diff --git a/docs/ucs/openapi/UCS_openapi3.yaml b/docs/ucs/openapi/UCS_openapi3.yaml new file mode 100644 index 000000000..80a8018b9 --- /dev/null +++ b/docs/ucs/openapi/UCS_openapi3.yaml @@ -0,0 +1,8675 @@ +openapi: 3.0.0 +info: + version: v1 + title: UCS +tags: + - name: UCS Cluster + description: Cluster-related APIs + - name: Fleet + description: Fleet-related APIs + - name: Add-on Management + - name: Policy Management + - name: Traffic Management + - name: Quota Management +paths: + /v1/clusters: + get: + tags: + - UCS Cluster + summary: Querying the Cluster List + description: This API is used to query the cluster list. + operationId: ShowClusterList + parameters: + - name: category + in: query + description: Cluster category + required: false + schema: + type: string + - name: enablestatus + in: query + description: Whether to obtain the resource information of a cluster. If this + parameter is left blank or set to **true**, the cluster resource + summary is returned. If this parameter is set to **false**, the + cluster status information is not returned. The default value is + **true**. + required: false + schema: + type: boolean + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + minLength: 1 + maxLength: 16384 + - name: clustergroupid + in: query + description: Fleet ID. If this parameter is not specified, all clusters are + returned. If this parameter is specified, clusters that belong to + the fleet are returned. + required: false + schema: + type: string + - name: limit + in: query + description: The number of records allowed on each page when the list is queried + by page. The default value is **-1**. + required: false + schema: + type: integer + format: int32 + - name: offset + in: query + description: Start offset when the list is queried by page. The default value is + **0**. + required: false + schema: + type: integer + format: int32 + - name: order_by + in: query + description: Sorting parameter when the list is queried by page. The value can + be **create_at** or **update_at**. + required: false + schema: + type: string + - name: order + in: query + description: Sorting order when the list is queried by page. The value can be + **desc** or **asc**. + required: false + schema: + type: string + - name: managetype + in: query + description: >- + Cluster type for listing the clusters. The value can be **all**, + **grouped**, or **discrete**. If this parameter is not specified, + the default value is **all**. + + + - **grouped**: clusters added to a fleet + + - **discrete**: clusters not in any fleet + + - **all**: all clusters + required: false + schema: + type: string + - name: clusterids + in: query + description: Cluster ID. If there are multiple IDs, separate them using commas + (,). + required: false + schema: + type: string + responses: + "200": + description: All clusters are queried. + content: + application/json: + schema: + $ref: "#/components/schemas/ClusterList" + examples: + response: + value: + items: + - kind: Cluster + apiVersion: v1 + metadata: + name: test-cluster + uid: b0d1ecb5-7947-11ee-9467-0255ac1001bf + creationTimestamp: 2023-11-02T06:36:14Z + labels: + FeatureGates: elbv3,SupportClientCertificateRevocation,xGPU + spec: + syncMode: "" + clusterGroupID: bffbb35b-7949-11ee-886c-0255ac100037 + manageType: grouped + provider: huaweicloud + type: cce + category: self + region: cn-north-4 + country: CN + city: "150900" + projectID: b6315dd3d0ff4be5b31a963256794989 + projectName: cn-north-4 + IsDownloadedCert: false + operatorNamespace: 2cd7ebd02e4743eba4e6342c09e49344 + connectProxyEndpoints: + - type: VPCEP + name: cn-north-4.5fc05258-f125-48f5-8a0a-a724a37f5ff1 + id: 5fc05258-f125-48f5-8a0a-a724a37f5ff1 + region: cn-north-4 + status: + kubernetesVersion: v1.25 + conditions: + - type: Ready + status: "True" + lastTransitionTime: 2023-11-27T11:05:09+08:00 + reason: ClusterAvailable + - type: Cluster + status: Available + lastTransitionTime: 2023-11-27T11:05:09+08:00 + reason: ClusterAvailable + - type: Federation + status: Federalized + lastTransitionTime: 2023-11-14T14:31:58.744215+08:00 + endpoints: + - url: https://192.168.1.251:5443 + type: Internal + phase: Available + arrearFreeze: "false" + policeFreeze: "false" + total: 1 + "400": + description: Client request error. The server could not execute the request. + content: + application/json: + schema: + type: string + "403": + description: The server refused the request. + content: + application/json: + schema: + type: string + "500": + description: Internal server error. + content: + application/json: + schema: + type: string + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-is-support-cmc: Y + x-apidesigner: 1 + x-order: 0 + post: + tags: + - UCS Cluster + summary: Registering a Cluster + description: This API is used to register a cluster. Attached clusters and CCE + clusters can be registered. + operationId: RegisterCluster + parameters: + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + minLength: 1 + maxLength: 16384 + - name: Content-Type + in: header + description: Message body type (format). Only **application/json** is supported. + required: true + schema: + type: string + default: application/json + requestBody: + content: + application/json: + schema: + $ref: "#/components/schemas/RegisterCluster" + description: Register cluster information, such as kubeconfig + required: true + responses: + "201": + description: The cluster has been registered (the ID of the registered cluster + is returned). + content: + application/json: + schema: + $ref: "#/components/schemas/ClusterResponse" + examples: + response: + value: + uid: b0d1ecb5-7947-11ee-9467-0255ac1001bf + "400": + description: Client request error. The server could not execute the request. + content: + application/json: + schema: + type: string + "403": + description: The server refused the request. + content: + application/json: + schema: + type: string + "404": + description: Resource not found. + content: + application/json: + schema: + type: string + "409": + description: There was a request conflict. + content: + application/json: + schema: + type: string + "500": + description: Internal server error. + content: + application/json: + schema: + type: string + x-request-examples-description-1: Registering a Huawei Cloud CCE cluster + x-request-examples-text-1: + kind: Cluster + apiVersion: v1 + metadata: + name: cce-cluster + uid: 44052cdd-8cd2-11ee-abd1-0255ac1001bd + spec: + region: cn-north-4 + category: self + type: turbo + projectID: 05495693df80d3c92fa1c01795c2be02 + clusterGroupID: "" + manageType: discrete + city: "110000" + country: CN + provider: + CCE: cce + x-request-examples-text-2: + kind: Cluster + apiVersion: v1 + metadata: + name: ack-cluster + annotations: + kubeconfig: '{"kind":"Config","apiVersion":"v1","preferences":{},"clusters":[{"name":"internalCluster","cluster":{"server":"https://kubernetes.default.svc.cluster.local:443","insecure-skip-tls-verify":true}}],"users":[{"name":"ucs-user","user":{"token":"token-string"}}],"contexts":[{"name":"internal","context":{"cluster":"internalCluster","user":"ucs-user"}}],"current-context":"internal"}' + labels: {} + spec: + category: attachedcluster + clusterGroupID: "" + manageType: discrete + city: "110000" + country: CN + provider: + ALI: aliyun + TENCENT: tencentcloud + AWS: aws + GOOGLE: googlecloud + AZURE: azure + OPENSHIFT: openshift + HUAWEISTACK: huaweicloudstack + HUAWEI: huaweicloud + PRIVATEK8S: privatek8s + OTHER: other + FLEXIBLEENGINE: FlexibleEngine + FLEXIBLEENGINESTACK: FlexibleEngineStack + OPENTELEKOMCLOUD: OpenTelekomCloud + OPENTELEKOMCLOUDSTACK: OpenTelekomCloudStack + TIANYI: ctcloud + MOBILE: cmcloud + type: ack + x-api-type: open-api + x-request-examples-url-1: POST https://ucs.myhuaweicloud.com/v1/clusters + x-request-examples-1: + kind: Cluster + apiVersion: v1 + metadata: + name: cce-cluster + uid: 44052cdd-8cd2-11ee-abd1-0255ac1001bd + spec: + region: cn-north-4 + category: self + type: turbo + projectID: 05495693df80d3c92fa1c01795c2be02 + clusterGroupID: "" + manageType: discrete + city: "110000" + country: CN + provider: + CCE: cce + x-request-examples-description-2: Registering an attached cluster + x-request-examples-url-2: POST https://ucs.myhuaweicloud.com/v1/clusters + x-request-examples-2: + kind: Cluster + apiVersion: v1 + metadata: + name: ack-cluster + annotations: + kubeconfig: '{"kind":"Config","apiVersion":"v1","preferences":{},"clusters":[{"name":"internalCluster","cluster":{"server":"https://kubernetes.default.svc.cluster.local:443","insecure-skip-tls-verify":true}}],"users":[{"name":"ucs-user","user":{"token":"token-string"}}],"contexts":[{"name":"internal","context":{"cluster":"internalCluster","user":"ucs-user"}}],"current-context":"internal"}' + labels: {} + spec: + category: attachedcluster + clusterGroupID: "" + manageType: discrete + city: "110000" + country: CN + provider: + ALI: aliyun + TENCENT: tencentcloud + AWS: aws + GOOGLE: googlecloud + AZURE: azure + OPENSHIFT: openshift + HUAWEISTACK: huaweicloudstack + HUAWEI: huaweicloud + PRIVATEK8S: privatek8s + OTHER: other + FLEXIBLEENGINE: FlexibleEngine + FLEXIBLEENGINESTACK: FlexibleEngineStack + OPENTELEKOMCLOUD: OpenTelekomCloud + OPENTELEKOMCLOUDSTACK: OpenTelekomCloudStack + TIANYI: ctcloud + MOBILE: cmcloud + type: ack + x-is-registered: Y + x-support-sdk: Y + x-is-support-cmc: Y + x-apidesigner: 0 + x-order: 2 + "/v1/clusters/{clusterid}": + get: + tags: + - UCS Cluster + summary: Querying a Cluster + description: This API is used to query a cluster. The cluster ID must comply + with the Kubernetes UUID format rules, and you must have the required + permission on the corresponding cluster. Otherwise, the authentication + fails. + operationId: ShowCluster + parameters: + - name: clusterid + in: path + description: Cluster ID + required: true + schema: + type: string + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + minLength: 1 + maxLength: 16384 + responses: + "200": + description: Cluster information, such as its status and synchronization mode + between the cluster and Karmada control plane. + content: + application/json: + schema: + $ref: "#/components/schemas/Cluster" + examples: + response: + value: + kind: Cluster + apiVersion: v1 + metadata: + name: test-cluster + uid: b0d1ecb5-7947-11ee-9467-0255ac1001bf + creationTimestamp: 2023-11-02T06:36:14Z + labels: + FeatureGates: elbv3,SupportClientCertificateRevocation,xGPU + spec: + syncMode: "" + clusterGroupID: bffbb35b-7949-11ee-886c-0255ac100037 + manageType: grouped + provider: huaweicloud + type: cce + category: self + region: cn-north-4 + country: CN + city: "150900" + projectID: b6315dd3d0ff4be5b31a963256794989 + projectName: cn-north-4 + IsDownloadedCert: false + operatorNamespace: 2cd7ebd02e4743eba4e6342c09e49344 + connectProxyEndpoints: + - type: VPCEP + name: cn-north-4.5fc05258-f125-48f5-8a0a-a724a37f5ff1 + id: 5fc05258-f125-48f5-8a0a-a724a37f5ff1 + region: cn-north-4 + status: + kubernetesVersion: v1.25 + conditions: + - type: Ready + status: "True" + lastTransitionTime: 2023-11-27T11:05:09+08:00 + reason: ClusterAvailable + - type: Cluster + status: Available + lastTransitionTime: 2023-11-27T11:05:09+08:00 + reason: ClusterAvailable + - type: Federation + status: Federalized + lastTransitionTime: 2023-11-14T14:31:58.744215+08:00 + endpoints: + - url: https://192.168.1.251:5443 + type: Internal + phase: Available + arrearFreeze: "false" + policeFreeze: "false" + "400": + description: Client request error. The server could not execute the request. + content: + application/json: + schema: + type: string + "403": + description: The server refused the request. + content: + application/json: + schema: + type: string + "404": + description: Resource not found. + content: + application/json: + schema: + type: string + "500": + description: Internal server error. + content: + application/json: + schema: + type: string + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-is-support-cmc: Y + x-apidesigner: 4 + x-order: 1 + put: + tags: + - UCS Cluster + summary: Updating a Cluster + description: This API is used to update a cluster. Currently, only the + country/city of attached clusters and on-premises clusters can be + updated. + operationId: UpdateCluster + parameters: + - name: clusterid + in: path + description: Cluster ID + required: true + schema: + type: string + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + minLength: 1 + maxLength: 16384 + - name: Content-Type + in: header + description: Message body type (format). Only **application/json** is supported. + required: true + schema: + type: string + default: application/json + requestBody: + content: + application/json: + schema: + $ref: "#/components/schemas/UpdateClusterRequestBody" + description: Updating the cluster information + required: true + responses: + "200": + description: The cluster has been updated. + content: + application/json: + schema: + type: object + examples: + response: + value: {} + "400": + description: Client request error. The server could not execute the request. + content: + application/json: + schema: + type: string + "403": + description: The server refused the request. + content: + application/json: + schema: + type: string + "500": + description: Internal server error. + content: + application/json: + schema: + type: string + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-is-support-cmc: Y + x-request-examples-description-1: Updating a cluster + x-request-examples-url-1: PUT https://ucs.myhuaweicloud.com/v1/clusters/{clusterid} + x-request-examples-1: + kind: Cluster + apiVersion: v1 + metadata: + annotations: + kubeconfig: '{"kind":"Config","apiVersion":"v1","preferences":{},"clusters":[{"name":"internalCluster","cluster":{"server":"https://ip:5443","insecure-skip-tls-verify":true}}],"users":[{"name":"user","user":{"client-certificate-data":"","client-key-data":""}}],"contexts":[{"name":"internal","context":{"cluster":"internalCluster","user":"user"}}],"current-context":"internal"}' + spec: + country: AL + city: AL + x-request-examples-text-1: + kind: Cluster + apiVersion: v1 + metadata: + annotations: + kubeconfig: '{"kind":"Config","apiVersion":"v1","preferences":{},"clusters":[{"name":"internalCluster","cluster":{"server":"https://ip:5443","insecure-skip-tls-verify":true}}],"users":[{"name":"user","user":{"client-certificate-data":"","client-key-data":""}}],"contexts":[{"name":"internal","context":{"cluster":"internalCluster","user":"user"}}],"current-context":"internal"}' + spec: + country: AL + city: AL + x-apidesigner: 3 + x-order: 3 + delete: + tags: + - UCS Cluster + summary: Deregistering a Cluster + description: This API is used to deregister a cluster. The cluster ID must + comply with the Kubernetes UUID format rules, and you must have the + required permission on the corresponding cluster. Otherwise, the + authentication fails. + operationId: DeleteCluster + parameters: + - name: clusterid + in: path + description: Cluster ID + required: true + schema: + type: string + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + minLength: 1 + maxLength: 16384 + responses: + "200": + description: The cluster has been deregistered. + content: + application/json: + schema: + type: string + "400": + description: Client request error. The server could not execute the request. + content: + application/json: + schema: + type: string + "404": + description: Resource not found. + content: + application/json: + schema: + type: string + "500": + description: Internal server error. + content: + application/json: + schema: + type: string + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-is-support-cmc: Y + x-apidesigner: 2 + x-order: 4 + "/v1/clusters/{clusterid}/accessinfo": + get: + tags: + - UCS Cluster + summary: Querying Cluster Access Information + description: This API is used to query the cluster access information. The + cluster ID must comply with the Kubernetes UUID format rules. You must + have permission to query the corresponding cluster. Otherwise, the + authentication fails. The agent certificate can be downloaded only once. + This API is only used to query the access information of attached + clusters. If a CCE cluster ID is transferred, 400 will be returned. + operationId: ShowClusterAccessInfo + parameters: + - name: clusterid + in: path + description: Cluster ID + required: true + schema: + type: string + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + minLength: 1 + maxLength: 16384 + - name: vpcendpoint + in: query + description: >- + IP address of the VPC endpoint for accessing on-premises clusters. + This parameter is mandatory for clusters on the private network. + + + For details about how to create a VPC endpoint and query the IP address, see [Creating a VPC Endpoint](https://support.huaweicloud.com/intl/en-us/usermanual-ucs/ucs_01_0336.html#section2). + required: false + schema: + type: string + - name: region + in: query + description: Access region. This parameter is mandatory for clusters accessed + over a private network. + required: false + schema: + type: string + responses: + "200": + description: Cluster access information returned. + content: + application/json: + schema: + type: array + items: + type: object + properties: {} + examples: + response: + value: + - apiVersion: apps/v1 + kind: Deployment + metadata: + labels: + app: proxy-agent + name: proxy-agent + namespace: kube-system + spec: + replicas: 2 + template: + metadata: + labels: + app: proxy-agent + spec: + tolerations: + - key: role + operator: Equal + value: manage + containers: + - command: + - /proxy-agent + args: + - --logtostderr=true + - --ca-cert=/var/certs/agent/ca.crt + - --agent-cert=/var/certs/agent/proxy-agent.crt + - --agent-key=/var/certs/agent/proxy-agent.key + - --proxy-server-host=proxyurl.ucs.myhuaweicloud.com + - --proxy-server-port=30123 + - --agent-id={uuid} + - --agent-identifiers=host={ip_addr} + image: "{image_addr}" + imagePullPolicy: IfNotPresent + name: proxy-agent + priorityClassName: system-cluster-critical + hostAliases: + - ip: "{ip_addr}" + hostnames: + - proxyurl.ucs.myhuaweicloud.com + - apiVersion: v1 + kind: Secret + metadata: + name: proxy-agent-cert + namespace: kube-system + type: Opaque + data: + ca.crt: "{ca crt}" + proxy-agent.crt: "{proxy-agent crt}" + proxy-agent.key: "{proxy-agent key}" + common_shared.key: "{common_shared key}" + root.key: "{root key}" + "400": + description: Client request error. The server could not execute the request. + content: + application/json: + schema: + type: string + "403": + description: The server refused the request. + content: + application/json: + schema: + type: string + "410": + description: The certificate has been downloaded. + content: + application/json: + schema: + type: string + "500": + description: Internal server error. + content: + application/json: + schema: + type: string + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-is-support-cmc: Y + x-apidesigner: 5 + x-order: 5 + "/v1/clusters/{clusterid}/activation": + put: + tags: + - UCS Cluster + summary: Activating a Cluster + description: This API is used to activate a cluster. The cluster ID must comply + with the Kubernetes UUID format rules, and you must have the required + permission on the corresponding cluster. Otherwise, the authentication + fails. + operationId: RetryClusterActivation + parameters: + - name: clusterid + in: path + description: Cluster ID + required: true + schema: + type: string + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + minLength: 1 + maxLength: 16384 + responses: + "200": + description: The cluster has been activated. + content: + application/json: + schema: + type: object + examples: + response: + value: {} + "400": + description: Client request error. The server could not execute the request. + content: + application/json: + schema: + type: string + "500": + description: Internal server error. + content: + application/json: + schema: + type: string + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-is-support-cmc: Y + x-request-examples-description-1: Activating a cluster + x-request-examples-url-1: POST https://ucs.myhuaweicloud.com/v1/clusters/{clusterid}/activation + x-apidesigner: 11 + x-order: 6 + /v1/clustergroups: + get: + tags: + - Fleet + summary: Obtaining the Fleet List + description: This API is used to list all fleets. + operationId: ListClusterGroup + parameters: + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + minLength: 1 + maxLength: 16384 + - name: limit + in: query + description: The number of records allowed on each page when the list is queried + by page. The default value is **-1**. + required: false + schema: + type: integer + format: int32 + - name: offset + in: query + description: Start offset when the list is queried by page. The default value is + **0**. + required: false + schema: + type: integer + format: int32 + - name: order_by + in: query + description: Sorting parameter when the list is queried by page. The value can + be **create_at** or **update_at**. + required: false + schema: + type: string + - name: order + in: query + description: Sorting order when the list is queried by page. The value can be + **desc** or **asc**. + required: false + schema: + type: string + responses: + "200": + description: The fleet list has been queried. + content: + application/json: + schema: + $ref: "#/components/schemas/ClusterGroupList" + examples: + response: + value: + items: + - kind: ClusterGroup + apiVersion: v1 + metadata: + name: cluster-test + uid: bffbb35b-7949-11ee-886c-0255ac100037 + creationTimestamp: 2023-11-02 06:33:35.558128 +0000 UTC + updateTimestamp: 2023-11-14 06:20:20.446476 +0000 UTC + spec: + federationId: e2f27cc6-82b5-11ee-84e3-0255ac100032 + federationVersion: v1.7.0-t1109 + dnsSuffix: + - www.oidc.com + connectGatewayEndpoints: + - type: VPCEP + name: cn-north-4.5fc05258-f125-48f5-8a0a-a724a37f5ff1 + id: 5fc05258-f125-48f5-8a0a-a724a37f5ff1 + region: cn-north-4 + status: + conditions: + - type: Federation + status: Unavailable + reason: FederationUnavailable + message: component volcano-scheduler is unhealthy + lastTransitionTime: 0001-01-01T00:00:00Z + - kind: ClusterGroup + apiVersion: v1 + metadata: + name: cluster-dev + uid: 4557ad49-22bf-11ee-b0c9-0255ac10004b + creationTimestamp: 2023-07-15 03:25:39.253589 +0000 UTC + updateTimestamp: 2023-10-19 11:52:14.509405 +0000 UTC + spec: {} + status: {} + - kind: ClusterGroup + apiVersion: v1 + metadata: + name: test0131 + uid: 108f5981-a105-11ed-a23e-0255ac100032 + creationTimestamp: 2023-01-31 01:17:44.309185 +0000 UTC + updateTimestamp: 2023-06-29 01:02:28.78095 +0000 UTC + spec: {} + status: {} + total: 3 + "400": + description: Client request error. The server could not execute the request. + content: + application/json: + schema: + type: string + "403": + description: The server refused the request. + content: + application/json: + schema: + type: string + "500": + description: Internal server error. + content: + application/json: + schema: + type: string + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-is-support-cmc: Y + x-apidesigner: 13 + x-order: 10 + post: + tags: + - Fleet + summary: Registering a Fleet + description: This API is used to create a fleet. You can select clusters during + fleet creation. + operationId: RegisterClusterGroup + parameters: + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + minLength: 1 + maxLength: 16384 + - name: Content-Type + in: header + description: Message body type (format). Only **application/json** is supported. + required: true + schema: + type: string + default: application/json + requestBody: + content: + application/json: + schema: + $ref: "#/components/schemas/RegisterClusterGroup" + description: Container fleet information + required: true + responses: + "201": + description: The fleet has been created (the UID of the fleet is returned). + content: + application/json: + schema: + $ref: "#/components/schemas/ClusterGroupResp" + examples: + response: + value: + uid: 6efb4a18-2fa4-11ee-ad1d-0255ac1001c4 + "400": + description: Client request error. The server could not execute the request. + content: + application/json: + schema: + type: string + "403": + description: The server refused the request. + content: + application/json: + schema: + type: string + "500": + description: Internal server error. + content: + application/json: + schema: + type: string + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-is-support-cmc: Y + x-request-examples-description-1: Creating a fleet and (optional) adding clusters to the fleet + x-request-examples-url-1: https://ucs.myhuaweicloud.com/v1/clustergroups + x-request-examples-1: + metadata: + name: group02281605 + spec: + clusterIds: + - 514c1a3c-8ec7-11ec-b384-0255ac100189 + - d4804da3-8f03-11ec-b384-0255ac100189 + description: aaaaaaaaa + x-request-examples-text-1: + metadata: + name: group02281605 + spec: + clusterIds: + - 514c1a3c-8ec7-11ec-b384-0255ac100189 + - d4804da3-8f03-11ec-b384-0255ac100189 + description: aaaaaaaaa + x-apidesigner: 12 + x-order: 2 + "/v1/clustergroups/{clustergroupid}": + get: + tags: + - Fleet + summary: Querying a Fleet + description: This API is used to query a fleet. + operationId: ShowClusterGroup + parameters: + - name: clustergroupid + in: path + description: Fleet ID + required: true + schema: + type: string + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + minLength: 1 + maxLength: 16384 + responses: + "200": + description: Fleet object + content: + application/json: + schema: + $ref: "#/components/schemas/ClusterGroup" + examples: + response: + value: + kind: ClusterGroup + apiVersion: v1 + metadata: + name: cluster-test + uid: bffbb35b-7949-11ee-886c-0255ac100037 + creationTimestamp: 2023-11-02 06:33:35.558128 +0000 UTC + updateTimestamp: 2023-11-14 06:20:20.446476 +0000 UTC + spec: + federationId: e2f27cc6-82b5-11ee-84e3-0255ac100032 + federationVersion: v1.7.0 + dnsSuffix: + - www.oidc.com + connectGatewayEndpoints: + - type: VPCEP + name: cn-north-4.5fc05258-f125-48f5-8a0a-a724a37f5ff1 + id: 5fc05258-f125-48f5-8a0a-a724a37f5ff1 + region: cn-north-4 + status: + conditions: + - type: Federation + status: Unavailable + reason: FederationUnavailable + message: component volcano-scheduler is unhealthy + lastTransitionTime: 0001-01-01T00:00:00Z + "400": + description: Client request error. The server could not execute the request. + content: + application/json: + schema: + type: string + "403": + description: The server refused the request. + content: + application/json: + schema: + type: string + "404": + description: Resource not found. + content: + application/json: + schema: + type: string + "500": + description: Internal server error. + content: + application/json: + schema: + type: string + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-is-support-cmc: Y + x-order: 5 + delete: + tags: + - Fleet + summary: Deleting a Fleet + description: This API is used to delete a fleet. A fleet can only be deleted + when there are no clusters in it. To delete a fleet, remove the clusters + from the fleet first. The cluster IDs must comply with the Kubernetes + UUID format rules, and you must have the operation permission on the + clusters. Otherwise, the authentication fails. + operationId: DeleteClusterGroup + parameters: + - name: clustergroupid + in: path + description: Fleet ID + required: true + schema: + type: string + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + minLength: 1 + maxLength: 16384 + responses: + "200": + description: The fleet has been deleted. + content: + application/json: + schema: + type: string + "400": + description: Client request error. The server could not execute the request. + content: + application/json: + schema: + type: string + "403": + description: The server refused the request. + content: + application/json: + schema: + type: string + "404": + description: Resource not found. + content: + application/json: + schema: + type: string + "500": + description: Internal server error. + content: + application/json: + schema: + type: string + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-is-support-cmc: Y + x-apidesigner: 14 + x-order: 4 + "/v1/clustergroups/{clustergroupid}/associatedclusters": + put: + tags: + - Fleet + summary: Adding Clusters to a Fleet + description: This API is used to add clusters to a fleet. One or more clusters + can be added at the same time. This API cannot be used to remove + clusters from a fleet. + operationId: UpdateClusterGroupAssociatedClusters + parameters: + - name: clustergroupid + in: path + description: Fleet ID + required: true + schema: + type: string + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + minLength: 1 + maxLength: 16384 + - name: Content-Type + in: header + description: Message body type (format). Only **application/json** is supported. + required: true + schema: + type: string + default: application/json + requestBody: + content: + application/json: + schema: + $ref: "#/components/schemas/UpdateClusterGroupAssociatedClustersRequestBody" + description: Clusters in the fleet have been updated. + responses: + "200": + description: Clusters have been added to the fleet. + content: + application/json: + schema: + type: object + examples: + response: + value: {} + "400": + description: Client request error. The server could not execute the request. + content: + application/json: + schema: + type: string + "500": + description: Internal server error. + content: + application/json: + schema: + type: string + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-is-support-cmc: Y + x-request-examples-description-1: Updating clusters in a fleet + x-request-examples-url-1: PUT + https://ucs.myhuaweicloud.com/v1/clustergroups/{clustergroupid}/associatedclusters + x-request-examples-1: + clusterIds: + - xxxx-xxxx-xxxx + x-request-examples-text-1: + clusterIds: + - xxxx-xxxx-xxxx + x-order: 6 + "/v1/clustergroups/{clustergroupid}/description": + put: + tags: + - Fleet + summary: Updating Fleet Description + description: This API is used to update the description of a fleet. You must + have the permission to update the fleet. + operationId: UpdateClusterGroup + parameters: + - name: clustergroupid + in: path + description: Fleet ID + required: true + schema: + type: string + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + minLength: 1 + maxLength: 16384 + - name: Content-Type + in: header + description: Message body type (format). Only **application/json** is supported. + required: true + schema: + type: string + default: application/json + requestBody: + content: + application/json: + schema: + $ref: "#/components/schemas/UpdateClusterGroupDescriptionRequest" + description: Updating fleet information + responses: + "200": + description: Update succeeded. + content: + application/json: + schema: + type: object + examples: + response: + value: {} + "400": + description: Client request error. The server could not execute the request. + content: + application/json: + schema: + type: string + "403": + description: The server refused the request. + content: + application/json: + schema: + type: string + "404": + description: Resource not found. + content: + application/json: + schema: + type: string + "500": + description: Internal server error. + content: + application/json: + schema: + type: string + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-is-support-cmc: Y + x-request-examples-description-1: Updating fleet description + x-request-examples-url-1: PUT + https://ucs.myhuaweicloud.com/v1/clustergroups/{clustergroupid}/description + x-request-examples-1: + description: aaaaaaaaa + x-request-examples-text-1: + description: aaaaaaaaa + x-apidesigner: 15 + x-order: 7 + /v1/managedclusters: + get: + tags: + - UCS Cluster + summary: Querying the CCE Cluster List + description: This API is used to query CCE cluster list. + operationId: ListManagedClusters + parameters: + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + - name: unimported + in: query + description: Whether CCE clusters have been imported to UCS + required: false + schema: + type: boolean + - name: limit + in: query + description: The number of records allowed on each page when the list is queried + by page. The default value is **-1**. + required: false + schema: + type: integer + format: int32 + - name: offset + in: query + description: Start offset when the list is queried by page. The default value is + **0**. + required: false + schema: + type: integer + format: int32 + responses: + "200": + description: CCE clusters that were not imported to UCS were returned. + content: + application/json: + schema: + type: array + items: + $ref: "#/components/schemas/Cluster" + examples: + response: + value: + - kind: Cluster + apiVersion: v1 + metadata: + name: cluster-test + uid: 57ef11e7-7d72-11ee-a590-0255ac100b05 + creationTimestamp: 2023-11-07T13:34:15Z + labels: + FeatureGates: elbv3,SupportClientCertificateRevocation,xGPU + spec: + syncMode: "" + apiEndpoint: https://cce-internal.cn-north-4.myhuaweicloud.com + provider: huaweicloud + type: cce + category: self + region: cn-north-4 + country: CN + city: "150900" + projectID: b6315dd3d0ff4be5b31a963256794989 + projectName: cn-north-4 + IsDownloadedCert: false + status: + kubernetesVersion: v1.27 + conditions: + - type: Ready + status: "True" + lastTransitionTime: 2023-11-27T12:42:24.182645394+08:00 + reason: ClusterAvailable + - type: Cluster + status: Available + lastTransitionTime: 2023-11-27T12:42:24.182646152+08:00 + reason: ClusterAvailable + endpoints: + - url: https://192.168.1.44:5443 + type: Internal + phase: Available + "400": + description: Client request error. The server could not execute the request. + content: + application/json: + schema: + type: string + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-is-support-cmc: Y + x-order: 10 + "/v1/clusters/{clusterid}/join": + post: + tags: + - Fleet + summary: Adding a Cluster to a Fleet + description: This API is used to add a cluster to a fleet. + operationId: JoinGroup + parameters: + - name: clusterid + in: path + description: Cluster ID + required: true + schema: + type: string + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + - name: Content-Type + in: header + description: Message body type (format). Only **application/json** is supported. + required: true + schema: + type: string + default: application/json + requestBody: + content: + application/json: + schema: + $ref: "#/components/schemas/ClusterJoinGroupRequestBody" + description: body + required: true + responses: + "200": + description: The cluster has been added to the fleet. + content: + application/json: + schema: + type: object + examples: + response: + value: {} + "400": + description: Client request error. The server could not execute the request. + content: + application/json: + schema: + type: string + "403": + description: The server refused the request. + content: + application/json: + schema: + type: string + "500": + description: Internal server error. + content: + application/json: + schema: + type: string + x-request-examples-1: + clusterGroupID: 49077339-f1cd-11ec-a2be-0255ac1001c2 + x-request-examples-description-1: Adding a cluster to a fleet + x-request-examples-url-1: POST https://ucs.myhuaweicloud.com/v1/clusters/{clusterid}/join + x-request-examples-text-1: + clusterGroupID: 49077339-f1cd-11ec-a2be-0255ac1001c2 + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-is-support-cmc: Y + x-order: 0 + "/v1/clusters/{clusterid}/unjoin": + post: + tags: + - Fleet + summary: Removing a Cluster from a Fleet + description: This API is used to remove a cluster from a fleet. + operationId: LeaveGroup + parameters: + - name: clusterid + in: path + description: Cluster ID + required: true + schema: + type: string + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + responses: + "200": + description: The cluster has been removed from the fleet. + content: + application/json: + schema: + type: object + examples: + response: + value: {} + "400": + description: Client request error. The server could not execute the request. + content: + application/json: + schema: + type: string + "403": + description: The server refused the request. + content: + application/json: + schema: + type: string + "404": + description: Resource not found. + content: + application/json: + schema: + type: string + "500": + description: Internal server error. + content: + application/json: + schema: + type: string + x-request-examples-description-1: Removing a cluster from a fleet + x-request-examples-url-1: POST https://ucs.myhuaweicloud.com/v1/clusters/{clusterid}/unjoin + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-is-support-cmc: Y + x-order: 1 + "/v1/clustergroups/{clustergroupid}/federations/progress": + get: + tags: + - Fleet + summary: Querying Federation Enabling Progress + description: This API is used to query the federation enabling progress. + operationId: ShowFederationProgress + parameters: + - name: clustergroupid + in: path + description: Fleet ID + required: true + schema: + type: string + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + responses: + "200": + description: Returns the job for enabling federation. + content: + application/json: + schema: + $ref: "#/components/schemas/Job" + examples: + response: + value: + kind: Job + apiVersion: v3 + metadata: + uid: 70b5a14f-2fa4-11ee-bf07-0255ac1000b9 + creationTimestamp: 2023-07-31 13:16:20.715779 +0000 UTC + updateTimestamp: 2023-07-31 13:17:24.497868 +0000 UTC + spec: + type: CreateFederationContainer + federationUID: 70acf480-2fa4-11ee-ad1d-0255ac1001c4 + resourceID: 70acf480-2fa4-11ee-ad1d-0255ac1001c4 + resourceName: 70acf480-2fa4-11ee-ad1d-0255ac1001c4 + subJobs: + - kind: Job + apiVersion: v3 + metadata: + uid: 70b66b9a-2fa4-11ee-bf07-0255ac1000b9 + creationTimestamp: 2023-07-31 13:16:20.740512 +0000 UTC + updateTimestamp: 2023-07-31 13:16:22.100528 +0000 UTC + spec: + type: InstallFederationChart + federationUID: 70acf480-2fa4-11ee-ad1d-0255ac1001c4 + status: + phase: Success + completionTime: 2023-07-31 13:16:22.100528 +0000 UTC + startTime: 2023-07-31 13:16:22.100528 +0000 UTC + - kind: Job + apiVersion: v3 + metadata: + uid: 70b66b68-2fa4-11ee-bf07-0255ac1000b9 + creationTimestamp: 2023-07-31 13:16:20.736232 +0000 UTC + updateTimestamp: 2023-07-31 13:17:24.490359 +0000 UTC + spec: + type: CreateNetworkResource + federationUID: 70acf480-2fa4-11ee-ad1d-0255ac1001c4 + extendParam: + JobExtendParamKeyElbID: 69694819-67dc-44ac-ab6e-9b18087c5c4c + status: + phase: Success + completionTime: 2023-07-31 13:17:24.490359 +0000 UTC + startTime: 2023-07-31 13:16:20.744891 +0000 UTC + - kind: Job + apiVersion: v3 + metadata: + uid: 70b66afa-2fa4-11ee-bf07-0255ac1000b9 + creationTimestamp: 2023-07-31 13:16:20.731295 +0000 UTC + updateTimestamp: 2023-07-31 13:16:22.100452 +0000 UTC + spec: + type: CreateCert + federationUID: 70acf480-2fa4-11ee-ad1d-0255ac1001c4 + status: + phase: Success + completionTime: 2023-07-31 13:16:22.100452 +0000 UTC + startTime: 2023-07-31 13:16:22.100452 +0000 UTC + - kind: Job + apiVersion: v3 + metadata: + uid: 70b66ad0-2fa4-11ee-bf07-0255ac1000b9 + creationTimestamp: 2023-07-31 13:16:20.726434 +0000 UTC + updateTimestamp: 2023-07-31 13:16:22.093902 +0000 UTC + spec: + type: CreateNode + federationUID: 70acf480-2fa4-11ee-ad1d-0255ac1001c4 + status: + phase: Success + completionTime: 2023-07-31 13:16:22.093902 +0000 UTC + startTime: 2023-07-31 13:16:20.745187 +0000 UTC + status: + phase: Success + completionTime: 2023-07-31 13:17:24.497868 +0000 UTC + startTime: 2023-07-31 13:16:20.721007 +0000 UTC + "400": + description: Client request error. The server could not execute the request. + content: + application/json: + schema: + type: string + "404": + description: Resource not found. + content: + application/json: + schema: + type: string + "500": + description: Internal server error. + content: + application/json: + schema: + type: string + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-is-support-cmc: Y + x-order: 13 + "/v1/clustergroups/{clustergroupid}/federations": + post: + tags: + - Fleet + summary: Enabling Fleet Federation + description: Enabling Fleet Federation + operationId: EnableFederation + parameters: + - name: clustergroupid + in: path + description: Fleet ID + required: true + schema: + type: string + - name: retryjoinall + in: query + description: Whether to add the cluster to the federation again. + required: false + schema: + type: boolean + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + responses: + "201": + description: Federation has been enabled. + content: + application/json: + schema: + type: object + examples: + response: + value: {} + "400": + description: Client request error. The server could not execute the request. + content: + application/json: + schema: + type: string + "404": + description: Resource not found. + content: + application/json: + schema: + type: string + "500": + description: Internal server error. + content: + application/json: + schema: + type: string + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-is-support-cmc: Y + x-request-examples-description-1: Enabling fleet federation + x-request-examples-url-1: POST + https://ucs.myhuaweicloud.com/v1/clustergroups/{clustergroupid}/federations + x-order: 11 + delete: + tags: + - Fleet + summary: Disabling Cluster Federation + description: This API is used to disable cluster federation for a fleet. + operationId: DisableFederation + parameters: + - name: clustergroupid + in: path + description: Fleet ID + required: true + schema: + type: string + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + responses: + "200": + description: Federation has been disabled. + content: + application/json: + schema: + type: string + "400": + description: Client request error. The server could not execute the request. + content: + application/json: + schema: + type: string + "404": + description: Resource not found. + content: + application/json: + schema: + type: string + "500": + description: Internal server error. + content: + application/json: + schema: + type: string + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-is-support-cmc: Y + x-order: 12 + "/v1/clustergroups/{clustergroupid}/associatedzones": + put: + tags: + - Fleet + summary: Updating the Zone Associated with the Federation of a Fleet + description: This API is used to update the zone associated with the federation + of a fleet. + operationId: UpdateClusterGroupAssociatedZones + parameters: + - name: clustergroupid + in: path + description: Fleet ID + required: true + schema: + type: string + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + - name: Content-Type + in: header + description: Message body type (format). Only **application/json** is supported. + required: true + schema: + type: string + default: application/json + requestBody: + content: + application/json: + schema: + $ref: "#/components/schemas/UpdateAssociatedZonesRequest" + description: Request body for updating a zone + responses: + "200": + description: Update succeeded. + content: + application/json: + schema: + type: object + examples: + response: + value: {} + "400": + description: Client request error. The server could not execute the request. + content: + application/json: + schema: + type: string + "500": + description: Internal server error. + content: + application/json: + schema: + type: string + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-request-examples-description-1: Updating the zone associated with the federation of a fleet + x-request-examples-url-1: POST + https://ucs.myhuaweicloud.com/v1/clustergroups/{clustergroupid}/associatedzones + x-request-examples-1: + dnsSuffix: + - wpwebsite.com + x-request-examples-text-1: + dnsSuffix: + - wpwebsite.com + x-order: 9 + "/v1/clustergroups/{clustergroupid}/cert": + post: + tags: + - Fleet + summary: Creating a Federation Connection and Downloading kubeconfig + description: This API is used to create a VPC endpoint for connecting to the + federation API server and downloading kubeconfig of the federation API + server after federation is enabled for a fleet. + operationId: CreateFederationCert + parameters: + - name: clustergroupid + in: path + description: Fleet ID + required: true + schema: + type: string + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + - name: Content-Type + in: header + description: Message body type (format). Only **application/json** is supported. + required: true + schema: + type: string + default: application/json + requestBody: + content: + application/json: + schema: + $ref: "#/components/schemas/CreateFederationCertRequestBody" + description: Request body for downloading kubeconfig + required: true + responses: + "201": + description: kubeconfig file + content: + application/json: + schema: + $ref: "#/components/schemas/KubeConfig" + examples: + response: + value: + kind: Config + apiVersion: v1 + clusters: + - name: cluster-demo + cluster: + server: https://ip:port + certificate-authority-data: "" + users: + - name: user + user: + client-certificate-data: "" + client-key-data: "" + token: "" + contexts: + - name: demo + context: + cluster: cluster-demo + user: user + current-context: demo + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-is-support-cmc: Y + x-request-examples-description-1: Creating a federation connection and downloading kubeconfig + x-request-examples-url-1: POST https://ucs.myhuaweicloud.com/v1/clustergroups/{clustergroupid}/cert + x-request-examples-1: + projectID: 08d44be1ef00d22e2f6fc0061f54a2f1 + vpcID: 11c9fe72-5a90-4295-bcfe-774726fb9066 + subnetID: 0de91d89-1e06-4e24-b371-35d5d3d3779b + duration: 30 + x-request-examples-text-1: + projectID: 08d44be1ef00d22e2f6fc0061f54a2f1 + vpcID: 11c9fe72-5a90-4295-bcfe-774726fb9066 + subnetID: 0de91d89-1e06-4e24-b371-35d5d3d3779b + duration: 30 + x-order: 14 + "/v1/clustergroups/{clustergroupid}/connection": + post: + tags: + - Fleet + summary: Creating a Federation Connection + description: This API is used to create a VPC endpoint for connecting to the + federation API server after federation is enabled for a fleet. + operationId: CreateFederationConnection + parameters: + - name: clustergroupid + in: path + description: Fleet ID + required: true + schema: + type: string + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + - name: Content-Type + in: header + description: Message body type (format). Only **application/json** is supported. + required: true + schema: + type: string + default: application/json + requestBody: + content: + application/json: + schema: + $ref: "#/components/schemas/CreateFederationConnectionRequestBody" + description: Request body for creating a federation connection + required: true + responses: + "201": + description: Connecting to the federation API server using a VPC endpoint + content: + application/json: + schema: + $ref: "#/components/schemas/VPCEPEndpoint" + examples: + response: + value: + id: b8c9c1dc-b10f-4644-bc5f-e557efa63782s + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-is-support-cmc: Y + x-request-examples-description-1: Creating a federation connection + x-request-examples-url-1: POST + https://ucs.myhuaweicloud.com/v1/clustergroups/{clustergroupid}/connection + x-request-examples-1: + projectID: 08d44be1ef00d22e2f6fc0061f54a2f1 + vpcID: 11c9fe72-5a90-4295-bcfe-774726fb9066 + subnetID: 0de91d89-1e06-4e24-b371-35d5d3d3779b + x-request-examples-text-1: + projectID: 08d44be1ef00d22e2f6fc0061f54a2f1 + vpcID: 11c9fe72-5a90-4295-bcfe-774726fb9066 + subnetID: 0de91d89-1e06-4e24-b371-35d5d3d3779b + x-order: 15 + "/v1/clustergroups/{clustergroupid}/kubeconfig": + post: + tags: + - Fleet + summary: Downloading Federation kubeconfig + description: This API is used to download the kubeconfig file after the + federation is enabled for a fleet and the federation connection is + created. + operationId: DownloadFederationKubeconfig + parameters: + - name: clustergroupid + in: path + description: Fleet ID + required: true + schema: + type: string + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + - name: Content-Type + in: header + description: Message body type (format). Only **application/json** is supported. + required: true + schema: + type: string + default: application/json + requestBody: + content: + application/json: + schema: + $ref: "#/components/schemas/DownloadFederationKubeconfigRequestBody" + description: Request body for downloading federation kubeconfig + required: true + responses: + "201": + description: kubeconfig file + content: + application/json: + schema: + $ref: "#/components/schemas/KubeConfig" + examples: + response: + value: + kind: Config + apiVersion: v1 + clusters: + - name: cluster-demo + cluster: + server: https://ip:port + certificate-authority-data: "" + users: + - name: user + user: + client-certificate-data: "" + client-key-data: "" + token: "" + contexts: + - name: demo + context: + cluster: cluster-demo + user: user + current-context: demo + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-is-support-cmc: Y + x-request-examples-description-1: Downloading federation kubeconfig + x-request-examples-url-1: POST + https://ucs.myhuaweicloud.com/v1/clustergroups/{clustergroupid}/kubeconfig + x-request-examples-1: + duration: 30 + x-request-examples-text-1: + duration: 30 + x-order: 16 + /v1/config/registeredclusterversions: + get: + tags: + - UCS Cluster + summary: Querying the Cluster Version List + description: This API is used to query the list of cluster versions that are + supported by UCS. + operationId: ListRegisteredClusterVersions + parameters: + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + responses: + "200": + description: List of supported cluster versions + content: + application/json: + schema: + $ref: "#/components/schemas/RegisteredClusterVersions" + examples: + response: + value: + versions: + - v1.19 + - v1.20 + - v1.21 + - v1.22 + - v1.23 + - v1.24 + - v1.25 + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-is-support-cmc: Y + "/v1/clusters/{clusterid}/policy": + post: + tags: + - UCS Clusters + summary: Enabling the Policy Center for a Cluster + description: This API is used to enable the policy center for a cluster. + operationId: EnableClusterPolicy + parameters: + - name: clusterid + in: path + description: Cluster ID + required: true + schema: + type: string + - name: retry + in: query + description: Retrying starting the policy center + required: false + schema: + type: string + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + responses: + "200": + description: ID of the job for enabling the policy center returned + content: + "*/*": + schema: + $ref: "#/components/schemas/UCSJobResp" + application/json: + examples: + response: + value: + jobID: 5a61ec6b-16d0-4232-839a-3da995a73e4d + "400": + description: Client request error. The server could not execute the request. + content: + "*/*": + schema: + type: string + "404": + description: Resources not found + content: + "*/*": + schema: + type: string + "500": + description: Internal server error + content: + "*/*": + schema: + type: string + x-request-examples-url-1: POST https://ucs.myhuaweicloud.com/v1/clusters/{clusterid}/policy + x-request-examples-description-1: Enabling the policy center for a cluster + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-order: 0 + delete: + tags: + - UCS Clusters + summary: Disabling the Policy Center of a Cluster + description: This API is used to disable the policy center of a cluster. + operationId: DisableClusterPolicy + parameters: + - name: clusterid + in: path + description: Cluster ID + required: true + schema: + type: string + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + responses: + "200": + description: ID of the job for disabling the policy center returned + content: + "*/*": + schema: + $ref: "#/components/schemas/UCSJobResp" + application/json: + examples: + response: + value: + jobID: b5ce50f7-c2c0-4939-a8de-57f40b468c70 + "400": + description: Client request error. The server could not execute the request. + content: + "*/*": + schema: + type: string + "404": + description: Resources not found + content: + "*/*": + schema: + type: string + "500": + description: Internal server error + content: + "*/*": + schema: + type: string + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-order: 1 + "/v1/addons/{id}": + get: + tags: + - Add-on Management + summary: Obtaining an Add-on Instance + description: This API is used to obtain the add-on instance. + operationId: ShowAddonInstance + parameters: + - name: id + in: path + description: Add-on instance ID + required: true + schema: + type: string + - name: is_database_status + in: query + description: Whether to use the add-on status stored in the database + required: false + schema: + type: string + - name: cluster_id + in: query + description: Cluster ID + required: false + schema: + type: string + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + responses: + "200": + description: Add-on instance information returned + content: + "*/*": + schema: + $ref: "#/components/schemas/AddonInstance" + application/json: + examples: + response: + value: + kind: Addon + apiVersion: v3 + metadata: + uid: 929633dc-2dae-4db7-84e4-a33c91370d53 + name: log-agent + creationTimestamp: 2025-10-15T09:03:57Z + updateTimestamp: 2025-10-15T09:04:24Z + spec: + clusterID: 871bfe78-0528-4267-8a94-d19139210f80 + version: 1.7.14 + addonTemplateName: log-agent + addonTemplateType: helm + addonTemplateLogo: "" + addonTemplateLabels: + - Maintenance + description: log-agent is a logging collector and forward center. + parameters: + no_hooks: false + reset_values: false + name_template: "" + release_version: 0 + namespace: monitoring + status: + status: running + Reason: "" + message: "" + currentVersion: + id: "" + version: 1.7.14 + stable: true + creationTimestamp: 2025-09-17T07:59:47Z + updateTimestamp: 2025-09-17T07:59:47Z + "400": + description: Client request error. The server could not execute the request. + content: + "*/*": + schema: + type: string + "404": + description: Resources not found + content: + "*/*": + schema: + type: string + "500": + description: Internal server error + content: + "*/*": + schema: + type: string + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-order: 3 + put: + tags: + - Add-on Management + summary: Updating an Add-on Instance + description: This API is used to update an add-on instance. + operationId: UpdateAddonInstance + parameters: + - name: id + in: path + description: Add-on instance ID + required: true + schema: + type: string + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + - name: Content-Type + in: header + description: Message body type (format). Only **application/json** is supported. + required: true + schema: + type: string + default: application/json + requestBody: + content: + application/json: + schema: + $ref: "#/components/schemas/AddonInstance" + description: Request body + required: true + responses: + "200": + description: Add-on instance information returned + content: + "*/*": + schema: + $ref: "#/components/schemas/AddonInstance" + application/json: + examples: + response: + value: + kind: Addon + apiVersion: v3 + metadata: + uid: "******" + name: everest + creationTimestamp: 2023-07-03T10:57:43Z + updateTimestamp: 2023-07-03T11:24:05Z + spec: + clusterID: "******" + version: 2.1.30 + addonTemplateName: everest + addonTemplateType: helm + addonTemplateLogo: "******" + addonTemplateLabels: + - Storage + description: "" + values: + basic: + bms_url: "******" + cluster_version: v1.23 + driver_init_image_version: 2.1.30 + ecsEndpoint: "******" + everest_image_version: 2.1.30 + evs_url: "******" + iam_url: "******" + ims_url: "******" + obs_url: "******" + platform: linux-amd64 + rbac_enabled: true + sfs30_url: "******" + sfs_turbo_url: "******" + sfs_url: "******" + supportHcs: false + swr_addr: "******" + swr_user: hwofficial + custom: + cluster_id: "******" + cluster_version: v1.23.8-r0 + csi_attacher_detach_worker_threads: "60" + csi_attacher_worker_threads: "60" + default_vpc_id: "******" + disable_auto_mount_secret: false + enable_node_attacher: false + flow_control: {} + multiAZEnabled: false + over_subscription: "80" + project_id: "******" + volume_attaching_flow_ctrl: "0" + flavor: + category: + - CCE + - Turbo + description: Has only one instance + name: Single + replicas: 1 + resources: + - limitsCpu: 250m + limitsMem: 600Mi + name: everest-csi-controller + requestsCpu: 250m + requestsMem: 600Mi + - limitsCpu: 100m + limitsMem: 300Mi + name: everest-csi-driver + requestsCpu: 100m + requestsMem: 300Mi + systemAutoInject: + cluster: + clusterID: "******" + clusterNetworkMode: vpc-router + clusterVersion: v1.23.8-r0 + user: + projectID: "******" + status: + status: upgrading + Reason: addon upgrading + message: "" + currentVersion: + version: 2.1.30 + input: + basic: + bms_url: "******" + driver_init_image_version: 2.1.30 + ecsEndpoint: "******" + everest_image_version: 2.1.30 + evs_url: "******" + iam_url: "******" + ims_url: "******" + obs_url: "******" + platform: "******" + sfs30_url: "******" + sfs_turbo_url: "******" + sfs_url: "******" + supportHcs: false + swr_addr: "******" + swr_user: hwofficial + parameters: + common: + defaultVPCId: 1234567 + custom: + cluster_id: "" + csi_attacher_detach_worker_threads: "60" + csi_attacher_worker_threads: "60" + default_vpc_id: "" + disable_auto_mount_secret: false + enable_node_attacher: false + flow_control: {} + multiAZEnabled: false + over_subscription: "80" + project_id: "" + volume_attaching_flow_ctrl: "0" + flavor1: + description: High available + name: HA + replicas: 2 + resources: + - limitsCpu: 250m + limitsMem: 1500Mi + name: everest-csi-controller + requestsCpu: 250m + requestsMem: 600Mi + - limitsCpu: 500m + limitsMem: 300Mi + name: everest-csi-driver + requestsCpu: 100m + requestsMem: 300Mi + flavor2: + description: Has only one instance + name: Single + replicas: 1 + resources: + - limitsCpu: 250m + limitsMem: 600Mi + name: everest-csi-controller + requestsCpu: 250m + requestsMem: 600Mi + - limitsCpu: 100m + limitsMem: 300Mi + name: everest-csi-driver + requestsCpu: 100m + requestsMem: 300Mi + flavor3: + description: custom resources + name: custom-resources + replicas: 2 + resources: + - limitsCpu: 250m + limitsMem: 2000Mi + name: everest-csi-controller + requestsCpu: 250m + requestsMem: 1500Mi + - limitsCpu: 500m + limitsMem: 300Mi + name: everest-csi-driver + requestsCpu: 100m + requestsMem: 300Mi + stable: true + translate: + en_US: + addon: + changeLog: "" + description: "" + description: + Parameters.flavor1.description: Deploy the add-on with two instances, delivering + high availability but requiring more compute + resources. + Parameters.flavor1.name: HA + Parameters.flavor2.description: Deploy the add-on with one instance. + Parameters.flavor2.name: Standalone + Parameters.flavor3.name: Custom + fr_FR: + addon: + changeLog: "" + description: "" + description: + Parameters.flavor1.description: Déployez avec deux instances, haute + disponibilité. + Parameters.flavor1.name: HA + Parameters.flavor2.description: Déployez avec une seule instance. + Parameters.flavor2.name: Célibataire + Parameters.flavor3.name: Douane + zh_CN: + addon: + changeLog: "" + description: "" + description: + Parameters.flavor1.description: Dual-instance deployment that features high + availability but requires more compute resources + Parameters.flavor1.name: High availability + Parameters.flavor2.description: Single-instance deployment + Parameters.flavor2.name: Single instance + Parameters.flavor3.description: Custom resource specifications for deployment + Parameters.flavor3.name: Custom + creationTimestamp: 2023-05-12T16:10:05Z + updateTimestamp: 2023-05-12T16:10:05Z + "400": + description: Client request error. The server could not execute the request. + content: + "*/*": + schema: + type: string + "404": + description: Resources not found + content: + "*/*": + schema: + type: string + "500": + description: Internal server error + content: + "*/*": + schema: + type: string + x-request-examples-url-1: PUT https://ucs.myhuaweicloud.com/v1/addons{id} + x-request-examples-description-1: Updating an add-on instance + x-request-examples-text-1: + kind: Addon + apiVersion: v3 + metadata: + annotations: + addon.upgrade/type: upgrade + spec: + clusterID: "*****" + version: 2.1.30 + addonTemplateName: everest + values: + basic: + bms_url: "*****" + driver_init_image_version: 2.1.30 + ecsEndpoint: "*****" + everest_image_version: 2.1.30 + evs_url: "*****" + iam_url: "*****" + ims_url: "*****" + obs_url: "*****" + platform: linux-amd64 + sfs30_url: "*****" + sfs_turbo_url: "*****" + sfs_url: "*****" + supportHcs: false + swr_addr: "*****" + swr_user: hwofficial + rbac_enabled: true + cluster_version: v1.23 + flavor: + description: High available + name: HA + replicas: 2 + resources: + - limitsCpu: 250m + limitsMem: 2000Mi + name: everest-csi-controller + requestsCpu: 250m + requestsMem: 1500Mi + - limitsCpu: 500m + limitsMem: 300Mi + name: everest-csi-driver + requestsCpu: 100m + requestsMem: 300Mi + category: + - CCE + - Turbo + custom: + cluster_id: "*****" + csi_attacher_detach_worker_threads: "60" + csi_attacher_worker_threads: "60" + default_vpc_id: "*****" + disable_auto_mount_secret: false + enable_node_attacher: true + flow_control: {} + multiAZEnabled: false + over_subscription: "80" + project_id: "*****" + volume_attaching_flow_ctrl: "0" + x-request-examples-1: + kind: Addon + apiVersion: v3 + metadata: + annotations: + addon.upgrade/type: upgrade + spec: + clusterID: "*****" + version: 2.1.30 + addonTemplateName: everest + values: + basic: + bms_url: "*****" + driver_init_image_version: 2.1.30 + ecsEndpoint: "*****" + everest_image_version: 2.1.30 + evs_url: "*****" + iam_url: "*****" + ims_url: "*****" + obs_url: "*****" + platform: linux-amd64 + sfs30_url: "*****" + sfs_turbo_url: "*****" + sfs_url: "*****" + supportHcs: false + swr_addr: "*****" + swr_user: hwofficial + rbac_enabled: true + cluster_version: v1.23 + flavor: + description: High available + name: HA + replicas: 2 + resources: + - limitsCpu: 250m + limitsMem: 2000Mi + name: everest-csi-controller + requestsCpu: 250m + requestsMem: 1500Mi + - limitsCpu: 500m + limitsMem: 300Mi + name: everest-csi-driver + requestsCpu: 100m + requestsMem: 300Mi + category: + - CCE + - Turbo + custom: + cluster_id: "*****" + csi_attacher_detach_worker_threads: "60" + csi_attacher_worker_threads: "60" + default_vpc_id: "*****" + disable_auto_mount_secret: false + enable_node_attacher: true + flow_control: {} + multiAZEnabled: false + over_subscription: "80" + project_id: "*****" + volume_attaching_flow_ctrl: "0" + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-order: 2 + delete: + tags: + - Add-on Management + summary: Uninstalling an Add-on Instance + description: This API is used to uninstall an add-on instance. + operationId: DeleteAddonInstance + parameters: + - name: id + in: path + description: Add-on instance ID + required: true + schema: + type: string + - name: cluster_id + in: query + description: If **cluster_id** is left empty, **cluster_id** of + **addonInstance** is used. If **cluster_id** is not left empty, + check whether **cluster_id** of **addonInstance** is the same as + that in the query. + required: false + schema: + type: string + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + responses: + "200": + description: Add-on instance uninstalled + content: + "*/*": + schema: + type: string + "400": + description: Client request error. The server could not execute the request. + content: + "*/*": + schema: + type: string + "404": + description: Resources not found + content: + "*/*": + schema: + type: string + "500": + description: Internal server error + content: + "*/*": + schema: + type: string + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-order: 4 + /v1/addons: + get: + tags: + - Add-on Management + summary: Obtaining the Add-on Instance List + description: This API is used to obtain the add-on instance list. + operationId: ListAddonInstances + parameters: + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + - name: cluster_id + in: query + description: Cluster ID + required: true + schema: + type: string + - name: addon_template_name + in: query + description: Whether to use the add-on status stored in the database + required: false + schema: + type: string + - name: is_database_status + in: query + description: Add-on package name + required: false + schema: + type: string + responses: + "200": + description: Add-on instance list returned + content: + "*/*": + schema: + $ref: "#/components/schemas/AddonInstanceList" + application/json: + examples: + response: + value: + items: + - kind: Addon + apiVersion: v3 + metadata: + uid: 929633dc-2dae-4db7-84e4-a33c91370d53 + name: log-agent + creationTimestamp: 2025-10-15T09:03:57Z + updateTimestamp: 2025-10-15T09:04:24Z + spec: + clusterID: 871bfe78-0528-4267-8a94-d19139210f80 + version: 1.7.14 + addonTemplateName: log-agent + addonTemplateType: helm + addonTemplateLogo: "" + addonTemplateLabels: + - Maintenance + description: log-agent is a logging collector and forward center. + parameters: + no_hooks: false + reset_values: false + name_template: "" + release_version: 0 + namespace: monitoring + status: + status: running + Reason: "" + message: "" + currentVersion: + id: "" + version: 1.7.14 + stable: true + creationTimestamp: 2025-09-17T07:59:47Z + updateTimestamp: 2025-09-17T07:59:47Z + "400": + description: Client request error. The server could not execute the request. + content: + "*/*": + schema: + type: string + "500": + description: Internal server error + content: + "*/*": + schema: + type: string + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-order: 0 + post: + tags: + - Add-on Management + summary: Installing an Add-on Instance + description: This API is used to install an add-on instance. + operationId: CreateAddonInstance + parameters: + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + - name: Content-Type + in: header + description: Message body type (format). Only **application/json** is supported. + required: true + schema: + type: string + default: application/json + requestBody: + content: + application/json: + schema: + $ref: "#/components/schemas/AddonInstance" + description: Request body + responses: + "200": + description: Add-on instance information returned + content: + "*/*": + schema: + $ref: "#/components/schemas/AddonInstance" + application/json: + examples: + response: + value: + kind: Addon + apiVersion: v3 + metadata: + uid: 4972d9b2-59ed-4735-bba0-4bb1cf30f90d + name: volcano + creationTimestamp: 2025-10-17T03:52:52Z + updateTimestamp: 2025-10-17T03:52:52Z + spec: + clusterID: 0ddf73d6-7427-11f0-bf90-0255ac100b09 + version: 1.19.6 + addonTemplateName: volcano + addonTemplateType: helm + addonTemplateLogo: https://xxxxxx.svg + addonTemplateLabels: + - ContainerSchedulerAndElasticity + description: Volcano is a batch system built on Kubernetes. It provides a suite + of mechanisms currently missing from Kubernetes that are + commonly required by many classes of batch & elastic + workload including machine learning/deep learning, + bioinformatics/genomics, other big data applications. + values: + basic: + cluster_version: v1.31 + platform: linux-amd64 + rbac_enabled: true + swr_addr: "" + swr_user: hwofficial + flavor: + category: + - CCE + - Turbo + description: For 50 nodes, 5000 pods in cluster + name: Node50 + recommend_cluster_flavor_types: + - small + resources: + - limitsCpu: 2000m + limitsMem: 2000Mi + name: volcano-scheduler + replicas: 2 + requestsCpu: 500m + requestsMem: 500Mi + - limitsCpu: 2000m + limitsMem: 2000Mi + name: volcano-controller + replicas: 2 + requestsCpu: 500m + requestsMem: 500Mi + - limitsCpu: 500m + limitsMem: 500Mi + name: volcano-admission + replicas: 2 + requestsCpu: 200m + requestsMem: 500Mi + size: small + status: + status: installing + Reason: "" + message: "" + "400": + description: Client request error. The server could not execute the request. + content: + "*/*": + schema: + type: string + "500": + description: Internal server error + content: + "*/*": + schema: + type: string + x-request-examples-url-1: POST https:///ucs.myhuaweicloud.com/v1/addons + x-request-examples-text-1: + kind: Addon + apiVersion: v3 + metadata: + annotations: + addon.install/type: install + spec: + clusterID: 0ddf73d6-7427-11f0-bf90-0255ac100b09 + version: 1.19.6 + addonTemplateName: volcano + values: + basic: + platform: linux-amd64 + swr_addr: "" + swr_user: hwofficial + rbac_enabled: true + cluster_version: v1.31 + flavor: + description: For 50 nodes, 5000 pods in cluster + name: Node50 + recommend_cluster_flavor_types: + - small + resources: + - name: volcano-scheduler + limitsCpu: 2000m + requestsCpu: 500m + replicas: 2 + limitsMem: 2000Mi + requestsMem: 500Mi + - name: volcano-controller + limitsCpu: 2000m + requestsCpu: 500m + replicas: 2 + limitsMem: 2000Mi + requestsMem: 500Mi + - name: volcano-admission + limitsCpu: 500m + requestsCpu: 200m + replicas: 2 + limitsMem: 500Mi + requestsMem: 500Mi + size: small + category: + - CCE + - Turbo + x-request-examples-1: + kind: Addon + apiVersion: v3 + metadata: + annotations: + addon.install/type: install + spec: + clusterID: 0ddf73d6-7427-11f0-bf90-0255ac100b09 + version: 1.19.6 + addonTemplateName: volcano + values: + basic: + platform: linux-amd64 + swr_addr: "" + swr_user: hwofficial + rbac_enabled: true + cluster_version: v1.31 + flavor: + description: For 50 nodes, 5000 pods in cluster + name: Node50 + recommend_cluster_flavor_types: + - small + resources: + - name: volcano-scheduler + limitsCpu: 2000m + requestsCpu: 500m + replicas: 2 + limitsMem: 2000Mi + requestsMem: 500Mi + - name: volcano-controller + limitsCpu: 2000m + requestsCpu: 500m + replicas: 2 + limitsMem: 2000Mi + requestsMem: 500Mi + - name: volcano-admission + limitsCpu: 500m + requestsCpu: 200m + replicas: 2 + limitsMem: 500Mi + requestsMem: 500Mi + size: small + category: + - CCE + - Turbo + x-request-examples-description-1: Installing an add-on instance + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-order: 1 + "/v1/clustergroups/{clustergroupid}/unitedworkload": + get: + tags: + - Fleets + summary: Querying a Federated Workload + description: This API is used to query a federated workload. + operationId: ShowProxyUnitedWorkload + parameters: + - name: clustergroupid + in: path + description: Fleet ID + required: true + schema: + type: string + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + - name: kind + in: query + description: >- + Resource type. Options: + + - **Deployment**: manages stateless applications. + + - **Service**: implements service discovery and load balancing. + + - **Ingress**: manages external HTTP/HTTPS access to services in a cluster. + + - **ConfigMap**: stores non-sensitive configuration data. + + - **Secret**: stores sensitive information. + + - **Job**: runs one-off tasks. + + - **StatefulSet**: manages stateful applications. + + - **DaemonSet**: runs a pod on each node. + + - **PersistentVolumeClaim**: applies for and uses persistent storage resources. + required: true + x-api-type: open-api + schema: + type: string + - name: namespace + in: query + description: Namespace + required: false + schema: + type: string + - name: name + in: query + description: Workload name + required: false + schema: + type: string + responses: + "200": + description: Federated workload information obtained + content: + "*/*": + schema: + type: array + items: + $ref: "#/components/schemas/MutiWorkload" + application/json: + examples: + response: + value: + - kind: Deployment + apiVersion: apps/v1 + metadata: + name: test1111111 + namespace: default + template: {} + propagationPolicy: + kind: PropagationPolicy + apiVersion: policy.karmada.io/v1alpha1 + metadata: + name: test1111111-deployment + namespace: default + uid: ba1c3027-0084-4194-9cb9-e29adaf88712 + resourceVersion: "62874" + generation: 2 + creationTimestamp: 2025-10-30T13:03:02Z + labels: + propagationpolicy.karmada.io/permanent-id: 51b25f78-1c19-4e0b-82b2-93a7f92b01f8 + finalizers: + - karmada.io/propagation-policy-controller + spec: + resourceSelectors: + - apiVersion: apps/v1 + kind: Deployment + namespace: default + name: test1111111 + propagateDeps: true + placement: + clusterAffinity: + clusterNames: + - test + clusterTolerations: + - key: cluster.karmada.io/not-ready + operator: Exists + priority: 0 + schedulerName: default-scheduler + overridePolicy: + kind: OverridePolicy + apiVersion: policy.karmada.io/v1alpha1 + metadata: + name: test1111111-deployment + namespace: default + uid: 9def0688-474c-4cb9-bdaa-55ddb689e76c + resourceVersion: "60554" + generation: 1 + creationTimestamp: 2025-10-30T13:03:02Z + spec: + resourceSelectors: + - apiVersion: apps/v1 + kind: Deployment + namespace: default + name: test1111111 + overriders: {} + resourceBinding: + kind: ResourceBinding + apiVersion: work.karmada.io/v1alpha2 + metadata: + name: test1111111-deployment + namespace: default + uid: ae97e9db-3550-4ef8-b737-191ea87a7fa1 + resourceVersion: "86599" + generation: 13 + creationTimestamp: 2025-10-30T13:03:03Z + labels: + propagationpolicy.karmada.io/name: test1111111-deployment + propagationpolicy.karmada.io/namespace: default + ownerReferences: + - apiVersion: apps/v1 + kind: Deployment + name: test1111111 + uid: 84cffd49-f561-4214-afcd-e58dae2670bb + controller: true + blockOwnerDeletion: true + finalizers: + - karmada.io/binding-controller + - karmada.io/binding-dependencies-distributor + spec: + resource: + apiVersion: apps/v1 + kind: Deployment + namespace: default + name: test1111111 + uid: 84cffd49-f561-4214-afcd-e58dae2670bb + resourceVersion: "69362" + propagateDeps: true + replicaRequirements: {} + replicas: 1 + clusters: + - name: test + replicas: 1 + placement: + clusterAffinity: + clusterNames: + - test + schedulerName: default-scheduler + status: + schedulerObservedGeneration: 13 + conditions: + - type: FullyApplied + status: "True" + lastTransitionTime: 2025-10-30T14:23:19Z + reason: FullyAppliedSuccess + message: All works have been successfully applied + "400": + description: Client request error. The server could not execute the request. + content: + "*/*": + schema: + type: string + "403": + description: The server refused the request. + content: + "*/*": + schema: + type: string + "404": + description: Resources not found + content: + "*/*": + schema: + type: string + "500": + description: Internal server error + content: + "*/*": + schema: + type: string + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-order: 17 + post: + tags: + - Fleets + summary: Creating a Federated Workload + description: This API is used to create a federated workload. + operationId: CreateProxyUnitedWorkload + parameters: + - name: clustergroupid + in: path + description: Fleet ID + required: true + schema: + type: string + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + - name: Content-Type + in: header + description: Message body type (format). Only **application/json** is supported. + required: true + schema: + type: string + default: application/json + requestBody: + $ref: "#/components/requestBodies/MutiWorkload" + responses: + "200": + description: Federated workload created + "400": + description: Client request error. The server could not execute the request. + "403": + description: The server refused the request. + "404": + description: Resources not found + "500": + description: Internal server error + x-request-examples-url-1: POST + https://ucs.myhuaweicloud.com/v1/clustergroups/{clustergroupid}/unitedworkload + x-request-examples-description-1: Creating a federated workload + x-request-examples-text-1: + kind: Deployment + metadata: + name: test + namespace: default + template: + apiVersion: apps/v1 + kind: Deployment + metadata: + labels: + version: v1 + name: test + namespace: default + spec: + selector: + matchLabels: + app: test + version: v1 + template: + metadata: + labels: + app: test + version: v1 + spec: + containers: + - name: nginx + image: xxxxxx + imagePullPolicy: IfNotPresent + terminationGracePeriodSeconds: 30 + tolerations: + - key: node.kubernetes.io/not-ready + operator: Exists + effect: NoExecute + tolerationSeconds: 300 + - key: node.kubernetes.io/unreachable + operator: Exists + effect: NoExecute + tolerationSeconds: 300 + volumes: [] + initContainers: [] + serviceName: headless-kd3s6e + replicas: 2 + revisionHistoryLimit: 10 + progressDeadlineSeconds: 600 + propagationPolicy: + spec: + placement: + clusterAffinity: + clusterNames: [] + replicaScheduling: + replicaSchedulingType: Divided + replicaDivisionPreference: Weighted + weightPreference: + dynamicWeight: AvailableReplicas + propagateDeps: true + overridePolicy: {} + x-request-examples-1: + kind: Deployment + metadata: + name: test + namespace: default + template: + apiVersion: apps/v1 + kind: Deployment + metadata: + labels: + version: v1 + name: test + namespace: default + spec: + selector: + matchLabels: + app: test + version: v1 + template: + metadata: + labels: + app: test + version: v1 + spec: + containers: + - name: nginx + image: xxxxxx + imagePullPolicy: IfNotPresent + terminationGracePeriodSeconds: 30 + tolerations: + - key: node.kubernetes.io/not-ready + operator: Exists + effect: NoExecute + tolerationSeconds: 300 + - key: node.kubernetes.io/unreachable + operator: Exists + effect: NoExecute + tolerationSeconds: 300 + volumes: [] + initContainers: [] + serviceName: headless-kd3s6e + replicas: 2 + revisionHistoryLimit: 10 + progressDeadlineSeconds: 600 + propagationPolicy: + spec: + placement: + clusterAffinity: + clusterNames: [] + replicaScheduling: + replicaSchedulingType: Divided + replicaDivisionPreference: Weighted + weightPreference: + dynamicWeight: AvailableReplicas + propagateDeps: true + overridePolicy: {} + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-order: 18 + put: + tags: + - Fleets + summary: Updating a Federated Workload + description: This API is used to update a federated workload. + operationId: UpdateProxyUnitedWorkload + parameters: + - name: clustergroupid + in: path + description: Fleet ID + required: true + schema: + type: string + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + - name: Content-Type + in: header + description: Message body type (format). Only **application/json** is supported. + required: true + schema: + type: string + default: application/json + requestBody: + $ref: "#/components/requestBodies/MutiWorkload" + responses: + "200": + description: Federated workload updated + "400": + description: Client request error. The server could not execute the request. + "403": + description: The server refused the request. + "404": + description: Resources not found + "500": + description: Internal server error + x-request-examples-url-1: PUT + https://ucs.myhuaweicloud.com/v1/clustergroups/{clustergroupid}/unitedworkload + x-request-examples-description-1: Updating a federated workload + x-request-examples-text-1: + kind: Deployment + metadata: + name: test + namespace: default + template: + apiVersion: apps/v1 + kind: Deployment + metadata: + labels: + version: v1 + name: test + namespace: default + spec: + selector: + matchLabels: + app: test + version: v1 + template: + metadata: + labels: + app: test + version: v1 + spec: + containers: + - name: nginx + image: xxxxxx + imagePullPolicy: IfNotPresent + terminationGracePeriodSeconds: 30 + tolerations: + - key: node.kubernetes.io/not-ready + operator: Exists + effect: NoExecute + tolerationSeconds: 300 + - key: node.kubernetes.io/unreachable + operator: Exists + effect: NoExecute + tolerationSeconds: 300 + volumes: [] + initContainers: [] + serviceName: headless-kd3s6e + replicas: 2 + revisionHistoryLimit: 10 + progressDeadlineSeconds: 600 + propagationPolicy: + spec: + placement: + clusterAffinity: + clusterNames: [] + replicaScheduling: + replicaSchedulingType: Divided + replicaDivisionPreference: Weighted + weightPreference: + dynamicWeight: AvailableReplicas + propagateDeps: true + overridePolicy: {} + x-request-examples-1: + kind: Deployment + metadata: + name: test + namespace: default + template: + apiVersion: apps/v1 + kind: Deployment + metadata: + labels: + version: v1 + name: test + namespace: default + spec: + selector: + matchLabels: + app: test + version: v1 + template: + metadata: + labels: + app: test + version: v1 + spec: + containers: + - name: nginx + image: xxxxxx + imagePullPolicy: IfNotPresent + terminationGracePeriodSeconds: 30 + tolerations: + - key: node.kubernetes.io/not-ready + operator: Exists + effect: NoExecute + tolerationSeconds: 300 + - key: node.kubernetes.io/unreachable + operator: Exists + effect: NoExecute + tolerationSeconds: 300 + volumes: [] + initContainers: [] + serviceName: headless-kd3s6e + replicas: 2 + revisionHistoryLimit: 10 + progressDeadlineSeconds: 600 + propagationPolicy: + spec: + placement: + clusterAffinity: + clusterNames: [] + replicaScheduling: + replicaSchedulingType: Divided + replicaDivisionPreference: Weighted + weightPreference: + dynamicWeight: AvailableReplicas + propagateDeps: true + overridePolicy: {} + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-order: 20 + delete: + tags: + - Fleets + summary: Deleting a Federated Workload + description: This API is used to delete a federated workload. + operationId: DeleteProxyUnitedWorkload + parameters: + - name: clustergroupid + in: path + description: Fleet ID + required: true + schema: + type: string + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + - name: kind + in: query + description: Workload type + required: true + schema: + type: string + - name: namespace + in: query + description: Namespace + required: false + schema: + type: string + - name: name + in: query + description: Workload name + required: false + schema: + type: string + responses: + "200": + description: Federated workload deleted + "400": + description: Client request error. The server could not execute the request. + content: + "*/*": + schema: + type: string + "403": + description: The server refused the request. + content: + "*/*": + schema: + type: string + "404": + description: Resources not found + content: + "*/*": + schema: + type: string + "500": + description: Internal server error + content: + "*/*": + schema: + type: string + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-order: 19 + "/v1/clustergroups/{clustergroupid}/policy": + post: + tags: + - Fleets + summary: Enabling the Policy Center for a Fleet + description: This API is used to enable the policy center for a fleet. + operationId: EnableClusterGroupPolicy + parameters: + - name: clustergroupid + in: path + description: Fleet ID + required: true + schema: + type: string + - name: retry + in: query + description: Retrying starting policy management + required: false + schema: + type: string + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + responses: + "201": + description: ID of the job for enabling the policy center returned + content: + "*/*": + schema: + $ref: "#/components/schemas/UCSJobResp" + application/json: + examples: + response: + value: + jobID: 19053556-483f-4f54-808d-af633690131d + "400": + description: Client request error. The server could not execute the request. + content: + "*/*": + schema: + type: string + "404": + description: Resources not found + content: + "*/*": + schema: + type: string + "500": + description: Internal server error + content: + "*/*": + schema: + type: string + x-request-examples-url-1: POST + https://ucs.myhuaweicloud.com/v1/clustergroups/{clustergroupid}/policy + x-request-examples-description-1: Enabling the policy center for a fleet + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-order: 2 + delete: + tags: + - Fleets + summary: Disabling the Policy Center of a Fleet + description: This API is used to disable the policy center of a fleet. + operationId: DisableClusterGroupPolicy + parameters: + - name: clustergroupid + in: path + description: Fleet ID + required: true + schema: + type: string + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + responses: + "200": + description: ID of the job for disabling the policy center returned + content: + "*/*": + schema: + $ref: "#/components/schemas/UCSJobResp" + application/json: + examples: + response: + value: + jobID: 88320b1d-b98e-4299-96fa-b0aacbb3582c + "400": + description: Client request error. The server could not execute the request. + content: + "*/*": + schema: + type: string + "404": + description: Resources not found + content: + "*/*": + schema: + type: string + "500": + description: Internal server error + content: + "*/*": + schema: + type: string + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-order: 3 + "/v1/clustergroups/{clustergroupid}/policyinstance": + post: + tags: + - Fleets + summary: Creating a Fleet Policy Instance + description: This API is used to create a fleet policy instance. + operationId: CreateClusterGroupPolicyInstance + parameters: + - name: clustergroupid + in: path + description: Fleet ID + required: true + schema: + type: string + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + - name: Content-Type + in: header + description: Message body type (format). Only **application/json** is supported. + required: true + schema: + type: string + default: application/json + requestBody: + $ref: "#/components/requestBodies/UCSConstraintRequest" + responses: + "201": + description: ID of the job for creating a policy instance returned + content: + "*/*": + schema: + $ref: "#/components/schemas/UCSJobResp" + application/json: + examples: + response: + value: + jobID: 4882f643-6bb3-48c9-870e-b2a092cf155e + "400": + description: Client request error. The server could not execute the request. + content: + "*/*": + schema: + type: string + "404": + description: Resources not found + content: + "*/*": + schema: + type: string + "500": + description: Internal server error + content: + "*/*": + schema: + type: string + x-request-examples-url-1: POST + https://ucs.myhuaweicloud.com/v1/clustergroups/{clustergroupid}/policyinstance + x-request-examples-description-1: Creating a fleet policy instance + x-request-examples-text-1: + enforcementAction: warn + namespaces: + - default + parameters: + volumes: + - xxxxxx + constraintTemplateID: f1519ae2-adf8-11ed-9f9c-0255ac100186 + x-request-examples-1: + enforcementAction: warn + namespaces: + - default + parameters: + volumes: + - xxxxxx + constraintTemplateID: f1519ae2-adf8-11ed-9f9c-0255ac100186 + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-order: 4 + /v1/policyinstances: + get: + tags: + - Policy Management + summary: Obtaining the Policy Instance List + description: This API is used to obtain the policy instance list. + operationId: ListPolicyInstances + parameters: + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + responses: + "200": + description: Policy instance list obtained + content: + "*/*": + schema: + $ref: "#/components/schemas/UCSConstraintList" + application/json: + examples: + response: + value: + items: + - kind: K8sPSPVolumeTypes + apiVersion: constraints.gatekeeper.sh/v1beta1 + metadata: + name: k8spspvolumetypes-lmjw9v + uid: c38ecd83-b34d-11ee-a9a6-0255ac10004d + creationTimestamp: 2024-01-15 02:28:26.986054 +0000 UTC + updateTimestamp: 2024-01-15 02:28:26.986054 +0000 UTC + spec: + constraint: + kind: K8sPSPVolumeTypes + apiVersion: constraints.gatekeeper.sh/v1beta1 + metadata: + name: k8spspvolumetypes-lmjw9v + spec: + enforcementAction: deny + match: + kinds: + - kinds: + - Pod + namespaces: + - default + parameters: + volumes: + - "22" + domainID: 05495693d180d3c90f9ec0171879f760 + targetID: 9c819dca-9a81-11ee-b1ab-0255ac100040 + targetScope: fleet + constraintTemplateID: 26b13a89-cefa-11ed-9f2c-0255ac10003c + status: {} + "400": + description: Client request error. The server could not execute the request. + content: + "*/*": + schema: + type: string + "500": + description: Internal server error + content: + "*/*": + schema: + type: string + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-order: 3 + "/v1/clusters/{clusterid}/policyinstance": + post: + tags: + - UCS Clusters + summary: Creating a Policy Instance for a Cluster + description: This API is used to create a policy instance for a cluster. + operationId: CreateClusterPolicyInstance + parameters: + - name: clusterid + in: path + description: Cluster ID + required: true + schema: + type: string + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + - name: Content-Type + in: header + description: Message body type (format). Only **application/json** is supported. + required: true + schema: + type: string + default: application/json + requestBody: + $ref: "#/components/requestBodies/UCSConstraintRequest" + responses: + "201": + description: ID of the job for creating a policy instance returned + content: + "*/*": + schema: + $ref: "#/components/schemas/UCSJobResp" + application/json: + examples: + response: + value: + jobID: ae4e4da4-92f7-48c9-822d-6a9978d30d16 + "400": + description: Client request error. The server could not execute the request. + content: + "*/*": + schema: + type: string + "404": + description: Resources not found + content: + "*/*": + schema: + type: string + "500": + description: Internal server error + content: + "*/*": + schema: + type: string + x-request-examples-url-1: POST + https://ucs.myhuaweicloud.com/v1/clustergroups/{clustergroupid}/policyinstance + x-request-examples-description-1: Creating a policy instance for a cluster + x-request-examples-text-1: + enforcementAction: deny + namespaces: + - default + parameters: + exemptImages: + - test + procMount: Default + constraintTemplateID: f14d4210-adf8-11ed-9f9c-0255ac100186 + x-request-examples-1: + enforcementAction: deny + namespaces: + - default + parameters: + exemptImages: + - test + procMount: Default + constraintTemplateID: f14d4210-adf8-11ed-9f9c-0255ac100186 + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-order: 5 + /v1/policydefinitions: + get: + tags: + - Policy Management + summary: Obtaining the Policy Definition List + description: This API is used to obtain the policy definition list. + operationId: ListPolicyDefinitions + responses: + "200": + description: Policy definition list obtained + content: + "*/*": + schema: + $ref: "#/components/schemas/UCSConstraintTemplateList" + application/json: + examples: + response: + value: + items: + - kind: ConstraintTemplate + apiVersion: templates.gatekeeper.sh/v1beta1 + metadata: + name: k8spspvolumetypes + uid: f1519ae2-adf8-11ed-9f9c-0255ac100186 + creationTimestamp: 2023-02-16 12:53:43.050938 +0000 UTC + updateTimestamp: 2025-11-05 03:29:41.797896 +0000 UTC + annotations: + description-chinese: Restricting the volume mount type used by pods + name-chinese: K8sPSPVolumeTypes + tag-chinese: Container/Application security policy + spec: + type: security + tag: k1 + officialTag: Container/ApplicationSecurityPolicies + level: "3" + targetKind: Pod + official: true + description: Restricts mountable volume types to those specified by the user. + Corresponds to the `volumes` field in a + PodSecurityPolicy. + constraintTemplate: + kind: ConstraintTemplate + apiVersion: templates.gatekeeper.sh/v1 + metadata: + name: k8spspvolumetypes + annotations: + description: Restricts mountable volume types to those specified by the user. + Corresponds to the `volumes` field in a + PodSecurityPolicy. + description-chinese: Restricting the volume mount type used by pods + level: "3" + metadata.gatekeeper.sh/title: Volume Types + metadata.gatekeeper.sh/version: 1.0.0 + name-chinese: K8sPSPVolumeTypes + tag: Container/ApplicationSecurityPolicies + tag-chinese: Container/Application security policy + targetKind: Pod + type: security + "400": + description: Client request error. The server could not execute the request. + content: + "*/*": + schema: + type: string + "404": + description: Resources not found + content: + "*/*": + schema: + type: string + "500": + description: Internal server error + content: + "*/*": + schema: + type: string + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-order: 0 + "/v1/policydefinitions/{policydefinitionid}": + get: + tags: + - Policy Management + summary: Obtaining a Policy Definition + description: This API is used to obtain a policy definition. + operationId: ShowPolicyDefinition + parameters: + - name: policydefinitionid + in: path + description: Policy definition ID + required: true + schema: + type: string + responses: + "200": + description: Policy definition details obtained + content: + "*/*": + schema: + $ref: "#/components/schemas/UCSConstraintTemplate" + application/json: + examples: + response: + value: + kind: ConstraintTemplate + apiVersion: templates.gatekeeper.sh/v1beta1 + metadata: + name: k8spspvolumetypes + uid: f1519ae2-adf8-11ed-9f9c-0255ac100186 + creationTimestamp: 2023-02-16 12:53:43.050938 +0000 UTC + updateTimestamp: 2025-11-05 03:29:41.797896 +0000 UTC + annotations: + description-chinese: Restricting the volume mount type used by pods + name-chinese: K8sPSPVolumeTypes + tag-chinese: Container/Application security policy + spec: + type: security + tag: k1 + officialTag: Container/ApplicationSecurityPolicies + level: "3" + targetKind: Pod + official: true + description: Restricts mountable volume types to those specified by the user. + Corresponds to the `volumes` field in a + PodSecurityPolicy. + constraintTemplate: + kind: ConstraintTemplate + apiVersion: templates.gatekeeper.sh/v1 + metadata: + name: k8spspvolumetypes + annotations: + description: Restricts mountable volume types to those specified by the user. + Corresponds to the `volumes` field in a + PodSecurityPolicy. + description-chinese: Restricting the volume mount type used by pods + level: "3" + metadata.gatekeeper.sh/title: Volume Types + metadata.gatekeeper.sh/version: 1.0.0 + name-chinese: K8sPSPVolumeTypes + tag: Container/ApplicationSecurityPolicies + tag-chinese: Container/Application security policy + targetKind: Pod + type: security + "400": + description: Client request error. The server could not execute the request. + content: + "*/*": + schema: + type: string + "404": + description: Resources not found + content: + "*/*": + schema: + type: string + "500": + description: Internal server error + content: + "*/*": + schema: + type: string + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-order: 2 + put: + tags: + - Policy Management + summary: Updating a Policy Definition + description: This API is used to update a policy definition. + operationId: UpdatePolicyDefination + parameters: + - name: policydefinitionid + in: path + description: Policy definition ID + required: true + schema: + type: string + - name: Content-Type + in: header + description: Message body type (format). Only **application/json** is supported. + required: true + schema: + type: string + default: application/json + requestBody: + content: + application/json: + schema: + $ref: "#/components/schemas/UCSConstraintTemplateTagRequest" + description: Request body for updating a policy definition + responses: + "200": + description: Policy definition updated + content: + "*/*": + schema: + type: object + application/json: + examples: + response: + value: {} + "400": + description: Client request error. The server could not execute the request. + content: + "*/*": + schema: + type: string + "500": + description: Internal server error + content: + "*/*": + schema: + type: string + x-request-examples-url-1: PUT + https://ucs.myhuaweicloud.com/v1/policydefinitions/{policydefinitionid} + x-request-examples-description-1: Updating a policy definition + x-request-examples-text-1: + tag: test + x-request-examples-1: + tag: test + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-order: 1 + "/v1/policyinstances/{policyinstanceid}": + get: + tags: + - Policy Management + summary: Obtaining a Specific Policy Instance + description: This API is used to obtain a specific policy instance. + operationId: ShowPolicyInstance + parameters: + - name: policyinstanceid + in: path + description: Policy instance ID + required: true + schema: + type: string + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + responses: + "200": + description: Policy instance details obtained + content: + "*/*": + schema: + $ref: "#/components/schemas/UCSConstraint" + application/json: + examples: + response: + value: + kind: K8sPSPVolumeTypes + apiVersion: constraints.gatekeeper.sh/v1beta1 + metadata: + name: k8spspvolumetypes-lmjw9v + uid: c38ecd83-b34d-11ee-a9a6-0255ac10004d + creationTimestamp: 2024-01-15 02:28:26.986054 +0000 UTC + updateTimestamp: 2024-01-15 02:28:26.986054 +0000 UTC + spec: + constraint: + kind: K8sPSPVolumeTypes + apiVersion: constraints.gatekeeper.sh/v1beta1 + metadata: + name: k8spspvolumetypes-lmjw9v + spec: + enforcementAction: deny + match: + kinds: + - kinds: + - Pod + namespaces: + - default + parameters: + volumes: + - "22" + domainID: 05495693d180d3c90f9ec0171879f760 + targetID: 9c819dca-9a81-11ee-b1ab-0255ac100040 + targetScope: fleet + constraintTemplateID: 26b13a89-cefa-11ed-9f2c-0255ac10003c + status: {} + "400": + description: Client request error. The server could not execute the request. + content: + "*/*": + schema: + type: string + "500": + description: Internal server error + content: + "*/*": + schema: + type: string + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-order: 5 + put: + tags: + - Policy Management + summary: Updating a Specific Policy Instance + description: This API is used to update a specific policy instance. + operationId: UpdatePolicyInstance + parameters: + - name: policyinstanceid + in: path + description: Policy instance ID + required: true + schema: + type: string + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + - name: Content-Type + in: header + description: Message body type (format). Only **application/json** is supported. + required: true + schema: + type: string + default: application/json + requestBody: + content: + application/json: + schema: + $ref: "#/components/schemas/UCSConstraintRequest" + description: Request body for updating a policy instance + responses: + "200": + description: ID of the job for updating a policy instance returned + content: + "*/*": + schema: + $ref: "#/components/schemas/UCSJobResp" + application/json: + examples: + response: + value: + jobID: ae4e4da4-92f7-48c9-822d-6a9978d30d16 + "400": + description: Client request error. The server could not execute the request. + content: + "*/*": + schema: + type: string + "500": + description: Internal server error + content: + "*/*": + schema: + type: string + x-request-examples-url-1: PUT https://ucs.myhuaweicloud.com/v1/policyinstances/{policyinstanceid} + x-request-examples-description-1: Updating a specific policy instance + x-request-examples-text-1: + enforcementAction: warn + namespaces: + - default + parameters: + volumes: + - xxxxxx + constraintTemplateID: f1519ae2-adf8-11ed-9f9c-0255ac100186 + x-request-examples-1: + enforcementAction: warn + namespaces: + - default + parameters: + volumes: + - xxxxxx + constraintTemplateID: f1519ae2-adf8-11ed-9f9c-0255ac100186 + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-order: 6 + delete: + tags: + - Policy Management + summary: Deleting a Specific Policy Instance + description: This API is used to delete a specific policy instance. + operationId: DeletePolicyInstance + parameters: + - name: policyinstanceid + in: path + description: Policy instance ID + required: true + schema: + type: string + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + responses: + "200": + description: ID of the job for deleting the policy instance returned + content: + "*/*": + schema: + $ref: "#/components/schemas/UCSJobResp" + application/json: + examples: + response: + value: + jobID: c7678551-1f7e-4699-9ea1-3baa2d32f552 + "400": + description: Client request error. The server could not execute the request. + content: + "*/*": + schema: + type: string + "404": + description: Resources not found + content: + "*/*": + schema: + type: string + "500": + description: Internal server error + content: + "*/*": + schema: + type: string + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-order: 4 + /v1/policy/jobs: + get: + tags: + - Policy Management + summary: Obtaining the Policy Instance Job List + description: This API is used to obtain the policy instance job list. + operationId: ListPolicyJobs + parameters: + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + - name: kind + in: query + description: Job type. If no type is specified, the default value + **EnablePolicy** will be used. + required: false + schema: + type: string + responses: + "200": + description: Job list obtained + content: + "*/*": + schema: + $ref: "#/components/schemas/JobList" + application/json: + examples: + response: + value: + items: + - kind: job + apiVersion: job.workflow.io/v1alpha1 + metadata: + name: UpdateConstraint_2ea2e874 + uid: c7678551-1f7e-4699-9ea1-3baa2d32f552 + creationTimestamp: 2025-11-10 07:24:03.529155 +0000 UTC + updateTimestamp: 2025-11-10 07:24:08.526889 +0000 UTC + spec: + taskList: + - kind: task + apiVersion: task.workflow.io/v1alpha1 + metadata: + name: be72df63-7dfa-426d-acc9-6c426c4e979c + uid: b387d7e9-b99f-4914-acf6-cd666b7473aa + creationTimestamp: 2025-11-10 07:24:03.536701 +0000 UTC + updateTimestamp: 2025-11-10 07:24:08.513561 +0000 UTC + spec: + jobID: c7678551-1f7e-4699-9ea1-3baa2d32f552 + target: be72df63-7dfa-426d-acc9-6c426c4e979c + targetType: cluster + type: UpdateConstraint + runway: parallel + waitTimeOut: 3600 + status: + status: Succeeded + startTime: 2025-11-10T15:24:03.553733+08:00 + finishTime: 2025-11-10T15:24:04.689462+08:00 + domainID: 05495693d180d3c90f9ec0171879f760 + operation: create + waitTimeOut: 3600 + type: UpdateConstraint + extendParam: + constraintID: eb6e4196-1508-49d3-98a5-ee656d146c4f + status: + status: Succeeded + startTime: 2025-11-10T15:24:03.540316+08:00 + finishTime: 2025-11-10T15:24:08.524767+08:00 + - kind: job + apiVersion: job.workflow.io/v1alpha1 + metadata: + name: CreateConstraint_a6b24118 + uid: 5b0367b3-6651-4cef-8a4b-f93f377db5a4 + creationTimestamp: 2025-11-10 07:23:12.442745 +0000 UTC + updateTimestamp: 2025-11-10 07:23:13.415506 +0000 UTC + spec: + taskList: + - kind: task + apiVersion: task.workflow.io/v1alpha1 + metadata: + name: be72df63-7dfa-426d-acc9-6c426c4e979c + uid: 866f323a-dbfa-4925-9324-f68c936c9992 + creationTimestamp: 2025-11-10 07:23:12.451539 +0000 UTC + updateTimestamp: 2025-11-10 07:23:13.406122 +0000 UTC + spec: + jobID: 5b0367b3-6651-4cef-8a4b-f93f377db5a4 + target: be72df63-7dfa-426d-acc9-6c426c4e979c + targetType: cluster + type: CreateConstraint + runway: parallel + waitTimeOut: 3600 + status: + status: Succeeded + startTime: 2025-11-10T15:23:12.60286+08:00 + finishTime: 2025-11-10T15:23:12.808264+08:00 + domainID: 05495693d180d3c90f9ec0171879f760 + operation: create + waitTimeOut: 3600 + type: CreateConstraint + relatedObjects: + fleet: 1bb7effb-2afc-4eb1-9818-8de8a2bd9c80 + extendParam: + constraintID: 5044f128-0162-489a-b00f-3880c3f47832 + status: + status: Succeeded + startTime: 2025-11-10T15:23:12.455389+08:00 + finishTime: 2025-11-10T15:23:13.414079+08:00 + "500": + description: Internal server error + content: + "*/*": + schema: + type: string + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-order: 8 + "/v1/policy/jobs/{jobid}": + get: + tags: + - Policy Management + summary: Obtaining the Job Related to a Specific Policy Instance + description: This API is used to obtain the job related to a specific policy instance. + operationId: ShowPolicyJob + parameters: + - name: jobid + in: path + description: Job ID + required: true + schema: + type: string + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + responses: + "200": + description: Information about the job related to a specific policy instance + obtained + content: + "*/*": + schema: + $ref: "#/components/schemas/UCSJob" + application/json: + examples: + response: + value: + kind: job + apiVersion: job.workflow.io/v1alpha1 + metadata: + name: UpdateConstraint_2ea2e874 + uid: c7678551-1f7e-4699-9ea1-3baa2d32f552 + creationTimestamp: 2025-11-10 07:24:03.529155 +0000 UTC + updateTimestamp: 2025-11-10 07:24:08.526889 +0000 UTC + spec: + taskList: + - kind: task + apiVersion: task.workflow.io/v1alpha1 + metadata: + name: be72df63-7dfa-426d-acc9-6c426c4e979c + uid: b387d7e9-b99f-4914-acf6-cd666b7473aa + creationTimestamp: 2025-11-10 07:24:03.536701 +0000 UTC + updateTimestamp: 2025-11-10 07:24:08.513561 +0000 UTC + spec: + jobID: c7678551-1f7e-4699-9ea1-3baa2d32f552 + target: be72df63-7dfa-426d-acc9-6c426c4e979c + targetType: cluster + type: UpdateConstraint + runway: parallel + waitTimeOut: 3600 + status: + status: Succeeded + startTime: 2025-11-10T15:24:03.553733+08:00 + finishTime: 2025-11-10T15:24:04.689462+08:00 + domainID: 05495693d180d3c90f9ec0171879f760 + operation: create + waitTimeOut: 3600 + type: UpdateConstraint + extendParam: + constraintID: eb6e4196-1508-49d3-98a5-ee656d146c4f + status: + status: Succeeded + startTime: 2025-11-10T15:24:03.540316+08:00 + finishTime: 2025-11-10T15:24:08.524767+08:00 + "400": + description: Client request error. The server could not execute the request. + content: + "*/*": + schema: + type: string + "500": + description: Internal server error + content: + "*/*": + schema: + type: string + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-order: 7 + /v1/traffic/recordsets: + get: + tags: + - Traffic Management + summary: Querying the Record Set List + description: This API is used to query the record set list. + operationId: ListRecordSets + parameters: + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + responses: + "200": + description: Record set list returned + content: + "*/*": + schema: + $ref: "#/components/schemas/ListRecordSetResponseBody" + application/json: + examples: + response: + value: + links: + self: https://dns.cn-north-5.myhuaweicloud.com/v2.1/recordsets + next: "" + recordsets: + - id: ff80808293ee8d6b01940ceb75492ddc + name: wokao.abcdef.com. + description: "" + zone_id: ff8080828f71b6ee018f93f9dbb818cf + zone_name: abcdef.com. + type: A + ttl: 300 + records: + - 100.85.216.156 + create_at: "" + update_at: "" + default: false + project_id: 05495693df80d3c92fa1c01795c2be02 + weight: 1 + - id: 8abf68938cd86d00018d1d2acb184c23 + name: gfsdf.xxx42352353442.xxx434234234.com. + description: "" + zone_id: 8abf68938c33f127018c37c25cc71f08 + zone_name: xxx42352353442.xxx434234234.com. + type: A + ttl: 300 + records: + - 100.85.115.242 + create_at: "" + update_at: "" + default: false + project_id: 05495693df80d3c92fa1c01795c2be02 + weight: 1 + line: default_view + metadata: + total_count: 5 + "400": + description: Client request error. The server could not execute the request. + content: + "*/*": + schema: + type: string + "403": + description: The server refused the request. + content: + "*/*": + schema: + type: string + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-order: 37 + post: + tags: + - Traffic Management + summary: Creating a Record Set + description: This API is used to create a record set. + operationId: CreateRecordSet + parameters: + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + - name: X-Zone-Project-ID + in: header + description: Project ID + required: true + schema: + type: string + - name: X-Zone-ID + in: header + description: DNS zone ID + required: true + schema: + type: string + - name: Content-Type + in: header + description: Message body type (format). Only **application/json** is supported. + required: true + schema: + type: string + default: application/json + requestBody: + content: + application/json: + schema: + type: array + items: + $ref: "#/components/schemas/CreateRecordSetRequestBody" + description: Request body for creating a record set + required: true + responses: + "201": + description: Created record set returned + content: + "*/*": + schema: + type: array + items: + $ref: "#/components/schemas/RecordSet" + application/json: + examples: + response: + value: + - id: ff80808299859ea0019a6da52d3e7bb3 + name: xxx.test1110.com. + description: "" + zone_id: ff80808299859ea0019a6d1206716694 + zone_name: test1110.com. + type: A + ttl: 300 + records: + - 172.18.0.200 + create_at: "" + update_at: "" + default: false + project_id: 05495693df80d3c92fa1c01795c2be02 + weight: 1 + line: default_view + "400": + description: Client request error. The server could not execute the request. + content: + "*/*": + schema: + type: string + "500": + description: Internal server error + content: + "*/*": + schema: + type: string + x-request-examples-url-1: POST https://ucs.myhuaweicloud.com/v1/traffic/recordsets + x-request-examples-description-1: Creating a record set + x-request-examples-text-1: + - name: xxx.test1110.com. + type: A + ttl: 300 + records: + - 172.18.0.200 + line: default_view + weight: 1 + x-request-examples-1: + - name: xxx.test1110.com. + type: A + ttl: 300 + records: + - 172.18.0.200 + line: default_view + weight: 1 + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-order: 36 + /v1/addontemplates: + get: + tags: + - Add-on Management + summary: Obtaining the Add-on Template List + description: This API is used to obtain the add-on template list. + operationId: ListAddonTemplates + parameters: + - name: version + in: query + description: Add-on package version + required: false + schema: + type: string + - name: newest + in: query + description: Whether to obtain the latest status of the add-on created in the + cluster + required: false + schema: + type: string + - name: cluster_id + in: query + description: Cluster ID + required: false + schema: + type: string + - name: addon_template_name + in: query + description: Add-on template name + required: false + schema: + type: string + - name: base_update_addon_version + in: query + description: Earliest add-on version + required: false + schema: + type: string + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + responses: + "200": + description: Add-on template list returned + content: + "*/*": + schema: + $ref: "#/components/schemas/AddonTemplateList" + application/json: + examples: + response: + value: + kind: Addon + apiVersion: v3 + items: + - kind: Addon + apiVersion: v3 + metadata: + uid: swr-kritis + name: swr-kritis + creationTimestamp: 2021-06-07T03:08:19Z + updateTimestamp: 2021-07-22T06:12:30Z + spec: + type: helm + labels: + - Maintenance + description: A component + versions: + - version: 1.0.1 + input: + basic: + image_version: 1.0.1 + platform: linux-amd64 + swr_addr: 100.79.1.215:20202 + swr_user: hwofficial + parameters: + custom: + kms: + key_id: 291bb3b7-c57f-45fb-8690-66f68a06de58,291bb3b7-c57f-45fb-8690-66f68a06de58 + verify_images: niuwz2-asm4a4-cer.swr.myhuaweicloud.com/test/*:*,niuwz2-asm4a4-cer.swr.myhuaweicloud.com/test2/*:* + flavor1: + description: Has only one instance + name: Single + replicas: 1 + resources: + - limitsCpu: 2000m + limitsMem: 256Mi + name: swr-kritis + requestsCpu: 200m + requestsMem: 64Mi + stable: true + translate: + en_US: + addon: + changeLog: add kritis + description: kritis plugin, signature + description: + Parameters.custom.kms.keyid: kms of key id, + 291bb3b7-c57f-45fb-8690-66f68a06de58,391aa321-az72-3fab-4680-12f58c1645g6 + Parameters.custom.verifyimages: verify signature of the blacklist, + test-asm4a4-cer.swr.myhuaweicloud.com/test/*:*,test-asm4a4-cer.swr.myhuaweicloud.com/test2/*:* + zh_CN: + addon: + changeLog: Added kritis + description: kritis add-on for signature verification + description: + Parameters.custom.kms.keyid.d: Key ID of the KMS signature. The format is + 291bb3b7-c57f-45fb-8690-66f68a06de58,391aa321-az72-3fab-4680-12f58c1645g6. + Parameters.custom.verifyimages: Blocklist that requires signature verification. + The format is + test-asm4a4-cer.swr.myhuaweicloud.com/test/*:*,test-asm4a4-cer.swr.myhuaweicloud.com/test2/*:*. + supportVersions: + - clusterType: VirtualMachine + clusterVersion: + - v1.(15|17|19).* + - clusterType: ARM64 + clusterVersion: + - v1.(15).* + creationTimestamp: 2021-06-08T14:02:02Z + updateTimestamp: 2021-06-09T12:29:07Z + "400": + description: Client request error. The server could not execute the request. + content: + "*/*": + schema: + type: string + "404": + description: Resources not found + content: + "*/*": + schema: + type: string + "500": + description: Internal server error + content: + "*/*": + schema: + type: string + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-order: 5 + "/v1/clusters/{clusterid}/clusterconf": + post: + tags: + - UCS Clusters + summary: Obtaining the Configuration Required for Cluster Installation + description: This API is used to obtain the configuration required for cluster + installation (currently, only for on-premises clusters). + operationId: CreateClusterConf + parameters: + - name: clusterid + in: path + description: Cluster ID + required: true + schema: + type: string + - name: Content-Type + in: header + description: Message body type (format). Only **application/json** is supported. + required: true + schema: + type: string + default: application/json + requestBody: + content: + application/json: + schema: + $ref: "#/components/schemas/RequiredInput" + description: Parameters entered by the user on the frontend + responses: + "200": + description: Configuration required for cluster installation returned + content: + "*/*": + schema: + type: object + additionalProperties: + type: object + properties: {} + application/json: + examples: + response: + value: + ACCESS_EXTERNAL_LOAD_BALANCE: false + CILIUM_IPV4POOL_CIDR: 10.16.0.0/16 + DNS_SERVER_IP: 3.1.1.1 + IAM_DOMAIN_ID: a934cc67ec7e4910b04098cc5689505b + IAM_ENDPOINT: https://iam.cn-north-5.ulanqab.huawei.com + IMAGES_PACKAGE_PATH: https://ucs-onprem.obs.cn-north-5.ulanqab.huawei.com/packages/ucs-onpremise/25.3.0/ucs-onpremise_images_25.3.0.2_amd64.tar.gz + INSTALL_NTP: false + MASTER-1: 1.1.1.1 + MASTER-2: 2.1.1.1 + MASTER-3: 3.1.1.1 + NETWORK_CIDR: 10.16.0.0/16 + NETWORK_PROVIDER: cilium + NTP_SERVER_IP: "null" + PACKAGE_PATH: https://ucs-onprem.obs.cn-north-5.ulanqab.huawei.com/packages/ucs-onpremise/25.3.0/ucs-onpremise_25.3.0.2_amd64.tar.gz + PROXY_MODE: ebpf + TAINT_MANAGE: yes + TIMEZONE: Asia/Shanghai + USERNAME: root + VIRTUAL_IP: 4.1.1.1 + "400": + description: Client request error. The server could not execute the request. + content: + "*/*": + schema: + type: string + "500": + description: Internal server error + content: + "*/*": + schema: + type: string + x-request-examples-url-1: POST https://ucs.myhuaweicloud.com/v1/clusters/{clusterid}/clusterconf + x-request-examples-description-1: Cluster configuration parameters entered by the user on the frontend + x-request-examples-text-1: + USERNAME: root + MASTER-1: 1.1.1.1 + MASTER-2: 2.1.1.1 + MASTER-3: 3.1.1.1 + ACCESS_EXTERNAL_LOAD_BALANCE: false + CILIUM_IPV4POOL_CIDR: 10.16.0.0/16 + NETWORK_CIDR: 10.16.0.0/16 + DNS_SERVER_IP: 3.1.1.1 + NTP_SERVER_IP: "null" + IAM_DOMAIN_ID: a934cc67ec7e4910b04098cc5689505b + x-request-examples-1: + USERNAME: root + MASTER-1: 1.1.1.1 + MASTER-2: 2.1.1.1 + MASTER-3: 3.1.1.1 + ACCESS_EXTERNAL_LOAD_BALANCE: false + CILIUM_IPV4POOL_CIDR: 10.16.0.0/16 + NETWORK_CIDR: 10.16.0.0/16 + DNS_SERVER_IP: 3.1.1.1 + NTP_SERVER_IP: "null" + IAM_DOMAIN_ID: a934cc67ec7e4910b04098cc5689505b + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-order: 3 + /v1/serverconfig: + get: + tags: + - UCS Cluster + summary: Obtaining the Global Configuration of Each Type of Clusters + description: This API is used to obtain the global configuration of each cluster type. + operationId: ListServerConfigs + responses: + "200": + description: Global configuration parameters of the cluster obtained + content: + "*/*": + schema: + $ref: "#/components/schemas/ServerConfig" + application/json: + examples: + response: + value: + onpremises: + versionsInfo: + - kubernetesVersion: 1.28.5 + releaseVersion: 25.3.0 + ucsctlDownloadURL: toolkits/ucs-ctl/ucsadm-25.3.0.2/amd64/ucs-ctl + arch: amd64 + obsEndpoint: https://ucs-onprem.obs.cn-north-5.ulanqab.huawei.com + packagePath: packages/ucs-onpremise/25.3.0/ucs-onpremise_25.3.0.2_amd64.tar.gz + imagesPackagePath: packages/ucs-onpremise/25.3.0/ucs-onpremise_images_25.3.0.2_amd64.tar.gz + - kubernetesVersion: 1.28.5 + releaseVersion: 25.3.0 + ucsctlDownloadURL: toolkits/ucs-ctl/ucsadm-25.3.0.2/arm64/ucs-ctl + arch: arm64 + obsEndpoint: https://ucs-onprem.obs.cn-north-5.ulanqab.huawei.com + packagePath: packages/ucs-onpremise/25.3.0/ucs-onpremise_25.3.0.2_arm64.tar.gz + imagesPackagePath: packages/ucs-onpremise/25.3.0/ucs-onpremise_images_25.3.0.2_arm64.tar.gz + federations: + versionsInfo: + - currentVersion: + FederationVersion: v1.10.7-r29 + targetVersions: + - FederationVersion: v1.10.7-t0813 + - currentVersion: + FederationVersion: v1.10.7-r27 + targetVersions: + - FederationVersion: v1.10.7-r28 + - currentVersion: + FederationVersion: v1.10.7-r28 + targetVersions: + - FederationVersion: v1.10.7-r29 + - currentVersion: + FederationVersion: 1.10.3-r10 + targetVersions: + - FederationVersion: v1.10.7-t0928 + "400": + description: Client request error. The server could not execute the request. + content: + "*/*": + schema: + type: string + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-order: 39 + "/v1/clusters/{clusterid}/kubeconfig": + post: + tags: + - UCS Clusters + summary: Obtaining the kubeconfig of a Cluster + description: This API is used to obtain the kubeconfig of a cluster. + operationId: CreateClusterKubeconfig + parameters: + - name: clusterid + in: path + description: Cluster ID + required: true + schema: + type: string + - name: X-Auth-Token + in: header + description: Identity authentication information. Requests for calling an API + can be authenticated using either a token or AK/SK. If token-based + authentication is used, this parameter is mandatory and must be set + to a user token. + required: false + schema: + type: string + responses: + "201": + description: The kubeconfig of the cluster obtained + content: + "*/*": + schema: + $ref: "#/components/schemas/KubeConfig" + application/json: + examples: + response: + value: + kind: Config + apiVersion: v1 + clusters: + - name: internalCluster + cluster: + server: https://192.168.0.18:5443 + certificate-authority-data: "*****" + - name: externalCluster + cluster: + server: https://100.93.8.56:5443 + insecure-skip-tls-verify: true + - name: externalClusterTLSVerify + cluster: + server: https://100.93.8.56:5443 + certificate-authority-data: "******" + users: + - name: user + user: + client-certificate-data: "******" + client-key-data: "******" + contexts: + - name: internal + context: + cluster: internalCluster + user: user + - name: external + context: + cluster: externalCluster + user: user + - name: externalTLSVerify + context: + cluster: externalClusterTLSVerify + user: user + current-context: external + "400": + description: Client request error. The server could not execute the request. + content: + "*/*": + schema: + type: string + "404": + description: Resources not found + content: + "*/*": + schema: + type: string + "500": + description: Internal server error + content: + "*/*": + schema: + type: string + x-request-examples-url-1: POST https://ucs.myhuaweicloud.com/v1/clusters/{clusterid}/kubeconfig + x-request-examples-description-1: Obtaining the kubeconfig of a specific cluster + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-order: 6 + "/v1/clustergroups/{clustergroupid}/federations/upgrade": + post: + tags: + - Fleets + summary: Upgrading the Federation + description: This API is used to upgrade the federation version. + operationId: UpgradeFederation + parameters: + - name: clustergroupid + in: path + description: Fleet ID + required: true + schema: + type: string + - name: Content-Type + in: header + description: Message body type (format). Only **application/json** is supported. + required: true + schema: + type: string + default: application/json + requestBody: + content: + application/json: + schema: + $ref: "#/components/schemas/UpgradeFederationRequestBody" + description: Federation version upgrade request + responses: + "200": + description: Federated version upgraded + content: + "*/*": + schema: + type: object + application/json: + examples: + response: + value: {} + "400": + description: Client request error. The server could not execute the request. + content: + "*/*": + schema: + type: string + "404": + description: Resources not found + content: + "*/*": + schema: + type: string + "500": + description: Internal server error + content: + "*/*": + schema: + type: string + x-request-examples-url-1: POST + https://ucs.myhuaweicloud.com/v1/clustergroups/{clustergroupid}/federations/upgrade + x-request-examples-description-1: Upgrading the federation to the target version + x-request-examples-text-1: + targetVersion: v1.10.7-t1023 + x-request-examples-1: + targetVersion: v1.10.7-t1023 + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-order: 7 + "/v1/maintenance/quota/{domainid}": + get: + tags: + - Quota Management + summary: Obtaining Quota Information + description: This API is used to obtain UCS quota information. + operationId: ShowQuota + parameters: + - name: domainid + in: path + description: Domain ID + required: true + schema: + type: string + responses: + "200": + description: Quota information of the current tenant returned + content: + "*/*": + schema: + $ref: "#/components/schemas/CommonQuotaSet" + application/json: + examples: + response: + value: + quotas: + resources: + - type: cluster + quota: 75 + used: 8 + unit: "" + min: 20 + max: 100 + - type: clustergroup + quota: 50 + used: 2 + unit: "" + min: 20 + max: 100 + - type: rule + quota: 50 + used: 1 + unit: "" + min: 20 + max: 100 + - type: federation + quota: 10 + used: 1 + unit: "" + min: 1 + max: 50 + "400": + description: Client request error. The server could not execute the request. + content: + "*/*": + schema: + type: string + "403": + description: The server refused the request. + content: + "*/*": + schema: + type: string + "500": + description: Internal server error + content: + "*/*": + schema: + type: string + x-is-registered: Y + x-api-type: open-api + x-support-sdk: Y + x-order: 42 +x-produc-type: openapi +components: + parameters: + param_header_content_type: + name: Content-Type + in: header + description: Message body type (format). Only **application/json** is supported. + required: true + schema: + type: string + default: application/json + requestBodies: + UCSConstraintRequest: + content: + application/json: + schema: + $ref: "#/components/schemas/UCSConstraintRequest" + description: Request body for creating a policy instance + MutiWorkload: + content: + application/json: + schema: + $ref: "#/components/schemas/MutiWorkload" + description: Information about the workload to be created + schemas: + ClusterList: + type: object + required: + - items + properties: + items: + type: array + description: List of cluster members + items: + $ref: "#/components/schemas/Cluster" + total: + type: integer + description: Total number of clusters + description: "**ClusterList** is a list of member clusters." + RegisterCluster: + type: object + required: + - apiVersion + - kind + - metadata + - spec + properties: + kind: + type: string + description: Resource type. For a registered cluster, set this parameter to + **Cluster**. + apiVersion: + type: string + description: API version. The current version is **v1**. + metadata: + type: object + description: Cluster metadata information + properties: + uid: + type: string + description: 集群ID信息,仅在注册CCE导入集群时使用,其他类型集群无需填写。 + name: + type: string + description: CCE cluster name or a custom cluster name (for other types of + clusters). + labels: + type: object + description: Label information. This parameter can be left empty. If it is not + left empty, the value must comply with the Kubernetes label + specifications. A maximum of 100 labels can be added. + additionalProperties: + type: string + annotations: + type: object + description: >- + Cluster annotations information. + + + The **kubeconfig** field is mandatory for an attached cluster, and its value is the content of the kubeconfig file. For details about how to obtain the kubeconfig file, see [Obtaining the kubeconfig File](https://support.huaweicloud.com/intl/en-us/usermanual-ucs/ucs_01_0138.html). + additionalProperties: + type: string + required: + - name + spec: + type: object + description: Cluster specifications + properties: + clusterGroupID: + type: string + description: Container fleet ID + category: + type: string + description: Cluster type. The value must meet the requirements for **provider** + and **type**. For details, see [Cluster Categories and + Types](ucs_api_0024.xml). + type: + type: string + description: Cluster type. The value must meet the requirements for **provider** + and **category**. For details, see [Cluster Categories and + Types](ucs_api_0024.xml). + provider: + type: string + description: Provider. The value must the requirements for **category** and + **type**. For details, see [Cluster Categories and + Types](ucs_api_0024.xml). + x-optional: true + country: + type: string + description: Country code. For details, see [Country Codes](ucs_api_0022.xml). + x-optional: true + city: + type: string + description: City code. For details, see [City Codes](ucs_api_0023.xml). Only + cities in China are supported. If it is a foreign city, you do + not need to set this parameter. + region: + type: string + description: Region information. This parameter is only used when a cluster is + imported to CCE for registration. You can obtain the value from + the **region** field in the [API for querying CCE clusters that + have not been registered with UCS](ListManagedClusters.xml). + x-optional: true + projectID: + type: string + description: Project ID. This parameter is only used when a cluster is imported + to CCE for registration. You can obtain the value from the + **projectID** field in the [API for querying CCE clusters that + have not been registered with UCS](ListManagedClusters.xml). + manageType: + type: string + description: |- + Cluster type. + + - **grouped**: clusters added to a fleet + - **discrete**: clusters not in any fleet + required: + - category + - city + - country + - manageType + - provider + - type + description: Cluster information, such as expected status (for example, + synchronization mode) and cluster status (for example, version, node + status, and resource statistics). + LocalSecretReference: + required: + - Name + - NameSpace + properties: + namespace: + type: string + description: Resource namespace + name: + type: string + description: Resource name + description: "**LocalSecretReference** contains the secret information of the + credentials required for accessing the member clusters, for example, + **secret.data.token** and **secret.data.caBundle**." + ClusterResponse: + properties: + uid: + type: string + description: Cluster ID + description: Information returned after cluster registration + ObjectMeta: + type: object + properties: + uid: + type: string + description: Resource ID + name: + type: string + description: Resource name + generateName: + type: string + description: If no name is provided, the server uses the prefix to generate a + unique name. + namespace: + type: string + description: Namespace + labels: + type: object + description: Label + additionalProperties: + type: string + annotations: + type: object + description: Annotation + additionalProperties: + type: string + creationTimestamp: + type: string + description: Creation time + updateTimestamp: + type: string + description: Update time + resourceVersion: + type: string + description: Internal version of a resource + generation: + type: integer + format: int32 + description: Generation of the desired resource state + managedFields: + type: array + description: Fields managed by workflows + items: + $ref: "#/components/schemas/ManagedFieldsEntry" + ownerReferences: + type: array + description: Ownership, dependencies, and garbage collection mechanism of + objects. It supports resource management by the controller. + items: + $ref: "#/components/schemas/OwnerReference" + description: ObjectMeta is a metadata structure that must be contained in all + persistent resources in Kubernetes. + Endpoint: + properties: + url: + type: string + description: URL + type: + type: string + description: Port type + status: + type: string + description: Port status + description: Endpoint information, such as its URL, type, and status + ResourceSummary: + type: object + properties: + allocatable: + type: object + description: Allocable resources + additionalProperties: + type: object + properties: {} + allocating: + type: object + description: Resources in allocation + additionalProperties: + type: object + properties: {} + allocated: + type: object + description: Allocated resources + additionalProperties: + type: object + properties: {} + capacity: + type: object + description: Total resources + additionalProperties: + type: object + properties: {} + description: "**ResourceSummary** indicates the summary of resources in a member + cluster." + RegisterClusterGroup: + required: + - metadata + properties: + metadata: + $ref: "#/components/schemas/RegisterClusterGroupObjectMeta" + spec: + $ref: "#/components/schemas/RegisterClusterGroupSpec" + ClusterGroupResp: + properties: + uid: + type: string + description: Fleet UID + ClusterGroupSpec: + type: object + properties: + ruleNamespaces: + type: array + description: List of namespaces associated with a permission policy + items: + type: string + federationId: + type: string + description: Fleet federation ID + description: + type: string + description: Description + dnsSuffix: + type: array + description: DNS suffix of the federation corresponding to the fleet. This + parameter is visible after federation is enabled. + items: + type: string + federationExpirationTimestamp: + type: string + description: Federation expiration timestamp + policyId: + type: string + description: Policy ID + federationVersion: + type: string + description: Fleet federation version + connectGatewayEndpoints: + type: array + description: Gateway endpoints connected to the cluster federation. This + parameter has a value only when cluster federation is enabled. + items: + $ref: "#/components/schemas/ConnectEndpoint" + ClusterGroupList: + type: object + properties: + items: + type: array + description: Fleet list + items: + $ref: "#/components/schemas/ClusterGroup" + total: + type: integer + description: Total number of records on all pages + RuleResp: + type: object + properties: + uid: + type: string + description: Permission policy UID + RuleList: + type: object + properties: + items: + type: array + description: Permission policy list + items: + $ref: "#/components/schemas/Rule" + total: + type: integer + description: Total number of records on all pages + Taint: + required: + - Key + properties: + key: + type: string + description: Key + value: + type: string + description: Value + effect: + type: string + description: Effect information + timeadded: + type: string + format: date-time + description: Timestamp information + RegisterClusterGroupObjectMeta: + required: + - name + properties: + name: + type: string + description: Fleet name + description: Fleet metadata information + ConditionStatus: + type: object + properties: + type: + type: string + description: |- + Status type. Options: + - **Ready**: whether the cluster is available + - **Cluster**: network connection status of the cluster + - **Federation**: federation status of the cluster + x-api-type: open-api + status: + type: string + description: >- + Cluster status. Options: + + - **Ready**: + - **True**: The cluster is ready, healthy, and ready to receive workloads. + - **False**: The cluster is not ready. + - **Cluster**: + - **Initializing**: The cluster is being initialized. + - **Failed**: The cluster fails to be initialized because the cluster registration times out or the cluster version is not supported. + - **Available**: The cluster has been initialized and is available. + - **Unavailable**: The cluster is unavailable. + - **Unjoining**: The cluster is being removed from the fleet. + - **UnjoinFailed**: The cluster fails to be removed from the fleet. + - **UnjoinSuccess**: The cluster has been removed from the fleet. + - **Unregistering**: The cluster is being unregistered. + - **UnregisterFailed**: The cluster fails to be unregistered. + - **Federation**: + - **Federalized**: The cluster has been added to the federation. + - **Federalizing**: The cluster is being added to the federation. + - **Failed**: The cluster fails to be added to the federation. + - **Removing**: The cluster is being removed from the federation. + - **Abnormal**: The cluster in the federation is abnormal. + x-api-type: open-api + observedgeneration: + type: integer + format: int32 + description: Version of a status object + lastTransitionTime: + type: string + format: date-time + description: 上次状态更新的时间 + reason: + type: string + description: Cause of status + message: + type: string + description: Status information + NodeSummary: + type: object + properties: + totalNum: + type: integer + format: int32 + description: Number of all nodes in a cluster + readyNum: + type: integer + format: int32 + description: Number of ready nodes in a cluster + ClusterStatus: + type: object + properties: + kubernetesVersion: + type: string + description: Kubernetes version + conditions: + type: array + description: Cluster conditions + items: + $ref: "#/components/schemas/ConditionStatus" + nodeSummary: + $ref: "#/components/schemas/NodeSummary" + resourceSummary: + $ref: "#/components/schemas/ResourceSummary" + endpoints: + type: array + description: Endpoint + items: + $ref: "#/components/schemas/Endpoint" + phase: + type: string + description: Phase information + reason: + type: string + description: Reason of the last change + message: + type: string + description: Details about the last state transition + arrearFreeze: + type: string + description: Frozen due to arrears + policeFreeze: + type: string + description: Frozen for legal reasons + apiEnablements: + type: array + description: List of enabled resources + items: + $ref: "#/components/schemas/APIEnablement" + UpdateRuleRequestBody: + type: object + properties: + spec: + $ref: "#/components/schemas/RuleSpec" + Cluster: + type: object + properties: + kind: + type: string + description: API type. The value is fixed at **Cluster** and cannot be changed. + apiVersion: + type: string + description: API version. The value is fixed at **v1** and cannot be changed. + metadata: + $ref: "#/components/schemas/ObjectMeta" + spec: + $ref: "#/components/schemas/ClusterSpec" + status: + $ref: "#/components/schemas/ClusterStatus" + ClusterSpec: + type: object + properties: + syncMode: + type: string + description: Synchronization mode between the cluster and the Karmada control + plane + clusterGroupID: + type: string + description: Fleet ID + manageType: + type: string + description: |- + Cluster type. + + - **grouped**: clusters added to a fleet + - **discrete**: clusters not in any fleet + ruleNamespaces: + type: array + description: List of namespaces associated with permission policies in a cluster + items: + $ref: "#/components/schemas/RuleNamespace" + apiEndpoint: + type: string + description: API server address + secretRef: + $ref: "#/components/schemas/LocalSecretReference" + insecureSkipTLSVerification: + type: boolean + description: Whether to skip HTTPS verification + proxyURL: + type: string + description: Proxy URL + provider: + type: string + description: Provider + type: + type: string + description: >- + Cluster type. Options: + + - Huawei Cloud clusters: **cce**, **turbo**, and **turbopro** + + - Partner cloud clusters: **ctc** and **cmc** + + - On-premises clusters: **baremetal**, **vmware**, and **agile** + + - Attached clusters: **ack**, **aks**, **eks**, **gke**, **tke**, **openshift**, and **privatek8s** + x-api-type: open-api + category: + type: string + description: |- + Cluster category. Options: + - **self**: Huawei Cloud clusters + - **partnercloud**: partner cloud clusters + - **onpremise**: on-premises clusters + - **attachedcluster**: attached clusters + x-api-type: open-api + enableDistMgt: + type: boolean + description: Whether CCE Turbo clusters can manage edge infrastructure + region: + type: string + description: Region + country: + type: string + description: Country + city: + type: string + description: City + projectID: + type: string + description: Project ID + projectName: + type: string + description: Project name + zone: + type: string + description: Region + taints: + type: array + description: Taint + items: + $ref: "#/components/schemas/Taint" + IsDownloadedCert: + type: boolean + description: Whether the certificate has been downloaded + policyId: + type: string + description: Policy ID + operatorNamespace: + type: string + description: Domain ID of the cluster + connectProxyEndpoints: + type: array + description: ID list of VPC endpoint services for connecting to the proxy + server. This field is returned only for non-Huawei Cloud clusters. + items: + $ref: "#/components/schemas/ConnectEndpoint" + UpdateObjectMeta: + properties: + annotations: + type: object + description: Cluster annotation + properties: {} + description: Object Meta Data + UpdateClusterSpec: + type: object + properties: + country: + type: string + description: Country where the cluster is located + city: + type: string + description: City where the cluster is located + UpdateClusterRequestBody: + type: object + required: + - apiVersion + - kind + properties: + kind: + type: string + description: API type. The value is fixed at **Cluster** and cannot be changed. + apiVersion: + type: string + description: API version. The value is fixed at **v1** and cannot be changed. + metadata: + $ref: "#/components/schemas/UpdateObjectMeta" + spec: + $ref: "#/components/schemas/UpdateClusterSpec" + RegisterClusterGroupSpec: + type: object + properties: + clusterIds: + type: array + description: ID of the associated cluster + items: + type: string + description: + type: string + description: Fleet description + RuleSpec: + type: object + properties: + iamUserIDs: + type: array + description: 权限策略关联的IAM用户信息 + items: + type: string + type: + type: string + description: >- + Permission policy type. The value can be **readonly**, **develop**, + **admin**, or **custom**. + + - **admin**: administrator + + - **develop**: developer + + - **readonly**: read-only + + - **custom**: custom + x-api-type: open-api + contents: + type: array + description: Permission policy content + items: + $ref: "#/components/schemas/Content" + description: + type: string + description: Permission policy description + minLength: 0 + maxLength: 255 + CreateRuleObjectMeta: + type: object + required: + - name + properties: + name: + type: string + description: Permission policy name + minLength: 1 + maxLength: 63 + CreateRuleRequestBody: + type: object + required: + - metadata + - spec + properties: + metadata: + $ref: "#/components/schemas/CreateRuleObjectMeta" + spec: + $ref: "#/components/schemas/RuleSpec" + Rule: + type: object + properties: + kind: + type: string + description: API type. + apiVersion: + type: string + description: API version. The value is fixed at **v1** and cannot be changed. + metadata: + $ref: "#/components/schemas/ObjectMeta" + spec: + $ref: "#/components/schemas/RuleSpec" + UpdateClusterGroupDescriptionRequest: + type: object + required: + - description + properties: + description: + type: string + description: Fleet description + UpdateClusterGroupAssociatedClustersRequestBody: + type: object + properties: + clusterIds: + type: array + description: Cluster IDs for updating information about clusters associated with + a fleet + items: + type: string + ClusterJoinGroupRequestBody: + type: object + required: + - clusterGroupID + properties: + clusterGroupID: + type: string + description: ID of the fleet that the cluster is added to + UpdateAssociatedRulesRequest: + type: object + properties: + ruleIDNamespaces: + type: array + description: Permission policy ID and namespaces related to the permission policy + items: + $ref: "#/components/schemas/RuleIDNamespaces" + ClusterGroupCondition: + type: object + properties: + type: + type: string + description: >- + Type of the federation or permission policy enabled for a fleet. + Options: + + - **Federation**: federations + + - **FedClusterConnection**: cluster connections + + - **Policy**: permission policies + x-api-type: open-api + status: + type: string + description: >- + Status of the federation or permission policy enabled for a fleet. + Options: + + - Federation statuses: + - **Creating**: The federation is being created. + - **CreateFailed**: The federation fails to be created. + - **Available**: The federation has been created and is available. + - **Connecting**: The cluster is being added to the federation. + - **Connected**: The cluster has been added to the federation. + - **Unavailable**: The federation is unavailable. + - **Failed**: The federation fails to be enabled. + - **Deleting**: The federation is being disabled. + - **DeleteFailed**: The federation fails to be disabled. + - **Upgrading**: The federation is being upgraded. + - **UpgradeFailed**: The federation fails to be upgraded. + - **Rollback**: The federation version is being rolled back. + - **RollbackFailed**: The federation version fails to be rolled back. + - **Freezed**: The federation has been frozen. + - **Freezing**: The federation is being frozen. + - **UnFreezing**: The federation is being unfrozen. + - Federation permission policy statuses: + - **Running**: The policy management is running. + - **Abnormal**: The policy management is abnormal. + - **Reconciling**: The policy management is being reconciled. + - **ReconcileFailed**: The policy management fails to be reconciled. + - **Closing**: The policy management is being disabled. + x-api-type: open-api + reason: + type: string + description: Cause of status + message: + type: string + description: Status information + lastTransitionTime: + type: string + format: date-time + description: Status update time + description: Federation or permission policy information for a fleet + ClusterGroup: + type: object + properties: + kind: + type: string + description: API type. The value is fixed at **ClusterGroup** and cannot be + changed. + apiVersion: + type: string + description: API version. The value is fixed at **v1** and cannot be changed. + metadata: + $ref: "#/components/schemas/ObjectMeta" + spec: + $ref: "#/components/schemas/ClusterGroupSpec" + status: + $ref: "#/components/schemas/ClusterGroupStatus" + Content: + type: object + properties: + verbs: + type: array + description: Action list + items: + type: string + resources: + type: array + description: Resource list + items: + type: string + RuleIDNamespaces: + type: object + properties: + ruleIDs: + type: array + description: Permission policy ID + items: + type: string + namespaces: + type: array + description: Namespaces related to permission policies + items: + type: string + RuleInfo: + type: object + properties: + ruleID: + type: string + description: Permission policy ID + ruleName: + type: string + description: Permission policy name + RuleNamespace: + type: object + properties: + rules: + type: array + description: Permission policy list + items: + $ref: "#/components/schemas/RuleInfo" + namespaces: + type: array + description: Namespace list + items: + type: string + Job: + type: object + properties: + kind: + type: string + description: API type. + apiVersion: + type: string + description: API version. The value is fixed at **v1** and cannot be changed. + metadata: + $ref: "#/components/schemas/ObjectMeta" + spec: + $ref: "#/components/schemas/JobSpec" + status: + $ref: "#/components/schemas/JobStatus" + example: >- + { + "kind": "Job", + "apiVersion": "v3", + "metadata": { + "uid": "70b5a14f-2fa4-11ee-bf07-0255ac1000b9", + "creationTimestamp": "2023-07-31 13:16:20.715779 +0000 UTC", + "updateTimestamp": "2023-07-31 13:17:24.497868 +0000 UTC", + "annotations": { + "currentTimestamp": "2023-07-31 13:17:24.933313136 +0000 UTC" + } + }, + "spec": { + "type": "CreateFederationContainer", + "federationUID": "70acf480-2fa4-11ee-ad1d-0255ac1001c4", + "resourceID": "70acf480-2fa4-11ee-ad1d-0255ac1001c4", + "resourceName": "70acf480-2fa4-11ee-ad1d-0255ac1001c4", + "subJobs": [ + { + "kind": "Job", + "apiVersion": "v3", + "metadata": { + "uid": "70b66b9a-2fa4-11ee-bf07-0255ac1000b9", + "creationTimestamp": "2023-07-31 13:16:20.740512 +0000 UTC", + "updateTimestamp": "2023-07-31 13:16:22.100528 +0000 UTC", + "annotations": { + "currentTimestamp": "2023-07-31 13:17:24.934274579 +0000 UTC" + } + }, + "spec": { + "type": "InstallFederationChart", + "federationUID": "70acf480-2fa4-11ee-ad1d-0255ac1001c4" + }, + "status": { + "phase": "Success", + "completionTime": "2023-07-31 13:16:22.100528 +0000 UTC", + "startTime": "2023-07-31 13:16:22.100528 +0000 UTC" + } + }, + { + "kind": "Job", + "apiVersion": "v3", + "metadata": { + "uid": "70b66b68-2fa4-11ee-bf07-0255ac1000b9", + "creationTimestamp": "2023-07-31 13:16:20.736232 +0000 UTC", + "updateTimestamp": "2023-07-31 13:17:24.490359 +0000 UTC", + "annotations": { + "currentTimestamp": "2023-07-31 13:17:24.934277116 +0000 UTC" + } + }, + "spec": { + "type": "CreateNetworkResource", + "federationUID": "70acf480-2fa4-11ee-ad1d-0255ac1001c4", + "extendParam": { + "JobExtendParamKeyElbID": "69694819-67dc-44ac-ab6e-9b18087c5c4c" + } + }, + "status": { + "phase": "Success", + "completionTime": "2023-07-31 13:17:24.490359 +0000 UTC", + "startTime": "2023-07-31 13:16:20.744891 +0000 UTC" + } + }, + { + "kind": "Job", + "apiVersion": "v3", + "metadata": { + "uid": "70b66afa-2fa4-11ee-bf07-0255ac1000b9", + "creationTimestamp": "2023-07-31 13:16:20.731295 +0000 UTC", + "updateTimestamp": "2023-07-31 13:16:22.100452 +0000 UTC", + "annotations": { + "currentTimestamp": "2023-07-31 13:17:24.934288685 +0000 UTC" + } + }, + "spec": { + "type": "CreateCert", + "federationUID": "70acf480-2fa4-11ee-ad1d-0255ac1001c4" + }, + "status": { + "phase": "Success", + "completionTime": "2023-07-31 13:16:22.100452 +0000 UTC", + "startTime": "2023-07-31 13:16:22.100452 +0000 UTC" + } + }, + { + "kind": "Job", + "apiVersion": "v3", + "metadata": { + "uid": "70b66ad0-2fa4-11ee-bf07-0255ac1000b9", + "creationTimestamp": "2023-07-31 13:16:20.726434 +0000 UTC", + "updateTimestamp": "2023-07-31 13:16:22.093902 +0000 UTC", + "annotations": { + "currentTimestamp": "2023-07-31 13:17:24.934291673 +0000 UTC" + } + }, + "spec": { + "type": "CreateNode", + "federationUID": "70acf480-2fa4-11ee-ad1d-0255ac1001c4" + }, + "status": { + "phase": "Success", + "completionTime": "2023-07-31 13:16:22.093902 +0000 UTC", + "startTime": "2023-07-31 13:16:20.745187 +0000 UTC" + } + } + ] + }, + "status": { + "phase": "Success", + "completionTime": "2023-07-31 13:17:24.497868 +0000 UTC", + "startTime": "2023-07-31 13:16:20.721007 +0000 UTC" + } + } + JobSpec: + type: object + properties: + type: + type: string + description: |- + Job type. Options: + - **CreateFederation**: creates a federation. + - **DeleteFederation**: deletes a federation. + - **UpgradeFederation**: upgrades a federation. + - **RollbackFederation**: rolls back a federation. + x-api-type: open-api + federationUID: + type: string + description: 联邦uid + resourceID: + type: string + description: 资源id + resourceName: + type: string + description: 资源名字 + extendparam: + type: object + description: Extended parameter + additionalProperties: + type: string + subJobs: + type: array + description: 子Job + items: + $ref: "#/components/schemas/Job" + JobStatus: + type: object + properties: + phase: + type: string + description: Job phase + reason: + type: string + description: Job reason + completionTime: + type: string + description: Job完成时间 + startTime: + type: string + description: Job开始时间 + UpdateAssociatedZonesRequest: + type: object + properties: + dnsSuffix: + type: array + description: DNS suffix used to change the root domain name for access + items: + type: string + APIResource: + type: object + properties: + name: + type: string + description: Resource name + kind: + type: string + description: Resource category + APIEnablement: + type: object + properties: + groupVersion: + type: string + description: Resource group version + resources: + type: array + description: Resource type and name + items: + $ref: "#/components/schemas/APIResource" + ClusterGroupStatus: + type: object + properties: + conditions: + type: array + items: + $ref: "#/components/schemas/ClusterGroupCondition" + NetworkConfig: + type: object + properties: + podCIDR: + type: string + description: Pod CIDR block + serviceCIDR: + type: string + description: Service CIDR block + WorkerConfig: + type: object + properties: + replicas: + type: integer + format: int32 + description: Number of nodes + strategy: + $ref: "#/components/schemas/NodeUpgradeStrategy" + NodeUpgradeStrategy: + type: object + properties: + type: + type: string + description: |- + Policy type. Options: + - **RollingUpdate**: rolling updates + - **OnDelete**: updates after deletion + default: RollingUpdate + x-api-type: open-api + rollingUpdate: + $ref: "#/components/schemas/RollingUpdateNodeUpgradeStrategy" + description: Node update policy + RollingUpdateNodeUpgradeStrategy: + type: object + properties: + maxUnavailable: + type: object + description: Maximum number of nodes that can be unavailable during an update + properties: {} + maxSurge: + type: object + description: Maximum number of nodes that can be created over the desired number + of nodes + properties: {} + deletePolicy: + type: string + description: Deletion policy. The options are **Random**, **Oldest**, and + **Newest**. + CreateFederationCertRequestBody: + type: object + required: + - duration + - projectID + - subnetID + - vpcID + properties: + projectID: + type: string + description: Project ID + vpcID: + type: string + description: VPC ID, which must belong to the project specified by **projectID**. + subnetID: + type: string + description: Subnet ID, which must belong to the VPC specified by **vpcID**. + duration: + type: integer + format: int32 + description: Validity period of the certificate in kubeconfig, in days + minimum: 1 + maximum: 1825 + description: Request body for downloading federation kubeconfig + CreateFederationConnectionRequestBody: + type: object + required: + - projectID + - subnetID + - vpcID + properties: + projectID: + type: string + description: Project ID + vpcID: + type: string + description: VPC ID, which must belong to the project specified by **projectID**. + subnetID: + type: string + description: Network ID of the subnet. The subnet must be in the VPC specified + by **vpcID**. + description: Request body for creating a federation connection + VPCEPEndpoint: + type: object + required: + - id + properties: + id: + type: string + description: VPC endpoint ID + DownloadFederationKubeconfigRequestBody: + type: object + required: + - duration + properties: + duration: + type: integer + format: int32 + description: Validity period of a kubeconfig certificate + minimum: 1 + maximum: 1825 + description: Request body for downloading a federation kubeconfig certificate + RegisteredClusterVersions: + type: object + required: + - versions + properties: + versions: + type: array + description: Cluster version list + items: + type: string + ConnectEndpoint: + type: object + properties: + type: + type: string + description: Currently, only **VPCEP** is supported. + name: + type: string + description: Resource name. When **type** is set to **VPCEP**, the value is the + VPCEP service name. + id: + type: string + description: Resource ID. When **type** is set to **VPCEP**, the value is the + VPCEP service ID. + region: + type: string + description: Region where the resource is located + description: Endpoint information + ClusterCert: + type: object + properties: + server: + type: string + description: Server address + certificate-authority-data: + type: string + description: Certificate authorization data + insecure-skip-tls-verify: + type: boolean + description: Whether to skip server certificate verification + NamedCluster: + type: object + properties: + name: + type: string + description: Cluster name + cluster: + $ref: "#/components/schemas/ClusterCert" + description: Cluster information + AuthInfo: + type: object + properties: + client-certificate-data: + type: string + description: Client certificate + client-key-data: + type: string + description: PEM encoding data from the TLS client key file + token: + type: string + description: Authentication token + description: User authentication information + NamedAuthInfo: + type: object + properties: + name: + type: string + description: User name + user: + $ref: "#/components/schemas/AuthInfo" + Context: + type: object + properties: + cluster: + type: string + description: Cluster context + user: + type: string + description: User context + description: Context information + NamedContext: + type: object + properties: + name: + type: string + description: Context name + context: + $ref: "#/components/schemas/Context" + description: Context + KubeConfig: + type: object + properties: + kind: + type: string + description: API type. The value is fixed at **Config** and cannot be changed. + apiVersion: + type: string + description: API version. The value is fixed at **v1** and cannot be changed. + clusters: + type: array + description: Cluster list + items: + $ref: "#/components/schemas/NamedCluster" + users: + type: array + description: Certificate information and client key information of a specified + user + items: + $ref: "#/components/schemas/NamedAuthInfo" + contexts: + type: array + description: Context list + items: + $ref: "#/components/schemas/NamedContext" + current-context: + type: string + description: Current context + UCSJobResp: + type: object + properties: + jobID: + type: string + description: Job ID + ReleaseParams: + type: object + properties: + dry_run: + type: boolean + description: Whether to simulate only the installation process + replace: + type: boolean + description: Whether to allow the reuse of existing names + recreate: + type: boolean + description: Whether to forcibly recreate resources + no_hooks: + type: boolean + description: Whether hooks are forbidden + reset_values: + type: boolean + description: Used for resetting **values** during the update + name_template: + type: string + description: Name template of the resources to be published + release_version: + type: integer + format: int32 + description: Source version for rollback + include_hooks: + type: boolean + description: Whether hooks are allowed during the update or deletion + AddonInstanceSpec: + type: object + properties: + clusterID: + type: string + description: Cluster ID + version: + type: string + description: Add-on version + addonTemplateName: + type: string + description: Add-on template name + addonTemplateType: + type: string + description: Add-on template type + addonTemplateLogo: + type: string + description: Add-on template logo + addonTemplateLabels: + type: array + description: Add-on template label + items: + type: string + description: + type: string + description: Description + values: + type: object + description: Add-on instance configuration parameters + additionalProperties: + type: object + properties: {} + parameters: + $ref: "#/components/schemas/ReleaseParams" + namespace: + type: string + description: Namespace + description: Add-on instance information + AddonVersion: + type: object + properties: + id: + type: string + description: Add-on package version ID + version: + type: string + description: Add-on version + input: + type: object + description: Input + additionalProperties: + type: object + properties: {} + stable: + type: boolean + description: Whether the add-on version is a stable release + translate: + type: object + description: Translation information used by the GUI + additionalProperties: + type: object + properties: {} + supportVersions: + type: array + description: Supported cluster types and versions + items: + $ref: "#/components/schemas/SupportVersion" + creationTimestamp: + type: string + description: Record creation time + updateTimestamp: + type: string + description: Record update time + description: Add-on version information + AddonInstanceStatus: + type: object + properties: + status: + type: string + description: Status + Reason: + type: string + description: Reason for the change + message: + type: string + description: Change details + targetVersions: + type: array + description: Target version + items: + type: string + currentVersion: + $ref: "#/components/schemas/AddonVersion" + description: Add-on instance status + SupportVersion: + type: object + properties: + category: + type: string + description: Supported cluster category + clusterType: + type: string + description: Supported cluster types (such as **BareMetal**, **VirtualMachine**, + and **Windows**) + clusterVersion: + type: array + description: Supported cluster versions (regular expressions are supported, for + example, .* matches all cluster versions) + items: + type: string + description: Supported cluster types (such as **BareMetal**, **VirtualMachine**, + and **Windows**) and supported cluster versions (Regular expressions are + supported. For example, .* matches all cluster versions.) + AddonInstance: + type: object + required: + - apiVersion + - kind + - metadata + properties: + kind: + type: string + description: API type. The value must be **Addon**. + apiVersion: + type: string + description: API version. The value must be **v3**. + metadata: + $ref: "#/components/schemas/ObjectMeta" + spec: + $ref: "#/components/schemas/AddonInstanceSpec" + status: + $ref: "#/components/schemas/AddonInstanceStatus" + CreateConfigSetRequestBody: + type: object + required: + - name + - namespace + properties: + name: + type: string + description: Configuration set name + namespace: + type: string + description: Namespace + configSetType: + type: string + description: Configuration set type + repoName: + type: string + description: Source code repository name + bucketSpec: + type: object + description: Basic information about an OBS bucket + properties: {} + helmChartSpec: + type: object + description: Helm chart specification + properties: {} + gitRepositorySpec: + $ref: "#/components/schemas/GitRepositorySpec" + helmRepositorySpec: + type: object + description: Basic information about the Helm repository + properties: {} + kustomizationSpec: + $ref: "#/components/schemas/KustomizationSpec" + clusterInfo: + $ref: "#/components/schemas/ClusterInfo" + secretInfo: + $ref: "#/components/schemas/SecretInfo" + description: Request for creating a configuration set + GitRepositorySpec: + type: object + properties: + url: + type: string + description: Git repository address + ref: + $ref: "#/components/schemas/GitRepositoryRef" + secretRef: + $ref: "#/components/schemas/LocalObjectReference" + interval: + type: string + description: Interval for periodically checking repository updates. For example, + **1m** indicates 1 minute. + timeout: + type: string + description: Timeout duration for Git operations (such as clone). The default + value is 60 seconds. + GitRepositoryRef: + type: object + properties: + branch: + type: string + description: Git branch to be checked out. If no other fields are defined, the + **master** branch is checked out by default. + KustomizationSpec: + type: object + properties: + path: + type: string + description: Path of the **kustomization.yaml** file + interval: + type: string + description: Interval at which the controller executes kustomization + synchronization and verification + timeout: + type: string + description: Timeout for the verification, application, and health check + operations + sourceRef: + $ref: "#/components/schemas/SourceRef" + targetNamespace: + type: string + description: Namespace to be set or overridden in the **kustomization.yaml** file + prune: + type: boolean + description: Whether to enable garbage collection + SourceRef: + type: object + required: + - kind + - name + properties: + kind: + type: string + description: Type of the referent. The value must be **OCIRepository**, + **GitRepository**, or **Bucket**. + name: + type: string + description: Referent name + CreateConfigSetResponseBody: + type: object + properties: + uid: + type: string + description: Configuration set ID + ConfigSetResponse: + type: object + properties: + uid: + type: string + description: Configuration set UID + name: + type: string + description: Configuration set name + namespace: + type: string + description: Namespace + configSetType: + type: string + description: Configuration set type + repoName: + type: string + description: Repository name + bucket: + type: object + description: Basic bucket information + properties: {} + helmChart: + type: object + description: Basic information about a Helm chart + properties: {} + gitRepository: + $ref: "#/components/schemas/GitRepository" + helmRepository: + type: object + description: Helm repository information such as its definition and status + properties: {} + repoStatus: + type: string + description: Repository status + helmRelease: + type: object + description: Release configuration and status of a Helm chart + properties: {} + kustomization: + $ref: "#/components/schemas/Kustomization" + configSetStatus: + type: string + description: Configuration set status + clusterInfo: + $ref: "#/components/schemas/ClusterInfo" + secretInfo: + $ref: "#/components/schemas/SecretInfo" + GitRepository: + type: object + properties: + metadata: + $ref: "#/components/schemas/GitRepositoryMetaData" + spec: + $ref: "#/components/schemas/GitRepositorySpec" + status: + $ref: "#/components/schemas/GitRepositoryStatus" + GitRepositoryMetaData: + type: object + properties: + name: + type: string + description: Repository name + namespace: + type: string + description: Namespace + uid: + type: string + description: UID + resourceVersion: + type: string + description: Internal version ID of a resource. It is used for concurrency + control. + generation: + type: integer + format: int32 + description: Generation of the desired resource state. The value increases each + time the **spec** is modified. + creationTimestamp: + type: string + description: Creation time + finalizers: + type: array + description: Cleanup operations before the deletion + items: + type: string + managedFields: + type: array + description: Used to trace resource field management permissions and record the + manager of each field + items: + $ref: "#/components/schemas/ManagedFieldsEntry" + LocalObjectReference: + type: object + properties: + name: + type: string + description: Referent name + GitRepositoryStatus: + type: object + properties: + observedGeneration: + type: integer + format: int32 + description: Version of the GitRepository processed by the controller last time + conditions: + type: array + description: Current GitRepository condition set, which includes different + states of an object + items: + type: object + properties: {} + artifact: + $ref: "#/components/schemas/Artifact" + Artifact: + type: object + properties: + path: + type: string + description: Relative file path of the artifact + url: + type: string + description: HTTP address, which can be used to download or access the artifact + content + revision: + type: string + description: Version identifier + digest: + type: string + description: File digest, in the format of : + lastUpdateTime: + type: string + description: Last update time + size: + type: integer + format: int32 + description: File size, in bytes + KustomizationMetaData: + type: object + properties: + name: + type: string + description: Kustomization name + namespace: + type: string + description: Namespace + uid: + type: string + description: UID + resourceVersion: + type: string + description: Internal version ID of a resource. It is used for concurrency + control. + generation: + type: integer + format: int32 + description: Generation of the desired resource state. The value increases each + time the **spec** is modified. + creationTimestamp: + type: string + description: Creation time + finalizers: + type: array + description: Cleanup operations before the deletion + items: + type: string + KustomizationStatus: + type: object + properties: + observedGeneration: + type: integer + format: int32 + description: Last reconciled generation, which identifies the object generation + processed by the controller + conditions: + type: array + description: Status condition list of the current object + items: + type: object + properties: {} + lastAttemptedRevision: + type: string + description: Revision of the last reconciliation attempt + Kustomization: + type: object + properties: + metadata: + $ref: "#/components/schemas/KustomizationMetaData" + spec: + $ref: "#/components/schemas/KustomizationSpec" + status: + $ref: "#/components/schemas/KustomizationStatus" + ClusterInfo: + type: object + properties: + clusterID: + type: string + description: Cluster ID + clusterName: + type: string + description: Cluster name + clusterPath: + type: string + description: Cluster path + SecretInfo: + type: object + properties: + authMode: + type: string + description: Authentication mode + secret: + type: object + description: Secret that stores the authentication credential + properties: {} + ConfigSetListResponse: + type: object + properties: + items: + type: array + description: Configuration set list + items: + $ref: "#/components/schemas/ConfigSetResponse" + total: + type: integer + format: int32 + description: Total number of configuration sets that meet the search criteria + OverviewReconcileStatus: + type: object + properties: + configSetTotalNum: + type: integer + format: int32 + description: Total number of configuration sets + healthStatusNum: + type: integer + format: int32 + description: The number of healthy configuration sets + failedStatusNum: + type: integer + format: int32 + description: The number of failed configuration sets + unknownStatusNum: + type: integer + format: int32 + description: The number of unknown configuration sets + progressingStatusNum: + type: integer + format: int32 + description: The number of configuration sets being processed + ClusterReconcileStatus: + type: object + properties: + clusterID: + type: string + description: Cluster ID + configSetTotalNum: + type: integer + format: int32 + description: Total number of configuration sets in a cluster + healthStatusNum: + type: integer + format: int32 + description: The number of healthy configuration sets + failedStatusNum: + type: integer + format: int32 + description: The number of failed configuration sets + unknownStatusNum: + type: integer + format: int32 + description: The number of unknown configuration sets + progressingStatusNum: + type: integer + format: int32 + description: The number of configuration sets being processed + k8sResourceNum: + type: integer + format: int32 + description: The number of Kubernetes resources associated with a cluster + sourceRepoNum: + type: integer + format: int32 + description: The number of source code repositories associated with a cluster + description: Comprehensive status overview of a specific cluster + ConfigSetStatisticsResponse: + type: object + properties: + overviewStatus: + $ref: "#/components/schemas/OverviewReconcileStatus" + items: + type: array + description: Configuration set status of each cluster + items: + $ref: "#/components/schemas/ClusterReconcileStatus" + total: + type: integer + format: int32 + description: Total number of records on all pages + UpdateConfigSetRequestBody: + type: object + properties: + name: + type: string + description: Configuration set name + namespace: + type: string + description: Namespace + helmReleaseSpec: + type: object + description: Helm chart–based deployment configuration (Currently, + **HelmRelease** is not supported.) + properties: {} + kustomizationSpec: + $ref: "#/components/schemas/KustomizationSpec" + RepoResponse: + type: object + properties: + uid: + type: string + description: Repository UID + name: + type: string + description: Repository name + repoType: + type: string + description: Repository type. The value can be **Bucket**, **HelmChart**, + **GitRepository**, or **HelmRepository**. Currently, only + **GitRepository** is supported. + namespace: + type: string + description: Namespace + gitRepository: + $ref: "#/components/schemas/GitRepository" + repoStatus: + type: string + description: Repository status. The value can be **Health**, **Failed**, + **Unknown**, or **Progressing**. + clusterInfo: + $ref: "#/components/schemas/ClusterInfo" + secretInfo: + $ref: "#/components/schemas/SecretInfo" + ManagedFieldsEntry: + type: object + properties: + manager: + type: string + description: Manager name + operation: + type: string + description: Operation type that causes this entry being created. The value can + only be **Apply** or **Update**. + apiVersion: + type: string + description: Resource API version used by a manager for defining fields + time: + type: string + description: Timestamp when this entry was created or last updated + fieldsType: + type: string + description: Field structure format. The value is fixed at "FieldsV1". + fieldsV1: + type: object + description: Information about the managed fields + properties: {} + description: Record of the field ownership automatically maintained by the API + server. The record is used for conflict detection and field-level + concurrency management of Server-Side Apply. + RepoResponseList: + type: object + properties: + items: + type: array + description: Repository source information list + items: + $ref: "#/components/schemas/RepoResponse" + total: + type: integer + format: int32 + description: Total number of records on all pages + UpdateRepoRequestBody: + type: object + properties: + name: + type: string + description: Repository name + namespace: + type: string + description: Namespace + repoType: + type: string + description: Repository type. The value can be **Bucket**, **HelmChart**, + **GitRepository**, or **HelmRepository**. Currently, only + **GitRepository** is supported. + gitRepositorySpec: + $ref: "#/components/schemas/GitRepositorySpec" + secretInfo: + $ref: "#/components/schemas/SecretInfo" + CreateRepoRequestBody: + type: object + properties: + name: + type: string + description: Repository name + namespace: + type: string + description: Namespace + gitRepositorySpec: + $ref: "#/components/schemas/GitRepositorySpec" + secretInfo: + $ref: "#/components/schemas/SecretInfo" + clusterInfo: + $ref: "#/components/schemas/ClusterInfo" + CreateRepoResponseBody: + type: object + properties: + uid: + type: string + description: Repository ID + PodList: + type: object + properties: + metadata: + $ref: "#/components/schemas/ListMeta" + items: + type: array + description: Pod list + items: + $ref: "#/components/schemas/Pod" + ListMeta: + type: object + properties: + resourceVersion: + type: string + description: Server's internal version + continue: + type: string + description: Whether there is data on the next page that needs to be returned + remainingItemCount: + type: string + description: The number of items in the list that are not included in this + response + Pod: + type: object + properties: + metadata: + $ref: "#/components/schemas/ObjectMeta" + spec: + $ref: "#/components/schemas/PodSpec" + status: + $ref: "#/components/schemas/PodStatus" + OwnerReference: + type: object + properties: + apiVersion: + type: string + description: API version of the referent + kind: + type: string + description: Type of the referent + name: + type: string + description: Name of the referent + uid: + type: string + description: UID of the referent + controller: + type: boolean + description: If the value is **true**, this reference points to the controller + that manages the resource. + blockOwnerDeletion: + type: boolean + description: If the value is **true** and the owner has a finalizer named + **foregroundDeletion**, the owner cannot be deleted until this + reference is removed. + description: Owner object of a resource. It provides enough information for you + to identify and associate the ownership between resources. + PodSpec: + type: object + properties: + volumes: + type: array + description: List of storage volumes that can be mounted to a pod + items: + type: object + properties: {} + containers: + type: array + description: List of service containers in a pod + items: + type: object + properties: {} + restartPolicy: + type: string + description: Container restart policy after failures + terminationGracePeriodSeconds: + type: integer + format: int32 + description: The time to wait for a container to shut down gracefully before it + is forcefully killed + activeDeadlineSeconds: + type: integer + format: int32 + description: Maximum lifetime of a pod on a node + dnsPolicy: + type: string + description: DNS policy + nodeSelector: + type: object + description: Node selector, which is used to specify nodes where pods can be + scheduled + additionalProperties: + type: string + serviceAccountName: + type: string + description: Name of the ServiceAccount used to run a pod + serviceAccount: + type: string + description: The ServiceAccount field of the earlier version for backward + compatibility + automountServiceAccountToken: + type: boolean + description: Whether the ServiceAccount token is automatically mounted to the pod + nodeName: + type: string + description: Node where a pod should be scheduled + securityContext: + type: object + description: Pod-level security context + properties: {} + schedulerName: + type: string + description: Scheduler that will dispatch a pod + tolerations: + type: array + description: List of taints tolerated by a container + items: + $ref: "#/components/schemas/Toleration" + priority: + type: integer + format: int32 + description: Pod priority + enableServiceLinks: + type: boolean + description: Whether the service information is injected into the environment + variables of a pod + preemptionPolicy: + type: string + description: Priority-based preemption policy + description: PodSpec is the core data structure that describes a pod in Kubernetes. + Toleration: + type: object + properties: + key: + type: string + description: Key name of the taint to be tolerated + operator: + type: string + description: Relationship between the key and value. The value can be **Exists** + or **Equal**. The default value is **Equal**. + value: + type: string + description: Taint value to be matched. When **Operator** is set to **Exists**, + **Value** must be empty. + effect: + type: string + description: Taint effect to be matched. The value can be **NoSchedule**, + **PreferNoSchedule**, or **NoExecute**. If the value is empty, all + effects are matched. + tolerationSeconds: + type: integer + format: int32 + description: Duration during which a pod can tolerate a taint. This parameter is + valid only for **NoExecute**. + description: Pod taint toleration + PodStatus: + type: object + properties: + phase: + type: string + description: >- + Where the pod is in its lifecycle. Options: + + - **Pending**: The pod has been accepted but is not ready. + + - **Running**: The pod has been bound to a node and at least one container is running. + + - **Succeeded**: All containers in the pod have been terminated and will not be restarted. + + - **Failed**: At least one container in the pod failed to be terminated. + + - **Unknown**: The pod status cannot be obtained. + x-api-type: open-api + hostIP: + type: string + description: IP address of the host where the pod is assigned + startTime: + type: string + description: Time at which the pod was acknowledged by kubelet + containerStatuses: + type: array + description: Container status list + items: + $ref: "#/components/schemas/ContainerStatus" + description: Pod status information + ContainerStatus: + type: object + properties: + name: + type: string + description: Container name + state: + type: object + description: Current container status + properties: {} + lastState: + type: string + description: The status of a container after it has terminated + ready: + type: boolean + description: Whether a container passes the readiness probe + restartCount: + type: integer + format: int32 + description: The number of container restarts + image: + type: string + description: Name of the image for running a container + imageID: + type: string + description: ID of the image for running a container + started: + type: string + description: Whether a container has been started and is running stably + description: Current container status + MutiWorkload: + type: object + properties: + kind: + type: string + description: >- + Resource type. Options: + + - **Deployment**: manages stateless applications. + + - **Service**: implements service discovery and load balancing. + + - **Ingress**: manages external HTTP/HTTPS access to services in a cluster. + + - **ConfigMap**: stores non-sensitive configuration data. + + - **Secret**: stores sensitive information. + + - **Job**: runs one-off tasks. + + - **StatefulSet**: manages stateful applications. + + - **DaemonSet**: runs a pod on each node. + + - **PersistentVolumeClaim**: applies for and uses persistent storage resources. + x-api-type: open-api + apiVersion: + type: string + description: API version + metadata: + $ref: "#/components/schemas/ObjectMeta" + template: + type: object + description: Application template to be deployed + properties: {} + propagationPolicy: + $ref: "#/components/schemas/PropagationPolicy" + overridePolicy: + $ref: "#/components/schemas/OverridePolicy" + resourceBinding: + $ref: "#/components/schemas/ResourceBinding" + PropagationSpec: + type: object + properties: + resourceSelectors: + type: array + description: Resource selector, which is used to select resources to be + propagated. + items: + $ref: "#/components/schemas/ResourceSelector" + propagateDeps: + type: boolean + description: Whether to automatically propagate the referent. + placement: + $ref: "#/components/schemas/Placement" + priority: + type: integer + format: int32 + description: Policy priority. The default value is **0**. + schedulerName: + type: string + description: Scheduler name. The default value is **default-scheduler**. + PropagationPolicy: + type: object + properties: + kind: + type: string + description: API type. The value is fixed at **PropagationPolicy**. + apiVersion: + type: string + description: API version + metadata: + $ref: "#/components/schemas/ObjectMeta" + spec: + $ref: "#/components/schemas/PropagationSpec" + ResourceSelector: + type: object + properties: + apiVersion: + type: string + description: API version of the target resource + kind: + type: string + description: Type of the target resource + namespace: + type: string + description: Name of the target resource + name: + type: string + description: Namespace of the target resource + Placement: + type: object + properties: + clusterAffinity: + $ref: "#/components/schemas/ClusterAffinity" + clusterTolerations: + type: array + description: Cluster tolerance rule + items: + $ref: "#/components/schemas/Toleration" + replicaScheduling: + type: object + description: The way how to allocate replicas across member clusters + properties: {} + ClusterAffinity: + type: object + properties: + clusterNames: + type: array + description: List of cluster names to be selected + items: + type: string + exclude: + type: array + description: List of cluster names to be excluded + items: + type: string + OverridePolicy: + type: object + properties: + kind: + type: string + description: API type. The value is fixed at **OverridePolicy**. + apiVersion: + type: string + description: API version + spec: + $ref: "#/components/schemas/OverrideSpec" + OverrideSpec: + type: object + properties: + resourceSelectors: + type: array + description: Resource selector, which restricts the resource types that the + override policy is applied to + items: + $ref: "#/components/schemas/ResourceSelector" + overriders: + type: object + description: Override rule that will be applied to resources + properties: {} + ResourceBindingSpec: + type: object + properties: + resource: + type: object + description: Kubernetes resource reference to be propagated + properties: {} + propagateDeps: + type: boolean + description: Whether to automatically propagate related resources + replicaRequirements: + type: object + description: Requirements for each replica + properties: {} + replicas: + type: integer + format: int32 + description: The number of replicas to be created + placement: + $ref: "#/components/schemas/Placement" + clusters: + type: array + description: Target member cluster list + items: + $ref: "#/components/schemas/TargetCluster" + ResourceBinding: + type: object + properties: + kind: + type: string + description: API type. The value is fixed at **ResourceBinding**. + apiVersion: + type: string + description: API version + metadata: + $ref: "#/components/schemas/ObjectMeta" + spec: + $ref: "#/components/schemas/ResourceBindingSpec" + status: + $ref: "#/components/schemas/ResourceBindingStatus" + TargetCluster: + type: object + properties: + name: + type: string + description: Name of the target cluster + replicas: + type: integer + format: int32 + description: The number of replicas created in a cluster + ResourceBindingStatus: + type: object + properties: + schedulerObservedGeneration: + type: integer + format: int32 + description: Generation of the resource observed by the scheduler + conditions: + type: array + description: Resource status conditions + items: + $ref: "#/components/schemas/ConditionStatus" + UCSConstraintRequest: + type: object + properties: + constraintTemplateID: + type: string + description: Policy template ID + enforcementAction: + type: string + description: Policy enforcement action. The options are **warn** and **deny**. + namespaces: + type: array + description: Namespace + items: + type: string + parameters: + type: object + description: Policy instance parameters + properties: {} + UCSConstraintList: + type: object + properties: + items: + type: array + description: Policy instance list + items: + $ref: "#/components/schemas/UCSConstraint" + kind: + type: string + description: API type + apiVersion: + type: string + description: API version + UCSConstraintTemplateSpec: + type: object + properties: + type: + type: string + description: |- + Template type. Options: + - **general**: compliance policy definition + - **security**: security policy definition + x-api-type: open-api + tag: + type: string + description: Template tag. Use semicolons (;) to separate tags. + officialTag: + type: string + description: Officially certified tag + level: + type: string + description: Recommendation level. **1** to **3** match 1 to 3 stars. + targetKind: + type: string + description: Target function types. Use semicolons (;) to separate types. + description: + type: string + description: Template description + constraintTemplate: + type: array + description: Constraint template list + items: + $ref: "#/components/schemas/ConstraintTemplate" + official: + type: boolean + description: Whether the constraint template is officially defined + UCSConstraintTemplate: + type: object + properties: + kind: + type: string + description: API type. The value is fixed at **ConstraintTemplate**. + apiVersion: + type: string + description: API version + metadata: + $ref: "#/components/schemas/ObjectMeta" + spec: + type: object + description: Attribute details of the constraint template + properties: {} + ConstraintTemplate: + type: object + properties: + kind: + type: string + description: API type. The value is fixed at **ConstraintTemplate**. + apiVersion: + type: string + description: API version + metadata: + $ref: "#/components/schemas/ObjectMeta" + spec: + $ref: "#/components/schemas/UCSConstraintTemplateSpec" + UCSConstraintTemplateList: + type: object + properties: + items: + type: array + description: Constraint template list + items: + $ref: "#/components/schemas/UCSConstraintTemplate" + kind: + type: string + description: API type + apiVersion: + type: string + description: API version + UCSConstraintTemplateTagRequest: + type: object + properties: + tag: + type: string + description: Tags. Use semicolons (;) to separate tags. + UCSConstraint: + type: object + properties: + kind: + type: string + description: API type + apiVersion: + type: string + description: API version + metadata: + $ref: "#/components/schemas/ObjectMeta" + spec: + $ref: "#/components/schemas/UCSConstraintSpec" + status: + $ref: "#/components/schemas/UCSConstraintStatus" + UCSConstraintSpec: + type: object + properties: + constraint: + $ref: "#/components/schemas/Constraint" + constraintTemplateID: + type: string + description: Constraint template ID + domainID: + type: string + description: Domain ID of a user + targetScope: + type: string + description: Policy instance delivery scope. The value can be **cluster** or + **fleet**. + targetID: + type: string + description: Object that the policy instance is delivered to. The value can be + **clusterID** or **clustergroupID**. + UCSConstraintStatus: + type: object + properties: + violations: + type: array + items: + $ref: "#/components/schemas/UCSStatusViolation" + Match: + type: object + properties: + kinds: + type: array + description: How a resource is applied. The value is preset, and a custom value + does not take effect. + items: + $ref: "#/components/schemas/ResourceKinds" + namespaces: + type: array + description: Namespace + items: + type: string + ResourceKinds: + type: object + properties: + apiGroups: + type: array + description: API group that a resource belongs to + items: + type: string + kinds: + type: array + description: Resource type + items: + type: string + ConstraintSpec: + type: object + properties: + enforcementAction: + type: string + description: Policy enforcement action. The options are **warn** and **deny**. + match: + $ref: "#/components/schemas/Match" + parameters: + type: object + description: Variable parameters + properties: {} + Constraint: + type: object + properties: + kind: + type: string + description: API type + apiVersion: + type: string + description: API version + metadata: + $ref: "#/components/schemas/ObjectMeta" + spec: + $ref: "#/components/schemas/ConstraintSpec" + StatusViolation: + type: object + properties: + kind: + type: string + description: Non-compliant resource type + name: + type: string + description: Non-compliant resource name + namespace: + type: string + description: Namespace of the non-compliant resource + message: + type: string + description: Violation details + enforcementAction: + type: string + description: Enforcement action + StatusEvent: + type: object + properties: + firstTimestamp: + type: string + description: Time when there was an interception event for the first time + resourceKind: + type: string + description: Resource type of an interception event + resourceName: + type: string + description: Resource name of an interception event + resourceNamespace: + type: string + description: Resource namespace of an interception event. Leave this field empty + if there is no namespace. + message: + type: string + description: Interception event details + UCSStatusViolation: + type: object + properties: + clusterID: + type: string + description: ID of the cluster to be audited + auditTimestamp: + type: string + description: Audit time + clusterViolations: + type: array + description: Violation status list + items: + $ref: "#/components/schemas/StatusViolation" + clusterEvents: + type: array + description: Interception event list + items: + $ref: "#/components/schemas/StatusEvent" + warnEvents: + type: array + description: Warning event list + items: + $ref: "#/components/schemas/StatusEvent" + JobList: + type: object + properties: + items: + type: array + description: Job list + items: + $ref: "#/components/schemas/UCSJob" + kind: + type: string + description: API type + apiVersion: + type: string + description: API version + UCSJob: + type: object + properties: + kind: + type: string + description: API type + apiVersion: + type: string + description: API version + metadata: + $ref: "#/components/schemas/ObjectMeta" + spec: + $ref: "#/components/schemas/UCSJobSpec" + status: + $ref: "#/components/schemas/UCSJobStatus" + UCSTaskSpec: + type: object + properties: + jobID: + type: string + description: ID of the job that a task belongs to + target: + type: string + description: Task target + targetType: + type: string + description: Type of the target to be executed + waitTimeOut: + type: integer + format: int32 + description: How long a task waits before being executed, in seconds + type: + type: string + description: Task type + runway: + type: string + description: Task execution mode. The value can be **parallel** or **serial**. + UCSTaskStatus: + type: object + properties: + status: + type: string + description: Status + reason: + type: string + description: Reason for the current status + startTime: + type: string + format: date-time + description: Start time + finishTime: + type: string + format: date-time + description: End time + UCSTask: + type: object + properties: + kind: + type: string + description: API type + apiVersion: + type: string + description: API version + metadata: + $ref: "#/components/schemas/ObjectMeta" + spec: + $ref: "#/components/schemas/UCSTaskSpec" + status: + $ref: "#/components/schemas/UCSTaskStatus" + UCSJobSpec: + type: object + properties: + taskList: + type: array + description: Task list + items: + $ref: "#/components/schemas/UCSTask" + domainID: + type: string + description: Domain ID of a user + operation: + type: string + description: Operation. The value can be **create** or **retry**. + waitTimeOut: + type: integer + format: int32 + description: Job waiting time, in seconds + type: + type: string + description: Job type + relatedObjects: + type: object + description: Related objects + additionalProperties: + type: string + extendParam: + type: object + description: Extended parameters + additionalProperties: + type: object + properties: {} + UCSJobStatus: + type: object + properties: + status: + type: string + description: |- + Job status. Options: + - **Running**: The job is running. + - **TimedOut**: The job execution timed out. + - **Succeeded**: The job has been executed. + - **Failed**: The job failed to be executed. + x-api-type: open-api + reason: + type: string + description: Reason + startTime: + type: string + format: date-time + description: Start time + finishTime: + type: string + format: date-time + description: End time + CreateRecordSetRequestBody: + type: object + required: + - line + - name + - ttl + properties: + name: + type: string + example: "" + description: Fully qualified domain name (FQDN) suffixed with a zone name. It is + a complete host name ended with a period (.) + minLength: 1 + maxLength: 63 + ttl: + type: integer + format: int32 + example: "" + description: Record set TTL. It is the cache duration (in seconds) of the record + set on a local DNS server. The longer the cache is, the slower the + update is applied. + records: + type: array + description: Record set value, which varies depending on the record set type + items: + type: string + example: "" + line: + type: string + example: "" + description: Resolution line ID + weight: + type: integer + format: int32 + example: "" + description: Weight of a record set + type: + type: string + description: Record set type. The value can be **A** or **CNAME**. + RecordSet: + type: object + required: + - id + - line + - name + - records + - ttl + - weight + properties: + id: + type: string + description: Record set ID + description: + type: string + description: Description + zone_id: + type: string + description: Zone ID + zone_name: + type: string + description: Zone name + type: + type: string + description: Record set type + project_id: + type: string + description: Project ID + name: + type: string + description: Record set name + ttl: + type: integer + format: int32 + description: Time to live (TTL) + records: + type: array + description: Record information + items: + type: string + weight: + type: integer + format: int32 + description: Weight + line: + type: string + description: Resolution line ID + create_at: + type: string + description: Creation time + update_at: + type: string + description: Update time + default: + type: boolean + description: Whether the record set is default + description: DNS record set + ListRecordSetResponseBody: + type: object + properties: + links: + $ref: "#/components/schemas/Links" + recordsets: + type: array + description: Record information such as the ID, name, and description + items: + $ref: "#/components/schemas/RecordSet" + metadata: + $ref: "#/components/schemas/Metadata" + description: Record set list + Links: + properties: + self: + type: string + description: Object information + next: + type: string + description: Next information + Metadata: + properties: + total_count: + type: integer + format: int32 + description: The number of record sets + description: Metadata information, including the number of record sets + AddonTemplateList: + type: object + properties: + kind: + type: string + description: API type + apiVersion: + type: string + description: API version + items: + type: array + description: Add-on template list + items: + $ref: "#/components/schemas/AddonTemplate" + AddonTemplate: + type: object + properties: + kind: + type: string + description: API type + apiVersion: + type: string + description: API version + metadata: + $ref: "#/components/schemas/AddonObjectMeta" + spec: + $ref: "#/components/schemas/AddonTemplateSpec" + AddonTemplateSpec: + type: object + properties: + type: + type: string + description: Add-on installation type. The value can be **helm** or **static**. + require: + type: boolean + description: Whether the add-on is mandatory + labels: + type: array + description: Add-on label list + items: + type: string + logoURL: + type: string + description: Logo URL + readmeURL: + type: string + description: README URL + description: + type: string + description: Description + versions: + type: array + description: Add-on version list + items: + $ref: "#/components/schemas/AddonVersion" + AddonObjectMeta: + type: object + properties: + uid: + type: string + description: UID + name: + type: string + description: Object name + labels: + type: object + description: Object label + additionalProperties: + type: string + annotations: + type: object + description: Object annotation + additionalProperties: + type: string + creationTimestamp: + type: string + description: Creation time + updateTimestamp: + type: string + description: Update time + ServerConfig: + type: object + properties: + onpremises: + $ref: "#/components/schemas/OnPremisesConfig" + federations: + $ref: "#/components/schemas/FederationConfig" + OnPremisesVersionInfo: + type: object + properties: + kubernetesVersion: + type: string + description: Kubernetes cluster version + releaseVersion: + type: string + description: Release version + ucsctlDownloadURL: + type: string + description: URL for downloading ucs-ctl + arch: + type: string + description: Compatible CPU architecture + obsEndpoint: + type: string + description: OBS endpoint + packagePath: + type: string + description: Software package storage path + imagesPackagePath: + type: string + description: Image package storage path + targetVersion: + type: string + description: Target version + OnPremisesConfig: + type: object + properties: + versionsInfo: + type: array + description: On-premises cluster version list + items: + $ref: "#/components/schemas/OnPremisesVersionInfo" + FederationVersionInfo: + type: object + properties: + currentVersion: + $ref: "#/components/schemas/FederationVersionSpec" + targetVersions: + type: array + description: List of target federation versions + items: + $ref: "#/components/schemas/FederationVersionSpec" + FederationConfig: + type: object + properties: + versionsInfo: + type: array + description: Federation version list + items: + $ref: "#/components/schemas/FederationVersionInfo" + FederationVersionSpec: + type: object + properties: + FederationVersion: + type: string + description: Federation version + UpgradeFederationRequestBody: + type: object + properties: + targetVersion: + type: string + description: Target version + CommonQuotas: + type: object + properties: + resources: + type: array + description: List of resources that have quotas + items: + $ref: "#/components/schemas/QuotaResource" + CommonQuotaSet: + type: object + properties: + quotas: + $ref: "#/components/schemas/CommonQuotas" + QuotaResource: + type: object + properties: + type: + type: string + description: |- + Quota type. Options: + - **cluster**: cluster quota + - **clustergroup**: fleet quota + - **rule**: rule quota + - **federation**: federation quota + x-api-type: open-api + quota: + type: integer + format: int32 + description: Total quota + used: + type: integer + format: int32 + description: Used quota + unit: + type: string + description: Unit + min: + type: integer + format: int32 + description: Minimum value + max: + type: integer + format: int32 + description: Maximum value + AddonInstanceList: + type: object + properties: + kind: + type: string + description: API type + apiVersion: + type: string + description: API version + items: + type: array + description: Add-on instance list + items: + $ref: "#/components/schemas/AddonInstance" + RequiredInput: + type: object + properties: + USERNAME: + type: string + description: Username + MASTER-1: + type: string + description: IP address of master node 1 + MASTER-2: + type: string + description: IP address of master node 2 + MASTER-3: + type: string + description: IP address of master node 3 + ACCESS_EXTERNAL_LOAD_BALANCE: + type: boolean + description: Whether to enable an external load balancer + VIRTUAL_IP: + type: string + description: 虚拟IP地址(当ACCESS_EXTERNAL_LOAD_BALANCE为false时必须提供) + EXTERNAL_LOAD_BALANCE_IP: + type: string + description: 外部负载均衡器IP地址(当ACCESS_EXTERNAL_LOAD_BALANCE为true时必须提供) + CILIUM_IPV4POOL_CIDR: + type: string + description: CIDR block of the IPv4 address pool of the Cilium network component + NETWORK_CIDR: + type: string + description: Container network CIDR block + DNS_SERVER_IP: + type: string + description: IP address of a DNS server + NTP_SERVER_IP: + type: string + description: IP address of a NTP server + IAM_DOMAIN_ID: + type: string + description: IAM domain ID + K8S_VERSION: + type: string + description: Kubernetes版本号 + K8S_ARCH: + type: string + description: 系统架构