft Azure Data Disk into a pod.
Populate the volume from a ConfigMap.
Populate the volume from a CSI driver, for example the Secrets Store CSI Driver: https://secrets-store-csi-driver.sigs.k8s.io/introduction.html.
An emptyDir volume is first created when a Pod is assigned to a Node, and exists as long as that Pod is running on that node.
Mounts a Google Compute Engine (GCE) persistent disk (PD) into your Pod.
Used to mount a file or directory from the host node's filesystem into a Pod.
Used to mount a PersistentVolume into a Pod.
Populate the volume from a Secret.
Checks if `x` is a construct.
Checks if `x` is a construct.
# Constants
None.
ReadOnly.
ReadWrite.
Single blob disk per storage account.
Azure managed data disk.
Multiple blob disks per storage account.
This policy allows to run job concurrently.
This policy does not allow to run job concurrently.
This policy replaces the currently running job if a new job is being scheduled.
Use HTTP request for connecting to host.
Use HTTPS request for connecting to host.
Any DNS query that does not match the configured cluster domain suffix, such as "www.kubernetes.io", is forwarded to the upstream nameserver inherited from the node.
For Pods running with hostNetwork, you should explicitly set its DNS policy "ClusterFirstWithHostNet".
The Pod inherits the name resolution configuration from the node that the pods run on.
It allows a Pod to ignore DNS settings from the Kubernetes environment.
The default volume of the backing node.
Mount a tmpfs (RAM-backed filesystem) for you instead.
The ipAddress of the node.
The name of the node.
The annotations of the pod.
The ipAddress of the pod.
The ipAddresess of the pod.
The labels of the pod.
The name of the pod.
The namespace of the pod.
The uid of the pod.
The service account name of the pod.
Always change permission and ownership of the volume when volume is mounted.
Only change permissions and ownership if permission and ownership of root directory does not match with expected permissions of the volume.
A block device must exist at the given path.
A character device must exist at the given path.
Empty string (default) is for backward compatibility, which means that no checks will be performed before mounting the hostPath volume.
A directory must exist at the given path.
If nothing exists at the given path, an empty directory will be created there as needed with permission set to 0755, having the same group and ownership with Kubelet.
A file must exist at the given path.
If nothing exists at the given path, an empty file will be created there as needed with permission set to 0644, having the same group and ownership with Kubelet.
A UNIX socket must exist at the given path.
Matches based on a URL path prefix split by '/'.
Matching is specified by the underlying IngressClass.
Matches the URL path exactly.
Every time the kubelet launches a container, the kubelet queries the container image registry to resolve the name to an image digest.
The image is pulled only if it is not already present locally.
The image is assumed to exist locally.
This volume mount behaves the same the HostToContainer mount.
This volume mount will receive all subsequent mounts that are mounted to this volume or any of its subdirectories.
This volume mount will not receive any subsequent mounts that are mounted to this volume or any of its subdirectories by the host.
The policy allows all traffic (either ingress or egress).
The policy denies all traffic.
SCTP.
TCP.
UDP.
The volume can be mounted as read-only by many nodes.
The volume can be mounted as read-write by many nodes.
The volume can be mounted as read-write by a single node.
The volume can be mounted as read-write by a single Pod.
Use a volume as a raw block device.
Volume is ounted into Pods into a directory.
For volume plugins that support the Delete reclaim policy, deletion removes both the PersistentVolume object from Kubernetes, as well as the associated storage asset in the external infrastructure, such as an AWS EBS, GCE PD, Azure Disk, or Cinder volume.
The Retain reclaim policy allows for manual reclamation of the resource.
Only creates network policies that select the peer.
Only creates network policies that select the pod.
No description provided by the author
No description provided by the author
SCTP.
TCP.
UDP.
CPU limit of the container.
CPU request of the container.
Memory limit of the container.
Memory request of the container.
Ephemeral storage limit of the container.
Ephemeral storage request of the container.
Always restart the pod after it exits.
Never restart the pod.
Only restart if the pod exits with a non-zero exit code.
Disables scaling in this direction.
Use the policy that provisions the most changes.
Use the policy that provisions the least amount of changes.
Exposes the Service on a cluster-internal IP.
Maps the Service to the contents of the externalName field (e.g.
Exposes the Service externally using a cloud provider's load balancer.
Exposes the Service on each Node's IP at a static port (the NodePort).
This affects pods that are already running on the node as follows:.
This means that no pod will be able to schedule onto the node unless it has a matching toleration.
This is a "preference" or "soft" version of `NO_SCHEDULE` -- the system will try to avoid placing a pod that does not tolerate the taint on the node, but it is not required.
# Structs
Properties for `AbstractPod`.
Options to add a deployment to a service.
Options for `configmap.addDirectory()`.
Options for `ApiResource`.
Properties for `AwsElasticBlockStorePersistentVolume`.
Options of `Volume.fromAwsElasticBlockStore`.
Properties for `AzureDiskPersistentVolume`.
Options of `Volume.fromAzureDisk`.
Options for `BasicAuthSecret`.
Properties for `ClusterRoleBinding`.
Policy rule of a `ClusterRole.
Properties for `ClusterRole`.
Options for `Probe.fromCommand()`.
Common properties for `Secret`.
Properties for initialization of `ConfigMap`.
Options for the ConfigMap-based volume.
Container lifecycle properties.
Optional properties of a container.
Represents a network port in a single container.
Properties for creating a container.
CPU and memory compute resources.
Properties for `ContainerSecurityContext`.
CPU request and limit.
Properties for `CronJob`.
Options for the CSI driver based volume.
Properties for `DaemonSet`.
Options for `Deployment.exposeViaService`.
Properties for `Deployment`.
Options for `DeploymentStrategy.rollingUpdate`.
Custom DNS option.
Options for `DockerConfigSecret`.
Options for volumes populated with an empty directory.
Options to specify an envionment variable value from a ConfigMap key.
Options to specify an environment variable value from a field reference.
Options to specify an environment variable value from the process environment.
Options to specify an environment variable value from a resource.
Options to specify an environment variable value from a Secret.
Emphemeral storage request and limit.
Options for exposing a deployment via an ingress.
Options for exposing a service using an ingress.
No description provided by the author
Properties for `GCEPersistentDiskPersistentVolume`.
Options of `Volume.fromGcePersistentDisk`.
Options for `Handler.fromHttpGet`.
Options for `Handler.fromTcpSocket`.
Properties for HorizontalPodAutoscaler.
HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the pod's /etc/hosts file.
Options for a HostPathVolume-based volume.
Options for `Probe.fromHttpGet()`.
Properties for `Ingress`.
Represents the rules mapping the paths under a specified host to the related backend services.
Represents the TLS configuration mapping that is passed to the ingress controller for SSL termination.
Properties for `Job`.
Options for `LabelSelector.of`.
A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
Memory request and limit.
Options for `Metric.containerResource()`.
Options for `Metric.object()`.
Base options for a Metric.
Options for mounts.
Properties for `Namespace`.
Configuration for selecting namespaces.
Options for `Namespaces.select`.
Options for `NetworkPolicy.addEgressRule`.
Configuration for network peers.
Properties for `NetworkPolicyPort`.
Properties for `NetworkPolicy`.
Describes a rule allowing traffic from / to pods matched by a network policy selector.
Describes how the network policy should configure egress / ingress traffic.
Options for `NodeTaintQuery`.
Maps a string key to a path within a volume.
Properties for `PersistentVolumeClaim`.
Options for a PersistentVolumeClaim-based volume.
Properties for `PersistentVolume`.
Options for `PodConnections.allowFrom`.
Options for `PodConnections.allowTo`.
Properties for `PodDns`.
Properties for `Pod`.
Options for `Pods.all`.
Options for `PodScheduling.attract`.
Options for `PodScheduling.colocate`.
Options for `PodScheduling.separate`.
Properties for `PodSecurityContext`.
Configuration for selecting pods, optionally in particular namespaces.
Options for `Pods.select`.
Probe options.
Initialization properties for resources.
Properties for `RoleBinding`.
Policy rule of a `Role.
Properties for `Role`.
No description provided by the author
Defines the scaling behavior for one direction.
Properties used to configure the target of an Autoscaler.
Options for `Secret`.
Represents a specific value in JSON secret.
Options for the Secret-based volume.
Properties for initialization of `ServiceAccount`.
Options for `ServiceAccountTokenSecret`.
Options for `Service.bind`.
Options for setting up backends for ingress rules.
Definition of a service port.
Properties for `Service`.
Options for `SshAuthSecret`.
Properties for initialization of `StatefulSet`.
Options for `StatefulSetUpdateStrategy.rollingUpdate`.
Subject contains a reference to the object or user identities a role binding applies to.
Sysctl defines a kernel parameter to be set.
Options for `Probe.fromTcpSocket()`.
Options for `TlsSecret`.
Mount a volume from the pod to the container.
Properties for `Workload`.
Options for `WorkloadScheduling.spread`.
# Interfaces
No description provided by the author
Represents information about an API resource type.
Represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod.
AzureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.
Create a secret for basic authentication.
ClusterRole is a cluster level, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding or ClusterRoleBinding.
A ClusterRoleBinding grants permissions cluster-wide to a user or set of users.
ConfigMap holds configuration data for pods to consume.
A single application container that you want to run within a pod.
Container security attributes and settings.
Represents the amount of CPU.
A CronJob is responsible for creating a Job and scheduling it based on provided cron schedule.
A DaemonSet ensures that all (or some) Nodes run a copy of a Pod.
A Deployment provides declarative updates for Pods and ReplicaSets.
Deployment strategies.
Create a secret for storing credentials for accessing a container image registry.
Container environment variables.
A collection of env variables defined in other resources.
Utility class for creating reading env values from various sources.
GCEPersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod.
Represents a group.
Defines a specific action that should be taken.
A HorizontalPodAutoscaler scales a workload up or down in response to a metric change.
An API Endpoint can either be a resource descriptor (e.g /pods) or a non resource url (e.g /healthz).
Represents a resource or collection of resources.
Represents a cluster-level role.
Represents a config map.
Represents an object that can select namespaces.
Describes a peer to allow traffic to/from.
Ingress is a collection of rules that allow inbound connections to reach the endpoints defined by a backend.
The backend for an ingress path.
Contract of a `PersistentVolumeClaim`.
Contract of a `PersistentVolumeClaim`.
Represents an object that can select pods.
Represents a resource.
A reference to any Role or ClusterRole.
Represents a scalable workload.
No description provided by the author
No description provided by the author
Represents a piece of storage in the cluster.
Represents an object that can be used as a role binding subject.
A Job creates one or more Pods and ensures that a specified number of them successfully terminate.
A node that is matched by label selectors.
Represents a query that can be performed against resources with labels.
Match a resource by labels.
A metric condition that HorizontalPodAutoscaler's scale on.
A metric condition that will trigger scaling behavior when satisfied.
A node that is matched by its name.
In Kubernetes, namespaces provides a mechanism for isolating groups of resources within a single cluster.
Represents a group of namespaces.
Control traffic flow at the IP address or port level (OSI layer 3 or 4), network policies are an application-centric construct which allow you to specify how a pod is allowed to communicate with various network peers.
Describes a particular CIDR (Ex.
Describes a port to allow traffic on.
Represents a node in the cluster.
Represents a query that can be performed against nodes with labels.
Taint queries that can be perfomed against nodes.
Factory for creating non api resources.
Union like class repsenting either a ration in percents or an absolute number.
A PersistentVolume (PV) is a piece of storage in the cluster that has been provisioned by an administrator or dynamically provisioned using Storage Classes.
A PersistentVolumeClaim (PVC) is a request for storage by a user.
Pod is a collection of containers that can run on a host.
Controls network isolation rules for inter-pod communication.
Holds dns settings of the pod.
Represents a group of pods.
Controls the pod scheduling strategy.
Holds pod-level security attributes and common container settings.
Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.
The amount of replicas that will change.
Base class for all Kubernetes objects in stdk8s.
Controls permissions for operations on resources.
Role is a namespaced, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding.
A RoleBinding grants permissions within a specific namespace to a user or set of users.
Kubernetes Secrets let you store and manage sensitive information, such as passwords, OAuth tokens, and ssh keys.
An abstract way to expose an application running on a set of Pods as a network service.
A service account provides an identity for processes that run in a Pod.
Create a secret for a service account token.
Create a secret for ssh authentication.
StatefulSet is the workload API object used to manage stateful applications.
StatefulSet update strategies.
A node that is matched by taint selectors.
Create a secret for storing a TLS certificate and its associated key.
Available topology domains.
Represents a user.
Volume represents a named volume in a pod that may be accessed by any container in the pod.
A workload is an application running on Kubernetes.
Controls the pod scheduling strategy of this workload.
# Type aliases
Azure disk caching modes.
Azure Disk kinds.
Concurrency policy for CronJobs.
No description provided by the author
Pod DNS policies.
The medium on which to store the volume.
No description provided by the author
No description provided by the author
Host path types.
Specify how the path is matched against request paths.
No description provided by the author
No description provided by the author
Default behaviors of network traffic in policies.
Network protocols.
Access Modes.
Volume Modes.
Reclaim Policies.
Isolation determines which policies are created when allowing connections from a a pod / workload to peers.
Controls how pods are created during initial scale up, when replacing pods on nodes, or when scaling down.
Network protocols.
No description provided by the author
Restart policy for all containers within the pod.
No description provided by the author
For some parts of your application (for example, frontends) you may want to expose a Service onto an external IP address, that's outside of your cluster.
Taint effects.