instrumentations.md

API Reference

Packages:

• opentelemetry.io/v1alpha1

opentelemetry.io/v1alpha1

Resource Types:

• Instrumentation

Instrumentation

^{↩ Parent}

Instrumentation is the spec for OpenTelemetry instrumentation.

Name	Type	Description	Required
apiVersion	string	opentelemetry.io/v1alpha1	true
kind	string	Instrumentation	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the `metadata` field.	true
spec	object	InstrumentationSpec defines the desired state of OpenTelemetry SDK and instrumentation.	false
status	object	InstrumentationStatus defines status of the instrumentation.	false

Instrumentation.spec

^{↩ Parent}

InstrumentationSpec defines the desired state of OpenTelemetry SDK and instrumentation.

Name	Type	Description	Required
apacheHttpd	object	ApacheHttpd defines configuration for Apache HTTPD auto-instrumentation.	false
defaults	object	Defaults defines default values for the instrumentation.	false
dotnet	object	DotNet defines configuration for DotNet auto-instrumentation.	false
env	[]object	Env defines common env vars. There are four layers for env vars' definitions and the precedence order is: `original container env vars` > `language specific env vars` > `common env vars` > `instrument spec configs' vars`. If the former var had been defined, then the other vars would be ignored.	false
exporter	object	Exporter defines exporter configuration.	false
go	object	Go defines configuration for Go auto-instrumentation. When using Go auto-instrumentation you must provide a value for the OTEL_GO_AUTO_TARGET_EXE env var via the Instrumentation env vars or via the instrumentation.opentelemetry.io/otel-go-auto-target-exe pod annotation. Failure to set this value causes instrumentation injection to abort, leaving the original pod unchanged.	false
imagePullPolicy	string	ImagePullPolicy One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.	false
initContainerSecurityContext	object	InitContainerSecurityContext applied to the auto-instrumentation init containers created for Java, NodeJS, Python, DotNet, Apache HTTPD and Nginx. When unset, init containers inherit the security context of the first application container being instrumented (existing behavior). The Go auto-instrumentation sidecar is intentionally excluded — its security requirements (eBPF) differ from the init-container languages and are configured via `spec.go.securityContext`.	false
java	object	Java defines configuration for java auto-instrumentation.	false
nginx	object	Nginx defines configuration for Nginx auto-instrumentation.	false
nodejs	object	NodeJS defines configuration for nodejs auto-instrumentation.	false
propagators	[]enum	Propagators defines inter-process context propagation configuration. Values in this list will be set in the OTEL_PROPAGATORS env var. Enum=tracecontext;baggage;b3;b3multi;jaeger;xray;ottrace;none	false
python	object	Python defines configuration for python auto-instrumentation.	false
resource	object	Resource defines the configuration for the resource attributes, as defined by the OpenTelemetry specification.	false
sampler	object	Sampler defines sampling configuration.	false

Instrumentation.spec.apacheHttpd

^{↩ Parent}

ApacheHttpd defines configuration for Apache HTTPD auto-instrumentation.

Name	Type	Description	Required
attrs	[]object	Attrs defines Apache HTTPD agent specific attributes. The precedence is: `agent default attributes` > `instrument spec attributes` . Attributes are documented at https://github.com/open-telemetry/opentelemetry-cpp-contrib/tree/main/instrumentation/otel-webserver-module	false
configPath	string	Location of Apache HTTPD server configuration. Needed only if different from default "/usr/local/apache2/conf".	false
env	[]object	Env defines Apache HTTPD specific env vars. There are four layers for env vars' definitions and the precedence order is: `original container env vars` > `language specific env vars` > `common env vars` > `instrument spec configs' vars`. If the former var had been defined, then the other vars would be ignored.	false
image	string	Image is a container image with Apache SDK and auto-instrumentation.	false
resourceRequirements	object	Resources describes the compute resource requirements.	false
version	string	Apache HTTPD server version. One of 2.4 or 2.2. Default is 2.4	false
volumeClaimTemplate	object	VolumeClaimTemplate defines an ephemeral volume used for auto-instrumentation. If omitted, an emptyDir is used with size limit VolumeSizeLimit	false
volumeLimitSize	int or string	VolumeSizeLimit defines size limit for volume used for auto-instrumentation. The default size is 200Mi. Deprecated: use spec..volume.size instead. This field will be inactive in a future release.	false

Instrumentation.spec.apacheHttpd.attrs[index]

^{↩ Parent}

EnvVar represents an environment variable present in a Container.

Name	Type	Description	Required
name	string	Name of the environment variable. May consist of any printable ASCII characters except '='.	true
value	string	Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".	false
valueFrom	object	Source for the environment variable's value. Cannot be used if value is not empty.	false

Instrumentation.spec.apacheHttpd.attrs[index].valueFrom

^{↩ Parent}

Source for the environment variable's value. Cannot be used if value is not empty.

Name	Type	Description	Required
configMapKeyRef	object	Selects a key of a ConfigMap.	false
fieldRef	object	Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.	false
fileKeyRef	object	FileKeyRef selects a key of the env file. Requires the EnvFiles feature gate to be enabled.	false
resourceFieldRef	object	Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.	false
secretKeyRef	object	Selects a key of a secret in the pod's namespace	false

Instrumentation.spec.apacheHttpd.attrs[index].valueFrom.configMapKeyRef

^{↩ Parent}

Selects a key of a ConfigMap.

Name	Type	Description	Required
key	string	The key to select.	true
name	string	Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names Default:	false
optional	boolean	Specify whether the ConfigMap or its key must be defined	false

Instrumentation.spec.apacheHttpd.attrs[index].valueFrom.fieldRef

^{↩ Parent}

Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels['<KEY>'], metadata.annotations['<KEY>'], spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.

Name	Type	Description	Required
fieldPath	string	Path of the field to select in the specified API version.	true
apiVersion	string	Version of the schema the FieldPath is written in terms of, defaults to "v1".	false

Instrumentation.spec.apacheHttpd.attrs[index].valueFrom.fileKeyRef

^{↩ Parent}

FileKeyRef selects a key of the env file. Requires the EnvFiles feature gate to be enabled.

Name	Type	Description	Required
key	string	The key within the env file. An invalid key will prevent the pod from starting. The keys defined within a source may consist of any printable ASCII characters except '='. During Alpha stage of the EnvFiles feature gate, the key size is limited to 128 characters.	true
path	string	The path within the volume from which to select the file. Must be relative and may not contain the '..' path or start with '..'.	true
volumeName	string	The name of the volume mount containing the env file.	true
optional	boolean	Specify whether the file or its key must be defined. If the file or key does not exist, then the env var is not published. If optional is set to true and the specified key does not exist, the environment variable will not be set in the Pod's containers. If optional is set to false and the specified key does not exist, an error will be returned during Pod creation. Default: false	false

Instrumentation.spec.apacheHttpd.attrs[index].valueFrom.resourceFieldRef

^{↩ Parent}

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.

Name	Type	Description	Required
resource	string	Required: resource to select	true
containerName	string	Container name: required for volumes, optional for env vars	false
divisor	int or string	Specifies the output format of the exposed resources, defaults to "1"	false

Instrumentation.spec.apacheHttpd.attrs[index].valueFrom.secretKeyRef

^{↩ Parent}

Selects a key of a secret in the pod's namespace

Name	Type	Description	Required
key	string	The key of the secret to select from. Must be a valid secret key.	true
name	string	Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names Default:	false
optional	boolean	Specify whether the Secret or its key must be defined	false

Instrumentation.spec.apacheHttpd.env[index]

^{↩ Parent}

EnvVar represents an environment variable present in a Container.

Name	Type	Description	Required
name	string	Name of the environment variable. May consist of any printable ASCII characters except '='.	true
value	string	Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".	false
valueFrom	object	Source for the environment variable's value. Cannot be used if value is not empty.	false

Instrumentation.spec.apacheHttpd.env[index].valueFrom

^{↩ Parent}

Source for the environment variable's value. Cannot be used if value is not empty.

Name	Type	Description	Required
configMapKeyRef	object	Selects a key of a ConfigMap.	false
fieldRef	object	Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.	false
fileKeyRef	object	FileKeyRef selects a key of the env file. Requires the EnvFiles feature gate to be enabled.	false
resourceFieldRef	object	Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.	false
secretKeyRef	object	Selects a key of a secret in the pod's namespace	false

Instrumentation.spec.apacheHttpd.env[index].valueFrom.configMapKeyRef

^{↩ Parent}

Selects a key of a ConfigMap.

Name	Type	Description	Required
key	string	The key to select.	true
name	string	Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names Default:	false
optional	boolean	Specify whether the ConfigMap or its key must be defined	false

Instrumentation.spec.apacheHttpd.env[index].valueFrom.fieldRef

^{↩ Parent}

Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels['<KEY>'], metadata.annotations['<KEY>'], spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.

Name	Type	Description	Required
fieldPath	string	Path of the field to select in the specified API version.	true
apiVersion	string	Version of the schema the FieldPath is written in terms of, defaults to "v1".	false

Instrumentation.spec.apacheHttpd.env[index].valueFrom.fileKeyRef

^{↩ Parent}

FileKeyRef selects a key of the env file. Requires the EnvFiles feature gate to be enabled.

Name	Type	Description	Required
key	string	The key within the env file. An invalid key will prevent the pod from starting. The keys defined within a source may consist of any printable ASCII characters except '='. During Alpha stage of the EnvFiles feature gate, the key size is limited to 128 characters.	true
path	string	The path within the volume from which to select the file. Must be relative and may not contain the '..' path or start with '..'.	true
volumeName	string	The name of the volume mount containing the env file.	true
optional	boolean	Specify whether the file or its key must be defined. If the file or key does not exist, then the env var is not published. If optional is set to true and the specified key does not exist, the environment variable will not be set in the Pod's containers. If optional is set to false and the specified key does not exist, an error will be returned during Pod creation. Default: false	false

Instrumentation.spec.apacheHttpd.env[index].valueFrom.resourceFieldRef

^{↩ Parent}

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.

Name	Type	Description	Required
resource	string	Required: resource to select	true
containerName	string	Container name: required for volumes, optional for env vars	false
divisor	int or string	Specifies the output format of the exposed resources, defaults to "1"	false

Instrumentation.spec.apacheHttpd.env[index].valueFrom.secretKeyRef

^{↩ Parent}

Selects a key of a secret in the pod's namespace

Name	Type	Description	Required
key	string	The key of the secret to select from. Must be a valid secret key.	true
name	string	Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names Default:	false
optional	boolean	Specify whether the Secret or its key must be defined	false

Instrumentation.spec.apacheHttpd.resourceRequirements

^{↩ Parent}

Resources describes the compute resource requirements.

Name	Type	Description	Required
claims	[]object	Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This field depends on the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers.	false
limits	map[string]int or string	Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/	false
requests	map[string]int or string	Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/	false

Instrumentation.spec.apacheHttpd.resourceRequirements.claims[index]

^{↩ Parent}

ResourceClaim references one entry in PodSpec.ResourceClaims.

Name	Type	Description	Required
name	string	Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.	true
request	string	Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.	false

Instrumentation.spec.apacheHttpd.volumeClaimTemplate

^{↩ Parent}

VolumeClaimTemplate defines an ephemeral volume used for auto-instrumentation. If omitted, an emptyDir is used with size limit VolumeSizeLimit

Name	Type	Description	Required
spec	object	The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.	true
metadata	object	May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.	false

Instrumentation.spec.apacheHttpd.volumeClaimTemplate.spec

^{↩ Parent}

The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.

Name	Type	Description	Required
accessModes	[]string	accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1	false
dataSource	object	dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.	false
dataSourceRef	object	dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects.	false
resources	object	resources represents the minimum resources the volume should have. Users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources	false
selector	object	selector is a label query over volumes to consider for binding.	false
storageClassName	string	storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1	false
volumeAttributesClassName	string	volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string or nil value indicates that no VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, this field can be reset to its previous value (including nil) to cancel the modification. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/	false
volumeMode	string	volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.	false
volumeName	string	volumeName is the binding reference to the PersistentVolume backing this claim.	false

Instrumentation.spec.apacheHttpd.volumeClaimTemplate.spec.dataSource

^{↩ Parent}

dataSource field can be used to specify either:

• An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
• An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.

Name	Type	Description	Required
kind	string	Kind is the type of resource being referenced	true
name	string	Name is the name of resource being referenced	true
apiGroup	string	APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.	false

Instrumentation.spec.apacheHttpd.volumeClaimTemplate.spec.dataSourceRef

^{↩ Parent}

dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef:

• While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects.

Name	Type	Description	Required
kind	string	Kind is the type of resource being referenced	true
name	string	Name is the name of resource being referenced	true
apiGroup	string	APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.	false
namespace	string	Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.	false

Instrumentation.spec.apacheHttpd.volumeClaimTemplate.spec.resources

^{↩ Parent}

resources represents the minimum resources the volume should have. Users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources

Name	Type	Description	Required
limits	map[string]int or string	Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/	false
requests	map[string]int or string	Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/	false

Instrumentation.spec.apacheHttpd.volumeClaimTemplate.spec.selector

^{↩ Parent}

selector is a label query over volumes to consider for binding.

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements. The requirements are ANDed.	false
matchLabels	map[string]string	matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.	false

Instrumentation.spec.apacheHttpd.volumeClaimTemplate.spec.selector.matchExpressions[index]

^{↩ Parent}

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	true
operator	string	operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.	true
values	[]string	values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.	false

Instrumentation.spec.apacheHttpd.volumeClaimTemplate.metadata

^{↩ Parent}

May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.

Name	Type	Description	Required
annotations	map[string]string		false
finalizers	[]string		false
labels	map[string]string		false
name	string		false
namespace	string		false

Instrumentation.spec.defaults

^{↩ Parent}

Defaults defines default values for the instrumentation.

Name	Type	Description	Required
useLabelsForResourceAttributes	boolean	UseLabelsForResourceAttributes defines whether to use common labels for resource attributes: Note: first entry wins: - `app.kubernetes.io/instance` becomes `service.name` - `app.kubernetes.io/name` becomes `service.name` - `app.kubernetes.io/version` becomes `service.version`	false

Instrumentation.spec.dotnet

^{↩ Parent}

DotNet defines configuration for DotNet auto-instrumentation.

Name	Type	Description	Required
env	[]object	Env defines DotNet specific env vars. There are four layers for env vars' definitions and the precedence order is: `original container env vars` > `language specific env vars` > `common env vars` > `instrument spec configs' vars`. If the former var had been defined, then the other vars would be ignored.	false
image	string	Image is a container image with DotNet SDK and auto-instrumentation.	false
resourceRequirements	object	Resources describes the compute resource requirements.	false
volumeClaimTemplate	object	VolumeClaimTemplate defines an ephemeral volume used for auto-instrumentation. If omitted, an emptyDir is used with size limit VolumeSizeLimit	false
volumeLimitSize	int or string	VolumeSizeLimit defines size limit for volume used for auto-instrumentation. The default size is 200Mi. Deprecated: use spec..volume.size instead. This field will be inactive in a future release.	false

Instrumentation.spec.dotnet.env[index]

^{↩ Parent}

EnvVar represents an environment variable present in a Container.

Name	Type	Description	Required
name	string	Name of the environment variable. May consist of any printable ASCII characters except '='.	true
value	string	Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".	false
valueFrom	object	Source for the environment variable's value. Cannot be used if value is not empty.	false

Instrumentation.spec.dotnet.env[index].valueFrom

^{↩ Parent}

Source for the environment variable's value. Cannot be used if value is not empty.

Name	Type	Description	Required
configMapKeyRef	object	Selects a key of a ConfigMap.	false
fieldRef	object	Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.	false
fileKeyRef	object	FileKeyRef selects a key of the env file. Requires the EnvFiles feature gate to be enabled.	false
resourceFieldRef	object	Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.	false
secretKeyRef	object	Selects a key of a secret in the pod's namespace	false

Instrumentation.spec.dotnet.env[index].valueFrom.configMapKeyRef

^{↩ Parent}

Selects a key of a ConfigMap.

Name	Type	Description	Required
key	string	The key to select.	true
name	string	Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names Default:	false
optional	boolean	Specify whether the ConfigMap or its key must be defined	false

Instrumentation.spec.dotnet.env[index].valueFrom.fieldRef

^{↩ Parent}

Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels['<KEY>'], metadata.annotations['<KEY>'], spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.

Name	Type	Description	Required
fieldPath	string	Path of the field to select in the specified API version.	true
apiVersion	string	Version of the schema the FieldPath is written in terms of, defaults to "v1".	false

Instrumentation.spec.dotnet.env[index].valueFrom.fileKeyRef

^{↩ Parent}

FileKeyRef selects a key of the env file. Requires the EnvFiles feature gate to be enabled.

Name	Type	Description	Required
key	string	The key within the env file. An invalid key will prevent the pod from starting. The keys defined within a source may consist of any printable ASCII characters except '='. During Alpha stage of the EnvFiles feature gate, the key size is limited to 128 characters.	true
path	string	The path within the volume from which to select the file. Must be relative and may not contain the '..' path or start with '..'.	true
volumeName	string	The name of the volume mount containing the env file.	true
optional	boolean	Specify whether the file or its key must be defined. If the file or key does not exist, then the env var is not published. If optional is set to true and the specified key does not exist, the environment variable will not be set in the Pod's containers. If optional is set to false and the specified key does not exist, an error will be returned during Pod creation. Default: false	false

Instrumentation.spec.dotnet.env[index].valueFrom.resourceFieldRef

^{↩ Parent}

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.

Name	Type	Description	Required
resource	string	Required: resource to select	true
containerName	string	Container name: required for volumes, optional for env vars	false
divisor	int or string	Specifies the output format of the exposed resources, defaults to "1"	false

Instrumentation.spec.dotnet.env[index].valueFrom.secretKeyRef

^{↩ Parent}

Selects a key of a secret in the pod's namespace

Name	Type	Description	Required
key	string	The key of the secret to select from. Must be a valid secret key.	true
name	string	Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names Default:	false
optional	boolean	Specify whether the Secret or its key must be defined	false

Instrumentation.spec.dotnet.resourceRequirements

^{↩ Parent}

Resources describes the compute resource requirements.

Name	Type	Description	Required
claims	[]object	Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This field depends on the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers.	false
limits	map[string]int or string	Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/	false
requests	map[string]int or string	Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/	false

Instrumentation.spec.dotnet.resourceRequirements.claims[index]

^{↩ Parent}

ResourceClaim references one entry in PodSpec.ResourceClaims.

Name	Type	Description	Required
name	string	Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.	true
request	string	Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.	false

Instrumentation.spec.dotnet.volumeClaimTemplate

^{↩ Parent}

VolumeClaimTemplate defines an ephemeral volume used for auto-instrumentation. If omitted, an emptyDir is used with size limit VolumeSizeLimit

Name	Type	Description	Required
spec	object	The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.	true
metadata	object	May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.	false

Instrumentation.spec.dotnet.volumeClaimTemplate.spec

^{↩ Parent}

The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.

Name	Type	Description	Required
accessModes	[]string	accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1	false
dataSource	object	dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.	false
dataSourceRef	object	dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects.	false
resources	object	resources represents the minimum resources the volume should have. Users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources	false
selector	object	selector is a label query over volumes to consider for binding.	false
storageClassName	string	storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1	false
volumeAttributesClassName	string	volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string or nil value indicates that no VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, this field can be reset to its previous value (including nil) to cancel the modification. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/	false
volumeMode	string	volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.	false
volumeName	string	volumeName is the binding reference to the PersistentVolume backing this claim.	false

Instrumentation.spec.dotnet.volumeClaimTemplate.spec.dataSource

^{↩ Parent}

dataSource field can be used to specify either:

• An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
• An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.

Name	Type	Description	Required
kind	string	Kind is the type of resource being referenced	true
name	string	Name is the name of resource being referenced	true
apiGroup	string	APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.	false

Instrumentation.spec.dotnet.volumeClaimTemplate.spec.dataSourceRef

^{↩ Parent}

dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef:

• While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects.

Name	Type	Description	Required
kind	string	Kind is the type of resource being referenced	true
name	string	Name is the name of resource being referenced	true
apiGroup	string	APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.	false
namespace	string	Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.	false

Instrumentation.spec.dotnet.volumeClaimTemplate.spec.resources

^{↩ Parent}

resources represents the minimum resources the volume should have. Users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources

Name	Type	Description	Required
limits	map[string]int or string	Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/	false
requests	map[string]int or string	Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/	false

Instrumentation.spec.dotnet.volumeClaimTemplate.spec.selector

^{↩ Parent}

selector is a label query over volumes to consider for binding.

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements. The requirements are ANDed.	false
matchLabels	map[string]string	matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.	false

Instrumentation.spec.dotnet.volumeClaimTemplate.spec.selector.matchExpressions[index]

^{↩ Parent}

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	true
operator	string	operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.	true
values	[]string	values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.	false

Instrumentation.spec.dotnet.volumeClaimTemplate.metadata

^{↩ Parent}

May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.

Name	Type	Description	Required
annotations	map[string]string		false
finalizers	[]string		false
labels	map[string]string		false
name	string		false
namespace	string		false

Instrumentation.spec.env[index]

^{↩ Parent}

EnvVar represents an environment variable present in a Container.

Name	Type	Description	Required
name	string	Name of the environment variable. May consist of any printable ASCII characters except '='.	true
value	string	Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".	false
valueFrom	object	Source for the environment variable's value. Cannot be used if value is not empty.	false

Instrumentation.spec.env[index].valueFrom

^{↩ Parent}

Source for the environment variable's value. Cannot be used if value is not empty.

Name	Type	Description	Required
configMapKeyRef	object	Selects a key of a ConfigMap.	false
fieldRef	object	Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.	false
fileKeyRef	object	FileKeyRef selects a key of the env file. Requires the EnvFiles feature gate to be enabled.	false
resourceFieldRef	object	Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.	false
secretKeyRef	object	Selects a key of a secret in the pod's namespace	false

Instrumentation.spec.env[index].valueFrom.configMapKeyRef

^{↩ Parent}

Selects a key of a ConfigMap.

Name	Type	Description	Required
key	string	The key to select.	true
name	string	Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names Default:	false
optional	boolean	Specify whether the ConfigMap or its key must be defined	false

Instrumentation.spec.env[index].valueFrom.fieldRef

^{↩ Parent}

Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels['<KEY>'], metadata.annotations['<KEY>'], spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.

Name	Type	Description	Required
fieldPath	string	Path of the field to select in the specified API version.	true
apiVersion	string	Version of the schema the FieldPath is written in terms of, defaults to "v1".	false

Instrumentation.spec.env[index].valueFrom.fileKeyRef

^{↩ Parent}

FileKeyRef selects a key of the env file. Requires the EnvFiles feature gate to be enabled.

Name	Type	Description	Required
key	string	The key within the env file. An invalid key will prevent the pod from starting. The keys defined within a source may consist of any printable ASCII characters except '='. During Alpha stage of the EnvFiles feature gate, the key size is limited to 128 characters.	true
path	string	The path within the volume from which to select the file. Must be relative and may not contain the '..' path or start with '..'.	true
volumeName	string	The name of the volume mount containing the env file.	true
optional	boolean	Specify whether the file or its key must be defined. If the file or key does not exist, then the env var is not published. If optional is set to true and the specified key does not exist, the environment variable will not be set in the Pod's containers. If optional is set to false and the specified key does not exist, an error will be returned during Pod creation. Default: false	false

Instrumentation.spec.env[index].valueFrom.resourceFieldRef

^{↩ Parent}

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.

Name	Type	Description	Required
resource	string	Required: resource to select	true
containerName	string	Container name: required for volumes, optional for env vars	false
divisor	int or string	Specifies the output format of the exposed resources, defaults to "1"	false

Instrumentation.spec.env[index].valueFrom.secretKeyRef

^{↩ Parent}

Selects a key of a secret in the pod's namespace

Name	Type	Description	Required
key	string	The key of the secret to select from. Must be a valid secret key.	true
name	string	Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names Default:	false
optional	boolean	Specify whether the Secret or its key must be defined	false

Instrumentation.spec.exporter

^{↩ Parent}

Exporter defines exporter configuration.

Name	Type	Description	Required
endpoint	string	Endpoint is address of the collector with OTLP endpoint. If the endpoint defines https:// scheme TLS has to be specified.	false
tls	object	TLS defines certificates for TLS. TLS needs to be enabled by specifying https:// scheme in the Endpoint.	false

Instrumentation.spec.exporter.tls

^{↩ Parent}

TLS defines certificates for TLS. TLS needs to be enabled by specifying https:// scheme in the Endpoint.

Name	Type	Description	Required
ca_file	string	CA defines the key of certificate (e.g. ca.crt) in the configmap map, secret or absolute path to a certificate. The absolute path can be used when certificate is already present on the workload filesystem e.g. /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt	false
cert_file	string	Cert defines the key (e.g. tls.crt) of the client certificate in the secret or absolute path to a certificate. The absolute path can be used when certificate is already present on the workload filesystem.	false
configMapName	string	ConfigMapName defines configmap name with CA certificate. If it is not defined CA certificate will be used from the secret defined in SecretName.	false
key_file	string	Key defines a key (e.g. tls.key) of the private key in the secret or absolute path to a certificate. The absolute path can be used when certificate is already present on the workload filesystem.	false
secretName	string	SecretName defines secret name that will be used to configure TLS on the exporter. It is user responsibility to create the secret in the namespace of the workload. The secret must contain client certificate (Cert) and private key (Key). The CA certificate might be defined in the secret or in the config map.	false

Instrumentation.spec.go

^{↩ Parent}

Go defines configuration for Go auto-instrumentation. When using Go auto-instrumentation you must provide a value for the OTEL_GO_AUTO_TARGET_EXE env var via the Instrumentation env vars or via the instrumentation.opentelemetry.io/otel-go-auto-target-exe pod annotation. Failure to set this value causes instrumentation injection to abort, leaving the original pod unchanged.

Name	Type	Description	Required
env	[]object	Env defines Go specific env vars. There are four layers for env vars' definitions and the precedence order is: `original container env vars` > `language specific env vars` > `common env vars` > `instrument spec configs' vars`. If the former var had been defined, then the other vars would be ignored.	false
image	string	Image is a container image with Go SDK and auto-instrumentation.	false
resourceRequirements	object	Resources describes the compute resource requirements.	false
securityContext	object	SecurityContext applied to the Go auto-instrumentation sidecar. If unset, the sidecar runs with the hardcoded defaults required for eBPF tracing (Privileged: true, RunAsUser: 0). Override with care — the sidecar needs access to /sys/kernel/debug to attach uprobes.	false
volumeClaimTemplate	object	VolumeClaimTemplate defines an ephemeral volume used for auto-instrumentation. If omitted, an emptyDir is used with size limit VolumeSizeLimit	false
volumeLimitSize	int or string	VolumeSizeLimit defines size limit for volume used for auto-instrumentation. The default size is 200Mi. Deprecated: use spec..volume.size instead. This field will be inactive in a future release.	false

Instrumentation.spec.go.env[index]

^{↩ Parent}

EnvVar represents an environment variable present in a Container.

Name	Type	Description	Required
name	string	Name of the environment variable. May consist of any printable ASCII characters except '='.	true
value	string	Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".	false
valueFrom	object	Source for the environment variable's value. Cannot be used if value is not empty.	false

Instrumentation.spec.go.env[index].valueFrom

^{↩ Parent}

Source for the environment variable's value. Cannot be used if value is not empty.

Name	Type	Description	Required
configMapKeyRef	object	Selects a key of a ConfigMap.	false
fieldRef	object	Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.	false
fileKeyRef	object	FileKeyRef selects a key of the env file. Requires the EnvFiles feature gate to be enabled.	false
resourceFieldRef	object	Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.	false
secretKeyRef	object	Selects a key of a secret in the pod's namespace	false

Instrumentation.spec.go.env[index].valueFrom.configMapKeyRef

^{↩ Parent}

Selects a key of a ConfigMap.

Name	Type	Description	Required
key	string	The key to select.	true
name	string	Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names Default:	false
optional	boolean	Specify whether the ConfigMap or its key must be defined	false

Instrumentation.spec.go.env[index].valueFrom.fieldRef

^{↩ Parent}

Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels['<KEY>'], metadata.annotations['<KEY>'], spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.

Name	Type	Description	Required
fieldPath	string	Path of the field to select in the specified API version.	true
apiVersion	string	Version of the schema the FieldPath is written in terms of, defaults to "v1".	false

Instrumentation.spec.go.env[index].valueFrom.fileKeyRef

^{↩ Parent}

FileKeyRef selects a key of the env file. Requires the EnvFiles feature gate to be enabled.

Name	Type	Description	Required
key	string	The key within the env file. An invalid key will prevent the pod from starting. The keys defined within a source may consist of any printable ASCII characters except '='. During Alpha stage of the EnvFiles feature gate, the key size is limited to 128 characters.	true
path	string	The path within the volume from which to select the file. Must be relative and may not contain the '..' path or start with '..'.	true
volumeName	string	The name of the volume mount containing the env file.	true
optional	boolean	Specify whether the file or its key must be defined. If the file or key does not exist, then the env var is not published. If optional is set to true and the specified key does not exist, the environment variable will not be set in the Pod's containers. If optional is set to false and the specified key does not exist, an error will be returned during Pod creation. Default: false	false

Instrumentation.spec.go.env[index].valueFrom.resourceFieldRef

^{↩ Parent}

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.

Name	Type	Description	Required
resource	string	Required: resource to select	true
containerName	string	Container name: required for volumes, optional for env vars	false
divisor	int or string	Specifies the output format of the exposed resources, defaults to "1"	false

Instrumentation.spec.go.env[index].valueFrom.secretKeyRef

^{↩ Parent}

Selects a key of a secret in the pod's namespace

Name	Type	Description	Required
key	string	The key of the secret to select from. Must be a valid secret key.	true
name	string	Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names Default:	false
optional	boolean	Specify whether the Secret or its key must be defined	false

Instrumentation.spec.go.resourceRequirements

^{↩ Parent}

Resources describes the compute resource requirements.

Name	Type	Description	Required
claims	[]object	Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This field depends on the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers.	false
limits	map[string]int or string	Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/	false
requests	map[string]int or string	Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/	false

Instrumentation.spec.go.resourceRequirements.claims[index]

^{↩ Parent}

ResourceClaim references one entry in PodSpec.ResourceClaims.

Name	Type	Description	Required
name	string	Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.	true
request	string	Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.	false

Instrumentation.spec.go.securityContext

^{↩ Parent}

SecurityContext applied to the Go auto-instrumentation sidecar. If unset, the sidecar runs with the hardcoded defaults required for eBPF tracing (Privileged: true, RunAsUser: 0). Override with care — the sidecar needs access to /sys/kernel/debug to attach uprobes.

Name	Type	Description	Required
allowPrivilegeEscalation	boolean	AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.	false
appArmorProfile	object	appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows.	false
capabilities	object	The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.	false
privileged	boolean	Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.	false
procMount	string	procMount denotes the type of proc mount to use for the containers. The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.	false
readOnlyRootFilesystem	boolean	Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.	false
runAsGroup	integer	The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. Format: int64	false
runAsNonRoot	boolean	Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.	false
runAsUser	integer	The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. Format: int64	false
seLinuxOptions	object	The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.	false
seccompProfile	object	The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.	false
windowsOptions	object	The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.	false

Instrumentation.spec.go.securityContext.appArmorProfile

^{↩ Parent}

appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows.

Name	Type	Description	Required
type	string	type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement.	true
localhostProfile	string	localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is "Localhost".	false

Instrumentation.spec.go.securityContext.capabilities

^{↩ Parent}

The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.

Name	Type	Description	Required
add	[]string	Added capabilities	false
drop	[]string	Removed capabilities	false

Instrumentation.spec.go.securityContext.seLinuxOptions

^{↩ Parent}

The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

Name	Type	Description	Required
level	string	Level is SELinux level label that applies to the container.	false
role	string	Role is a SELinux role label that applies to the container.	false
type	string	Type is a SELinux type label that applies to the container.	false
user	string	User is a SELinux user label that applies to the container.	false

Instrumentation.spec.go.securityContext.seccompProfile

^{↩ Parent}

The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.

Name	Type	Description	Required
type	string	type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.	true
localhostProfile	string	localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.	false

Instrumentation.spec.go.securityContext.windowsOptions

^{↩ Parent}

The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

Name	Type	Description	Required
gmsaCredentialSpec	string	GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.	false
gmsaCredentialSpecName	string	GMSACredentialSpecName is the name of the GMSA credential spec to use.	false
hostProcess	boolean	HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.	false
runAsUserName	string	The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.	false

Instrumentation.spec.go.volumeClaimTemplate

^{↩ Parent}

VolumeClaimTemplate defines an ephemeral volume used for auto-instrumentation. If omitted, an emptyDir is used with size limit VolumeSizeLimit

Name	Type	Description	Required
spec	object	The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.	true
metadata	object	May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.	false

Instrumentation.spec.go.volumeClaimTemplate.spec

^{↩ Parent}

The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.

Name	Type	Description	Required
accessModes	[]string	accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1	false
dataSource	object	dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.	false
dataSourceRef	object	dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects.	false
resources	object	resources represents the minimum resources the volume should have. Users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources	false
selector	object	selector is a label query over volumes to consider for binding.	false
storageClassName	string	storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1	false
volumeAttributesClassName	string	volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string or nil value indicates that no VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, this field can be reset to its previous value (including nil) to cancel the modification. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/	false
volumeMode	string	volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.	false
volumeName	string	volumeName is the binding reference to the PersistentVolume backing this claim.	false

Instrumentation.spec.go.volumeClaimTemplate.spec.dataSource

^{↩ Parent}

dataSource field can be used to specify either:

• An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
• An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.

Name	Type	Description	Required
kind	string	Kind is the type of resource being referenced	true
name	string	Name is the name of resource being referenced	true
apiGroup	string	APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.	false

Instrumentation.spec.go.volumeClaimTemplate.spec.dataSourceRef

^{↩ Parent}

dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef:

• While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects.

Name	Type	Description	Required
kind	string	Kind is the type of resource being referenced	true
name	string	Name is the name of resource being referenced	true
apiGroup	string	APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.	false
namespace	string	Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.	false

Instrumentation.spec.go.volumeClaimTemplate.spec.resources

^{↩ Parent}

resources represents the minimum resources the volume should have. Users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources

Name	Type	Description	Required
limits	map[string]int or string	Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/	false
requests	map[string]int or string	Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/	false

Instrumentation.spec.go.volumeClaimTemplate.spec.selector

^{↩ Parent}

selector is a label query over volumes to consider for binding.

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements. The requirements are ANDed.	false
matchLabels	map[string]string	matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.	false

Instrumentation.spec.go.volumeClaimTemplate.spec.selector.matchExpressions[index]

^{↩ Parent}

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	true
operator	string	operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.	true
values	[]string	values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.	false

Instrumentation.spec.go.volumeClaimTemplate.metadata

^{↩ Parent}

May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.

Name	Type	Description	Required
annotations	map[string]string		false
finalizers	[]string		false
labels	map[string]string		false
name	string		false
namespace	string		false

Instrumentation.spec.initContainerSecurityContext

^{↩ Parent}

InitContainerSecurityContext applied to the auto-instrumentation init containers created for Java, NodeJS, Python, DotNet, Apache HTTPD and Nginx. When unset, init containers inherit the security context of the first application container being instrumented (existing behavior). The Go auto-instrumentation sidecar is intentionally excluded — its security requirements (eBPF) differ from the init-container languages and are configured via spec.go.securityContext.

Name	Type	Description	Required
allowPrivilegeEscalation	boolean	AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.	false
appArmorProfile	object	appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows.	false
capabilities	object	The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.	false
privileged	boolean	Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.	false
procMount	string	procMount denotes the type of proc mount to use for the containers. The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.	false
readOnlyRootFilesystem	boolean	Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.	false
runAsGroup	integer	The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. Format: int64	false
runAsNonRoot	boolean	Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.	false
runAsUser	integer	The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows. Format: int64	false
seLinuxOptions	object	The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.	false
seccompProfile	object	The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.	false
windowsOptions	object	The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.	false

Instrumentation.spec.initContainerSecurityContext.appArmorProfile

^{↩ Parent}

appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows.

Name	Type	Description	Required
type	string	type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement.	true
localhostProfile	string	localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is "Localhost".	false

Instrumentation.spec.initContainerSecurityContext.capabilities

^{↩ Parent}

The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.

Name	Type	Description	Required
add	[]string	Added capabilities	false
drop	[]string	Removed capabilities	false

Instrumentation.spec.initContainerSecurityContext.seLinuxOptions

^{↩ Parent}

The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.

Name	Type	Description	Required
level	string	Level is SELinux level label that applies to the container.	false
role	string	Role is a SELinux role label that applies to the container.	false
type	string	Type is a SELinux type label that applies to the container.	false
user	string	User is a SELinux user label that applies to the container.	false

Instrumentation.spec.initContainerSecurityContext.seccompProfile

^{↩ Parent}

The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.

Name	Type	Description	Required
type	string	type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.	true
localhostProfile	string	localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is "Localhost". Must NOT be set for any other type.	false

Instrumentation.spec.initContainerSecurityContext.windowsOptions

^{↩ Parent}

The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.

Name	Type	Description	Required
gmsaCredentialSpec	string	GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.	false
gmsaCredentialSpecName	string	GMSACredentialSpecName is the name of the GMSA credential spec to use.	false
hostProcess	boolean	HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.	false
runAsUserName	string	The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.	false

Instrumentation.spec.java

^{↩ Parent}

Java defines configuration for java auto-instrumentation.

Name	Type	Description	Required
env	[]object	Env defines java specific env vars. There are four layers for env vars' definitions and the precedence order is: `original container env vars` > `language specific env vars` > `common env vars` > `instrument spec configs' vars`. If the former var had been defined, then the other vars would be ignored.	false
extensions	[]object	Extensions defines java specific extensions. All extensions are copied to a single directory; if a JAR with the same name exists, it will be overwritten.	false
image	string	Image is a container image with javaagent auto-instrumentation JAR.	false
resources	object	Resources describes the compute resource requirements.	false
volumeClaimTemplate	object	VolumeClaimTemplate defines an ephemeral volume used for auto-instrumentation. If omitted, an emptyDir is used with size limit VolumeSizeLimit	false
volumeLimitSize	int or string	VolumeSizeLimit defines size limit for volume used for auto-instrumentation. The default size is 200Mi. Deprecated: use spec..volume.size instead. This field will be inactive in a future release.	false

Instrumentation.spec.java.env[index]

^{↩ Parent}

EnvVar represents an environment variable present in a Container.

Name	Type	Description	Required
name	string	Name of the environment variable. May consist of any printable ASCII characters except '='.	true
value	string	Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".	false
valueFrom	object	Source for the environment variable's value. Cannot be used if value is not empty.	false

Instrumentation.spec.java.env[index].valueFrom

^{↩ Parent}

Source for the environment variable's value. Cannot be used if value is not empty.

Name	Type	Description	Required
configMapKeyRef	object	Selects a key of a ConfigMap.	false
fieldRef	object	Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.	false
fileKeyRef	object	FileKeyRef selects a key of the env file. Requires the EnvFiles feature gate to be enabled.	false
resourceFieldRef	object	Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.	false
secretKeyRef	object	Selects a key of a secret in the pod's namespace	false

Instrumentation.spec.java.env[index].valueFrom.configMapKeyRef

^{↩ Parent}

Selects a key of a ConfigMap.

Name	Type	Description	Required
key	string	The key to select.	true
name	string	Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names Default:	false
optional	boolean	Specify whether the ConfigMap or its key must be defined	false

Instrumentation.spec.java.env[index].valueFrom.fieldRef

^{↩ Parent}

Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels['<KEY>'], metadata.annotations['<KEY>'], spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.

Name	Type	Description	Required
fieldPath	string	Path of the field to select in the specified API version.	true
apiVersion	string	Version of the schema the FieldPath is written in terms of, defaults to "v1".	false

Instrumentation.spec.java.env[index].valueFrom.fileKeyRef

^{↩ Parent}

FileKeyRef selects a key of the env file. Requires the EnvFiles feature gate to be enabled.

Name	Type	Description	Required
key	string	The key within the env file. An invalid key will prevent the pod from starting. The keys defined within a source may consist of any printable ASCII characters except '='. During Alpha stage of the EnvFiles feature gate, the key size is limited to 128 characters.	true
path	string	The path within the volume from which to select the file. Must be relative and may not contain the '..' path or start with '..'.	true
volumeName	string	The name of the volume mount containing the env file.	true
optional	boolean	Specify whether the file or its key must be defined. If the file or key does not exist, then the env var is not published. If optional is set to true and the specified key does not exist, the environment variable will not be set in the Pod's containers. If optional is set to false and the specified key does not exist, an error will be returned during Pod creation. Default: false	false

Instrumentation.spec.java.env[index].valueFrom.resourceFieldRef

^{↩ Parent}

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.

Name	Type	Description	Required
resource	string	Required: resource to select	true
containerName	string	Container name: required for volumes, optional for env vars	false
divisor	int or string	Specifies the output format of the exposed resources, defaults to "1"	false

Instrumentation.spec.java.env[index].valueFrom.secretKeyRef

^{↩ Parent}

Selects a key of a secret in the pod's namespace

Name	Type	Description	Required
key	string	The key of the secret to select from. Must be a valid secret key.	true
name	string	Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names Default:	false
optional	boolean	Specify whether the Secret or its key must be defined	false

Instrumentation.spec.java.extensions[index]

^{↩ Parent}

Name	Type	Description	Required
dir	string	Dir is a directory with extensions auto-instrumentation JAR.	true
image	string	Image is a container image with extensions auto-instrumentation JAR.	true

Instrumentation.spec.java.resources

^{↩ Parent}

Resources describes the compute resource requirements.

Name	Type	Description	Required
claims	[]object	Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This field depends on the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers.	false
limits	map[string]int or string	Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/	false
requests	map[string]int or string	Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/	false

Instrumentation.spec.java.resources.claims[index]

^{↩ Parent}

ResourceClaim references one entry in PodSpec.ResourceClaims.

Name	Type	Description	Required
name	string	Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.	true
request	string	Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.	false

Instrumentation.spec.java.volumeClaimTemplate

^{↩ Parent}

VolumeClaimTemplate defines an ephemeral volume used for auto-instrumentation. If omitted, an emptyDir is used with size limit VolumeSizeLimit

Name	Type	Description	Required
spec	object	The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.	true
metadata	object	May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.	false

Instrumentation.spec.java.volumeClaimTemplate.spec

^{↩ Parent}

The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.

Name	Type	Description	Required
accessModes	[]string	accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1	false
dataSource	object	dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.	false
dataSourceRef	object	dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects.	false
resources	object	resources represents the minimum resources the volume should have. Users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources	false
selector	object	selector is a label query over volumes to consider for binding.	false
storageClassName	string	storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1	false
volumeAttributesClassName	string	volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string or nil value indicates that no VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, this field can be reset to its previous value (including nil) to cancel the modification. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/	false
volumeMode	string	volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.	false
volumeName	string	volumeName is the binding reference to the PersistentVolume backing this claim.	false

Instrumentation.spec.java.volumeClaimTemplate.spec.dataSource

^{↩ Parent}

dataSource field can be used to specify either:

• An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
• An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.

Name	Type	Description	Required
kind	string	Kind is the type of resource being referenced	true
name	string	Name is the name of resource being referenced	true
apiGroup	string	APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.	false

Instrumentation.spec.java.volumeClaimTemplate.spec.dataSourceRef

^{↩ Parent}

dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef:

• While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects.

Name	Type	Description	Required
kind	string	Kind is the type of resource being referenced	true
name	string	Name is the name of resource being referenced	true
apiGroup	string	APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.	false
namespace	string	Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.	false

Instrumentation.spec.java.volumeClaimTemplate.spec.resources

^{↩ Parent}

resources represents the minimum resources the volume should have. Users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources

Name	Type	Description	Required
limits	map[string]int or string	Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/	false
requests	map[string]int or string	Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/	false

Instrumentation.spec.java.volumeClaimTemplate.spec.selector

^{↩ Parent}

selector is a label query over volumes to consider for binding.

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements. The requirements are ANDed.	false
matchLabels	map[string]string	matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.	false

Instrumentation.spec.java.volumeClaimTemplate.spec.selector.matchExpressions[index]

^{↩ Parent}

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	true
operator	string	operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.	true
values	[]string	values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.	false

Instrumentation.spec.java.volumeClaimTemplate.metadata

^{↩ Parent}

May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.

Name	Type	Description	Required
annotations	map[string]string		false
finalizers	[]string		false
labels	map[string]string		false
name	string		false
namespace	string		false

Instrumentation.spec.nginx

^{↩ Parent}

Nginx defines configuration for Nginx auto-instrumentation.

Name	Type	Description	Required
attrs	[]object	Attrs defines Nginx agent specific attributes. The precedence order is: `agent default attributes` > `instrument spec attributes` . Attributes are documented at https://github.com/open-telemetry/opentelemetry-cpp-contrib/tree/main/instrumentation/otel-webserver-module	false
configFile	string	Location of Nginx configuration file. Needed only if different from default "/etx/nginx/nginx.conf".	false
env	[]object	Env defines Nginx specific env vars. There are four layers for env vars' definitions and the precedence order is: `original container env vars` > `language specific env vars` > `common env vars` > `instrument spec configs' vars`. If the former var had been defined, then the other vars would be ignored.	false
image	string	Image is a container image with Nginx SDK and auto-instrumentation.	false
resourceRequirements	object	Resources describes the compute resource requirements.	false
volumeClaimTemplate	object	VolumeClaimTemplate defines an ephemeral volume used for auto-instrumentation. If omitted, an emptyDir is used with size limit VolumeSizeLimit	false
volumeLimitSize	int or string	VolumeSizeLimit defines size limit for volume used for auto-instrumentation. The default size is 200Mi. Deprecated: use spec..volume.size instead. This field will be inactive in a future release.	false

Instrumentation.spec.nginx.attrs[index]

^{↩ Parent}

EnvVar represents an environment variable present in a Container.

Name	Type	Description	Required
name	string	Name of the environment variable. May consist of any printable ASCII characters except '='.	true
value	string	Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".	false
valueFrom	object	Source for the environment variable's value. Cannot be used if value is not empty.	false

Instrumentation.spec.nginx.attrs[index].valueFrom

^{↩ Parent}

Source for the environment variable's value. Cannot be used if value is not empty.

Name	Type	Description	Required
configMapKeyRef	object	Selects a key of a ConfigMap.	false
fieldRef	object	Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.	false
fileKeyRef	object	FileKeyRef selects a key of the env file. Requires the EnvFiles feature gate to be enabled.	false
resourceFieldRef	object	Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.	false
secretKeyRef	object	Selects a key of a secret in the pod's namespace	false

Instrumentation.spec.nginx.attrs[index].valueFrom.configMapKeyRef

^{↩ Parent}

Selects a key of a ConfigMap.

Name	Type	Description	Required
key	string	The key to select.	true
name	string	Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names Default:	false
optional	boolean	Specify whether the ConfigMap or its key must be defined	false

Instrumentation.spec.nginx.attrs[index].valueFrom.fieldRef

^{↩ Parent}

Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels['<KEY>'], metadata.annotations['<KEY>'], spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.

Name	Type	Description	Required
fieldPath	string	Path of the field to select in the specified API version.	true
apiVersion	string	Version of the schema the FieldPath is written in terms of, defaults to "v1".	false

Instrumentation.spec.nginx.attrs[index].valueFrom.fileKeyRef

^{↩ Parent}

FileKeyRef selects a key of the env file. Requires the EnvFiles feature gate to be enabled.

Name	Type	Description	Required
key	string	The key within the env file. An invalid key will prevent the pod from starting. The keys defined within a source may consist of any printable ASCII characters except '='. During Alpha stage of the EnvFiles feature gate, the key size is limited to 128 characters.	true
path	string	The path within the volume from which to select the file. Must be relative and may not contain the '..' path or start with '..'.	true
volumeName	string	The name of the volume mount containing the env file.	true
optional	boolean	Specify whether the file or its key must be defined. If the file or key does not exist, then the env var is not published. If optional is set to true and the specified key does not exist, the environment variable will not be set in the Pod's containers. If optional is set to false and the specified key does not exist, an error will be returned during Pod creation. Default: false	false

Instrumentation.spec.nginx.attrs[index].valueFrom.resourceFieldRef

^{↩ Parent}

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.

Name	Type	Description	Required
resource	string	Required: resource to select	true
containerName	string	Container name: required for volumes, optional for env vars	false
divisor	int or string	Specifies the output format of the exposed resources, defaults to "1"	false

Instrumentation.spec.nginx.attrs[index].valueFrom.secretKeyRef

^{↩ Parent}

Selects a key of a secret in the pod's namespace

Name	Type	Description	Required
key	string	The key of the secret to select from. Must be a valid secret key.	true
name	string	Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names Default:	false
optional	boolean	Specify whether the Secret or its key must be defined	false

Instrumentation.spec.nginx.env[index]

^{↩ Parent}

EnvVar represents an environment variable present in a Container.

Name	Type	Description	Required
name	string	Name of the environment variable. May consist of any printable ASCII characters except '='.	true
value	string	Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".	false
valueFrom	object	Source for the environment variable's value. Cannot be used if value is not empty.	false

Instrumentation.spec.nginx.env[index].valueFrom

^{↩ Parent}

Source for the environment variable's value. Cannot be used if value is not empty.

Name	Type	Description	Required
configMapKeyRef	object	Selects a key of a ConfigMap.	false
fieldRef	object	Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.	false
fileKeyRef	object	FileKeyRef selects a key of the env file. Requires the EnvFiles feature gate to be enabled.	false
resourceFieldRef	object	Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.	false
secretKeyRef	object	Selects a key of a secret in the pod's namespace	false

Instrumentation.spec.nginx.env[index].valueFrom.configMapKeyRef

^{↩ Parent}

Selects a key of a ConfigMap.

Name	Type	Description	Required
key	string	The key to select.	true
name	string	Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names Default:	false
optional	boolean	Specify whether the ConfigMap or its key must be defined	false

Instrumentation.spec.nginx.env[index].valueFrom.fieldRef

^{↩ Parent}

Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels['<KEY>'], metadata.annotations['<KEY>'], spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.

Name	Type	Description	Required
fieldPath	string	Path of the field to select in the specified API version.	true
apiVersion	string	Version of the schema the FieldPath is written in terms of, defaults to "v1".	false

Instrumentation.spec.nginx.env[index].valueFrom.fileKeyRef

^{↩ Parent}

FileKeyRef selects a key of the env file. Requires the EnvFiles feature gate to be enabled.

Name	Type	Description	Required
key	string	The key within the env file. An invalid key will prevent the pod from starting. The keys defined within a source may consist of any printable ASCII characters except '='. During Alpha stage of the EnvFiles feature gate, the key size is limited to 128 characters.	true
path	string	The path within the volume from which to select the file. Must be relative and may not contain the '..' path or start with '..'.	true
volumeName	string	The name of the volume mount containing the env file.	true
optional	boolean	Specify whether the file or its key must be defined. If the file or key does not exist, then the env var is not published. If optional is set to true and the specified key does not exist, the environment variable will not be set in the Pod's containers. If optional is set to false and the specified key does not exist, an error will be returned during Pod creation. Default: false	false

Instrumentation.spec.nginx.env[index].valueFrom.resourceFieldRef

^{↩ Parent}

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.

Name	Type	Description	Required
resource	string	Required: resource to select	true
containerName	string	Container name: required for volumes, optional for env vars	false
divisor	int or string	Specifies the output format of the exposed resources, defaults to "1"	false

Instrumentation.spec.nginx.env[index].valueFrom.secretKeyRef

^{↩ Parent}

Selects a key of a secret in the pod's namespace

Name	Type	Description	Required
key	string	The key of the secret to select from. Must be a valid secret key.	true
name	string	Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names Default:	false
optional	boolean	Specify whether the Secret or its key must be defined	false

Instrumentation.spec.nginx.resourceRequirements

^{↩ Parent}

Resources describes the compute resource requirements.

Name	Type	Description	Required
claims	[]object	Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This field depends on the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers.	false
limits	map[string]int or string	Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/	false
requests	map[string]int or string	Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/	false

Instrumentation.spec.nginx.resourceRequirements.claims[index]

^{↩ Parent}

ResourceClaim references one entry in PodSpec.ResourceClaims.

Name	Type	Description	Required
name	string	Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.	true
request	string	Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.	false

Instrumentation.spec.nginx.volumeClaimTemplate

^{↩ Parent}

VolumeClaimTemplate defines an ephemeral volume used for auto-instrumentation. If omitted, an emptyDir is used with size limit VolumeSizeLimit

Name	Type	Description	Required
spec	object	The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.	true
metadata	object	May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.	false

Instrumentation.spec.nginx.volumeClaimTemplate.spec

^{↩ Parent}

The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.

Name	Type	Description	Required
accessModes	[]string	accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1	false
dataSource	object	dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.	false
dataSourceRef	object	dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects.	false
resources	object	resources represents the minimum resources the volume should have. Users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources	false
selector	object	selector is a label query over volumes to consider for binding.	false
storageClassName	string	storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1	false
volumeAttributesClassName	string	volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string or nil value indicates that no VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, this field can be reset to its previous value (including nil) to cancel the modification. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/	false
volumeMode	string	volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.	false
volumeName	string	volumeName is the binding reference to the PersistentVolume backing this claim.	false

Instrumentation.spec.nginx.volumeClaimTemplate.spec.dataSource

^{↩ Parent}

dataSource field can be used to specify either:

• An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
• An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.

Name	Type	Description	Required
kind	string	Kind is the type of resource being referenced	true
name	string	Name is the name of resource being referenced	true
apiGroup	string	APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.	false

Instrumentation.spec.nginx.volumeClaimTemplate.spec.dataSourceRef

^{↩ Parent}

dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef:

• While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects.

Name	Type	Description	Required
kind	string	Kind is the type of resource being referenced	true
name	string	Name is the name of resource being referenced	true
apiGroup	string	APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.	false
namespace	string	Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.	false

Instrumentation.spec.nginx.volumeClaimTemplate.spec.resources

^{↩ Parent}

resources represents the minimum resources the volume should have. Users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources

Name	Type	Description	Required
limits	map[string]int or string	Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/	false
requests	map[string]int or string	Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/	false

Instrumentation.spec.nginx.volumeClaimTemplate.spec.selector

^{↩ Parent}

selector is a label query over volumes to consider for binding.

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements. The requirements are ANDed.	false
matchLabels	map[string]string	matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.	false

Instrumentation.spec.nginx.volumeClaimTemplate.spec.selector.matchExpressions[index]

^{↩ Parent}

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	true
operator	string	operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.	true
values	[]string	values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.	false

Instrumentation.spec.nginx.volumeClaimTemplate.metadata

^{↩ Parent}

May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.

Name	Type	Description	Required
annotations	map[string]string		false
finalizers	[]string		false
labels	map[string]string		false
name	string		false
namespace	string		false

Instrumentation.spec.nodejs

^{↩ Parent}

NodeJS defines configuration for nodejs auto-instrumentation.

Name	Type	Description	Required
env	[]object	Env defines nodejs specific env vars. There are four layers for env vars' definitions and the precedence order is: `original container env vars` > `language specific env vars` > `common env vars` > `instrument spec configs' vars`. If the former var had been defined, then the other vars would be ignored.	false
image	string	Image is a container image with NodeJS SDK and auto-instrumentation.	false
resourceRequirements	object	Resources describes the compute resource requirements.	false
volumeClaimTemplate	object	VolumeClaimTemplate defines an ephemeral volume used for auto-instrumentation. If omitted, an emptyDir is used with size limit VolumeSizeLimit	false
volumeLimitSize	int or string	VolumeSizeLimit defines size limit for volume used for auto-instrumentation. The default size is 200Mi. Deprecated: use spec..volume.size instead. This field will be inactive in a future release.	false

Instrumentation.spec.nodejs.env[index]

^{↩ Parent}

EnvVar represents an environment variable present in a Container.

Name	Type	Description	Required
name	string	Name of the environment variable. May consist of any printable ASCII characters except '='.	true
value	string	Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".	false
valueFrom	object	Source for the environment variable's value. Cannot be used if value is not empty.	false

Instrumentation.spec.nodejs.env[index].valueFrom

^{↩ Parent}

Source for the environment variable's value. Cannot be used if value is not empty.

Name	Type	Description	Required
configMapKeyRef	object	Selects a key of a ConfigMap.	false
fieldRef	object	Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.	false
fileKeyRef	object	FileKeyRef selects a key of the env file. Requires the EnvFiles feature gate to be enabled.	false
resourceFieldRef	object	Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.	false
secretKeyRef	object	Selects a key of a secret in the pod's namespace	false

Instrumentation.spec.nodejs.env[index].valueFrom.configMapKeyRef

^{↩ Parent}

Selects a key of a ConfigMap.

Name	Type	Description	Required
key	string	The key to select.	true
name	string	Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names Default:	false
optional	boolean	Specify whether the ConfigMap or its key must be defined	false

Instrumentation.spec.nodejs.env[index].valueFrom.fieldRef

^{↩ Parent}

Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels['<KEY>'], metadata.annotations['<KEY>'], spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.

Name	Type	Description	Required
fieldPath	string	Path of the field to select in the specified API version.	true
apiVersion	string	Version of the schema the FieldPath is written in terms of, defaults to "v1".	false

Instrumentation.spec.nodejs.env[index].valueFrom.fileKeyRef

^{↩ Parent}

FileKeyRef selects a key of the env file. Requires the EnvFiles feature gate to be enabled.

Name	Type	Description	Required
key	string	The key within the env file. An invalid key will prevent the pod from starting. The keys defined within a source may consist of any printable ASCII characters except '='. During Alpha stage of the EnvFiles feature gate, the key size is limited to 128 characters.	true
path	string	The path within the volume from which to select the file. Must be relative and may not contain the '..' path or start with '..'.	true
volumeName	string	The name of the volume mount containing the env file.	true
optional	boolean	Specify whether the file or its key must be defined. If the file or key does not exist, then the env var is not published. If optional is set to true and the specified key does not exist, the environment variable will not be set in the Pod's containers. If optional is set to false and the specified key does not exist, an error will be returned during Pod creation. Default: false	false

Instrumentation.spec.nodejs.env[index].valueFrom.resourceFieldRef

^{↩ Parent}

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.

Name	Type	Description	Required
resource	string	Required: resource to select	true
containerName	string	Container name: required for volumes, optional for env vars	false
divisor	int or string	Specifies the output format of the exposed resources, defaults to "1"	false

Instrumentation.spec.nodejs.env[index].valueFrom.secretKeyRef

^{↩ Parent}

Selects a key of a secret in the pod's namespace

Name	Type	Description	Required
key	string	The key of the secret to select from. Must be a valid secret key.	true
name	string	Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names Default:	false
optional	boolean	Specify whether the Secret or its key must be defined	false

Instrumentation.spec.nodejs.resourceRequirements

^{↩ Parent}

Resources describes the compute resource requirements.

Name	Type	Description	Required
claims	[]object	Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This field depends on the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers.	false
limits	map[string]int or string	Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/	false
requests	map[string]int or string	Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/	false

Instrumentation.spec.nodejs.resourceRequirements.claims[index]

^{↩ Parent}

ResourceClaim references one entry in PodSpec.ResourceClaims.

Name	Type	Description	Required
name	string	Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.	true
request	string	Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.	false

Instrumentation.spec.nodejs.volumeClaimTemplate

^{↩ Parent}

VolumeClaimTemplate defines an ephemeral volume used for auto-instrumentation. If omitted, an emptyDir is used with size limit VolumeSizeLimit

Name	Type	Description	Required
spec	object	The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.	true
metadata	object	May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.	false

Instrumentation.spec.nodejs.volumeClaimTemplate.spec

^{↩ Parent}

The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.

Name	Type	Description	Required
accessModes	[]string	accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1	false
dataSource	object	dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.	false
dataSourceRef	object	dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects.	false
resources	object	resources represents the minimum resources the volume should have. Users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources	false
selector	object	selector is a label query over volumes to consider for binding.	false
storageClassName	string	storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1	false
volumeAttributesClassName	string	volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string or nil value indicates that no VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, this field can be reset to its previous value (including nil) to cancel the modification. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/	false
volumeMode	string	volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.	false
volumeName	string	volumeName is the binding reference to the PersistentVolume backing this claim.	false

Instrumentation.spec.nodejs.volumeClaimTemplate.spec.dataSource

^{↩ Parent}

dataSource field can be used to specify either:

• An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
• An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.

Name	Type	Description	Required
kind	string	Kind is the type of resource being referenced	true
name	string	Name is the name of resource being referenced	true
apiGroup	string	APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.	false

Instrumentation.spec.nodejs.volumeClaimTemplate.spec.dataSourceRef

^{↩ Parent}

dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef:

• While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects.

Name	Type	Description	Required
kind	string	Kind is the type of resource being referenced	true
name	string	Name is the name of resource being referenced	true
apiGroup	string	APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.	false
namespace	string	Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.	false

Instrumentation.spec.nodejs.volumeClaimTemplate.spec.resources

^{↩ Parent}

resources represents the minimum resources the volume should have. Users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources

Name	Type	Description	Required
limits	map[string]int or string	Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/	false
requests	map[string]int or string	Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/	false

Instrumentation.spec.nodejs.volumeClaimTemplate.spec.selector

^{↩ Parent}

selector is a label query over volumes to consider for binding.

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements. The requirements are ANDed.	false
matchLabels	map[string]string	matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.	false

Instrumentation.spec.nodejs.volumeClaimTemplate.spec.selector.matchExpressions[index]

^{↩ Parent}

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	true
operator	string	operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.	true
values	[]string	values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.	false

Instrumentation.spec.nodejs.volumeClaimTemplate.metadata

^{↩ Parent}

May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.

Name	Type	Description	Required
annotations	map[string]string		false
finalizers	[]string		false
labels	map[string]string		false
name	string		false
namespace	string		false

Instrumentation.spec.python

^{↩ Parent}

Python defines configuration for python auto-instrumentation.

Name	Type	Description	Required
env	[]object	Env defines python specific env vars. There are four layers for env vars' definitions and the precedence order is: `original container env vars` > `language specific env vars` > `common env vars` > `instrument spec configs' vars`. If the former var had been defined, then the other vars would be ignored.	false
image	string	Image is a container image with Python SDK and auto-instrumentation.	false
resourceRequirements	object	Resources describes the compute resource requirements.	false
volumeClaimTemplate	object	VolumeClaimTemplate defines an ephemeral volume used for auto-instrumentation. If omitted, an emptyDir is used with size limit VolumeSizeLimit	false
volumeLimitSize	int or string	VolumeSizeLimit defines size limit for volume used for auto-instrumentation. The default size is 200Mi. Deprecated: use spec..volume.size instead. This field will be inactive in a future release.	false

Instrumentation.spec.python.env[index]

^{↩ Parent}

EnvVar represents an environment variable present in a Container.

Name	Type	Description	Required
name	string	Name of the environment variable. May consist of any printable ASCII characters except '='.	true
value	string	Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "".	false
valueFrom	object	Source for the environment variable's value. Cannot be used if value is not empty.	false

Instrumentation.spec.python.env[index].valueFrom

^{↩ Parent}

Source for the environment variable's value. Cannot be used if value is not empty.

Name	Type	Description	Required
configMapKeyRef	object	Selects a key of a ConfigMap.	false
fieldRef	object	Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.	false
fileKeyRef	object	FileKeyRef selects a key of the env file. Requires the EnvFiles feature gate to be enabled.	false
resourceFieldRef	object	Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.	false
secretKeyRef	object	Selects a key of a secret in the pod's namespace	false

Instrumentation.spec.python.env[index].valueFrom.configMapKeyRef

^{↩ Parent}

Selects a key of a ConfigMap.

Name	Type	Description	Required
key	string	The key to select.	true
name	string	Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names Default:	false
optional	boolean	Specify whether the ConfigMap or its key must be defined	false

Instrumentation.spec.python.env[index].valueFrom.fieldRef

^{↩ Parent}

Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels['<KEY>'], metadata.annotations['<KEY>'], spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.

Name	Type	Description	Required
fieldPath	string	Path of the field to select in the specified API version.	true
apiVersion	string	Version of the schema the FieldPath is written in terms of, defaults to "v1".	false

Instrumentation.spec.python.env[index].valueFrom.fileKeyRef

^{↩ Parent}

FileKeyRef selects a key of the env file. Requires the EnvFiles feature gate to be enabled.

Name	Type	Description	Required
key	string	The key within the env file. An invalid key will prevent the pod from starting. The keys defined within a source may consist of any printable ASCII characters except '='. During Alpha stage of the EnvFiles feature gate, the key size is limited to 128 characters.	true
path	string	The path within the volume from which to select the file. Must be relative and may not contain the '..' path or start with '..'.	true
volumeName	string	The name of the volume mount containing the env file.	true
optional	boolean	Specify whether the file or its key must be defined. If the file or key does not exist, then the env var is not published. If optional is set to true and the specified key does not exist, the environment variable will not be set in the Pod's containers. If optional is set to false and the specified key does not exist, an error will be returned during Pod creation. Default: false	false

Instrumentation.spec.python.env[index].valueFrom.resourceFieldRef

^{↩ Parent}

Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.

Name	Type	Description	Required
resource	string	Required: resource to select	true
containerName	string	Container name: required for volumes, optional for env vars	false
divisor	int or string	Specifies the output format of the exposed resources, defaults to "1"	false

Instrumentation.spec.python.env[index].valueFrom.secretKeyRef

^{↩ Parent}

Selects a key of a secret in the pod's namespace

Name	Type	Description	Required
key	string	The key of the secret to select from. Must be a valid secret key.	true
name	string	Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names Default:	false
optional	boolean	Specify whether the Secret or its key must be defined	false

Instrumentation.spec.python.resourceRequirements

^{↩ Parent}

Resources describes the compute resource requirements.

Name	Type	Description	Required
claims	[]object	Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This field depends on the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers.	false
limits	map[string]int or string	Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/	false
requests	map[string]int or string	Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/	false

Instrumentation.spec.python.resourceRequirements.claims[index]

^{↩ Parent}

ResourceClaim references one entry in PodSpec.ResourceClaims.

Name	Type	Description	Required
name	string	Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.	true
request	string	Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.	false

Instrumentation.spec.python.volumeClaimTemplate

^{↩ Parent}

VolumeClaimTemplate defines an ephemeral volume used for auto-instrumentation. If omitted, an emptyDir is used with size limit VolumeSizeLimit

Name	Type	Description	Required
spec	object	The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.	true
metadata	object	May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.	false

Instrumentation.spec.python.volumeClaimTemplate.spec

^{↩ Parent}

The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here.

Name	Type	Description	Required
accessModes	[]string	accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1	false
dataSource	object	dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.	false
dataSourceRef	object	dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects.	false
resources	object	resources represents the minimum resources the volume should have. Users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources	false
selector	object	selector is a label query over volumes to consider for binding.	false
storageClassName	string	storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1	false
volumeAttributesClassName	string	volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string or nil value indicates that no VolumeAttributesClass will be applied to the claim. If the claim enters an Infeasible error state, this field can be reset to its previous value (including nil) to cancel the modification. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/	false
volumeMode	string	volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.	false
volumeName	string	volumeName is the binding reference to the PersistentVolume backing this claim.	false

Instrumentation.spec.python.volumeClaimTemplate.spec.dataSource

^{↩ Parent}

dataSource field can be used to specify either:

• An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
• An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource.

Name	Type	Description	Required
kind	string	Kind is the type of resource being referenced	true
name	string	Name is the name of resource being referenced	true
apiGroup	string	APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.	false

Instrumentation.spec.python.volumeClaimTemplate.spec.dataSourceRef

^{↩ Parent}

dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef:

• While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects.

Name	Type	Description	Required
kind	string	Kind is the type of resource being referenced	true
name	string	Name is the name of resource being referenced	true
apiGroup	string	APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required.	false
namespace	string	Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled.	false

Instrumentation.spec.python.volumeClaimTemplate.spec.resources

^{↩ Parent}

resources represents the minimum resources the volume should have. Users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources

Name	Type	Description	Required
limits	map[string]int or string	Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/	false
requests	map[string]int or string	Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/	false

Instrumentation.spec.python.volumeClaimTemplate.spec.selector

^{↩ Parent}

selector is a label query over volumes to consider for binding.

Name	Type	Description	Required
matchExpressions	[]object	matchExpressions is a list of label selector requirements. The requirements are ANDed.	false
matchLabels	map[string]string	matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.	false

Instrumentation.spec.python.volumeClaimTemplate.spec.selector.matchExpressions[index]

^{↩ Parent}

A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.

Name	Type	Description	Required
key	string	key is the label key that the selector applies to.	true
operator	string	operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.	true
values	[]string	values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.	false

Instrumentation.spec.python.volumeClaimTemplate.metadata

^{↩ Parent}

May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation.

Name	Type	Description	Required
annotations	map[string]string		false
finalizers	[]string		false
labels	map[string]string		false
name	string		false
namespace	string		false

Instrumentation.spec.resource

^{↩ Parent}

Resource defines the configuration for the resource attributes, as defined by the OpenTelemetry specification.

Name	Type	Description	Required
addK8sUIDAttributes	boolean	AddK8sUIDAttributes defines whether K8s UID attributes should be collected (e.g. k8s.deployment.uid).	false
resourceAttributes	map[string]string	Attributes defines attributes that are added to the resource. For example environment: dev	false

Instrumentation.spec.sampler

^{↩ Parent}

Sampler defines sampling configuration.

Name	Type	Description	Required
argument	string	Argument defines sampler argument. The value depends on the sampler type. For instance for parentbased_traceidratio sampler type it is a number in range [0..1] e.g. 0.25. The value will be set in the OTEL_TRACES_SAMPLER_ARG env var.	false
type	enum	Type defines sampler type. The value will be set in the OTEL_TRACES_SAMPLER env var. The value can be for instance parentbased_always_on, parentbased_always_off, parentbased_traceidratio... Enum: always_on, always_off, traceidratio, parentbased_always_on, parentbased_always_off, parentbased_traceidratio, jaeger_remote, xray	false

Instrumentation.status

^{↩ Parent}

InstrumentationStatus defines status of the instrumentation.

Name	Type	Description	Required
upgradeBlockedVersions	map[string]string	UpgradeBlockedVersions contains instrumentation language images whose versions could not be automatically upgraded, mapped to a message explaining why. The operator will not auto-upgrade these images until the user manually changes them to a supported version.	false