Schedule and quota APIs

Parameters can contain arbitrary data. It is the responsibility of the driver developer to handle validation and versioning. Typically this includes self-identification and a version ("kind" + "apiVersion" for Kubernetes types), with conversion between different versions.

The length of the raw data must be smaller or equal to 10 Ki.

4.1.5. .spec.selectors

Description: Each selector must be satisfied by a device which is claimed via this class.
Type: array

4.1.6. .spec.selectors[]

Description: DeviceSelector must have exactly one field set.
Type: object

Property	Type	Description
`cel`	`object`	CELDeviceSelector contains a CEL expression for selecting a device.

4.1.7. .spec.selectors[].cel

Description

CELDeviceSelector contains a CEL expression for selecting a device.

Type

object

Required

expression

Property Type Description

Property	Type	Description
`expression`	`string`	Expression is a CEL expression which evaluates a single device. It must evaluate to true when the device under consideration satisfies the desired criteria, and false when it does not. Any other result is an error and causes allocation of devices to abort. The expression’s input is an object named "device", which carries the following properties: - driver (string): the name of the driver which defines this device. - attributes (map[string]object): the device’s attributes, grouped by prefix (e.g. device.attributes["dra.example.com"] evaluates to an object with all of the attributes which were prefixed by "dra.example.com". - capacity (map[string]object): the device’s capacities, grouped by prefix. - allowMultipleAllocations (bool): the allowMultipleAllocations property of the device (v1.34+ with the DRAConsumableCapacity feature enabled). Example: Consider a device with driver="dra.example.com", which exposes two attributes named "model" and "ext.example.com/family" and which exposes one capacity named "modules". This input to this expression would have the following fields: device.driver device.attributes["dra.example.com"].model device.attributes["ext.example.com"].family device.capacity["dra.example.com"].modules The device.driver field can be used to check for a specific driver, either as a high-level precondition (i.e. you only want to consider devices from this driver) or as part of a multi-clause expression that is meant to consider devices from different drivers. The value type of each attribute is defined by the device definition, and users who write these expressions must consult the documentation for their specific drivers. The value type of each capacity is Quantity. If an unknown prefix is used as a lookup in either device.attributes or device.capacity, an empty map will be returned. Any reference to an unknown field will cause an evaluation error and allocation to abort. A robust expression should check for the existence of attributes before referencing them. For ease of use, the cel.bind() function is enabled, and can be used to simplify expressions that access multiple attributes with the same domain. For example: cel.bind(dra, device.attributes["dra.example.com"], dra.someBool && dra.anotherBool) The length of the expression must be smaller or equal to 10 Ki. The cost of evaluating it is also limited based on the estimated number of logical steps.

expression

string

Expression is a CEL expression which evaluates a single device. It must evaluate to true when the device under consideration satisfies the desired criteria, and false when it does not. Any other result is an error and causes allocation of devices to abort.

The expression’s input is an object named "device", which carries the following properties: - driver (string): the name of the driver which defines this device. - attributes (map[string]object): the device’s attributes, grouped by prefix (e.g. device.attributes["dra.example.com"] evaluates to an object with all of the attributes which were prefixed by "dra.example.com". - capacity (map[string]object): the device’s capacities, grouped by prefix. - allowMultipleAllocations (bool): the allowMultipleAllocations property of the device (v1.34+ with the DRAConsumableCapacity feature enabled).

Example: Consider a device with driver="dra.example.com", which exposes two attributes named "model" and "ext.example.com/family" and which exposes one capacity named "modules". This input to this expression would have the following fields:

device.driver device.attributes["dra.example.com"].model device.attributes["ext.example.com"].family device.capacity["dra.example.com"].modules

The device.driver field can be used to check for a specific driver, either as a high-level precondition (i.e. you only want to consider devices from this driver) or as part of a multi-clause expression that is meant to consider devices from different drivers.

The value type of each attribute is defined by the device definition, and users who write these expressions must consult the documentation for their specific drivers. The value type of each capacity is Quantity.

If an unknown prefix is used as a lookup in either device.attributes or device.capacity, an empty map will be returned. Any reference to an unknown field will cause an evaluation error and allocation to abort.

A robust expression should check for the existence of attributes before referencing them.

For ease of use, the cel.bind() function is enabled, and can be used to simplify expressions that access multiple attributes with the same domain. For example:

cel.bind(dra, device.attributes["dra.example.com"], dra.someBool && dra.anotherBool)

The length of the expression must be smaller or equal to 10 Ki. The cost of evaluating it is also limited based on the estimated number of logical steps.

4.2. API endpoints

The following API endpoints are available:

/apis/resource.k8s.io/v1/deviceclasses
- DELETE: delete collection of DeviceClass
- GET: list or watch objects of kind DeviceClass
- POST: create a DeviceClass
/apis/resource.k8s.io/v1/watch/deviceclasses
- GET: watch individual changes to a list of DeviceClass. deprecated: use the 'watch' parameter with a list operation instead.
/apis/resource.k8s.io/v1/deviceclasses/{name}
- DELETE: delete a DeviceClass
- GET: read the specified DeviceClass
- PATCH: partially update the specified DeviceClass
- PUT: replace the specified DeviceClass
/apis/resource.k8s.io/v1/watch/deviceclasses/{name}
- GET: watch changes to an object of kind DeviceClass. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.

4.2.1. /apis/resource.k8s.io/v1/deviceclasses

HTTP method: DELETE
Description: delete collection of DeviceClass

Table 4.1. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

Table 4.2. HTTP responses

HTTP code	Reponse body
200 - OK	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: list or watch objects of kind DeviceClass

Table 4.3. HTTP responses

HTTP code	Reponse body
200 - OK	`DeviceClassList` schema
401 - Unauthorized	Empty

HTTP method: POST
Description: create a DeviceClass

Table 4.4. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 4.5. Body parameters

Parameter	Type	Description
`body`	`DeviceClass` schema

Table 4.6. HTTP responses

HTTP code	Reponse body
200 - OK	`DeviceClass` schema
201 - Created	`DeviceClass` schema
202 - Accepted	`DeviceClass` schema
401 - Unauthorized	Empty

4.2.2. /apis/resource.k8s.io/v1/watch/deviceclasses

HTTP method: GET
Description: watch individual changes to a list of DeviceClass. deprecated: use the 'watch' parameter with a list operation instead.

Table 4.7. HTTP responses

HTTP code	Reponse body
200 - OK	`WatchEvent` schema
401 - Unauthorized	Empty

4.2.3. /apis/resource.k8s.io/v1/deviceclasses/{name}

Table 4.8. Global path parameters

Parameter	Type	Description
`name`	`string`	name of the DeviceClass

HTTP method: DELETE
Description: delete a DeviceClass

Table 4.9. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

Table 4.10. HTTP responses

HTTP code	Reponse body
200 - OK	`DeviceClass` schema
202 - Accepted	`DeviceClass` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: read the specified DeviceClass

Table 4.11. HTTP responses

HTTP code	Reponse body
200 - OK	`DeviceClass` schema
401 - Unauthorized	Empty

HTTP method: PATCH
Description: partially update the specified DeviceClass

Table 4.12. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 4.13. HTTP responses

HTTP code	Reponse body
200 - OK	`DeviceClass` schema
201 - Created	`DeviceClass` schema
401 - Unauthorized	Empty

HTTP method: PUT
Description: replace the specified DeviceClass

Table 4.14. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 4.15. Body parameters

Parameter	Type	Description
`body`	`DeviceClass` schema

Table 4.16. HTTP responses

HTTP code	Reponse body
200 - OK	`DeviceClass` schema
201 - Created	`DeviceClass` schema
401 - Unauthorized	Empty

4.2.4. /apis/resource.k8s.io/v1/watch/deviceclasses/{name}

Table 4.17. Global path parameters

Parameter	Type	Description
`name`	`string`	name of the DeviceClass

HTTP method: GET
Description: watch changes to an object of kind DeviceClass. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.

Table 4.18. HTTP responses

HTTP code	Reponse body
200 - OK	`WatchEvent` schema
401 - Unauthorized	Empty

Chapter 5. FlowSchema [flowcontrol.apiserver.k8s.io/v1]

Description: FlowSchema defines the schema of a group of flows. Note that a flow is made up of a set of inbound API requests with similar attributes and is identified by a pair of strings: the name of the FlowSchema and a "flow distinguisher".
Type: object

5.1. Specification

Property	Type	Description
`apiVersion`	`string`	APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: Content from git.k8s.io is not included.https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
`kind`	`string`	Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: Content from git.k8s.io is not included.https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
`metadata`	`ObjectMeta`	`metadata` is the standard object’s metadata. More info: Content from git.k8s.io is not included.https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
`spec`	`object`	FlowSchemaSpec describes how the FlowSchema’s specification looks like.
`status`	`object`	FlowSchemaStatus represents the current state of a FlowSchema.

5.1.1. .spec

Description

FlowSchemaSpec describes how the FlowSchema’s specification looks like.

Type

object

Required

priorityLevelConfiguration

Property	Type	Description
`distinguisherMethod`	`object`	FlowDistinguisherMethod specifies the method of a flow distinguisher.
`matchingPrecedence`	`integer`	`matchingPrecedence` is used to choose among the FlowSchemas that match a given request. The chosen FlowSchema is among those with the numerically lowest (which we take to be logically highest) MatchingPrecedence. Each MatchingPrecedence value must be ranged in [1,10000]. Note that if the precedence is not specified, it will be set to 1000 as default.
`priorityLevelConfiguration`	`object`	PriorityLevelConfigurationReference contains information that points to the "request-priority" being used.
`rules`	`array`	`rules` describes which requests will match this flow schema. This FlowSchema matches a request if and only if at least one member of rules matches the request. if it is an empty slice, there will be no requests matching the FlowSchema.
`rules[]`	`object`	PolicyRulesWithSubjects prescribes a test that applies to a request to an apiserver. The test considers the subject making the request, the verb being requested, and the resource to be acted upon. This PolicyRulesWithSubjects matches a request if and only if both (a) at least one member of subjects matches the request and (b) at least one member of resourceRules or nonResourceRules matches the request.

5.1.2. .spec.distinguisherMethod

Description

FlowDistinguisherMethod specifies the method of a flow distinguisher.

Type

object

Required

type

Property	Type	Description
`type`	`string`	`type` is the type of flow distinguisher method The supported types are "ByUser" and "ByNamespace". Required.

5.1.3. .spec.priorityLevelConfiguration

Description

PriorityLevelConfigurationReference contains information that points to the "request-priority" being used.

Type

object

Required

name

Property	Type	Description
`name`	`string`	`name` is the name of the priority level configuration being referenced Required.

5.1.4. .spec.rules

Description: rules describes which requests will match this flow schema. This FlowSchema matches a request if and only if at least one member of rules matches the request. if it is an empty slice, there will be no requests matching the FlowSchema.
Type: array

5.1.5. .spec.rules[]

Description

PolicyRulesWithSubjects prescribes a test that applies to a request to an apiserver. The test considers the subject making the request, the verb being requested, and the resource to be acted upon. This PolicyRulesWithSubjects matches a request if and only if both (a) at least one member of subjects matches the request and (b) at least one member of resourceRules or nonResourceRules matches the request.

Type

object

Required

subjects

Property	Type	Description
`nonResourceRules`	`array`	`nonResourceRules` is a list of NonResourcePolicyRules that identify matching requests according to their verb and the target non-resource URL.
`nonResourceRules[]`	`object`	NonResourcePolicyRule is a predicate that matches non-resource requests according to their verb and the target non-resource URL. A NonResourcePolicyRule matches a request if and only if both (a) at least one member of verbs matches the request and (b) at least one member of nonResourceURLs matches the request.
`resourceRules`	`array`	`resourceRules` is a slice of ResourcePolicyRules that identify matching requests according to their verb and the target resource. At least one of `resourceRules` and `nonResourceRules` has to be non-empty.
`resourceRules[]`	`object`	ResourcePolicyRule is a predicate that matches some resource requests, testing the request’s verb and the target resource. A ResourcePolicyRule matches a resource request if and only if: (a) at least one member of verbs matches the request, (b) at least one member of apiGroups matches the request, (c) at least one member of resources matches the request, and (d) either (d1) the request does not specify a namespace (i.e., `Namespace==""`) and clusterScope is true or (d2) the request specifies a namespace and least one member of namespaces matches the request’s namespace.
`subjects`	`array`	subjects is the list of normal user, serviceaccount, or group that this rule cares about. There must be at least one member in this slice. A slice that includes both the system:authenticated and system:unauthenticated user groups matches every request. Required.
`subjects[]`	`object`	Subject matches the originator of a request, as identified by the request authentication system. There are three ways of matching an originator; by user, group, or service account.

5.1.6. .spec.rules[].nonResourceRules

Description: nonResourceRules is a list of NonResourcePolicyRules that identify matching requests according to their verb and the target non-resource URL.
Type: array

5.1.7. .spec.rules[].nonResourceRules[]

Description

NonResourcePolicyRule is a predicate that matches non-resource requests according to their verb and the target non-resource URL. A NonResourcePolicyRule matches a request if and only if both (a) at least one member of verbs matches the request and (b) at least one member of nonResourceURLs matches the request.

Type

object

Required

verbs
nonResourceURLs

Property	Type	Description
`nonResourceURLs`	`array (string)`	`nonResourceURLs` is a set of url prefixes that a user should have access to and may not be empty. For example: - "/healthz" is legal - "/hea" is illegal - "/hea" is legal but matches nothing - "/hea/" also matches nothing - "/healthz/" matches all per-component health checks. "" matches all non-resource urls. if it is present, it must be the only entry. Required.
`verbs`	`array (string)`	`verbs` is a list of matching verbs and may not be empty. "*" matches all verbs. If it is present, it must be the only entry. Required.

5.1.8. .spec.rules[].resourceRules

Description: resourceRules is a slice of ResourcePolicyRules that identify matching requests according to their verb and the target resource. At least one of resourceRules and nonResourceRules has to be non-empty.
Type: array

5.1.9. .spec.rules[].resourceRules[]

Description

ResourcePolicyRule is a predicate that matches some resource requests, testing the request’s verb and the target resource. A ResourcePolicyRule matches a resource request if and only if: (a) at least one member of verbs matches the request, (b) at least one member of apiGroups matches the request, (c) at least one member of resources matches the request, and (d) either (d1) the request does not specify a namespace (i.e., Namespace=="") and clusterScope is true or (d2) the request specifies a namespace and least one member of namespaces matches the request’s namespace.

Type

object

Required

verbs
apiGroups
resources

Property	Type	Description
`apiGroups`	`array (string)`	`apiGroups` is a list of matching API groups and may not be empty. "*" matches all API groups and, if present, must be the only entry. Required.
`clusterScope`	`boolean`	`clusterScope` indicates whether to match requests that do not specify a namespace (which happens either because the resource is not namespaced or the request targets all namespaces). If this field is omitted or false then the `namespaces` field must contain a non-empty list.
`namespaces`	`array (string)`	`namespaces` is a list of target namespaces that restricts matches. A request that specifies a target namespace matches only if either (a) this list contains that target namespace or (b) this list contains "". Note that "" matches any specified namespace but does not match a request that does not specify a namespace (see the `clusterScope` field for that). This list may be empty, but only if `clusterScope` is true.
`resources`	`array (string)`	`resources` is a list of matching resources (i.e., lowercase and plural) with, if desired, subresource. For example, [ "services", "nodes/status" ]. This list may not be empty. "*" matches all resources and, if present, must be the only entry. Required.
`verbs`	`array (string)`	`verbs` is a list of matching verbs and may not be empty. "*" matches all verbs and, if present, must be the only entry. Required.

5.1.10. .spec.rules[].subjects

Description: subjects is the list of normal user, serviceaccount, or group that this rule cares about. There must be at least one member in this slice. A slice that includes both the system:authenticated and system:unauthenticated user groups matches every request. Required.
Type: array

5.1.11. .spec.rules[].subjects[]

Description

Subject matches the originator of a request, as identified by the request authentication system. There are three ways of matching an originator; by user, group, or service account.

Type

object

Required

kind

Property	Type	Description
`group`	`object`	GroupSubject holds detailed information for group-kind subject.
`kind`	`string`	`kind` indicates which one of the other fields is non-empty. Required
`serviceAccount`	`object`	ServiceAccountSubject holds detailed information for service-account-kind subject.
`user`	`object`	UserSubject holds detailed information for user-kind subject.

5.1.12. .spec.rules[].subjects[].group

Description

GroupSubject holds detailed information for group-kind subject.

Type

object

Required

name

Property	Type	Description
`name`	`string`	name is the user group that matches, or "*" to match all user groups. See Content from github.com is not included.https://github.com/kubernetes/apiserver/blob/master/pkg/authentication/user/user.go for some well-known group names. Required.

5.1.13. .spec.rules[].subjects[].serviceAccount

Description

ServiceAccountSubject holds detailed information for service-account-kind subject.

Type

object

Required

namespace
name

Property	Type	Description
`name`	`string`	`name` is the name of matching ServiceAccount objects, or "*" to match regardless of name. Required.
`namespace`	`string`	`namespace` is the namespace of matching ServiceAccount objects. Required.

5.1.14. .spec.rules[].subjects[].user

Description

UserSubject holds detailed information for user-kind subject.

Type

object

Required

name

Property	Type	Description
`name`	`string`	`name` is the username that matches, or "*" to match all usernames. Required.

5.1.15. .status

Description: FlowSchemaStatus represents the current state of a FlowSchema.
Type: object

Property	Type	Description
`conditions`	`array`	`conditions` is a list of the current states of FlowSchema.
`conditions[]`	`object`	FlowSchemaCondition describes conditions for a FlowSchema.

5.1.16. .status.conditions

Description: conditions is a list of the current states of FlowSchema.
Type: array

5.1.17. .status.conditions[]

Description: FlowSchemaCondition describes conditions for a FlowSchema.
Type: object

Property	Type	Description
`lastTransitionTime`	`Time`	`lastTransitionTime` is the last time the condition transitioned from one status to another.
`message`	`string`	`message` is a human-readable message indicating details about last transition.
`reason`	`string`	`reason` is a unique, one-word, CamelCase reason for the condition’s last transition.
`status`	`string`	`status` is the status of the condition. Can be True, False, Unknown. Required.
`type`	`string`	`type` is the type of the condition. Required.

5.2. API endpoints

The following API endpoints are available:

/apis/flowcontrol.apiserver.k8s.io/v1/flowschemas
- DELETE: delete collection of FlowSchema
- GET: list or watch objects of kind FlowSchema
- POST: create a FlowSchema
/apis/flowcontrol.apiserver.k8s.io/v1/watch/flowschemas
- GET: watch individual changes to a list of FlowSchema. deprecated: use the 'watch' parameter with a list operation instead.
/apis/flowcontrol.apiserver.k8s.io/v1/flowschemas/{name}
- DELETE: delete a FlowSchema
- GET: read the specified FlowSchema
- PATCH: partially update the specified FlowSchema
- PUT: replace the specified FlowSchema
/apis/flowcontrol.apiserver.k8s.io/v1/watch/flowschemas/{name}
- GET: watch changes to an object of kind FlowSchema. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
/apis/flowcontrol.apiserver.k8s.io/v1/flowschemas/{name}/status
- GET: read status of the specified FlowSchema
- PATCH: partially update status of the specified FlowSchema
- PUT: replace status of the specified FlowSchema

5.2.1. /apis/flowcontrol.apiserver.k8s.io/v1/flowschemas

HTTP method: DELETE
Description: delete collection of FlowSchema

Table 5.1. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

Table 5.2. HTTP responses

HTTP code	Reponse body
200 - OK	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: list or watch objects of kind FlowSchema

Table 5.3. HTTP responses

HTTP code	Reponse body
200 - OK	`FlowSchemaList` schema
401 - Unauthorized	Empty

HTTP method: POST
Description: create a FlowSchema

Table 5.4. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 5.5. Body parameters

Parameter	Type	Description
`body`	`FlowSchema` schema

Table 5.6. HTTP responses

HTTP code	Reponse body
200 - OK	`FlowSchema` schema
201 - Created	`FlowSchema` schema
202 - Accepted	`FlowSchema` schema
401 - Unauthorized	Empty

5.2.2. /apis/flowcontrol.apiserver.k8s.io/v1/watch/flowschemas

HTTP method: GET
Description: watch individual changes to a list of FlowSchema. deprecated: use the 'watch' parameter with a list operation instead.

Table 5.7. HTTP responses

HTTP code	Reponse body
200 - OK	`WatchEvent` schema
401 - Unauthorized	Empty

5.2.3. /apis/flowcontrol.apiserver.k8s.io/v1/flowschemas/{name}

Table 5.8. Global path parameters

Parameter	Type	Description
`name`	`string`	name of the FlowSchema

HTTP method: DELETE
Description: delete a FlowSchema

Table 5.9. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

Table 5.10. HTTP responses

HTTP code	Reponse body
200 - OK	`Status` schema
202 - Accepted	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: read the specified FlowSchema

Table 5.11. HTTP responses

HTTP code	Reponse body
200 - OK	`FlowSchema` schema
401 - Unauthorized	Empty

HTTP method: PATCH
Description: partially update the specified FlowSchema

Table 5.12. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 5.13. HTTP responses

HTTP code	Reponse body
200 - OK	`FlowSchema` schema
201 - Created	`FlowSchema` schema
401 - Unauthorized	Empty

HTTP method: PUT
Description: replace the specified FlowSchema

Table 5.14. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 5.15. Body parameters

Parameter	Type	Description
`body`	`FlowSchema` schema

Table 5.16. HTTP responses

HTTP code	Reponse body
200 - OK	`FlowSchema` schema
201 - Created	`FlowSchema` schema
401 - Unauthorized	Empty

5.2.4. /apis/flowcontrol.apiserver.k8s.io/v1/watch/flowschemas/{name}

Table 5.17. Global path parameters

Parameter	Type	Description
`name`	`string`	name of the FlowSchema

HTTP method: GET
Description: watch changes to an object of kind FlowSchema. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.

Table 5.18. HTTP responses

HTTP code	Reponse body
200 - OK	`WatchEvent` schema
401 - Unauthorized	Empty

5.2.5. /apis/flowcontrol.apiserver.k8s.io/v1/flowschemas/{name}/status

Table 5.19. Global path parameters

Parameter	Type	Description
`name`	`string`	name of the FlowSchema

HTTP method: GET
Description: read status of the specified FlowSchema

Table 5.20. HTTP responses

HTTP code	Reponse body
200 - OK	`FlowSchema` schema
401 - Unauthorized	Empty

HTTP method: PATCH
Description: partially update status of the specified FlowSchema

Table 5.21. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 5.22. HTTP responses

HTTP code	Reponse body
200 - OK	`FlowSchema` schema
201 - Created	`FlowSchema` schema
401 - Unauthorized	Empty

HTTP method: PUT
Description: replace status of the specified FlowSchema

Table 5.23. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 5.24. Body parameters

Parameter	Type	Description
`body`	`FlowSchema` schema

Table 5.25. HTTP responses

HTTP code	Reponse body
200 - OK	`FlowSchema` schema
201 - Created	`FlowSchema` schema
401 - Unauthorized	Empty

Chapter 6. LimitRange [v1]

Description: LimitRange sets resource usage limits for each kind of resource in a Namespace.
Type: object

6.1. Specification

Property	Type	Description
`apiVersion`	`string`	APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: Content from git.k8s.io is not included.https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
`kind`	`string`	Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: Content from git.k8s.io is not included.https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
`metadata`	`ObjectMeta`	Standard object’s metadata. More info: Content from git.k8s.io is not included.https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
`spec`	`object`	LimitRangeSpec defines a min/max usage limit for resources that match on kind.

6.1.1. .spec

Description

LimitRangeSpec defines a min/max usage limit for resources that match on kind.

Type

object

Required

limits

Property	Type	Description
`limits`	`array`	Limits is the list of LimitRangeItem objects that are enforced.
`limits[]`	`object`	LimitRangeItem defines a min/max usage limit for any resource that matches on kind.

6.1.2. .spec.limits

Description: Limits is the list of LimitRangeItem objects that are enforced.
Type: array

6.1.3. .spec.limits[]

Description

LimitRangeItem defines a min/max usage limit for any resource that matches on kind.

Type

object

Required

type

Property	Type	Description
`default`	`object (Quantity)`	Default resource requirement limit value by resource name if resource limit is omitted.
`defaultRequest`	`object (Quantity)`	DefaultRequest is the default resource requirement request value by resource name if resource request is omitted.
`max`	`object (Quantity)`	Max usage constraints on this kind by resource name.
`maxLimitRequestRatio`	`object (Quantity)`	MaxLimitRequestRatio if specified, the named resource must have a request and limit that are both non-zero where limit divided by request is less than or equal to the enumerated value; this represents the max burst for the named resource.
`min`	`object (Quantity)`	Min usage constraints on this kind by resource name.
`type`	`string`	Type of resource that this limit applies to.

6.2. API endpoints

The following API endpoints are available:

/api/v1/limitranges
- GET: list or watch objects of kind LimitRange
/api/v1/watch/limitranges
- GET: watch individual changes to a list of LimitRange. deprecated: use the 'watch' parameter with a list operation instead.
/api/v1/namespaces/{namespace}/limitranges
- DELETE: delete collection of LimitRange
- GET: list or watch objects of kind LimitRange
- POST: create a LimitRange
/api/v1/watch/namespaces/{namespace}/limitranges
- GET: watch individual changes to a list of LimitRange. deprecated: use the 'watch' parameter with a list operation instead.
/api/v1/namespaces/{namespace}/limitranges/{name}
- DELETE: delete a LimitRange
- GET: read the specified LimitRange
- PATCH: partially update the specified LimitRange
- PUT: replace the specified LimitRange
/api/v1/watch/namespaces/{namespace}/limitranges/{name}
- GET: watch changes to an object of kind LimitRange. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.

6.2.1. /api/v1/limitranges

HTTP method: GET
Description: list or watch objects of kind LimitRange

Table 6.1. HTTP responses

HTTP code	Reponse body
200 - OK	`LimitRangeList` schema
401 - Unauthorized	Empty

6.2.2. /api/v1/watch/limitranges

HTTP method: GET
Description: watch individual changes to a list of LimitRange. deprecated: use the 'watch' parameter with a list operation instead.

Table 6.2. HTTP responses

HTTP code	Reponse body
200 - OK	`WatchEvent` schema
401 - Unauthorized	Empty

6.2.3. /api/v1/namespaces/{namespace}/limitranges

HTTP method: DELETE
Description: delete collection of LimitRange

Table 6.3. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

Table 6.4. HTTP responses

HTTP code	Reponse body
200 - OK	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: list or watch objects of kind LimitRange

Table 6.5. HTTP responses

HTTP code	Reponse body
200 - OK	`LimitRangeList` schema
401 - Unauthorized	Empty

HTTP method: POST
Description: create a LimitRange

Table 6.6. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 6.7. Body parameters

Parameter	Type	Description
`body`	`LimitRange` schema

Table 6.8. HTTP responses

HTTP code	Reponse body
200 - OK	`LimitRange` schema
201 - Created	`LimitRange` schema
202 - Accepted	`LimitRange` schema
401 - Unauthorized	Empty

6.2.4. /api/v1/watch/namespaces/{namespace}/limitranges

HTTP method: GET
Description: watch individual changes to a list of LimitRange. deprecated: use the 'watch' parameter with a list operation instead.

Table 6.9. HTTP responses

HTTP code	Reponse body
200 - OK	`WatchEvent` schema
401 - Unauthorized	Empty

6.2.5. /api/v1/namespaces/{namespace}/limitranges/{name}

Table 6.10. Global path parameters

Parameter	Type	Description
`name`	`string`	name of the LimitRange

HTTP method: DELETE
Description: delete a LimitRange

Table 6.11. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

Table 6.12. HTTP responses

HTTP code	Reponse body
200 - OK	`Status` schema
202 - Accepted	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: read the specified LimitRange

Table 6.13. HTTP responses

HTTP code	Reponse body
200 - OK	`LimitRange` schema
401 - Unauthorized	Empty

HTTP method: PATCH
Description: partially update the specified LimitRange

Table 6.14. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 6.15. HTTP responses

HTTP code	Reponse body
200 - OK	`LimitRange` schema
201 - Created	`LimitRange` schema
401 - Unauthorized	Empty

HTTP method: PUT
Description: replace the specified LimitRange

Table 6.16. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 6.17. Body parameters

Parameter	Type	Description
`body`	`LimitRange` schema

Table 6.18. HTTP responses

HTTP code	Reponse body
200 - OK	`LimitRange` schema
201 - Created	`LimitRange` schema
401 - Unauthorized	Empty

6.2.6. /api/v1/watch/namespaces/{namespace}/limitranges/{name}

Table 6.19. Global path parameters

Parameter	Type	Description
`name`	`string`	name of the LimitRange

HTTP method: GET
Description: watch changes to an object of kind LimitRange. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.

Table 6.20. HTTP responses

HTTP code	Reponse body
200 - OK	`WatchEvent` schema
401 - Unauthorized	Empty

Chapter 7. PriorityClass [scheduling.k8s.io/v1]

Description

PriorityClass defines mapping from a priority class name to the priority integer value. The value can be any valid integer.

Type

object

Required

value

7.1. Specification

Property	Type	Description
`apiVersion`	`string`	APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: Content from git.k8s.io is not included.https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
`description`	`string`	description is an arbitrary string that usually provides guidelines on when this priority class should be used.
`globalDefault`	`boolean`	globalDefault specifies whether this PriorityClass should be considered as the default priority for pods that do not have any priority class. Only one PriorityClass can be marked as `globalDefault`. However, if more than one PriorityClasses exists with their `globalDefault` field set to true, the smallest value of such global default PriorityClasses will be used as the default priority.
`kind`	`string`	Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: Content from git.k8s.io is not included.https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
`metadata`	`ObjectMeta`	Standard object’s metadata. More info: Content from git.k8s.io is not included.https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
`preemptionPolicy`	`string`	preemptionPolicy is the Policy for preempting pods with lower priority. One of Never, PreemptLowerPriority. Defaults to PreemptLowerPriority if unset. Possible enum values: - `"Never"` means that pod never preempts other pods with lower priority. - `"PreemptLowerPriority"` means that pod can preempt other pods with lower priority.
`value`	`integer`	value represents the integer value of this priority class. This is the actual priority that pods receive when they have the name of this class in their pod spec.

7.2. API endpoints

The following API endpoints are available:

/apis/scheduling.k8s.io/v1/priorityclasses
- DELETE: delete collection of PriorityClass
- GET: list or watch objects of kind PriorityClass
- POST: create a PriorityClass
/apis/scheduling.k8s.io/v1/watch/priorityclasses
- GET: watch individual changes to a list of PriorityClass. deprecated: use the 'watch' parameter with a list operation instead.
/apis/scheduling.k8s.io/v1/priorityclasses/{name}
- DELETE: delete a PriorityClass
- GET: read the specified PriorityClass
- PATCH: partially update the specified PriorityClass
- PUT: replace the specified PriorityClass
/apis/scheduling.k8s.io/v1/watch/priorityclasses/{name}
- GET: watch changes to an object of kind PriorityClass. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.

7.2.1. /apis/scheduling.k8s.io/v1/priorityclasses

HTTP method: DELETE
Description: delete collection of PriorityClass

Table 7.1. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

Table 7.2. HTTP responses

HTTP code	Reponse body
200 - OK	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: list or watch objects of kind PriorityClass

Table 7.3. HTTP responses

HTTP code	Reponse body
200 - OK	`PriorityClassList` schema
401 - Unauthorized	Empty

HTTP method: POST
Description: create a PriorityClass

Table 7.4. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 7.5. Body parameters

Parameter	Type	Description
`body`	`PriorityClass` schema

Table 7.6. HTTP responses

HTTP code	Reponse body
200 - OK	`PriorityClass` schema
201 - Created	`PriorityClass` schema
202 - Accepted	`PriorityClass` schema
401 - Unauthorized	Empty

7.2.2. /apis/scheduling.k8s.io/v1/watch/priorityclasses

HTTP method: GET
Description: watch individual changes to a list of PriorityClass. deprecated: use the 'watch' parameter with a list operation instead.

Table 7.7. HTTP responses

HTTP code	Reponse body
200 - OK	`WatchEvent` schema
401 - Unauthorized	Empty

7.2.3. /apis/scheduling.k8s.io/v1/priorityclasses/{name}

Table 7.8. Global path parameters

Parameter	Type	Description
`name`	`string`	name of the PriorityClass

HTTP method: DELETE
Description: delete a PriorityClass

Table 7.9. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

Table 7.10. HTTP responses

HTTP code	Reponse body
200 - OK	`Status` schema
202 - Accepted	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: read the specified PriorityClass

Table 7.11. HTTP responses

HTTP code	Reponse body
200 - OK	`PriorityClass` schema
401 - Unauthorized	Empty

HTTP method: PATCH
Description: partially update the specified PriorityClass

Table 7.12. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 7.13. HTTP responses

HTTP code	Reponse body
200 - OK	`PriorityClass` schema
201 - Created	`PriorityClass` schema
401 - Unauthorized	Empty

HTTP method: PUT
Description: replace the specified PriorityClass

Table 7.14. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 7.15. Body parameters

Parameter	Type	Description
`body`	`PriorityClass` schema

Table 7.16. HTTP responses

HTTP code	Reponse body
200 - OK	`PriorityClass` schema
201 - Created	`PriorityClass` schema
401 - Unauthorized	Empty

7.2.4. /apis/scheduling.k8s.io/v1/watch/priorityclasses/{name}

Table 7.17. Global path parameters

Parameter	Type	Description
`name`	`string`	name of the PriorityClass

HTTP method: GET
Description: watch changes to an object of kind PriorityClass. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.

Table 7.18. HTTP responses

HTTP code	Reponse body
200 - OK	`WatchEvent` schema
401 - Unauthorized	Empty

Chapter 8. PriorityLevelConfiguration [flowcontrol.apiserver.k8s.io/v1]

Description: PriorityLevelConfiguration represents the configuration of a priority level.
Type: object

8.1. Specification

Property	Type	Description
`apiVersion`	`string`	APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: Content from git.k8s.io is not included.https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
`kind`	`string`	Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: Content from git.k8s.io is not included.https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
`metadata`	`ObjectMeta`	`metadata` is the standard object’s metadata. More info: Content from git.k8s.io is not included.https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
`spec`	`object`	PriorityLevelConfigurationSpec specifies the configuration of a priority level.
`status`	`object`	PriorityLevelConfigurationStatus represents the current state of a "request-priority".

8.1.1. .spec

Description

PriorityLevelConfigurationSpec specifies the configuration of a priority level.

Type

object

Required

type

Property	Type	Description
`exempt`	`object`	ExemptPriorityLevelConfiguration describes the configurable aspects of the handling of exempt requests. In the mandatory exempt configuration object the values in the fields here can be modified by authorized users, unlike the rest of the `spec`.
`limited`	`object`	LimitedPriorityLevelConfiguration specifies how to handle requests that are subject to limits. It addresses two issues: - How are requests for this priority level limited? - What should be done with requests that exceed the limit?
`type`	`string`	`type` indicates whether this priority level is subject to limitation on request execution. A value of `"Exempt"` means that requests of this priority level are not subject to a limit (and thus are never queued) and do not detract from the capacity made available to other priority levels. A value of `"Limited"` means that (a) requests of this priority level are subject to limits and (b) some of the server’s limited capacity is made available exclusively to this priority level. Required.

8.1.2. .spec.exempt

Description: ExemptPriorityLevelConfiguration describes the configurable aspects of the handling of exempt requests. In the mandatory exempt configuration object the values in the fields here can be modified by authorized users, unlike the rest of the spec.
Type: object

Property Type Description

lendablePercent

integer

lendablePercent prescribes the fraction of the level’s NominalCL that can be borrowed by other priority levels. This value of this field must be between 0 and 100, inclusive, and it defaults to 0. The number of seats that other levels can borrow from this level, known as this level’s LendableConcurrencyLimit (LendableCL), is defined as follows.

LendableCL(i) = round( NominalCL(i) * lendablePercent(i)/100.0 )

nominalConcurrencyShares

integer

nominalConcurrencyShares (NCS) contributes to the computation of the NominalConcurrencyLimit (NominalCL) of this level. This is the number of execution seats nominally reserved for this priority level. This DOES NOT limit the dispatching from this priority level but affects the other priority levels through the borrowing mechanism. The server’s concurrency limit (ServerCL) is divided among all the priority levels in proportion to their NCS values:

NominalCL(i) = ceil( ServerCL * NCS(i) / sum_ncs ) sum_ncs = sum[priority level k] NCS(k)

Bigger numbers mean a larger nominal concurrency limit, at the expense of every other priority level. This field has a default value of zero.

8.1.3. .spec.limited

Description: LimitedPriorityLevelConfiguration specifies how to handle requests that are subject to limits. It addresses two issues: - How are requests for this priority level limited? - What should be done with requests that exceed the limit?
Type: object

Property	Type	Description
`borrowingLimitPercent`	`integer`	`borrowingLimitPercent`, if present, configures a limit on how many seats this priority level can borrow from other priority levels. The limit is known as this level’s BorrowingConcurrencyLimit (BorrowingCL) and is a limit on the total number of seats that this level may borrow at any one time. This field holds the ratio of that limit to the level’s nominal concurrency limit. When this field is non-nil, it must hold a non-negative integer and the limit is calculated as follows. BorrowingCL(i) = round( NominalCL(i) * borrowingLimitPercent(i)/100.0 ) The value of this field can be more than 100, implying that this priority level can borrow a number of seats that is greater than its own nominal concurrency limit (NominalCL). When this field is left `nil`, the limit is effectively infinite.
`lendablePercent`	`integer`	`lendablePercent` prescribes the fraction of the level’s NominalCL that can be borrowed by other priority levels. The value of this field must be between 0 and 100, inclusive, and it defaults to 0. The number of seats that other levels can borrow from this level, known as this level’s LendableConcurrencyLimit (LendableCL), is defined as follows. LendableCL(i) = round( NominalCL(i) * lendablePercent(i)/100.0 )
`limitResponse`	`object`	LimitResponse defines how to handle requests that can not be executed right now.
`nominalConcurrencyShares`	`integer`	`nominalConcurrencyShares` (NCS) contributes to the computation of the NominalConcurrencyLimit (NominalCL) of this level. This is the number of execution seats available at this priority level. This is used both for requests dispatched from this priority level as well as requests dispatched from other priority levels borrowing seats from this level. The server’s concurrency limit (ServerCL) is divided among the Limited priority levels in proportion to their NCS values: NominalCL(i) = ceil( ServerCL * NCS(i) / sum_ncs ) sum_ncs = sum[priority level k] NCS(k) Bigger numbers mean a larger nominal concurrency limit, at the expense of every other priority level. If not specified, this field defaults to a value of 30. Setting this field to zero supports the construction of a "jail" for this priority level that is used to hold some request(s)

8.1.4. .spec.limited.limitResponse

Description

LimitResponse defines how to handle requests that can not be executed right now.

Type

object

Required

type

Property	Type	Description
`queuing`	`object`	QueuingConfiguration holds the configuration parameters for queuing
`type`	`string`	`type` is "Queue" or "Reject". "Queue" means that requests that can not be executed upon arrival are held in a queue until they can be executed or a queuing limit is reached. "Reject" means that requests that can not be executed upon arrival are rejected. Required.

8.1.5. .spec.limited.limitResponse.queuing

Description: QueuingConfiguration holds the configuration parameters for queuing
Type: object

Property	Type	Description
`handSize`	`integer`	`handSize` is a small positive number that configures the shuffle sharding of requests into queues. When enqueuing a request at this priority level the request’s flow identifier (a string pair) is hashed and the hash value is used to shuffle the list of queues and deal a hand of the size specified here. The request is put into one of the shortest queues in that hand. `handSize` must be no larger than `queues`, and should be significantly smaller (so that a few heavy flows do not saturate most of the queues). See the user-facing documentation for more extensive guidance on setting this field. This field has a default value of 8.
`queueLengthLimit`	`integer`	`queueLengthLimit` is the maximum number of requests allowed to be waiting in a given queue of this priority level at a time; excess requests are rejected. This value must be positive. If not specified, it will be defaulted to 50.
`queues`	`integer`	`queues` is the number of queues for this priority level. The queues exist independently at each apiserver. The value must be positive. Setting it to 1 effectively precludes shufflesharding and thus makes the distinguisher method of associated flow schemas irrelevant. This field has a default value of 64.

8.1.6. .status

Description: PriorityLevelConfigurationStatus represents the current state of a "request-priority".
Type: object

Property	Type	Description
`conditions`	`array`	`conditions` is the current state of "request-priority".
`conditions[]`	`object`	PriorityLevelConfigurationCondition defines the condition of priority level.

8.1.7. .status.conditions

Description: conditions is the current state of "request-priority".
Type: array

8.1.8. .status.conditions[]

Description: PriorityLevelConfigurationCondition defines the condition of priority level.
Type: object

Property	Type	Description
`lastTransitionTime`	`Time`	`lastTransitionTime` is the last time the condition transitioned from one status to another.
`message`	`string`	`message` is a human-readable message indicating details about last transition.
`reason`	`string`	`reason` is a unique, one-word, CamelCase reason for the condition’s last transition.
`status`	`string`	`status` is the status of the condition. Can be True, False, Unknown. Required.
`type`	`string`	`type` is the type of the condition. Required.

8.2. API endpoints

The following API endpoints are available:

/apis/flowcontrol.apiserver.k8s.io/v1/prioritylevelconfigurations
- DELETE: delete collection of PriorityLevelConfiguration
- GET: list or watch objects of kind PriorityLevelConfiguration
- POST: create a PriorityLevelConfiguration
/apis/flowcontrol.apiserver.k8s.io/v1/watch/prioritylevelconfigurations
- GET: watch individual changes to a list of PriorityLevelConfiguration. deprecated: use the 'watch' parameter with a list operation instead.
/apis/flowcontrol.apiserver.k8s.io/v1/prioritylevelconfigurations/{name}
- DELETE: delete a PriorityLevelConfiguration
- GET: read the specified PriorityLevelConfiguration
- PATCH: partially update the specified PriorityLevelConfiguration
- PUT: replace the specified PriorityLevelConfiguration
/apis/flowcontrol.apiserver.k8s.io/v1/watch/prioritylevelconfigurations/{name}
- GET: watch changes to an object of kind PriorityLevelConfiguration. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
/apis/flowcontrol.apiserver.k8s.io/v1/prioritylevelconfigurations/{name}/status
- GET: read status of the specified PriorityLevelConfiguration
- PATCH: partially update status of the specified PriorityLevelConfiguration
- PUT: replace status of the specified PriorityLevelConfiguration

8.2.1. /apis/flowcontrol.apiserver.k8s.io/v1/prioritylevelconfigurations

HTTP method: DELETE
Description: delete collection of PriorityLevelConfiguration

Table 8.1. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

Table 8.2. HTTP responses

HTTP code	Reponse body
200 - OK	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: list or watch objects of kind PriorityLevelConfiguration

Table 8.3. HTTP responses

HTTP code	Reponse body
200 - OK	`PriorityLevelConfigurationList` schema
401 - Unauthorized	Empty

HTTP method: POST
Description: create a PriorityLevelConfiguration

Table 8.4. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 8.5. Body parameters

Parameter	Type	Description
`body`	`PriorityLevelConfiguration` schema

Table 8.6. HTTP responses

HTTP code	Reponse body
200 - OK	`PriorityLevelConfiguration` schema
201 - Created	`PriorityLevelConfiguration` schema
202 - Accepted	`PriorityLevelConfiguration` schema
401 - Unauthorized	Empty

8.2.2. /apis/flowcontrol.apiserver.k8s.io/v1/watch/prioritylevelconfigurations

HTTP method: GET
Description: watch individual changes to a list of PriorityLevelConfiguration. deprecated: use the 'watch' parameter with a list operation instead.

Table 8.7. HTTP responses

HTTP code	Reponse body
200 - OK	`WatchEvent` schema
401 - Unauthorized	Empty

8.2.3. /apis/flowcontrol.apiserver.k8s.io/v1/prioritylevelconfigurations/{name}

Table 8.8. Global path parameters

Parameter	Type	Description
`name`	`string`	name of the PriorityLevelConfiguration

HTTP method: DELETE
Description: delete a PriorityLevelConfiguration

Table 8.9. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

Table 8.10. HTTP responses

HTTP code	Reponse body
200 - OK	`Status` schema
202 - Accepted	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: read the specified PriorityLevelConfiguration

Table 8.11. HTTP responses

HTTP code	Reponse body
200 - OK	`PriorityLevelConfiguration` schema
401 - Unauthorized	Empty

HTTP method: PATCH
Description: partially update the specified PriorityLevelConfiguration

Table 8.12. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 8.13. HTTP responses

HTTP code	Reponse body
200 - OK	`PriorityLevelConfiguration` schema
201 - Created	`PriorityLevelConfiguration` schema
401 - Unauthorized	Empty

HTTP method: PUT
Description: replace the specified PriorityLevelConfiguration

Table 8.14. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 8.15. Body parameters

Parameter	Type	Description
`body`	`PriorityLevelConfiguration` schema

Table 8.16. HTTP responses

HTTP code	Reponse body
200 - OK	`PriorityLevelConfiguration` schema
201 - Created	`PriorityLevelConfiguration` schema
401 - Unauthorized	Empty

8.2.4. /apis/flowcontrol.apiserver.k8s.io/v1/watch/prioritylevelconfigurations/{name}

Table 8.17. Global path parameters

Parameter	Type	Description
`name`	`string`	name of the PriorityLevelConfiguration

HTTP method: GET
Description: watch changes to an object of kind PriorityLevelConfiguration. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.

Table 8.18. HTTP responses

HTTP code	Reponse body
200 - OK	`WatchEvent` schema
401 - Unauthorized	Empty

8.2.5. /apis/flowcontrol.apiserver.k8s.io/v1/prioritylevelconfigurations/{name}/status

Table 8.19. Global path parameters

Parameter	Type	Description
`name`	`string`	name of the PriorityLevelConfiguration

HTTP method: GET
Description: read status of the specified PriorityLevelConfiguration

Table 8.20. HTTP responses

HTTP code	Reponse body
200 - OK	`PriorityLevelConfiguration` schema
401 - Unauthorized	Empty

HTTP method: PATCH
Description: partially update status of the specified PriorityLevelConfiguration

Table 8.21. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 8.22. HTTP responses

HTTP code	Reponse body
200 - OK	`PriorityLevelConfiguration` schema
201 - Created	`PriorityLevelConfiguration` schema
401 - Unauthorized	Empty

HTTP method: PUT
Description: replace status of the specified PriorityLevelConfiguration

Table 8.23. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 8.24. Body parameters

Parameter	Type	Description
`body`	`PriorityLevelConfiguration` schema

Table 8.25. HTTP responses

HTTP code	Reponse body
200 - OK	`PriorityLevelConfiguration` schema
201 - Created	`PriorityLevelConfiguration` schema
401 - Unauthorized	Empty

Chapter 9. ResourceQuota [v1]

Description: ResourceQuota sets aggregate quota restrictions enforced per namespace
Type: object

9.1. Specification

Property	Type	Description
`apiVersion`	`string`	APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: Content from git.k8s.io is not included.https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
`kind`	`string`	Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: Content from git.k8s.io is not included.https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
`metadata`	`ObjectMeta`	Standard object’s metadata. More info: Content from git.k8s.io is not included.https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
`spec`	`object`	ResourceQuotaSpec defines the desired hard limits to enforce for Quota.
`status`	`object`	ResourceQuotaStatus defines the enforced hard limits and observed use.

9.1.1. .spec

Description: ResourceQuotaSpec defines the desired hard limits to enforce for Quota.
Type: object

Property	Type	Description
`hard`	`object (Quantity)`	hard is the set of desired hard limits for each named resource. More info: Content from kubernetes.io is not included.https://kubernetes.io/docs/concepts/policy/resource-quotas/
`scopeSelector`	`object`	A scope selector represents the AND of the selectors represented by the scoped-resource selector requirements.
`scopes`	`array (string)`	A collection of filters that must match each object tracked by a quota. If not specified, the quota matches all objects.

9.1.2. .spec.scopeSelector

Description: A scope selector represents the AND of the selectors represented by the scoped-resource selector requirements.
Type: object

Property	Type	Description
`matchExpressions`	`array`	A list of scope selector requirements by scope of the resources.
`matchExpressions[]`	`object`	A scoped-resource selector requirement is a selector that contains values, a scope name, and an operator that relates the scope name and values.

9.1.3. .spec.scopeSelector.matchExpressions

Description: A list of scope selector requirements by scope of the resources.
Type: array

9.1.4. .spec.scopeSelector.matchExpressions[]

Description

A scoped-resource selector requirement is a selector that contains values, a scope name, and an operator that relates the scope name and values.

Type

object

Required

scopeName
operator

Property Type Description

operator

string

Represents a scope’s relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist.

Possible enum values: - "DoesNotExist" - "Exists" - "In" - "NotIn"

scopeName

string

The name of the scope that the selector applies to.

Possible enum values: - "BestEffort" Match all pod objects that have best effort quality of service - "CrossNamespacePodAffinity" Match all pod objects that have cross-namespace pod (anti)affinity mentioned. - "NotBestEffort" Match all pod objects that do not have best effort quality of service - "NotTerminating" Match all pod objects where spec.activeDeadlineSeconds is nil - "PriorityClass" Match all pod objects that have priority class mentioned - "Terminating" Match all pod objects where spec.activeDeadlineSeconds >=0 - "VolumeAttributesClass" Match all pvc objects that have volume attributes class mentioned.

values

array (string)

An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

9.1.5. .status

Description: ResourceQuotaStatus defines the enforced hard limits and observed use.
Type: object

Property	Type	Description
`hard`	`object (Quantity)`	Hard is the set of enforced hard limits for each named resource. More info: Content from kubernetes.io is not included.https://kubernetes.io/docs/concepts/policy/resource-quotas/
`used`	`object (Quantity)`	Used is the current observed total usage of the resource in the namespace.

9.2. API endpoints

The following API endpoints are available:

/api/v1/resourcequotas
- GET: list or watch objects of kind ResourceQuota
/api/v1/watch/resourcequotas
- GET: watch individual changes to a list of ResourceQuota. deprecated: use the 'watch' parameter with a list operation instead.
/api/v1/namespaces/{namespace}/resourcequotas
- DELETE: delete collection of ResourceQuota
- GET: list or watch objects of kind ResourceQuota
- POST: create a ResourceQuota
/api/v1/watch/namespaces/{namespace}/resourcequotas
- GET: watch individual changes to a list of ResourceQuota. deprecated: use the 'watch' parameter with a list operation instead.
/api/v1/namespaces/{namespace}/resourcequotas/{name}
- DELETE: delete a ResourceQuota
- GET: read the specified ResourceQuota
- PATCH: partially update the specified ResourceQuota
- PUT: replace the specified ResourceQuota
/api/v1/watch/namespaces/{namespace}/resourcequotas/{name}
- GET: watch changes to an object of kind ResourceQuota. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
/api/v1/namespaces/{namespace}/resourcequotas/{name}/status
- GET: read status of the specified ResourceQuota
- PATCH: partially update status of the specified ResourceQuota
- PUT: replace status of the specified ResourceQuota

9.2.1. /api/v1/resourcequotas

HTTP method: GET
Description: list or watch objects of kind ResourceQuota

Table 9.1. HTTP responses

HTTP code	Reponse body
200 - OK	`ResourceQuotaList` schema
401 - Unauthorized	Empty

9.2.2. /api/v1/watch/resourcequotas

HTTP method: GET
Description: watch individual changes to a list of ResourceQuota. deprecated: use the 'watch' parameter with a list operation instead.

Table 9.2. HTTP responses

HTTP code	Reponse body
200 - OK	`WatchEvent` schema
401 - Unauthorized	Empty

9.2.3. /api/v1/namespaces/{namespace}/resourcequotas

HTTP method: DELETE
Description: delete collection of ResourceQuota

Table 9.3. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

Table 9.4. HTTP responses

HTTP code	Reponse body
200 - OK	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: list or watch objects of kind ResourceQuota

Table 9.5. HTTP responses

HTTP code	Reponse body
200 - OK	`ResourceQuotaList` schema
401 - Unauthorized	Empty

HTTP method: POST
Description: create a ResourceQuota

Table 9.6. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 9.7. Body parameters

Parameter	Type	Description
`body`	`ResourceQuota` schema

Table 9.8. HTTP responses

HTTP code	Reponse body
200 - OK	`ResourceQuota` schema
201 - Created	`ResourceQuota` schema
202 - Accepted	`ResourceQuota` schema
401 - Unauthorized	Empty

9.2.4. /api/v1/watch/namespaces/{namespace}/resourcequotas

HTTP method: GET
Description: watch individual changes to a list of ResourceQuota. deprecated: use the 'watch' parameter with a list operation instead.

Table 9.9. HTTP responses

HTTP code	Reponse body
200 - OK	`WatchEvent` schema
401 - Unauthorized	Empty

9.2.5. /api/v1/namespaces/{namespace}/resourcequotas/{name}

Table 9.10. Global path parameters

Parameter	Type	Description
`name`	`string`	name of the ResourceQuota

HTTP method: DELETE
Description: delete a ResourceQuota

Table 9.11. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

Table 9.12. HTTP responses

HTTP code	Reponse body
200 - OK	`ResourceQuota` schema
202 - Accepted	`ResourceQuota` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: read the specified ResourceQuota

Table 9.13. HTTP responses

HTTP code	Reponse body
200 - OK	`ResourceQuota` schema
401 - Unauthorized	Empty

HTTP method: PATCH
Description: partially update the specified ResourceQuota

Table 9.14. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 9.15. HTTP responses

HTTP code	Reponse body
200 - OK	`ResourceQuota` schema
201 - Created	`ResourceQuota` schema
401 - Unauthorized	Empty

HTTP method: PUT
Description: replace the specified ResourceQuota

Table 9.16. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 9.17. Body parameters

Parameter	Type	Description
`body`	`ResourceQuota` schema

Table 9.18. HTTP responses

HTTP code	Reponse body
200 - OK	`ResourceQuota` schema
201 - Created	`ResourceQuota` schema
401 - Unauthorized	Empty

9.2.6. /api/v1/watch/namespaces/{namespace}/resourcequotas/{name}

Table 9.19. Global path parameters

Parameter	Type	Description
`name`	`string`	name of the ResourceQuota

HTTP method: GET
Description: watch changes to an object of kind ResourceQuota. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.

Table 9.20. HTTP responses

HTTP code	Reponse body
200 - OK	`WatchEvent` schema
401 - Unauthorized	Empty

9.2.7. /api/v1/namespaces/{namespace}/resourcequotas/{name}/status

Table 9.21. Global path parameters

Parameter	Type	Description
`name`	`string`	name of the ResourceQuota

HTTP method: GET
Description: read status of the specified ResourceQuota

Table 9.22. HTTP responses

HTTP code	Reponse body
200 - OK	`ResourceQuota` schema
401 - Unauthorized	Empty

HTTP method: PATCH
Description: partially update status of the specified ResourceQuota

Table 9.23. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 9.24. HTTP responses

HTTP code	Reponse body
200 - OK	`ResourceQuota` schema
201 - Created	`ResourceQuota` schema
401 - Unauthorized	Empty

HTTP method: PUT
Description: replace status of the specified ResourceQuota

Table 9.25. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 9.26. Body parameters

Parameter	Type	Description
`body`	`ResourceQuota` schema

Table 9.27. HTTP responses

HTTP code	Reponse body
200 - OK	`ResourceQuota` schema
201 - Created	`ResourceQuota` schema
401 - Unauthorized	Empty

Chapter 10. ResourceClaim [resource.k8s.io/v1]

Description

This is an alpha type and requires enabling the DynamicResourceAllocation feature gate.

Type

object

Required

spec

10.1. Specification

Property	Type	Description
`apiVersion`	`string`	APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: Content from git.k8s.io is not included.https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
`kind`	`string`	Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: Content from git.k8s.io is not included.https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
`metadata`	`ObjectMeta`	Standard object metadata
`spec`	`object`	ResourceClaimSpec defines what is being requested in a ResourceClaim and how to configure it.
`status`	`object`	ResourceClaimStatus tracks whether the resource has been allocated and what the result of that was.

10.1.1. .spec

Description: ResourceClaimSpec defines what is being requested in a ResourceClaim and how to configure it.
Type: object

Property	Type	Description
`devices`	`object`	DeviceClaim defines how to request devices with a ResourceClaim.

10.1.2. .spec.devices

Description: DeviceClaim defines how to request devices with a ResourceClaim.
Type: object

Property	Type	Description
`config`	`array`	This field holds configuration for multiple potential drivers which could satisfy requests in this claim. It is ignored while allocating the claim.
`config[]`	`object`	DeviceClaimConfiguration is used for configuration parameters in DeviceClaim.
`constraints`	`array`	These constraints must be satisfied by the set of devices that get allocated for the claim.
`constraints[]`	`object`	DeviceConstraint must have exactly one field set besides Requests.
`requests`	`array`	Requests represent individual requests for distinct devices which must all be satisfied. If empty, nothing needs to be allocated.
`requests[]`	`object`	DeviceRequest is a request for devices required for a claim. This is typically a request for a single resource like a device, but can also ask for several identical devices. With FirstAvailable it is also possible to provide a prioritized list of requests.

10.1.3. .spec.devices.config

Description: This field holds configuration for multiple potential drivers which could satisfy requests in this claim. It is ignored while allocating the claim.
Type: array

10.1.4. .spec.devices.config[]

Description: DeviceClaimConfiguration is used for configuration parameters in DeviceClaim.
Type: object

Property Type Description

opaque

object

OpaqueDeviceConfiguration contains configuration parameters for a driver in a format defined by the driver vendor.

requests

array (string)

Requests lists the names of requests where the configuration applies. If empty, it applies to all requests.

References to subrequests must include the name of the main request and may include the subrequest using the format <main request>[/<subrequest>]. If just the main request is given, the configuration applies to all subrequests.

10.1.5. .spec.devices.config[].opaque

Description

OpaqueDeviceConfiguration contains configuration parameters for a driver in a format defined by the driver vendor.

Type

object

Required

driver
parameters

Property Type Description

driver

string

Driver is used to determine which kubelet plugin needs to be passed these configuration parameters.

An admission policy provided by the driver developer could use this to decide whether it needs to validate them.

Must be a DNS subdomain and should end with a DNS domain owned by the vendor of the driver. It should use only lower case characters.

parameters

The length of the raw data must be smaller or equal to 10 Ki.

10.1.6. .spec.devices.constraints

Description: These constraints must be satisfied by the set of devices that get allocated for the claim.
Type: array

10.1.7. .spec.devices.constraints[]

Description: DeviceConstraint must have exactly one field set besides Requests.
Type: object

Property Type Description

distinctAttribute

string

DistinctAttribute requires that all devices in question have this attribute and that its type and value are unique across those devices.

This acts as the inverse of MatchAttribute.

This constraint is used to avoid allocating multiple requests to the same device by ensuring attribute-level differentiation.

This is useful for scenarios where resource requests must be fulfilled by separate physical devices. For example, a container requests two network interfaces that must be allocated from two different physical NICs.

matchAttribute

string

MatchAttribute requires that all devices in question have this attribute and that its type and value are the same across those devices.

For example, if you specified "dra.example.com/numa" (a hypothetical example!), then only devices in the same NUMA node will be chosen. A device which does not have that attribute will not be chosen. All devices should use a value of the same type for this attribute because that is part of its specification, but if one device doesn’t, then it also will not be chosen.

Must include the domain qualifier.

requests

array (string)

Requests is a list of the one or more requests in this claim which must co-satisfy this constraint. If a request is fulfilled by multiple devices, then all of the devices must satisfy the constraint. If this is not specified, this constraint applies to all requests in this claim.

10.1.8. .spec.devices.requests

Description: Requests represent individual requests for distinct devices which must all be satisfied. If empty, nothing needs to be allocated.
Type: array

10.1.9. .spec.devices.requests[]

Description

DeviceRequest is a request for devices required for a claim. This is typically a request for a single resource like a device, but can also ask for several identical devices. With FirstAvailable it is also possible to provide a prioritized list of requests.

Type

object

Required

name

Property	Type	Description
`exactly`	`object`	ExactDeviceRequest is a request for one or more identical devices.
`firstAvailable`	`array`	FirstAvailable contains subrequests, of which exactly one will be selected by the scheduler. It tries to satisfy them in the order in which they are listed here. So if there are two entries in the list, the scheduler will only check the second one if it determines that the first one can not be used. DRA does not yet implement scoring, so the scheduler will select the first set of devices that satisfies all the requests in the claim. And if the requirements can be satisfied on more than one node, other scheduling features will determine which node is chosen. This means that the set of devices allocated to a claim might not be the optimal set available to the cluster. Scoring will be implemented later.
`firstAvailable[]`	`object`	DeviceSubRequest describes a request for device provided in the claim.spec.devices.requests[].firstAvailable array. Each is typically a request for a single resource like a device, but can also ask for several identical devices. DeviceSubRequest is similar to ExactDeviceRequest, but doesn’t expose the AdminAccess field as that one is only supported when requesting a specific device.
`name`	`string`	Name can be used to reference this request in a pod.spec.containers[].resources.claims entry and in a constraint of the claim. References using the name in the DeviceRequest will uniquely identify a request when the Exactly field is set. When the FirstAvailable field is set, a reference to the name of the DeviceRequest will match whatever subrequest is chosen by the scheduler. Must be a DNS label.

10.1.10. .spec.devices.requests[].exactly

Description

ExactDeviceRequest is a request for one or more identical devices.

Type

object

Required

deviceClassName

Property	Type	Description
`adminAccess`	`boolean`	AdminAccess indicates that this is a claim for administrative access to the device(s). Claims with AdminAccess are expected to be used for monitoring or other management services for a device. They ignore all ordinary claims to the device with respect to access modes and any resource allocations. This is an alpha field and requires enabling the DRAAdminAccess feature gate. Admin access is disabled if this field is unset or set to false, otherwise it is enabled.
`allocationMode`	`string`	AllocationMode and its related fields define how devices are allocated to satisfy this request. Supported values are: - ExactCount: This request is for a specific number of devices. This is the default. The exact number is provided in the count field. - All: This request is for all of the matching devices in a pool. At least one device must exist on the node for the allocation to succeed. Allocation will fail if some devices are already allocated, unless adminAccess is requested. If AllocationMode is not specified, the default mode is ExactCount. If the mode is ExactCount and count is not specified, the default count is one. Any other requests must specify this field. More modes may get added in the future. Clients must refuse to handle requests with unknown modes. Possible enum values: - `"All"` - `"ExactCount"`
`capacity`	`object`	CapacityRequirements defines the capacity requirements for a specific device request.
`count`	`integer`	Count is used only when the count mode is "ExactCount". Must be greater than zero. If AllocationMode is ExactCount and this field is not specified, the default is one.
`deviceClassName`	`string`	DeviceClassName references a specific DeviceClass, which can define additional configuration and selectors to be inherited by this request. A DeviceClassName is required. Administrators may use this to restrict which devices may get requested by only installing classes with selectors for permitted devices. If users are free to request anything without restrictions, then administrators can create an empty DeviceClass for users to reference.
`selectors`	`array`	Selectors define criteria which must be satisfied by a specific device in order for that device to be considered for this request. All selectors must be satisfied for a device to be considered.
`selectors[]`	`object`	DeviceSelector must have exactly one field set.
`tolerations`	`array`	If specified, the request’s tolerations. Tolerations for NoSchedule are required to allocate a device which has a taint with that effect. The same applies to NoExecute. In addition, should any of the allocated devices get tainted with NoExecute after allocation and that effect is not tolerated, then all pods consuming the ResourceClaim get deleted to evict them. The scheduler will not let new pods reserve the claim while it has these tainted devices. Once all pods are evicted, the claim will get deallocated. The maximum number of tolerations is 16. This is an alpha field and requires enabling the DRADeviceTaints feature gate.
`tolerations[]`	`object`	The ResourceClaim this DeviceToleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.

10.1.11. .spec.devices.requests[].exactly.capacity

Description: CapacityRequirements defines the capacity requirements for a specific device request.
Type: object

Property Type Description

requests

Requests represent individual device resource requests for distinct resources, all of which must be provided by the device.

This value is used as an additional filtering condition against the available capacity on the device. This is semantically equivalent to a CEL selector with device.capacity[<domain>].<name>.compareTo(quantity(<request quantity>)) >= 0. For example, device.capacity['test-driver.cdi.k8s.io'].counters.compareTo(quantity('2')) >= 0.

When a requestPolicy is defined, the requested amount is adjusted upward to the nearest valid value based on the policy. If the requested amount cannot be adjusted to a valid value—because it exceeds what the requestPolicy allows— the device is considered ineligible for allocation.

For any capacity that is not explicitly requested: - If no requestPolicy is set, the default consumed capacity is equal to the full device capacity (i.e., the whole device is claimed). - If a requestPolicy is set, the default consumed capacity is determined according to that policy.

If the device allows multiple allocation, the aggregated amount across all requests must not exceed the capacity value. The consumed capacity, which may be adjusted based on the requestPolicy if defined, is recorded in the resource claim’s status.devices[*].consumedCapacity field.

10.1.12. .spec.devices.requests[].exactly.selectors

Description: Selectors define criteria which must be satisfied by a specific device in order for that device to be considered for this request. All selectors must be satisfied for a device to be considered.
Type: array

10.1.13. .spec.devices.requests[].exactly.selectors[]

Description: DeviceSelector must have exactly one field set.
Type: object

Property	Type	Description
`cel`	`object`	CELDeviceSelector contains a CEL expression for selecting a device.

10.1.14. .spec.devices.requests[].exactly.selectors[].cel

Description

CELDeviceSelector contains a CEL expression for selecting a device.

Type

object

Required

expression

Property Type Description

expression

string

device.driver device.attributes["dra.example.com"].model device.attributes["ext.example.com"].family device.capacity["dra.example.com"].modules

A robust expression should check for the existence of attributes before referencing them.

For ease of use, the cel.bind() function is enabled, and can be used to simplify expressions that access multiple attributes with the same domain. For example:

cel.bind(dra, device.attributes["dra.example.com"], dra.someBool && dra.anotherBool)

The length of the expression must be smaller or equal to 10 Ki. The cost of evaluating it is also limited based on the estimated number of logical steps.

10.1.15. .spec.devices.requests[].exactly.tolerations

Description

If specified, the request’s tolerations.

Tolerations for NoSchedule are required to allocate a device which has a taint with that effect. The same applies to NoExecute.

In addition, should any of the allocated devices get tainted with NoExecute after allocation and that effect is not tolerated, then all pods consuming the ResourceClaim get deleted to evict them. The scheduler will not let new pods reserve the claim while it has these tainted devices. Once all pods are evicted, the claim will get deallocated.

The maximum number of tolerations is 16.

This is an alpha field and requires enabling the DRADeviceTaints feature gate.

Type

array

10.1.16. .spec.devices.requests[].exactly.tolerations[]

Description: The ResourceClaim this DeviceToleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.
Type: object

Property	Type	Description
`effect`	`string`	Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule and NoExecute. Possible enum values: - `"NoExecute"` Evict any already-running pods that do not tolerate the device taint. - `"NoSchedule"` Do not allow new pods to schedule which use a tainted device unless they tolerate the taint, but allow all pods submitted to Kubelet without going through the scheduler to start, and allow all already-running pods to continue running. - `"None"` No effect, the taint is purely informational.
`key`	`string`	Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. Must be a label name.
`operator`	`string`	Operator represents a key’s relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a ResourceClaim can tolerate all taints of a particular category. Possible enum values: - `"Equal"` - `"Exists"`
`tolerationSeconds`	`integer`	TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. If larger than zero, the time when the pod needs to be evicted is calculated as <time when taint was adedd> + <toleration seconds>.
`value`	`string`	Value is the taint value the toleration matches to. If the operator is Exists, the value must be empty, otherwise just a regular string. Must be a label value.

10.1.17. .spec.devices.requests[].firstAvailable

Description

FirstAvailable contains subrequests, of which exactly one will be selected by the scheduler. It tries to satisfy them in the order in which they are listed here. So if there are two entries in the list, the scheduler will only check the second one if it determines that the first one can not be used.

DRA does not yet implement scoring, so the scheduler will select the first set of devices that satisfies all the requests in the claim. And if the requirements can be satisfied on more than one node, other scheduling features will determine which node is chosen. This means that the set of devices allocated to a claim might not be the optimal set available to the cluster. Scoring will be implemented later.

Type

array

10.1.18. .spec.devices.requests[].firstAvailable[]

Description

DeviceSubRequest describes a request for device provided in the claim.spec.devices.requests[].firstAvailable array. Each is typically a request for a single resource like a device, but can also ask for several identical devices.

DeviceSubRequest is similar to ExactDeviceRequest, but doesn’t expose the AdminAccess field as that one is only supported when requesting a specific device.

Type

object

Required

name
deviceClassName

Property	Type	Description
`allocationMode`	`string`	AllocationMode and its related fields define how devices are allocated to satisfy this subrequest. Supported values are: - ExactCount: This request is for a specific number of devices. This is the default. The exact number is provided in the count field. - All: This subrequest is for all of the matching devices in a pool. Allocation will fail if some devices are already allocated, unless adminAccess is requested. If AllocationMode is not specified, the default mode is ExactCount. If the mode is ExactCount and count is not specified, the default count is one. Any other subrequests must specify this field. More modes may get added in the future. Clients must refuse to handle requests with unknown modes. Possible enum values: - `"All"` - `"ExactCount"`
`capacity`	`object`	CapacityRequirements defines the capacity requirements for a specific device request.
`count`	`integer`	Count is used only when the count mode is "ExactCount". Must be greater than zero. If AllocationMode is ExactCount and this field is not specified, the default is one.
`deviceClassName`	`string`	DeviceClassName references a specific DeviceClass, which can define additional configuration and selectors to be inherited by this subrequest. A class is required. Which classes are available depends on the cluster. Administrators may use this to restrict which devices may get requested by only installing classes with selectors for permitted devices. If users are free to request anything without restrictions, then administrators can create an empty DeviceClass for users to reference.
`name`	`string`	Name can be used to reference this subrequest in the list of constraints or the list of configurations for the claim. References must use the format <main request>/<subrequest>. Must be a DNS label.
`selectors`	`array`	Selectors define criteria which must be satisfied by a specific device in order for that device to be considered for this subrequest. All selectors must be satisfied for a device to be considered.
`selectors[]`	`object`	DeviceSelector must have exactly one field set.
`tolerations`	`array`	If specified, the request’s tolerations. Tolerations for NoSchedule are required to allocate a device which has a taint with that effect. The same applies to NoExecute. In addition, should any of the allocated devices get tainted with NoExecute after allocation and that effect is not tolerated, then all pods consuming the ResourceClaim get deleted to evict them. The scheduler will not let new pods reserve the claim while it has these tainted devices. Once all pods are evicted, the claim will get deallocated. The maximum number of tolerations is 16. This is an alpha field and requires enabling the DRADeviceTaints feature gate.
`tolerations[]`	`object`	The ResourceClaim this DeviceToleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.

10.1.19. .spec.devices.requests[].firstAvailable[].capacity

Description: CapacityRequirements defines the capacity requirements for a specific device request.
Type: object

Property Type Description

requests

Requests represent individual device resource requests for distinct resources, all of which must be provided by the device.

10.1.20. .spec.devices.requests[].firstAvailable[].selectors

Description: Selectors define criteria which must be satisfied by a specific device in order for that device to be considered for this subrequest. All selectors must be satisfied for a device to be considered.
Type: array

10.1.21. .spec.devices.requests[].firstAvailable[].selectors[]

Description: DeviceSelector must have exactly one field set.
Type: object

Property	Type	Description
`cel`	`object`	CELDeviceSelector contains a CEL expression for selecting a device.

10.1.22. .spec.devices.requests[].firstAvailable[].selectors[].cel

Description

CELDeviceSelector contains a CEL expression for selecting a device.

Type

object

Required

expression

Property Type Description

expression

string

device.driver device.attributes["dra.example.com"].model device.attributes["ext.example.com"].family device.capacity["dra.example.com"].modules

A robust expression should check for the existence of attributes before referencing them.

For ease of use, the cel.bind() function is enabled, and can be used to simplify expressions that access multiple attributes with the same domain. For example:

cel.bind(dra, device.attributes["dra.example.com"], dra.someBool && dra.anotherBool)

The length of the expression must be smaller or equal to 10 Ki. The cost of evaluating it is also limited based on the estimated number of logical steps.

10.1.23. .spec.devices.requests[].firstAvailable[].tolerations

Description

If specified, the request’s tolerations.

Tolerations for NoSchedule are required to allocate a device which has a taint with that effect. The same applies to NoExecute.

The maximum number of tolerations is 16.

This is an alpha field and requires enabling the DRADeviceTaints feature gate.

Type

array

10.1.24. .spec.devices.requests[].firstAvailable[].tolerations[]

Description: The ResourceClaim this DeviceToleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.
Type: object

Property	Type	Description
`effect`	`string`	Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule and NoExecute. Possible enum values: - `"NoExecute"` Evict any already-running pods that do not tolerate the device taint. - `"NoSchedule"` Do not allow new pods to schedule which use a tainted device unless they tolerate the taint, but allow all pods submitted to Kubelet without going through the scheduler to start, and allow all already-running pods to continue running. - `"None"` No effect, the taint is purely informational.
`key`	`string`	Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. Must be a label name.
`operator`	`string`	Operator represents a key’s relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a ResourceClaim can tolerate all taints of a particular category. Possible enum values: - `"Equal"` - `"Exists"`
`tolerationSeconds`	`integer`	TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. If larger than zero, the time when the pod needs to be evicted is calculated as <time when taint was adedd> + <toleration seconds>.
`value`	`string`	Value is the taint value the toleration matches to. If the operator is Exists, the value must be empty, otherwise just a regular string. Must be a label value.

10.1.25. .status

Description: ResourceClaimStatus tracks whether the resource has been allocated and what the result of that was.
Type: object

Property	Type	Description
`allocation`	`object`	AllocationResult contains attributes of an allocated resource.
`devices`	`array`	Devices contains the status of each device allocated for this claim, as reported by the driver. This can include driver-specific information. Entries are owned by their respective drivers.
`devices[]`	`object`	AllocatedDeviceStatus contains the status of an allocated device, if the driver chooses to report it. This may include driver-specific information. The combination of Driver, Pool, Device, and ShareID must match the corresponding key in Status.Allocation.Devices.
`reservedFor`	`array`	ReservedFor indicates which entities are currently allowed to use the claim. A Pod which references a ResourceClaim which is not reserved for that Pod will not be started. A claim that is in use or might be in use because it has been reserved must not get deallocated. In a cluster with multiple scheduler instances, two pods might get scheduled concurrently by different schedulers. When they reference the same ResourceClaim which already has reached its maximum number of consumers, only one pod can be scheduled. Both schedulers try to add their pod to the claim.status.reservedFor field, but only the update that reaches the API server first gets stored. The other one fails with an error and the scheduler which issued it knows that it must put the pod back into the queue, waiting for the ResourceClaim to become usable again. There can be at most 256 such reservations. This may get increased in the future, but not reduced.
`reservedFor[]`	`object`	ResourceClaimConsumerReference contains enough information to let you locate the consumer of a ResourceClaim. The user must be a resource in the same namespace as the ResourceClaim.

10.1.26. .status.allocation

Description: AllocationResult contains attributes of an allocated resource.
Type: object

Property Type Description

allocationTimestamp

Time

AllocationTimestamp stores the time when the resources were allocated. This field is not guaranteed to be set, in which case that time is unknown.

This is an alpha field and requires enabling the DRADeviceBindingConditions and DRAResourceClaimDeviceStatus feature gate.

devices

object

DeviceAllocationResult is the result of allocating devices.

nodeSelector

NodeSelector

NodeSelector defines where the allocated resources are available. If unset, they are available everywhere.

10.1.27. .status.allocation.devices

Description: DeviceAllocationResult is the result of allocating devices.
Type: object

Property	Type	Description
`config`	`array`	This field is a combination of all the claim and class configuration parameters. Drivers can distinguish between those based on a flag. This includes configuration parameters for drivers which have no allocated devices in the result because it is up to the drivers which configuration parameters they support. They can silently ignore unknown configuration parameters.
`config[]`	`object`	DeviceAllocationConfiguration gets embedded in an AllocationResult.
`results`	`array`	Results lists all allocated devices.
`results[]`	`object`	DeviceRequestAllocationResult contains the allocation result for one request.

10.1.28. .status.allocation.devices.config

Description

This field is a combination of all the claim and class configuration parameters. Drivers can distinguish between those based on a flag.

This includes configuration parameters for drivers which have no allocated devices in the result because it is up to the drivers which configuration parameters they support. They can silently ignore unknown configuration parameters.

Type

array

10.1.29. .status.allocation.devices.config[]

Description

DeviceAllocationConfiguration gets embedded in an AllocationResult.

Type

object

Required

source

Property Type Description

opaque

object

OpaqueDeviceConfiguration contains configuration parameters for a driver in a format defined by the driver vendor.

requests

array (string)

Requests lists the names of requests where the configuration applies. If empty, its applies to all requests.

source

string

Source records whether the configuration comes from a class and thus is not something that a normal user would have been able to set or from a claim.

Possible enum values: - "FromClaim" - "FromClass"

10.1.30. .status.allocation.devices.config[].opaque

Description

OpaqueDeviceConfiguration contains configuration parameters for a driver in a format defined by the driver vendor.

Type

object

Required

driver
parameters

Property Type Description

driver

string

Driver is used to determine which kubelet plugin needs to be passed these configuration parameters.

An admission policy provided by the driver developer could use this to decide whether it needs to validate them.

Must be a DNS subdomain and should end with a DNS domain owned by the vendor of the driver. It should use only lower case characters.

parameters

The length of the raw data must be smaller or equal to 10 Ki.

10.1.31. .status.allocation.devices.results

Description: Results lists all allocated devices.
Type: array

10.1.32. .status.allocation.devices.results[]

Description

DeviceRequestAllocationResult contains the allocation result for one request.

Type

object

Required

request
driver
pool
device

Property	Type	Description
`adminAccess`	`boolean`	AdminAccess indicates that this device was allocated for administrative access. See the corresponding request field for a definition of mode. This is an alpha field and requires enabling the DRAAdminAccess feature gate. Admin access is disabled if this field is unset or set to false, otherwise it is enabled.
`bindingConditions`	`array (string)`	BindingConditions contains a copy of the BindingConditions from the corresponding ResourceSlice at the time of allocation. This is an alpha field and requires enabling the DRADeviceBindingConditions and DRAResourceClaimDeviceStatus feature gates.
`bindingFailureConditions`	`array (string)`	BindingFailureConditions contains a copy of the BindingFailureConditions from the corresponding ResourceSlice at the time of allocation. This is an alpha field and requires enabling the DRADeviceBindingConditions and DRAResourceClaimDeviceStatus feature gates.
`consumedCapacity`	`object (Quantity)`	ConsumedCapacity tracks the amount of capacity consumed per device as part of the claim request. The consumed amount may differ from the requested amount: it is rounded up to the nearest valid value based on the device’s requestPolicy if applicable (i.e., may not be less than the requested amount). The total consumed capacity for each device must not exceed the DeviceCapacity’s Value. This field is populated only for devices that allow multiple allocations. All capacity entries are included, even if the consumed amount is zero.
`device`	`string`	Device references one device instance via its name in the driver’s resource pool. It must be a DNS label.
`driver`	`string`	Driver specifies the name of the DRA driver whose kubelet plugin should be invoked to process the allocation once the claim is needed on a node. Must be a DNS subdomain and should end with a DNS domain owned by the vendor of the driver. It should use only lower case characters.
`pool`	`string`	This name together with the driver name and the device name field identify which device was allocated (`<driver name>/<pool name>/<device name>`). Must not be longer than 253 characters and may contain one or more DNS sub-domains separated by slashes.
`request`	`string`	Request is the name of the request in the claim which caused this device to be allocated. If it references a subrequest in the firstAvailable list on a DeviceRequest, this field must include both the name of the main request and the subrequest using the format <main request>/<subrequest>. Multiple devices may have been allocated per request.
`shareID`	`string`	ShareID uniquely identifies an individual allocation share of the device, used when the device supports multiple simultaneous allocations. It serves as an additional map key to differentiate concurrent shares of the same device.
`tolerations`	`array`	A copy of all tolerations specified in the request at the time when the device got allocated. The maximum number of tolerations is 16. This is an alpha field and requires enabling the DRADeviceTaints feature gate.
`tolerations[]`	`object`	The ResourceClaim this DeviceToleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.

10.1.33. .status.allocation.devices.results[].tolerations

Description

A copy of all tolerations specified in the request at the time when the device got allocated.

The maximum number of tolerations is 16.

This is an alpha field and requires enabling the DRADeviceTaints feature gate.

Type

array

10.1.34. .status.allocation.devices.results[].tolerations[]

Description: The ResourceClaim this DeviceToleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.
Type: object

Property	Type	Description
`effect`	`string`	Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule and NoExecute. Possible enum values: - `"NoExecute"` Evict any already-running pods that do not tolerate the device taint. - `"NoSchedule"` Do not allow new pods to schedule which use a tainted device unless they tolerate the taint, but allow all pods submitted to Kubelet without going through the scheduler to start, and allow all already-running pods to continue running. - `"None"` No effect, the taint is purely informational.
`key`	`string`	Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. Must be a label name.
`operator`	`string`	Operator represents a key’s relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a ResourceClaim can tolerate all taints of a particular category. Possible enum values: - `"Equal"` - `"Exists"`
`tolerationSeconds`	`integer`	TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. If larger than zero, the time when the pod needs to be evicted is calculated as <time when taint was adedd> + <toleration seconds>.
`value`	`string`	Value is the taint value the toleration matches to. If the operator is Exists, the value must be empty, otherwise just a regular string. Must be a label value.

10.1.35. .status.devices

Description: Devices contains the status of each device allocated for this claim, as reported by the driver. This can include driver-specific information. Entries are owned by their respective drivers.
Type: array

10.1.36. .status.devices[]

Description

AllocatedDeviceStatus contains the status of an allocated device, if the driver chooses to report it. This may include driver-specific information.

The combination of Driver, Pool, Device, and ShareID must match the corresponding key in Status.Allocation.Devices.

Type

object

Required

driver
pool
device

Property	Type	Description
`conditions`	`array (Condition)`	Conditions contains the latest observation of the device’s state. If the device has been configured according to the class and claim config references, the `Ready` condition should be True. Must not contain more than 8 entries.
`data`	`RawExtension`	Data contains arbitrary driver-specific data. The length of the raw data must be smaller or equal to 10 Ki.
`device`	`string`	Device references one device instance via its name in the driver’s resource pool. It must be a DNS label.
`driver`	`string`	Driver specifies the name of the DRA driver whose kubelet plugin should be invoked to process the allocation once the claim is needed on a node. Must be a DNS subdomain and should end with a DNS domain owned by the vendor of the driver. It should use only lower case characters.
`networkData`	`object`	NetworkDeviceData provides network-related details for the allocated device. This information may be filled by drivers or other components to configure or identify the device within a network context.
`pool`	`string`	This name together with the driver name and the device name field identify which device was allocated (`<driver name>/<pool name>/<device name>`). Must not be longer than 253 characters and may contain one or more DNS sub-domains separated by slashes.
`shareID`	`string`	ShareID uniquely identifies an individual allocation share of the device.

10.1.37. .status.devices[].networkData

Description: NetworkDeviceData provides network-related details for the allocated device. This information may be filled by drivers or other components to configure or identify the device within a network context.
Type: object

Property Type Description

hardwareAddress

string

HardwareAddress represents the hardware address (e.g. MAC Address) of the device’s network interface.

Must not be longer than 128 characters.

interfaceName

string

InterfaceName specifies the name of the network interface associated with the allocated device. This might be the name of a physical or virtual network interface being configured in the pod.

Must not be longer than 256 characters.

ips

array (string)

IPs lists the network addresses assigned to the device’s network interface. This can include both IPv4 and IPv6 addresses. The IPs are in the CIDR notation, which includes both the address and the associated subnet mask. e.g.: "192.0.2.5/24" for IPv4 and "2001:db8::5/64" for IPv6.

10.1.38. .status.reservedFor

Description

ReservedFor indicates which entities are currently allowed to use the claim. A Pod which references a ResourceClaim which is not reserved for that Pod will not be started. A claim that is in use or might be in use because it has been reserved must not get deallocated.

In a cluster with multiple scheduler instances, two pods might get scheduled concurrently by different schedulers. When they reference the same ResourceClaim which already has reached its maximum number of consumers, only one pod can be scheduled.

Both schedulers try to add their pod to the claim.status.reservedFor field, but only the update that reaches the API server first gets stored. The other one fails with an error and the scheduler which issued it knows that it must put the pod back into the queue, waiting for the ResourceClaim to become usable again.

There can be at most 256 such reservations. This may get increased in the future, but not reduced.

Type

array

10.1.39. .status.reservedFor[]

Description

ResourceClaimConsumerReference contains enough information to let you locate the consumer of a ResourceClaim. The user must be a resource in the same namespace as the ResourceClaim.

Type

object

Required

resource
name
uid

Property	Type	Description
`apiGroup`	`string`	APIGroup is the group for the resource being referenced. It is empty for the core API. This matches the group in the APIVersion that is used when creating the resources.
`name`	`string`	Name is the name of resource being referenced.
`resource`	`string`	Resource is the type of resource being referenced, for example "pods".
`uid`	`string`	UID identifies exactly one incarnation of the resource.

10.2. API endpoints

The following API endpoints are available:

/apis/resource.k8s.io/v1/resourceclaims
- GET: list or watch objects of kind ResourceClaim
/apis/resource.k8s.io/v1/watch/resourceclaims
- GET: watch individual changes to a list of ResourceClaim. deprecated: use the 'watch' parameter with a list operation instead.
/apis/resource.k8s.io/v1/namespaces/{namespace}/resourceclaims
- DELETE: delete collection of ResourceClaim
- GET: list or watch objects of kind ResourceClaim
- POST: create a ResourceClaim
/apis/resource.k8s.io/v1/watch/namespaces/{namespace}/resourceclaims
- GET: watch individual changes to a list of ResourceClaim. deprecated: use the 'watch' parameter with a list operation instead.
/apis/resource.k8s.io/v1/namespaces/{namespace}/resourceclaims/{name}
- DELETE: delete a ResourceClaim
- GET: read the specified ResourceClaim
- PATCH: partially update the specified ResourceClaim
- PUT: replace the specified ResourceClaim
/apis/resource.k8s.io/v1/watch/namespaces/{namespace}/resourceclaims/{name}
- GET: watch changes to an object of kind ResourceClaim. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.
/apis/resource.k8s.io/v1/namespaces/{namespace}/resourceclaims/{name}/status
- GET: read status of the specified ResourceClaim
- PATCH: partially update status of the specified ResourceClaim
- PUT: replace status of the specified ResourceClaim

10.2.1. /apis/resource.k8s.io/v1/resourceclaims

HTTP method: GET
Description: list or watch objects of kind ResourceClaim

Table 10.1. HTTP responses

HTTP code	Reponse body
200 - OK	`ResourceClaimList` schema
401 - Unauthorized	Empty

10.2.2. /apis/resource.k8s.io/v1/watch/resourceclaims

HTTP method: GET
Description: watch individual changes to a list of ResourceClaim. deprecated: use the 'watch' parameter with a list operation instead.

Table 10.2. HTTP responses

HTTP code	Reponse body
200 - OK	`WatchEvent` schema
401 - Unauthorized	Empty

10.2.3. /apis/resource.k8s.io/v1/namespaces/{namespace}/resourceclaims

HTTP method: DELETE
Description: delete collection of ResourceClaim

Table 10.3. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

Table 10.4. HTTP responses

HTTP code	Reponse body
200 - OK	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: list or watch objects of kind ResourceClaim

Table 10.5. HTTP responses

HTTP code	Reponse body
200 - OK	`ResourceClaimList` schema
401 - Unauthorized	Empty

HTTP method: POST
Description: create a ResourceClaim

Table 10.6. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 10.7. Body parameters

Parameter	Type	Description
`body`	`ResourceClaim` schema

Table 10.8. HTTP responses

HTTP code	Reponse body
200 - OK	`ResourceClaim` schema
201 - Created	`ResourceClaim` schema
202 - Accepted	`ResourceClaim` schema
401 - Unauthorized	Empty

10.2.4. /apis/resource.k8s.io/v1/watch/namespaces/{namespace}/resourceclaims

HTTP method: GET
Description: watch individual changes to a list of ResourceClaim. deprecated: use the 'watch' parameter with a list operation instead.

Table 10.9. HTTP responses

HTTP code	Reponse body
200 - OK	`WatchEvent` schema
401 - Unauthorized	Empty

10.2.5. /apis/resource.k8s.io/v1/namespaces/{namespace}/resourceclaims/{name}

Table 10.10. Global path parameters

Parameter	Type	Description
`name`	`string`	name of the ResourceClaim

HTTP method: DELETE
Description: delete a ResourceClaim

Table 10.11. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

Table 10.12. HTTP responses

HTTP code	Reponse body
200 - OK	`ResourceClaim` schema
202 - Accepted	`ResourceClaim` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: read the specified ResourceClaim

Table 10.13. HTTP responses

HTTP code	Reponse body
200 - OK	`ResourceClaim` schema
401 - Unauthorized	Empty

HTTP method: PATCH
Description: partially update the specified ResourceClaim

Table 10.14. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 10.15. HTTP responses

HTTP code	Reponse body
200 - OK	`ResourceClaim` schema
201 - Created	`ResourceClaim` schema
401 - Unauthorized	Empty

HTTP method: PUT
Description: replace the specified ResourceClaim

Table 10.16. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 10.17. Body parameters

Parameter	Type	Description
`body`	`ResourceClaim` schema

Table 10.18. HTTP responses

HTTP code	Reponse body
200 - OK	`ResourceClaim` schema
201 - Created	`ResourceClaim` schema
401 - Unauthorized	Empty

10.2.6. /apis/resource.k8s.io/v1/watch/namespaces/{namespace}/resourceclaims/{name}

Table 10.19. Global path parameters

Parameter	Type	Description
`name`	`string`	name of the ResourceClaim

HTTP method: GET
Description: watch changes to an object of kind ResourceClaim. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.

Table 10.20. HTTP responses

HTTP code	Reponse body
200 - OK	`WatchEvent` schema
401 - Unauthorized	Empty

10.2.7. /apis/resource.k8s.io/v1/namespaces/{namespace}/resourceclaims/{name}/status

Table 10.21. Global path parameters

Parameter	Type	Description
`name`	`string`	name of the ResourceClaim

HTTP method: GET
Description: read status of the specified ResourceClaim

Table 10.22. HTTP responses

HTTP code	Reponse body
200 - OK	`ResourceClaim` schema
401 - Unauthorized	Empty

HTTP method: PATCH
Description: partially update status of the specified ResourceClaim

Table 10.23. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 10.24. HTTP responses

HTTP code	Reponse body
200 - OK	`ResourceClaim` schema
201 - Created	`ResourceClaim` schema
401 - Unauthorized	Empty

HTTP method: PUT
Description: replace status of the specified ResourceClaim

Table 10.25. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 10.26. Body parameters

Parameter	Type	Description
`body`	`ResourceClaim` schema

Table 10.27. HTTP responses

HTTP code	Reponse body
200 - OK	`ResourceClaim` schema
201 - Created	`ResourceClaim` schema
401 - Unauthorized	Empty

Chapter 11. ResourceClaimTemplate [resource.k8s.io/v1]

Description

ResourceClaimTemplate is used to produce ResourceClaim objects.

This is an alpha type and requires enabling the DynamicResourceAllocation feature gate.

Type

object

Required

spec

11.1. Specification

Property	Type	Description
`apiVersion`	`string`	APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: Content from git.k8s.io is not included.https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
`kind`	`string`	Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: Content from git.k8s.io is not included.https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
`metadata`	`ObjectMeta`	Standard object metadata
`spec`	`object`	ResourceClaimTemplateSpec contains the metadata and fields for a ResourceClaim.

11.1.1. .spec

Description

ResourceClaimTemplateSpec contains the metadata and fields for a ResourceClaim.

Type

object

Required

spec

Property	Type	Description
`metadata`	`ObjectMeta`	ObjectMeta may contain labels and annotations that will be copied into the ResourceClaim when creating it. No other fields are allowed and will be rejected during validation.
`spec`	`object`	ResourceClaimSpec defines what is being requested in a ResourceClaim and how to configure it.

11.1.2. .spec.spec

Description: ResourceClaimSpec defines what is being requested in a ResourceClaim and how to configure it.
Type: object

Property	Type	Description
`devices`	`object`	DeviceClaim defines how to request devices with a ResourceClaim.

11.1.3. .spec.spec.devices

Description: DeviceClaim defines how to request devices with a ResourceClaim.
Type: object

Property	Type	Description
`config`	`array`	This field holds configuration for multiple potential drivers which could satisfy requests in this claim. It is ignored while allocating the claim.
`config[]`	`object`	DeviceClaimConfiguration is used for configuration parameters in DeviceClaim.
`constraints`	`array`	These constraints must be satisfied by the set of devices that get allocated for the claim.
`constraints[]`	`object`	DeviceConstraint must have exactly one field set besides Requests.
`requests`	`array`	Requests represent individual requests for distinct devices which must all be satisfied. If empty, nothing needs to be allocated.
`requests[]`	`object`	DeviceRequest is a request for devices required for a claim. This is typically a request for a single resource like a device, but can also ask for several identical devices. With FirstAvailable it is also possible to provide a prioritized list of requests.

11.1.4. .spec.spec.devices.config

Description: This field holds configuration for multiple potential drivers which could satisfy requests in this claim. It is ignored while allocating the claim.
Type: array

11.1.5. .spec.spec.devices.config[]

Description: DeviceClaimConfiguration is used for configuration parameters in DeviceClaim.
Type: object

Property Type Description

opaque

object

OpaqueDeviceConfiguration contains configuration parameters for a driver in a format defined by the driver vendor.

requests

array (string)

Requests lists the names of requests where the configuration applies. If empty, it applies to all requests.

11.1.6. .spec.spec.devices.config[].opaque

Description

OpaqueDeviceConfiguration contains configuration parameters for a driver in a format defined by the driver vendor.

Type

object

Required

driver
parameters

Property Type Description

driver

string

Driver is used to determine which kubelet plugin needs to be passed these configuration parameters.

An admission policy provided by the driver developer could use this to decide whether it needs to validate them.

Must be a DNS subdomain and should end with a DNS domain owned by the vendor of the driver. It should use only lower case characters.

parameters

The length of the raw data must be smaller or equal to 10 Ki.

11.1.7. .spec.spec.devices.constraints

Description: These constraints must be satisfied by the set of devices that get allocated for the claim.
Type: array

11.1.8. .spec.spec.devices.constraints[]

Description: DeviceConstraint must have exactly one field set besides Requests.
Type: object

Property Type Description

distinctAttribute

string

DistinctAttribute requires that all devices in question have this attribute and that its type and value are unique across those devices.

This acts as the inverse of MatchAttribute.

This constraint is used to avoid allocating multiple requests to the same device by ensuring attribute-level differentiation.

matchAttribute

string

MatchAttribute requires that all devices in question have this attribute and that its type and value are the same across those devices.

Must include the domain qualifier.

requests

array (string)

11.1.9. .spec.spec.devices.requests

Description: Requests represent individual requests for distinct devices which must all be satisfied. If empty, nothing needs to be allocated.
Type: array

11.1.10. .spec.spec.devices.requests[]

Description

Type

object

Required

name

Property	Type	Description
`exactly`	`object`	ExactDeviceRequest is a request for one or more identical devices.
`firstAvailable`	`array`	FirstAvailable contains subrequests, of which exactly one will be selected by the scheduler. It tries to satisfy them in the order in which they are listed here. So if there are two entries in the list, the scheduler will only check the second one if it determines that the first one can not be used. DRA does not yet implement scoring, so the scheduler will select the first set of devices that satisfies all the requests in the claim. And if the requirements can be satisfied on more than one node, other scheduling features will determine which node is chosen. This means that the set of devices allocated to a claim might not be the optimal set available to the cluster. Scoring will be implemented later.
`firstAvailable[]`	`object`	DeviceSubRequest describes a request for device provided in the claim.spec.devices.requests[].firstAvailable array. Each is typically a request for a single resource like a device, but can also ask for several identical devices. DeviceSubRequest is similar to ExactDeviceRequest, but doesn’t expose the AdminAccess field as that one is only supported when requesting a specific device.
`name`	`string`	Name can be used to reference this request in a pod.spec.containers[].resources.claims entry and in a constraint of the claim. References using the name in the DeviceRequest will uniquely identify a request when the Exactly field is set. When the FirstAvailable field is set, a reference to the name of the DeviceRequest will match whatever subrequest is chosen by the scheduler. Must be a DNS label.

11.1.11. .spec.spec.devices.requests[].exactly

Description

ExactDeviceRequest is a request for one or more identical devices.

Type

object

Required

deviceClassName

Property	Type	Description
`adminAccess`	`boolean`	AdminAccess indicates that this is a claim for administrative access to the device(s). Claims with AdminAccess are expected to be used for monitoring or other management services for a device. They ignore all ordinary claims to the device with respect to access modes and any resource allocations. This is an alpha field and requires enabling the DRAAdminAccess feature gate. Admin access is disabled if this field is unset or set to false, otherwise it is enabled.
`allocationMode`	`string`	AllocationMode and its related fields define how devices are allocated to satisfy this request. Supported values are: - ExactCount: This request is for a specific number of devices. This is the default. The exact number is provided in the count field. - All: This request is for all of the matching devices in a pool. At least one device must exist on the node for the allocation to succeed. Allocation will fail if some devices are already allocated, unless adminAccess is requested. If AllocationMode is not specified, the default mode is ExactCount. If the mode is ExactCount and count is not specified, the default count is one. Any other requests must specify this field. More modes may get added in the future. Clients must refuse to handle requests with unknown modes. Possible enum values: - `"All"` - `"ExactCount"`
`capacity`	`object`	CapacityRequirements defines the capacity requirements for a specific device request.
`count`	`integer`	Count is used only when the count mode is "ExactCount". Must be greater than zero. If AllocationMode is ExactCount and this field is not specified, the default is one.
`deviceClassName`	`string`	DeviceClassName references a specific DeviceClass, which can define additional configuration and selectors to be inherited by this request. A DeviceClassName is required. Administrators may use this to restrict which devices may get requested by only installing classes with selectors for permitted devices. If users are free to request anything without restrictions, then administrators can create an empty DeviceClass for users to reference.
`selectors`	`array`	Selectors define criteria which must be satisfied by a specific device in order for that device to be considered for this request. All selectors must be satisfied for a device to be considered.
`selectors[]`	`object`	DeviceSelector must have exactly one field set.
`tolerations`	`array`	If specified, the request’s tolerations. Tolerations for NoSchedule are required to allocate a device which has a taint with that effect. The same applies to NoExecute. In addition, should any of the allocated devices get tainted with NoExecute after allocation and that effect is not tolerated, then all pods consuming the ResourceClaim get deleted to evict them. The scheduler will not let new pods reserve the claim while it has these tainted devices. Once all pods are evicted, the claim will get deallocated. The maximum number of tolerations is 16. This is an alpha field and requires enabling the DRADeviceTaints feature gate.
`tolerations[]`	`object`	The ResourceClaim this DeviceToleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.

11.1.12. .spec.spec.devices.requests[].exactly.capacity

Description: CapacityRequirements defines the capacity requirements for a specific device request.
Type: object

Property Type Description

requests

Requests represent individual device resource requests for distinct resources, all of which must be provided by the device.

11.1.13. .spec.spec.devices.requests[].exactly.selectors

Description: Selectors define criteria which must be satisfied by a specific device in order for that device to be considered for this request. All selectors must be satisfied for a device to be considered.
Type: array

11.1.14. .spec.spec.devices.requests[].exactly.selectors[]

Description: DeviceSelector must have exactly one field set.
Type: object

Property	Type	Description
`cel`	`object`	CELDeviceSelector contains a CEL expression for selecting a device.

11.1.15. .spec.spec.devices.requests[].exactly.selectors[].cel

Description

CELDeviceSelector contains a CEL expression for selecting a device.

Type

object

Required

expression

Property Type Description

expression

string

device.driver device.attributes["dra.example.com"].model device.attributes["ext.example.com"].family device.capacity["dra.example.com"].modules

A robust expression should check for the existence of attributes before referencing them.

For ease of use, the cel.bind() function is enabled, and can be used to simplify expressions that access multiple attributes with the same domain. For example:

cel.bind(dra, device.attributes["dra.example.com"], dra.someBool && dra.anotherBool)

The length of the expression must be smaller or equal to 10 Ki. The cost of evaluating it is also limited based on the estimated number of logical steps.

11.1.16. .spec.spec.devices.requests[].exactly.tolerations

Description

If specified, the request’s tolerations.

Tolerations for NoSchedule are required to allocate a device which has a taint with that effect. The same applies to NoExecute.

The maximum number of tolerations is 16.

This is an alpha field and requires enabling the DRADeviceTaints feature gate.

Type

array

11.1.17. .spec.spec.devices.requests[].exactly.tolerations[]

Description: The ResourceClaim this DeviceToleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.
Type: object

Property	Type	Description
`effect`	`string`	Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule and NoExecute. Possible enum values: - `"NoExecute"` Evict any already-running pods that do not tolerate the device taint. - `"NoSchedule"` Do not allow new pods to schedule which use a tainted device unless they tolerate the taint, but allow all pods submitted to Kubelet without going through the scheduler to start, and allow all already-running pods to continue running. - `"None"` No effect, the taint is purely informational.
`key`	`string`	Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. Must be a label name.
`operator`	`string`	Operator represents a key’s relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a ResourceClaim can tolerate all taints of a particular category. Possible enum values: - `"Equal"` - `"Exists"`
`tolerationSeconds`	`integer`	TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. If larger than zero, the time when the pod needs to be evicted is calculated as <time when taint was adedd> + <toleration seconds>.
`value`	`string`	Value is the taint value the toleration matches to. If the operator is Exists, the value must be empty, otherwise just a regular string. Must be a label value.

11.1.18. .spec.spec.devices.requests[].firstAvailable

Description

Type

array

11.1.19. .spec.spec.devices.requests[].firstAvailable[]

Description

DeviceSubRequest is similar to ExactDeviceRequest, but doesn’t expose the AdminAccess field as that one is only supported when requesting a specific device.

Type

object

Required

name
deviceClassName

Property	Type	Description
`allocationMode`	`string`	AllocationMode and its related fields define how devices are allocated to satisfy this subrequest. Supported values are: - ExactCount: This request is for a specific number of devices. This is the default. The exact number is provided in the count field. - All: This subrequest is for all of the matching devices in a pool. Allocation will fail if some devices are already allocated, unless adminAccess is requested. If AllocationMode is not specified, the default mode is ExactCount. If the mode is ExactCount and count is not specified, the default count is one. Any other subrequests must specify this field. More modes may get added in the future. Clients must refuse to handle requests with unknown modes. Possible enum values: - `"All"` - `"ExactCount"`
`capacity`	`object`	CapacityRequirements defines the capacity requirements for a specific device request.
`count`	`integer`	Count is used only when the count mode is "ExactCount". Must be greater than zero. If AllocationMode is ExactCount and this field is not specified, the default is one.
`deviceClassName`	`string`	DeviceClassName references a specific DeviceClass, which can define additional configuration and selectors to be inherited by this subrequest. A class is required. Which classes are available depends on the cluster. Administrators may use this to restrict which devices may get requested by only installing classes with selectors for permitted devices. If users are free to request anything without restrictions, then administrators can create an empty DeviceClass for users to reference.
`name`	`string`	Name can be used to reference this subrequest in the list of constraints or the list of configurations for the claim. References must use the format <main request>/<subrequest>. Must be a DNS label.
`selectors`	`array`	Selectors define criteria which must be satisfied by a specific device in order for that device to be considered for this subrequest. All selectors must be satisfied for a device to be considered.
`selectors[]`	`object`	DeviceSelector must have exactly one field set.
`tolerations`	`array`	If specified, the request’s tolerations. Tolerations for NoSchedule are required to allocate a device which has a taint with that effect. The same applies to NoExecute. In addition, should any of the allocated devices get tainted with NoExecute after allocation and that effect is not tolerated, then all pods consuming the ResourceClaim get deleted to evict them. The scheduler will not let new pods reserve the claim while it has these tainted devices. Once all pods are evicted, the claim will get deallocated. The maximum number of tolerations is 16. This is an alpha field and requires enabling the DRADeviceTaints feature gate.
`tolerations[]`	`object`	The ResourceClaim this DeviceToleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.

11.1.20. .spec.spec.devices.requests[].firstAvailable[].capacity

Description: CapacityRequirements defines the capacity requirements for a specific device request.
Type: object

Property Type Description

requests

Requests represent individual device resource requests for distinct resources, all of which must be provided by the device.

11.1.21. .spec.spec.devices.requests[].firstAvailable[].selectors

Description: Selectors define criteria which must be satisfied by a specific device in order for that device to be considered for this subrequest. All selectors must be satisfied for a device to be considered.
Type: array

11.1.22. .spec.spec.devices.requests[].firstAvailable[].selectors[]

Description: DeviceSelector must have exactly one field set.
Type: object

Property	Type	Description
`cel`	`object`	CELDeviceSelector contains a CEL expression for selecting a device.

11.1.23. .spec.spec.devices.requests[].firstAvailable[].selectors[].cel

Description

CELDeviceSelector contains a CEL expression for selecting a device.

Type

object

Required

expression

Property Type Description

expression

string

device.driver device.attributes["dra.example.com"].model device.attributes["ext.example.com"].family device.capacity["dra.example.com"].modules

A robust expression should check for the existence of attributes before referencing them.

For ease of use, the cel.bind() function is enabled, and can be used to simplify expressions that access multiple attributes with the same domain. For example:

cel.bind(dra, device.attributes["dra.example.com"], dra.someBool && dra.anotherBool)

The length of the expression must be smaller or equal to 10 Ki. The cost of evaluating it is also limited based on the estimated number of logical steps.

11.1.24. .spec.spec.devices.requests[].firstAvailable[].tolerations

Description

If specified, the request’s tolerations.

Tolerations for NoSchedule are required to allocate a device which has a taint with that effect. The same applies to NoExecute.

The maximum number of tolerations is 16.

This is an alpha field and requires enabling the DRADeviceTaints feature gate.

Type

array

11.1.25. .spec.spec.devices.requests[].firstAvailable[].tolerations[]

Description: The ResourceClaim this DeviceToleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.
Type: object

Property	Type	Description
`effect`	`string`	Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule and NoExecute. Possible enum values: - `"NoExecute"` Evict any already-running pods that do not tolerate the device taint. - `"NoSchedule"` Do not allow new pods to schedule which use a tainted device unless they tolerate the taint, but allow all pods submitted to Kubelet without going through the scheduler to start, and allow all already-running pods to continue running. - `"None"` No effect, the taint is purely informational.
`key`	`string`	Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. Must be a label name.
`operator`	`string`	Operator represents a key’s relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a ResourceClaim can tolerate all taints of a particular category. Possible enum values: - `"Equal"` - `"Exists"`
`tolerationSeconds`	`integer`	TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. If larger than zero, the time when the pod needs to be evicted is calculated as <time when taint was adedd> + <toleration seconds>.
`value`	`string`	Value is the taint value the toleration matches to. If the operator is Exists, the value must be empty, otherwise just a regular string. Must be a label value.

11.2. API endpoints

The following API endpoints are available:

/apis/resource.k8s.io/v1/resourceclaimtemplates
- GET: list or watch objects of kind ResourceClaimTemplate
/apis/resource.k8s.io/v1/watch/resourceclaimtemplates
- GET: watch individual changes to a list of ResourceClaimTemplate. deprecated: use the 'watch' parameter with a list operation instead.
/apis/resource.k8s.io/v1/namespaces/{namespace}/resourceclaimtemplates
- DELETE: delete collection of ResourceClaimTemplate
- GET: list or watch objects of kind ResourceClaimTemplate
- POST: create a ResourceClaimTemplate
/apis/resource.k8s.io/v1/watch/namespaces/{namespace}/resourceclaimtemplates
- GET: watch individual changes to a list of ResourceClaimTemplate. deprecated: use the 'watch' parameter with a list operation instead.
/apis/resource.k8s.io/v1/namespaces/{namespace}/resourceclaimtemplates/{name}
- DELETE: delete a ResourceClaimTemplate
- GET: read the specified ResourceClaimTemplate
- PATCH: partially update the specified ResourceClaimTemplate
- PUT: replace the specified ResourceClaimTemplate
/apis/resource.k8s.io/v1/watch/namespaces/{namespace}/resourceclaimtemplates/{name}
- GET: watch changes to an object of kind ResourceClaimTemplate. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.

11.2.1. /apis/resource.k8s.io/v1/resourceclaimtemplates

HTTP method: GET
Description: list or watch objects of kind ResourceClaimTemplate

Table 11.1. HTTP responses

HTTP code	Reponse body
200 - OK	`ResourceClaimTemplateList` schema
401 - Unauthorized	Empty

11.2.2. /apis/resource.k8s.io/v1/watch/resourceclaimtemplates

HTTP method: GET
Description: watch individual changes to a list of ResourceClaimTemplate. deprecated: use the 'watch' parameter with a list operation instead.

Table 11.2. HTTP responses

HTTP code	Reponse body
200 - OK	`WatchEvent` schema
401 - Unauthorized	Empty

11.2.3. /apis/resource.k8s.io/v1/namespaces/{namespace}/resourceclaimtemplates

HTTP method: DELETE
Description: delete collection of ResourceClaimTemplate

Table 11.3. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

Table 11.4. HTTP responses

HTTP code	Reponse body
200 - OK	`Status` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: list or watch objects of kind ResourceClaimTemplate

Table 11.5. HTTP responses

HTTP code	Reponse body
200 - OK	`ResourceClaimTemplateList` schema
401 - Unauthorized	Empty

HTTP method: POST
Description: create a ResourceClaimTemplate

Table 11.6. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 11.7. Body parameters

Parameter	Type	Description
`body`	`ResourceClaimTemplate` schema

Table 11.8. HTTP responses

HTTP code	Reponse body
200 - OK	`ResourceClaimTemplate` schema
201 - Created	`ResourceClaimTemplate` schema
202 - Accepted	`ResourceClaimTemplate` schema
401 - Unauthorized	Empty

11.2.4. /apis/resource.k8s.io/v1/watch/namespaces/{namespace}/resourceclaimtemplates

HTTP method: GET
Description: watch individual changes to a list of ResourceClaimTemplate. deprecated: use the 'watch' parameter with a list operation instead.

Table 11.9. HTTP responses

HTTP code	Reponse body
200 - OK	`WatchEvent` schema
401 - Unauthorized	Empty

11.2.5. /apis/resource.k8s.io/v1/namespaces/{namespace}/resourceclaimtemplates/{name}

Table 11.10. Global path parameters

Parameter	Type	Description
`name`	`string`	name of the ResourceClaimTemplate

HTTP method: DELETE
Description: delete a ResourceClaimTemplate

Table 11.11. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed

Table 11.12. HTTP responses

HTTP code	Reponse body
200 - OK	`ResourceClaimTemplate` schema
202 - Accepted	`ResourceClaimTemplate` schema
401 - Unauthorized	Empty

HTTP method: GET
Description: read the specified ResourceClaimTemplate

Table 11.13. HTTP responses

HTTP code	Reponse body
200 - OK	`ResourceClaimTemplate` schema
401 - Unauthorized	Empty

HTTP method: PATCH
Description: partially update the specified ResourceClaimTemplate

Table 11.14. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 11.15. HTTP responses

HTTP code	Reponse body
200 - OK	`ResourceClaimTemplate` schema
201 - Created	`ResourceClaimTemplate` schema
401 - Unauthorized	Empty

HTTP method: PUT
Description: replace the specified ResourceClaimTemplate

Table 11.16. Query parameters

Parameter	Type	Description
`dryRun`	`string`	When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed
`fieldValidation`	`string`	fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default in v1.23+ - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.

Table 11.17. Body parameters

Parameter	Type	Description
`body`	`ResourceClaimTemplate` schema

Table 11.18. HTTP responses

HTTP code	Reponse body
200 - OK	`ResourceClaimTemplate` schema
201 - Created	`ResourceClaimTemplate` schema
401 - Unauthorized	Empty

11.2.6. /apis/resource.k8s.io/v1/watch/namespaces/{namespace}/resourceclaimtemplates/{name}

Table 11.19. Global path parameters

Parameter	Type	Description
`name`	`string`	name of the ResourceClaimTemplate

HTTP method: GET
Description: watch changes to an object of kind ResourceClaimTemplate. deprecated: use the 'watch' parameter with a list operation instead, filtered to a single item with the 'fieldSelector' parameter.

Table 11.20. HTTP responses

HTTP code	Reponse body
200 - OK	`WatchEvent` schema
401 - Unauthorized	Empty

Chapter 12. ResourceSlice [resource.k8s.io/v1]

Description

For resources that are not local to a node, the node name is not set. Instead, the driver may use a node selector to specify where the devices are available.

This is an alpha type and requires enabling the DynamicResourceAllocation feature gate.

Type

object

Required

spec

12.1. Specification

Property	Type	Description
`apiVersion`	`string`	APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: Content from git.k8s.io is not included.https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
`kind`	`string`	Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: Content from git.k8s.io is not included.https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
`metadata`	`ObjectMeta`	Standard object metadata
`spec`	`object`	ResourceSliceSpec contains the information published by the driver in one ResourceSlice.

12.1.1. .spec

Description

ResourceSliceSpec contains the information published by the driver in one ResourceSlice.

Type

object

Required

driver
pool

Property	Type	Description
`allNodes`	`boolean`	AllNodes indicates that all nodes have access to the resources in the pool. Exactly one of NodeName, NodeSelector, AllNodes, and PerDeviceNodeSelection must be set.
`devices`	`array`	Devices lists some or all of the devices in this pool. Must not have more than 128 entries. If any device uses taints or consumes counters the limit is 64. Only one of Devices and SharedCounters can be set in a ResourceSlice.
`devices[]`	`object`	Device represents one individual hardware instance that can be selected based on its attributes. Besides the name, exactly one field must be set.
`driver`	`string`	Driver identifies the DRA driver providing the capacity information. A field selector can be used to list only ResourceSlice objects with a certain driver name. Must be a DNS subdomain and should end with a DNS domain owned by the vendor of the driver. It should use only lower case characters. This field is immutable.
`nodeName`	`string`	NodeName identifies the node which provides the resources in this pool. A field selector can be used to list only ResourceSlice objects belonging to a certain node. This field can be used to limit access from nodes to ResourceSlices with the same node name. It also indicates to autoscalers that adding new nodes of the same type as some old node might also make new resources available. Exactly one of NodeName, NodeSelector, AllNodes, and PerDeviceNodeSelection must be set. This field is immutable.
`nodeSelector`	`NodeSelector`	NodeSelector defines which nodes have access to the resources in the pool, when that pool is not limited to a single node. Must use exactly one term. Exactly one of NodeName, NodeSelector, AllNodes, and PerDeviceNodeSelection must be set.
`perDeviceNodeSelection`	`boolean`	PerDeviceNodeSelection defines whether the access from nodes to resources in the pool is set on the ResourceSlice level or on each device. If it is set to true, every device defined the ResourceSlice must specify this individually. Exactly one of NodeName, NodeSelector, AllNodes, and PerDeviceNodeSelection must be set.
`pool`	`object`	ResourcePool describes the pool that ResourceSlices belong to.
`sharedCounters`	`array`	SharedCounters defines a list of counter sets, each of which has a name and a list of counters available. The names of the counter sets must be unique in the ResourcePool. Only one of Devices and SharedCounters can be set in a ResourceSlice. The maximum number of counter sets is 8.
`sharedCounters[]`	`object`	CounterSet defines a named set of counters that are available to be used by devices defined in the ResourcePool. The counters are not allocatable by themselves, but can be referenced by devices. When a device is allocated, the portion of counters it uses will no longer be available for use by other devices.

12.1.2. .spec.devices

Description

Devices lists some or all of the devices in this pool.

Must not have more than 128 entries. If any device uses taints or consumes counters the limit is 64.

Only one of Devices and SharedCounters can be set in a ResourceSlice.

Type

array

12.1.3. .spec.devices[]

Description

Device represents one individual hardware instance that can be selected based on its attributes. Besides the name, exactly one field must be set.

Type

object

Required

name

Property	Type	Description
`allNodes`	`boolean`	AllNodes indicates that all nodes have access to the device. Must only be set if Spec.PerDeviceNodeSelection is set to true. At most one of NodeName, NodeSelector and AllNodes can be set.
`allowMultipleAllocations`	`boolean`	AllowMultipleAllocations marks whether the device is allowed to be allocated to multiple DeviceRequests. If AllowMultipleAllocations is set to true, the device can be allocated more than once, and all of its capacity is consumable, regardless of whether the requestPolicy is defined or not.
`attributes`	`object`	Attributes defines the set of attributes for this device. The name of each attribute must be unique in that set. The maximum number of attributes and capacities combined is 32.
`attributes{}`	`object`	DeviceAttribute must have exactly one field set.
`bindingConditions`	`array (string)`	BindingConditions defines the conditions for proceeding with binding. All of these conditions must be set in the per-device status conditions with a value of True to proceed with binding the pod to the node while scheduling the pod. The maximum number of binding conditions is 4. The conditions must be a valid condition type string. This is an alpha field and requires enabling the DRADeviceBindingConditions and DRAResourceClaimDeviceStatus feature gates.
`bindingFailureConditions`	`array (string)`	BindingFailureConditions defines the conditions for binding failure. They may be set in the per-device status conditions. If any is set to "True", a binding failure occurred. The maximum number of binding failure conditions is 4. The conditions must be a valid condition type string. This is an alpha field and requires enabling the DRADeviceBindingConditions and DRAResourceClaimDeviceStatus feature gates.
`bindsToNode`	`boolean`	BindsToNode indicates if the usage of an allocation involving this device has to be limited to exactly the node that was chosen when allocating the claim. If set to true, the scheduler will set the ResourceClaim.Status.Allocation.NodeSelector to match the node where the allocation was made. This is an alpha field and requires enabling the DRADeviceBindingConditions and DRAResourceClaimDeviceStatus feature gates.
`capacity`	`object`	Capacity defines the set of capacities for this device. The name of each capacity must be unique in that set. The maximum number of attributes and capacities combined is 32.
`capacity{}`	`object`	DeviceCapacity describes a quantity associated with a device.
`consumesCounters`	`array`	ConsumesCounters defines a list of references to sharedCounters and the set of counters that the device will consume from those counter sets. There can only be a single entry per counterSet. The maximum number of device counter consumptions per device is 2.
`consumesCounters[]`	`object`	DeviceCounterConsumption defines a set of counters that a device will consume from a CounterSet.
`name`	`string`	Name is unique identifier among all devices managed by the driver in the pool. It must be a DNS label.
`nodeName`	`string`	NodeName identifies the node where the device is available. Must only be set if Spec.PerDeviceNodeSelection is set to true. At most one of NodeName, NodeSelector and AllNodes can be set.
`nodeSelector`	`NodeSelector`	NodeSelector defines the nodes where the device is available. Must use exactly one term. Must only be set if Spec.PerDeviceNodeSelection is set to true. At most one of NodeName, NodeSelector and AllNodes can be set.
`taints`	`array`	If specified, these are the driver-defined taints. The maximum number of taints is 16. If taints are set for any device in a ResourceSlice, then the maximum number of allowed devices per ResourceSlice is 64 instead of 128. This is an alpha field and requires enabling the DRADeviceTaints feature gate.
`taints[]`	`object`	The device this taint is attached to has the "effect" on any claim which does not tolerate the taint and, through the claim, to pods using the claim.

12.1.4. .spec.devices[].attributes

Description

Attributes defines the set of attributes for this device. The name of each attribute must be unique in that set.

The maximum number of attributes and capacities combined is 32.

Type

object

12.1.5. .spec.devices[].attributes{}

Description: DeviceAttribute must have exactly one field set.
Type: object

Property	Type	Description
`bool`	`boolean`	BoolValue is a true/false value.
`int`	`integer`	IntValue is a number.
`string`	`string`	StringValue is a string. Must not be longer than 64 characters.
`version`	`string`	VersionValue is a semantic version according to semver.org spec 2.0.0. Must not be longer than 64 characters.

12.1.6. .spec.devices[].capacity

Description

Capacity defines the set of capacities for this device. The name of each capacity must be unique in that set.

The maximum number of attributes and capacities combined is 32.

Type

object

12.1.7. .spec.devices[].capacity{}

Description

DeviceCapacity describes a quantity associated with a device.

Type

object

Required

value

Property Type Description

requestPolicy

object

CapacityRequestPolicy defines how requests consume device capacity.

Must not set more than one ValidRequestValues.

value

Value defines how much of a certain capacity that device has.

This field reflects the fixed total capacity and does not change. The consumed amount is tracked separately by scheduler and does not affect this value.

12.1.8. .spec.devices[].capacity{}.requestPolicy

Description

CapacityRequestPolicy defines how requests consume device capacity.

Must not set more than one ValidRequestValues.

Type

object

Property Type Description

default

Default specifies how much of this capacity is consumed by a request that does not contain an entry for it in DeviceRequest’s Capacity.

validRange

object

CapacityRequestPolicyRange defines a valid range for consumable capacity values.

- If the requested amount is less than Min, it is rounded up to the Min value. - If Step is set and the requested amount is between Min and Max but not aligned with Step, it will be rounded up to the next value equal to Min + (n * Step). - If Step is not set, the requested amount is used as-is if it falls within the range Min to Max (if set). - If the requested or rounded amount exceeds Max (if set), the request does not satisfy the policy, and the device cannot be allocated.

validValues

array (Quantity)

ValidValues defines a set of acceptable quantity values in consuming requests.

Must not contain more than 10 entries. Must be sorted in ascending order.

If this field is set, Default must be defined and it must be included in ValidValues list.

If the requested amount does not match any valid value but smaller than some valid values, the scheduler calculates the smallest valid value that is greater than or equal to the request. That is: min(ceil(requestedValue) ∈ validValues), where requestedValue ≤ max(validValues).

If the requested amount exceeds all valid values, the request violates the policy, and this device cannot be allocated.

12.1.9. .spec.devices[].capacity{}.requestPolicy.validRange

Description

CapacityRequestPolicyRange defines a valid range for consumable capacity values.

If the requested amount is less than Min, it is rounded up to the Min value.
If Step is set and the requested amount is between Min and Max but not aligned with Step, it will be rounded up to the next value equal to Min + (n * Step).
If Step is not set, the requested amount is used as-is if it falls within the range Min to Max (if set).
If the requested or rounded amount exceeds Max (if set), the request does not satisfy the policy, and the device cannot be allocated.

Type

object

Required

min

Property Type Description

max

Max defines the upper limit for capacity that can be requested.

Max must be less than or equal to the capacity value. Min and requestPolicy.default must be less than or equal to the maximum.

min

Min specifies the minimum capacity allowed for a consumption request.

Min must be greater than or equal to zero, and less than or equal to the capacity value. requestPolicy.default must be more than or equal to the minimum.

step