--- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.18.0 name: sgxdeviceplugins.deviceplugin.intel.com spec: group: deviceplugin.intel.com names: kind: SgxDevicePlugin listKind: SgxDevicePluginList plural: sgxdeviceplugins singular: sgxdeviceplugin scope: Cluster versions: - additionalPrinterColumns: - jsonPath: .status.desiredNumberScheduled name: Desired type: integer - jsonPath: .status.numberReady name: Ready type: integer - jsonPath: .spec.nodeSelector name: Node Selector type: string - jsonPath: .metadata.creationTimestamp name: Age type: date name: v1 schema: openAPIV3Schema: description: |- SgxDevicePlugin is the Schema for the sgxdeviceplugins API. It represents the SGX device plugin responsible for advertising SGX device nodes to the kubelet. properties: apiVersion: description: |- APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: description: |- Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: description: SgxDevicePluginSpec defines the desired state of SgxDevicePlugin. properties: dcapInfraResources: description: DcapInfraResources flag enables two special resources for Intel DCAP infrastructure containers. type: boolean enclaveLimit: description: EnclaveLimit is a number of containers that can share the same SGX enclave device. minimum: 1 type: integer image: description: Image is a container image with SGX device plugin executable. type: string initImage: description: |- InitImage is a container image with tools (i.e., SGX NFD source hook) installed on each node. Recommendation is to leave this unset and prefer the SGX NodeFeatureRule instead. type: string logLevel: description: LogLevel sets the plugin's log level. minimum: 0 type: integer nodeSelector: additionalProperties: type: string description: NodeSelector provides a simple way to constrain device plugin pods to nodes with particular labels. type: object provisionLimit: description: ProvisionLimit is a number of containers that can share the same SGX provision device. minimum: 1 type: integer tolerations: description: Specialized nodes (e.g., with accelerators) can be Tainted to make sure unwanted pods are not scheduled on them. Tolerations can be set for the plugin pod to neutralize the Taint. items: description: |- The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . properties: effect: description: |- Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: description: |- Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. type: string operator: description: |- Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. type: string tolerationSeconds: description: |- TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. format: int64 type: integer value: description: |- Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. type: string type: object type: array type: object status: description: SgxDevicePluginStatus defines the observed state of SgxDevicePlugin. properties: controlledDaemonSet: description: ControlledDaemoSet references the DaemonSet controlled by the operator. properties: apiVersion: description: API version of the referent. type: string fieldPath: description: |- If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. type: string kind: description: |- Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: description: |- Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: description: |- Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: description: |- Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: description: |- UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object x-kubernetes-map-type: atomic desiredNumberScheduled: description: |- The total number of nodes that should be running the device plugin pod (including nodes correctly running the device plugin pod). format: int32 type: integer nodeNames: description: The list of Node names where the device plugin pods are running. items: type: string type: array numberReady: description: |- The number of nodes that should be running the device plugin pod and have one or more of the device plugin pod running and ready. format: int32 type: integer required: - desiredNumberScheduled - numberReady type: object type: object served: true storage: true subresources: status: {}