IO-K8s

 view release on metacpan or  search on metacpan

.claude/skills/kubernetes/SKILL.md  view on Meta::CPAN

Namespace (scope boundary)
├── Deployment (declarative updates)
│   └── ReplicaSet (maintains N replicas)
│       └── Pod (smallest schedulable unit)
│           ├── Container(s) + Init Containers + Sidecar Containers
│           ├── Volumes (mounted storage)
│           └── ServiceAccount (identity)
├── StatefulSet → Pods with stable identity + PVCs
├── DaemonSet → one Pod per Node
├── Job / CronJob → run-to-completion Pods
├── Service (stable endpoint for Pods)
│   ├── ClusterIP (internal only, default)
│   ├── NodePort (exposes on each Node)
│   ├── LoadBalancer (external, cloud or LB-IPAM)
│   └── Headless (no ClusterIP, DNS returns Pod IPs)
├── ConfigMap / Secret → config injection (env or volume)
├── PersistentVolumeClaim → requests storage
├── NetworkPolicy → Pod-level firewall rules
├── Role + RoleBinding → namespaced RBAC
└── ServiceAccount → Pod identity for RBAC
ClusterRole + ClusterRoleBinding → cluster-wide RBAC

.claude/skills/kubernetes/SKILL.md  view on Meta::CPAN

readinessProbe:   # Remove from Service if failing (no traffic)
  httpGet: { path: /ready, port: 8080 }
startupProbe:     # Protect slow-starting containers
  httpGet: { path: /healthz, port: 8080 }
  failureThreshold: 30
  periodSeconds: 10
```

### Graceful Shutdown

1. Pod marked for deletion → removed from Service endpoints
2. `preStop` hook runs (e.g., `sleep 5` to drain connections)
3. `SIGTERM` sent to PID 1
4. `terminationGracePeriodSeconds` countdown (default 30s)
5. `SIGKILL` if still running

### Init Containers

Run sequentially before app containers start. Use for: waiting on dependencies, database migrations, config generation, permission setup.

### Sidecar Containers (v1.29+)

README.md  view on Meta::CPAN

```

### Cilium (21 CRDs)

`IO::K8s::Cilium` covers `cilium.io/v2` and `cilium.io/v2alpha1` (upstream v1.19.2):

```perl
my $k8s = IO::K8s->new(with => ['IO::K8s::Cilium']);
my $cnp = $k8s->new_object('CiliumNetworkPolicy',
    metadata => { name => 'allow-dns', namespace => 'kube-system' },
    spec => { endpointSelector => {} },
);
```

### Traefik (10 CRDs)

`IO::K8s::Traefik` covers `traefik.io/v1alpha1`:

```perl
my $k8s = IO::K8s->new(with => ['IO::K8s::Traefik']);
my $ir = $k8s->new_object('IngressRoute',

README.md  view on Meta::CPAN

```

### pk8s DSL

In `.pk8s` manifest files, Cilium kinds work directly:

```perl
CiliumNetworkPolicy {
    name => 'allow-dns',
    namespace => 'kube-system',
    spec => { endpointSelector => {} },
};

CiliumNode {
    name => 'worker-1',
    spec => { addresses => [{ type => 'InternalIP', ip => '10.0.0.1' }] },
};
```

## Custom Resource Definitions (CRDs)

lib/IO/K8s.pm  view on Meta::CPAN

=head1 CILIUM CRD SUPPORT

IO::K8s includes L<IO::K8s::Cilium> with 23 Cilium CRD classes covering
C<cilium.io/v2> (12 CRDs) and C<cilium.io/v2alpha1> (11 CRDs). These are
not loaded by default -- opt in at construction:

  my $k8s = IO::K8s->new(with => ['IO::K8s::Cilium']);

  my $cnp = $k8s->new_object('CiliumNetworkPolicy',
      metadata => { name => 'allow-dns', namespace => 'kube-system' },
      spec => { endpointSelector => { matchLabels => { app => 'dns' } } },
  );

  print $cnp->to_yaml;

All Cilium kinds are C<Cilium>-prefixed, so there are no collisions with
core Kubernetes kind names.

=head1 EXTERNAL RESOURCE MAPS

IO::K8s supports merging resource maps from external packages (like

lib/IO/K8s/Api/Admissionregistration/V1/MutatingWebhook.pm  view on Meta::CPAN

=head2 admissionReviewVersions

AdmissionReviewVersions is an ordered list of preferred `AdmissionReview` versions the Webhook expects. API server will try to use first version in the list which it supports. If none of the versions specified in this list supported by API server, va...

=head2 clientConfig

ClientConfig defines how to communicate with the hook. Required

=head2 failurePolicy

FailurePolicy defines how unrecognized errors from the admission endpoint are handled - allowed values are Ignore or Fail. Defaults to Fail.

=head2 matchConditions

MatchConditions is a list of conditions that must be met for a request to be sent to this webhook. Match conditions filter requests that have already been matched by the rules, namespaceSelector, and objectSelector. An empty list of matchConditions m...

The exact matching logic is (in order):
  1. If ANY matchCondition evaluates to FALSE, the webhook is skipped.
  2. If ALL matchConditions evaluate to TRUE, the webhook is called.
  3. If any matchCondition evaluates to an error (but none are FALSE):
     - If failurePolicy=Fail, reject the request

lib/IO/K8s/Api/Admissionregistration/V1/ValidatingWebhook.pm  view on Meta::CPAN

=head2 admissionReviewVersions

AdmissionReviewVersions is an ordered list of preferred `AdmissionReview` versions the Webhook expects. API server will try to use first version in the list which it supports. If none of the versions specified in this list supported by API server, va...

=head2 clientConfig

ClientConfig defines how to communicate with the hook. Required

=head2 failurePolicy

FailurePolicy defines how unrecognized errors from the admission endpoint are handled - allowed values are Ignore or Fail. Defaults to Fail.

=head2 matchConditions

MatchConditions is a list of conditions that must be met for a request to be sent to this webhook. Match conditions filter requests that have already been matched by the rules, namespaceSelector, and objectSelector. An empty list of matchConditions m...

The exact matching logic is (in order):
  1. If ANY matchCondition evaluates to FALSE, the webhook is skipped.
  2. If ALL matchConditions evaluate to TRUE, the webhook is called.
  3. If any matchCondition evaluates to an error (but none are FALSE):
     - If failurePolicy=Fail, reject the request

lib/IO/K8s/Api/Authentication/V1/TokenRequestSpec.pm  view on Meta::CPAN

=head1 VERSION

version 1.100

=head2 audiences

Audiences are the intendend audiences of the token. A recipient of a token must identify themself with an identifier in the list of audiences of the token, and otherwise should reject the token. A token issued for multiple audiences may be used to au...

=head2 boundObjectRef

BoundObjectRef is a reference to an object that the token will be bound to. The token will only be valid for as long as the bound object exists. NOTE: The API server's TokenReview endpoint will validate the BoundObjectRef, but other audiences may not...

=head2 expirationSeconds

ExpirationSeconds is the requested duration of validity of the request. The token issuer may return a token with a different validity duration so a client needs to check the 'expiration' field in a response.

=head1 SUPPORT

=head2 Issues

Please report bugs and feature requests on GitHub at

lib/IO/K8s/Api/Authorization/V1/FieldSelectorAttributes.pm  view on Meta::CPAN

package IO::K8s::Api::Authorization::V1::FieldSelectorAttributes;
# ABSTRACT: FieldSelectorAttributes indicates a field limited access. Webhook authors are encouraged to * ensure rawSelector and requirements are not both set * consider the requirements field if set * not try to parse or consider the rawSelector fie...
our $VERSION = '1.100';
use IO::K8s::Resource;

k8s rawSelector => Str;


k8s requirements => ['Meta::V1::FieldSelectorRequirement'];


1;

__END__

=pod

=encoding UTF-8

=head1 NAME

IO::K8s::Api::Authorization::V1::FieldSelectorAttributes - FieldSelectorAttributes indicates a field limited access. Webhook authors are encouraged to * ensure rawSelector and requirements are not both set * consider the requirements field if set * n...

=head1 VERSION

version 1.100

=head2 rawSelector

rawSelector is the serialization of a field selector that would be included in a query parameter. Webhook implementations are encouraged to ignore rawSelector. The kube-apiserver's *SubjectAccessReview will parse the rawSelector as long as the requir...

=head2 requirements

lib/IO/K8s/Api/Authorization/V1/LabelSelectorAttributes.pm  view on Meta::CPAN

package IO::K8s::Api::Authorization::V1::LabelSelectorAttributes;
# ABSTRACT: LabelSelectorAttributes indicates a label limited access. Webhook authors are encouraged to * ensure rawSelector and requirements are not both set * consider the requirements field if set * not try to parse or consider the rawSelector fie...
our $VERSION = '1.100';
use IO::K8s::Resource;

k8s rawSelector => Str;


k8s requirements => ['Meta::V1::LabelSelectorRequirement'];


1;

__END__

=pod

=encoding UTF-8

=head1 NAME

IO::K8s::Api::Authorization::V1::LabelSelectorAttributes - LabelSelectorAttributes indicates a label limited access. Webhook authors are encouraged to * ensure rawSelector and requirements are not both set * consider the requirements field if set * n...

=head1 VERSION

version 1.100

=head2 rawSelector

rawSelector is the serialization of a field selector that would be included in a query parameter. Webhook implementations are encouraged to ignore rawSelector. The kube-apiserver's *SubjectAccessReview will parse the rawSelector as long as the requir...

=head2 requirements

lib/IO/K8s/Api/Certificates/V1/CertificateSigningRequest.pm  view on Meta::CPAN

=head1 VERSION

version 1.100

=head1 DESCRIPTION

CertificateSigningRequest objects provide a mechanism to obtain x509 certificates by submitting a certificate signing request, and having it asynchronously approved and issued.

Kubelets use this API to obtain:
 1. client certificates to authenticate to kube-apiserver (with the "kubernetes.io/kube-apiserver-client-kubelet" signerName).
 2. serving certificates for TLS endpoints kube-apiserver can connect to securely (with the "kubernetes.io/kubelet-serving" signerName).

This API can be used to request client certificates to authenticate to kube-apiserver (with the "kubernetes.io/kube-apiserver-client" signerName), or to obtain certificates from custom non-Kubernetes signers.

This is a Kubernetes API object. See L<IO::K8s::Role::APIObject> for
C<metadata>, C<api_version()>, and C<kind()>.

=head2 spec

spec contains the certificate request, and is immutable after creation. Only the request, signerName, expirationSeconds, and usages fields can be set on creation. Other fields are derived by Kubernetes and cannot be modified by users.

lib/IO/K8s/Api/Certificates/V1/CertificateSigningRequestSpec.pm  view on Meta::CPAN

signerName indicates the requested signer, and is a qualified name.

List/watch requests for CertificateSigningRequests can filter on this field using a "spec.signerName=NAME" fieldSelector.

Well-known Kubernetes signers are:
 1. "kubernetes.io/kube-apiserver-client": issues client certificates that can be used to authenticate to kube-apiserver.
  Requests for this signer are never auto-approved by kube-controller-manager, can be issued by the "csrsigning" controller in kube-controller-manager.
 2. "kubernetes.io/kube-apiserver-client-kubelet": issues client certificates that kubelets use to authenticate to kube-apiserver.
  Requests for this signer can be auto-approved by the "csrapproving" controller in kube-controller-manager, and can be issued by the "csrsigning" controller in kube-controller-manager.
 3. "kubernetes.io/kubelet-serving" issues serving certificates that kubelets use to serve TLS endpoints, which kube-apiserver can connect to securely.
  Requests for this signer are never auto-approved by kube-controller-manager, and can be issued by the "csrsigning" controller in kube-controller-manager.

More details are available at https://k8s.io/docs/reference/access-authn-authz/certificate-signing-requests/#kubernetes-signers

Custom signerNames can also be specified. The signer defines:
 1. Trust distribution: how trust (CA bundles) are distributed.
 2. Permitted subjects: and behavior when a disallowed subject is requested.
 3. Required, permitted, or forbidden x509 extensions in the request (including whether subjectAltNames are allowed, which types, restrictions on allowed values) and behavior when a disallowed extension is requested.
 4. Required, permitted, or forbidden key usages / extended key usages.
 5. Expiration/certificate lifetime: whether it is fixed by the signer, configurable by the admin.

lib/IO/K8s/Api/Core/V1/Container.pm  view on Meta::CPAN

=head2 name

Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated.

=head2 ports

List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Modifying this ...

=head2 readinessProbe

Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes

=head2 resizePolicy

Resources resize policy for the container.

=head2 resources

Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/

=head2 restartPolicy

lib/IO/K8s/Api/Core/V1/DaemonEndpoint.pm  view on Meta::CPAN

package IO::K8s::Api::Core::V1::DaemonEndpoint;
# ABSTRACT: DaemonEndpoint contains information about a single Daemon endpoint.
our $VERSION = '1.100';
use IO::K8s::Resource;

k8s Port => Int, 'required';


1;

__END__

=pod

=encoding UTF-8

=head1 NAME

IO::K8s::Api::Core::V1::DaemonEndpoint - DaemonEndpoint contains information about a single Daemon endpoint.

=head1 VERSION

version 1.100

=head2 Port

Port number of the given endpoint.

=head1 SUPPORT

=head2 Issues

Please report bugs and feature requests on GitHub at
L<https://github.com/pplu/io-k8s-p5/issues>.

=head2 IRC

lib/IO/K8s/Api/Core/V1/EndpointAddress.pm  view on Meta::CPAN

=head1 NAME

IO::K8s::Api::Core::V1::EndpointAddress - EndpointAddress is a tuple that describes single IP address.

=head1 VERSION

version 1.100

=head2 hostname

The Hostname of this endpoint

=head2 ip

The IP of this endpoint. May not be loopback (127.0.0.0/8 or ::1), link-local (169.254.0.0/16 or fe80::/10), or link-local multicast (224.0.0.0/24 or ff02::/16).

=head2 nodeName

Optional: Node hosting this endpoint. This can be used to determine endpoints local to a node.

=head2 targetRef

Reference to object providing the endpoint.

=head1 SUPPORT

=head2 Issues

Please report bugs and feature requests on GitHub at
L<https://github.com/pplu/io-k8s-p5/issues>.

=head2 IRC

lib/IO/K8s/Api/Core/V1/EndpointPort.pm  view on Meta::CPAN

  * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455

* Other protocols should use implementation-defined prefixed names such as mycompany.com/my-custom-protocol.

=head2 name

The name of this port.  This must match the 'name' field in the corresponding ServicePort. Must be a DNS_LABEL. Optional only if one port is defined.

=head2 port

The port number of the endpoint.

=head2 protocol

The IP protocol for this port. Must be UDP, TCP, or SCTP. Default is TCP.

=head1 SUPPORT

=head2 Issues

Please report bugs and feature requests on GitHub at

lib/IO/K8s/Api/Core/V1/EndpointSubset.pm  view on Meta::CPAN

package IO::K8s::Api::Core::V1::EndpointSubset;
# ABSTRACT: EndpointSubset is a group of addresses with a common set of ports. The expanded set of endpoints is the Cartesian product of Addresses x Ports.
our $VERSION = '1.100';
use IO::K8s::Resource;

k8s addresses => ['Core::V1::EndpointAddress'];


k8s notReadyAddresses => ['Core::V1::EndpointAddress'];


k8s ports => ['Core::V1::EndpointPort'];

lib/IO/K8s/Api/Core/V1/EndpointSubset.pm  view on Meta::CPAN

1;

__END__

=pod

=encoding UTF-8

=head1 NAME

IO::K8s::Api::Core::V1::EndpointSubset - EndpointSubset is a group of addresses with a common set of ports. The expanded set of endpoints is the Cartesian product of Addresses x Ports.

=head1 VERSION

version 1.100

=head2 addresses

IP addresses which offer the related ports that are marked as ready. These endpoints should be considered safe for load balancers and clients to utilize.

=head2 notReadyAddresses

IP addresses which offer the related ports but are not currently marked as ready because they have not yet finished starting, have recently failed a readiness check, or have recently failed a liveness check.

=head2 ports

Port numbers available on the related IP addresses.

=head1 SUPPORT

lib/IO/K8s/Api/Core/V1/Endpoints.pm  view on Meta::CPAN

package IO::K8s::Api::Core::V1::Endpoints;
# ABSTRACT: Endpoints is a collection of endpoints that implement the actual service.
our $VERSION = '1.100';
use IO::K8s::APIObject;
with 'IO::K8s::Role::Namespaced';


k8s subsets => ['Core::V1::EndpointSubset'];

1;

__END__

=pod

=encoding UTF-8

=head1 NAME

IO::K8s::Api::Core::V1::Endpoints - Endpoints is a collection of endpoints that implement the actual service.

=head1 VERSION

version 1.100

=head1 DESCRIPTION

Endpoints is a collection of endpoints that implement the actual service. Example:

	 Name: "mysvc",
	 Subsets: [
	   {
	     Addresses: [{"ip": "10.10.1.1"}, {"ip": "10.10.2.2"}],
	     Ports: [{"name": "a", "port": 8675}, {"name": "b", "port": 309}]
	   },
	   {
	     Addresses: [{"ip": "10.10.3.3"}],
	     Ports: [{"name": "a", "port": 93}, {"name": "b", "port": 76}]
	   },
	]

This is a Kubernetes API object. See L<IO::K8s::Role::APIObject> for
C<metadata>, C<api_version()>, and C<kind()>.

=head2 subsets

The set of all endpoints is the union of all subsets. Addresses are placed into subsets according to the IPs they share. A single address with multiple ports, some of which are ready and some of which are not (because they come from different contain...

=head1 SEE ALSO

L<https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#endpoints-v1-core>

=head1 SUPPORT

=head2 Issues

Please report bugs and feature requests on GitHub at
L<https://github.com/pplu/io-k8s-p5/issues>.

=head2 IRC

lib/IO/K8s/Api/Core/V1/GlusterfsPersistentVolumeSource.pm  view on Meta::CPAN

package IO::K8s::Api::Core::V1::GlusterfsPersistentVolumeSource;
# ABSTRACT: Represents a Glusterfs mount that lasts the lifetime of a pod. Glusterfs volumes do not support ownership management or SELinux relabeling.
our $VERSION = '1.100';
use IO::K8s::Resource;

k8s endpoints => Str, 'required';


k8s endpointsNamespace => Str;


k8s path => Str, 'required';


k8s readOnly => Bool;


1;

lib/IO/K8s/Api/Core/V1/GlusterfsPersistentVolumeSource.pm  view on Meta::CPAN

=encoding UTF-8

=head1 NAME

IO::K8s::Api::Core::V1::GlusterfsPersistentVolumeSource - Represents a Glusterfs mount that lasts the lifetime of a pod. Glusterfs volumes do not support ownership management or SELinux relabeling.

=head1 VERSION

version 1.100

=head2 endpoints

endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod

=head2 endpointsNamespace

endpointsNamespace is the namespace that contains Glusterfs endpoint. If this field is empty, the EndpointNamespace defaults to the same namespace as the bound PVC. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod

=head2 path

path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod

=head2 readOnly

readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod

=head1 SUPPORT

lib/IO/K8s/Api/Core/V1/GlusterfsVolumeSource.pm  view on Meta::CPAN

package IO::K8s::Api::Core::V1::GlusterfsVolumeSource;
# ABSTRACT: Represents a Glusterfs mount that lasts the lifetime of a pod. Glusterfs volumes do not support ownership management or SELinux relabeling.
our $VERSION = '1.100';
use IO::K8s::Resource;

k8s endpoints => Str, 'required';


k8s path => Str, 'required';


k8s readOnly => Bool;


1;

lib/IO/K8s/Api/Core/V1/GlusterfsVolumeSource.pm  view on Meta::CPAN

=encoding UTF-8

=head1 NAME

IO::K8s::Api::Core::V1::GlusterfsVolumeSource - Represents a Glusterfs mount that lasts the lifetime of a pod. Glusterfs volumes do not support ownership management or SELinux relabeling.

=head1 VERSION

version 1.100

=head2 endpoints

endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod

=head2 path

path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod

=head2 readOnly

readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod

=head1 SUPPORT

lib/IO/K8s/Api/Core/V1/ServicePort.pm  view on Meta::CPAN

* Kubernetes-defined prefixed names:
  * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior-
  * 'kubernetes.io/ws'  - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455
  * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455

* Other protocols should use implementation-defined prefixed names such as mycompany.com/my-custom-protocol.

=head2 name

The name of this port within the service. This must be a DNS_LABEL. All ports within a ServiceSpec must have unique names. When considering the endpoints for a Service, this must match the 'name' field in the EndpointPort. Optional if only one Servic...

=head2 nodePort

The port on each node on which this service is exposed when type is NodePort or LoadBalancer.  Usually assigned by the system. If a value is specified, in-range, and not in use it will be used, otherwise the operation will fail.  If not specified, a ...

=head2 port

The port that will be exposed by this service.

=head2 protocol

lib/IO/K8s/Api/Core/V1/ServiceSpec.pm  view on Meta::CPAN

=head1 VERSION

version 1.100

=head2 allocateLoadBalancerNodePorts

allocateLoadBalancerNodePorts defines if NodePorts will be automatically allocated for services with type LoadBalancer.  Default is "true". It may be set to "false" if the cluster load-balancer does not rely on NodePorts.  If the caller requests spec...

=head2 clusterIP

clusterIP is the IP address of the service and is usually assigned randomly. If an address is specified manually, is in-range (as per system configuration), and is not in use, it will be allocated to the service; otherwise creation of the service wil...

=head2 clusterIPs

ClusterIPs is a list of IP addresses assigned to this service, and are usually assigned randomly.  If an address is specified manually, is in-range (as per system configuration), and is not in use, it will be allocated to the service; otherwise creat...

This field may hold a maximum of two entries (dual-stack IPs, in either order). These IPs must correspond to the values of the ipFamilies field. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field. More info: https://kubernetes.io...

=head2 externalIPs

externalIPs is a list of IP addresses for which nodes in the cluster will also accept traffic for this service.  These IPs are not managed by Kubernetes.  The user is responsible for ensuring that traffic arrives at a node with this IP.  A common exa...

=head2 externalName

externalName is the external reference that discovery mechanisms will return as an alias for this service (e.g. a DNS CNAME record). No proxying will be involved.  Must be a lowercase RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) and requir...

=head2 externalTrafficPolicy

externalTrafficPolicy describes how nodes distribute service traffic they receive on one of the Service's "externally-facing" addresses (NodePorts, ExternalIPs, and LoadBalancer IPs). If set to "Local", the proxy will configure the service in a way t...

=head2 healthCheckNodePort

healthCheckNodePort specifies the healthcheck nodePort for the service. This only applies when type is set to LoadBalancer and externalTrafficPolicy is set to Local. If a value is specified, is in-range, and is not in use, it will be used.  If not sp...

=head2 internalTrafficPolicy

InternalTrafficPolicy describes how nodes distribute service traffic they receive on the ClusterIP. If set to "Local", the proxy will assume that pods only want to talk to endpoints of the service on the same node as the pod, dropping the traffic if ...

=head2 ipFamilies

IPFamilies is a list of IP families (e.g. IPv4, IPv6) assigned to this service. This field is usually assigned automatically based on cluster configuration and the ipFamilyPolicy field. If this field is specified manually, the requested family is ava...

This field may hold a maximum of two entries (dual-stack families, in either order).  These families must correspond to the values of the clusterIPs field, if specified. Both clusterIPs and ipFamilies are governed by the ipFamilyPolicy field.

=head2 ipFamilyPolicy

IPFamilyPolicy represents the dual-stack-ness requested or required by this Service. If there is no value provided, then this field will be set to SingleStack. Services can be "SingleStack" (a single IP family), "PreferDualStack" (two IP families on ...

lib/IO/K8s/Api/Core/V1/ServiceSpec.pm  view on Meta::CPAN

=head2 loadBalancerSourceRanges

If specified and supported by the platform, this will restrict traffic through the cloud-provider load-balancer will be restricted to the specified client IPs. This field will be ignored if the cloud-provider does not support the feature." More info:...

=head2 ports

The list of ports that are exposed by this service. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies

=head2 publishNotReadyAddresses

publishNotReadyAddresses indicates that any agent which deals with endpoints for this Service should disregard any indications of ready/not-ready. The primary use case for setting this field is for a StatefulSet's Headless Service to propagate SRV DN...

=head2 selector

Route service traffic to pods with label keys and values matching this selector. If empty or not present, the service is assumed to have an external process managing its endpoints, which Kubernetes will not modify. Only applies to types ClusterIP, No...

=head2 sessionAffinity

Supports "ClientIP" and "None". Used to maintain session affinity. Enable client IP based session affinity. Must be ClientIP or None. Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-servic...

=head2 sessionAffinityConfig

sessionAffinityConfig contains the configurations of session affinity.

=head2 trafficDistribution

TrafficDistribution offers a way to express preferences for how traffic is distributed to Service endpoints. Implementations can use this field as a hint, but are not required to guarantee strict adherence. If the field is not set, the implementation...

=head2 type

type determines how the Service is exposed. Defaults to ClusterIP. Valid options are ExternalName, ClusterIP, NodePort, and LoadBalancer. "ClusterIP" allocates a cluster-internal IP address for load-balancing to endpoints. Endpoints are determined by...

=head1 SUPPORT

=head2 Issues

Please report bugs and feature requests on GitHub at
L<https://github.com/pplu/io-k8s-p5/issues>.

=head2 IRC

lib/IO/K8s/Api/Discovery/V1/Endpoint.pm  view on Meta::CPAN

=head1 NAME

IO::K8s::Api::Discovery::V1::Endpoint - Endpoint represents a single logical "backend" implementing a service.

=head1 VERSION

version 1.100

=head2 addresses

addresses of this endpoint. The contents of this field are interpreted according to the corresponding EndpointSlice addressType field. Consumers must handle different types of addresses in the context of their own capabilities. This must contain at l...

=head2 conditions

conditions contains information about the current status of the endpoint.

=head2 deprecatedTopology

deprecatedTopology contains topology information part of the v1beta1 API. This field is deprecated, and will be removed when the v1beta1 API is removed (no sooner than kubernetes v1.24).  While this field can hold values, it is not writable through t...

=head2 hints

hints contains information associated with how an endpoint should be consumed.

=head2 hostname

hostname of this endpoint. This field may be used by consumers of endpoints to distinguish endpoints from each other (e.g. in DNS names). Multiple endpoints which use the same hostname should be considered fungible (e.g. multiple A values in DNS). Mu...

=head2 nodeName

nodeName represents the name of the Node hosting this endpoint. This can be used to determine endpoints local to a Node.

=head2 targetRef

targetRef is a reference to a Kubernetes object that represents this endpoint.

=head2 zone

zone is the name of the Zone this endpoint exists in.

=head1 SUPPORT

=head2 Issues

Please report bugs and feature requests on GitHub at
L<https://github.com/pplu/io-k8s-p5/issues>.

=head2 IRC

lib/IO/K8s/Api/Discovery/V1/EndpointConditions.pm  view on Meta::CPAN

package IO::K8s::Api::Discovery::V1::EndpointConditions;
# ABSTRACT: EndpointConditions represents the current condition of an endpoint.
our $VERSION = '1.100';
use IO::K8s::Resource;

k8s ready => Bool;


k8s serving => Bool;


k8s terminating => Bool;

lib/IO/K8s/Api/Discovery/V1/EndpointConditions.pm  view on Meta::CPAN

1;

__END__

=pod

=encoding UTF-8

=head1 NAME

IO::K8s::Api::Discovery::V1::EndpointConditions - EndpointConditions represents the current condition of an endpoint.

=head1 VERSION

version 1.100

=head2 ready

ready indicates that this endpoint is prepared to receive traffic, according to whatever system is managing the endpoint. A nil value indicates an unknown state. In most cases consumers should interpret this unknown state as ready. For compatibility ...

=head2 serving

serving is identical to ready except that it is set regardless of the terminating state of endpoints. This condition should be set to true for a ready endpoint that is terminating. If nil, consumers should defer to the ready condition.

=head2 terminating

terminating indicates that this endpoint is terminating. A nil value indicates an unknown state. Consumers should interpret this unknown state to mean that the endpoint is not terminating.

=head1 SUPPORT

=head2 Issues

Please report bugs and feature requests on GitHub at
L<https://github.com/pplu/io-k8s-p5/issues>.

=head2 IRC

lib/IO/K8s/Api/Discovery/V1/EndpointHints.pm  view on Meta::CPAN

package IO::K8s::Api::Discovery::V1::EndpointHints;
# ABSTRACT: EndpointHints provides hints describing how an endpoint should be consumed.
our $VERSION = '1.100';
use IO::K8s::Resource;

k8s forZones => ['Discovery::V1::ForZone'];


1;

__END__

=pod

=encoding UTF-8

=head1 NAME

IO::K8s::Api::Discovery::V1::EndpointHints - EndpointHints provides hints describing how an endpoint should be consumed.

=head1 VERSION

version 1.100

=head2 forZones

forZones indicates the zone(s) this endpoint should be consumed by to enable topology aware routing.

=head1 SUPPORT

=head2 Issues

Please report bugs and feature requests on GitHub at
L<https://github.com/pplu/io-k8s-p5/issues>.

=head2 IRC

lib/IO/K8s/Api/Discovery/V1/EndpointPort.pm  view on Meta::CPAN

  * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455

* Other protocols should use implementation-defined prefixed names such as mycompany.com/my-custom-protocol.

=head2 name

name represents the name of this port. All ports in an EndpointSlice must have a unique name. If the EndpointSlice is derived from a Kubernetes service, this corresponds to the Service.ports[].name. Name must either be an empty string or pass DNS_LAB...

=head2 port

port represents the port number of the endpoint. If this is not specified, ports are not restricted and must be interpreted in the context of the specific consumer.

=head2 protocol

protocol represents the IP protocol for this port. Must be UDP, TCP, or SCTP. Default is TCP.

=head1 SUPPORT

=head2 Issues

Please report bugs and feature requests on GitHub at

lib/IO/K8s/Api/Discovery/V1/EndpointSlice.pm  view on Meta::CPAN

package IO::K8s::Api::Discovery::V1::EndpointSlice;
# ABSTRACT: EndpointSlice represents a subset of the endpoints that implement a service. For a given service there may be multiple EndpointSlice objects, selected by labels, which must be joined to produce the full set of endpoints.
our $VERSION = '1.100';
use IO::K8s::APIObject;
with 'IO::K8s::Role::Namespaced';


k8s addressType => Str, 'required';


k8s endpoints => ['Discovery::V1::Endpoint'], 'required';


k8s ports => ['Discovery::V1::EndpointPort'];

1;

__END__

=pod

=encoding UTF-8

=head1 NAME

IO::K8s::Api::Discovery::V1::EndpointSlice - EndpointSlice represents a subset of the endpoints that implement a service. For a given service there may be multiple EndpointSlice objects, selected by labels, which must be joined to produce the full se...

=head1 VERSION

version 1.100

=head1 DESCRIPTION

EndpointSlice represents a subset of the endpoints that implement a service. For a given service there may be multiple EndpointSlice objects, selected by labels, which must be joined to produce the full set of endpoints.

This is a Kubernetes API object. See L<IO::K8s::Role::APIObject> for
C<metadata>, C<api_version()>, and C<kind()>.

=head2 addressType

addressType specifies the type of address carried by this EndpointSlice. All addresses in this slice must be the same type. This field is immutable after creation. The following address types are currently supported: * IPv4: Represents an IPv4 Addres...

=head2 endpoints

endpoints is a list of unique endpoints in this slice. Each slice may include a maximum of 1000 endpoints.

=head2 ports

ports specifies the list of network ports exposed by each endpoint in this slice. Each port must have a unique name. When ports is empty, it indicates that there are no defined ports. When a port is defined with a nil port value, it indicates "all po...

=head1 SEE ALSO

L<https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.31/#endpointslice-v1-discovery.k8s.io>

=head1 SUPPORT

=head2 Issues

Please report bugs and feature requests on GitHub at
L<https://github.com/pplu/io-k8s-p5/issues>.

=head2 IRC

lib/IO/K8s/Api/Discovery/V1/ForZone.pm  view on Meta::CPAN

package IO::K8s::Api::Discovery::V1::ForZone;
# ABSTRACT: ForZone provides information about which zones should consume this endpoint.
our $VERSION = '1.100';
use IO::K8s::Resource;

k8s name => Str, 'required';


1;

__END__

=pod

=encoding UTF-8

=head1 NAME

IO::K8s::Api::Discovery::V1::ForZone - ForZone provides information about which zones should consume this endpoint.

=head1 VERSION

version 1.100

=head2 name

name represents the name of the zone.

=head1 SUPPORT

lib/IO/K8s/Api/Networking/V1/HTTPIngressPath.pm  view on Meta::CPAN

=head1 NAME

IO::K8s::Api::Networking::V1::HTTPIngressPath - HTTPIngressPath associates a path with a backend. Incoming urls matching the path are forwarded to the backend.

=head1 VERSION

version 1.100

=head2 backend

backend defines the referenced service endpoint to which the traffic will be forwarded to.

=head2 path

path is matched against the path of an incoming request. Currently it can contain characters disallowed from the conventional "path" part of a URL as defined by RFC 3986. Paths must begin with a '/' and must be present when using PathType with value ...

=head2 pathType

pathType determines the interpretation of the path matching. PathType can be one of the following values: * Exact: Matches the URL path exactly. * Prefix: Matches based on a URL path prefix split by '/'. Matching is done on a path element by element ...

=head1 SUPPORT

lib/IO/K8s/Api/Networking/V1/Ingress.pm  view on Meta::CPAN

package IO::K8s::Api::Networking::V1::Ingress;
# ABSTRACT: Ingress is a collection of rules that allow inbound connections to reach the endpoints defined by a backend. An Ingress can be configured to give services externally-reachable urls, load balance traffic, terminate SSL, offer name based vi...
our $VERSION = '1.100';
use IO::K8s::APIObject;
with 'IO::K8s::Role::Namespaced', 'IO::K8s::Role::Routable';
sub _route_format { 'ingress' }


k8s spec => 'Networking::V1::IngressSpec';


k8s status => 'Networking::V1::IngressStatus';

lib/IO/K8s/Api/Networking/V1/Ingress.pm  view on Meta::CPAN

1;

__END__

=pod

=encoding UTF-8

=head1 NAME

IO::K8s::Api::Networking::V1::Ingress - Ingress is a collection of rules that allow inbound connections to reach the endpoints defined by a backend. An Ingress can be configured to give services externally-reachable urls, load balance traffic, termin...

=head1 VERSION

version 1.100

=head1 DESCRIPTION

Ingress is a collection of rules that allow inbound connections to reach the endpoints defined by a backend. An Ingress can be configured to give services externally-reachable urls, load balance traffic, terminate SSL, offer name based virtual hostin...

This is a Kubernetes API object. See L<IO::K8s::Role::APIObject> for
C<metadata>, C<api_version()>, and C<kind()>.

=head2 spec

spec is the desired state of the Ingress. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status

=head2 status

lib/IO/K8s/Api/Networking/V1/IngressBackend.pm  view on Meta::CPAN

package IO::K8s::Api::Networking::V1::IngressBackend;
# ABSTRACT: IngressBackend describes all endpoints for a given service and port.
our $VERSION = '1.100';
use IO::K8s::Resource;

k8s resource => 'Core::V1::TypedLocalObjectReference';


k8s service => 'Networking::V1::IngressServiceBackend';


1;

__END__

=pod

=encoding UTF-8

=head1 NAME

IO::K8s::Api::Networking::V1::IngressBackend - IngressBackend describes all endpoints for a given service and port.

=head1 VERSION

version 1.100

=head2 resource

resource is an ObjectRef to another Kubernetes resource in the namespace of the Ingress object. If resource is specified, a service.Name and service.Port must not be specified. This is a mutually exclusive setting with "Service".

=head2 service

lib/IO/K8s/Api/Storagemigration/V1alpha1/StorageVersionMigrationSpec.pm  view on Meta::CPAN

=head1 VERSION

version 1.100

=head2 continueToken

The token used in the list options to get the next chunk of objects to migrate. When the .status.conditions indicates the migration is "Running", users can use this token to check the progress of the migration.

=head2 resource

The resource that is being migrated. The migrator sends requests to the endpoint serving the resource. Immutable.

=head1 SUPPORT

=head2 Issues

Please report bugs and feature requests on GitHub at
L<https://github.com/pplu/io-k8s-p5/issues>.

=head2 IRC