Skip to content

containerinstances.oracle.com/v1beta1

Back to API Reference

APIVersion: containerinstances.oracle.com/v1beta1

This content is generated from the checked-in CRD schemas in config/crd/bases/. If a description is missing or incorrect, fix the source comments or generator inputs and rerun make generate manifests; do not hand-edit config/crd/bases/*.yaml.

Packages

Package Support Latest release Resources
Container Instances preview v2.0.0-alpha ContainerInstance

Resources

Kind Scope Sample Packages
ContainerInstance Namespaced Sample Container Instances (v2.0.0-alpha)

ContainerInstance

Manage OCI Container Instance workloads.

  • Plural: containerinstances
  • Scope: Namespaced
  • APIVersion: containerinstances.oracle.com/v1beta1
  • Sample: Sample (config/samples/containerinstances_v1beta1_containerinstance.yaml)
  • Packages: Container Instances (v2.0.0-alpha)

Spec

ContainerInstanceSpec defines the desired state of ContainerInstance.

Field Description Type Required Default Enum
availabilityDomain The availability domain where the container instance runs. string Yes - -
compartmentId The compartment OCID. string Yes - -
containerRestartPolicy Container restart policy string No - -
containers The containers to create on this container instance. list[object] Yes - -
definedTags Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace": {"bar-key": "value"}}. map[string, map[string, string]] No - -
displayName A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information. If you don't provide a name, a name is generated automatically. string No - -
dnsConfig ContainerInstanceDnsConfig defines nested fields for ContainerInstance.DnsConfig. object No - -
faultDomain The fault domain where the container instance runs. string No - -
freeformTags Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"} map[string, string] No - -
gracefulShutdownTimeoutInSeconds The amount of time that processes in a container have to gracefully end when the container must be stopped. For example, when you delete a container instance. After the timeout is reached, the processes are sent a signal to be deleted. integer (int64) No - -
imagePullSecrets The image pulls secrets so you can access private registry to pull container images. list[object] No - -
shape The shape of the container instance. The shape determines the resources available to the container instance. string Yes - -
shapeConfig ContainerInstanceShapeConfig defines nested fields for ContainerInstance.ShapeConfig. object Yes - -
vnics The networks available to containers on this container instance. list[object] Yes - -
volumes A volume is a directory with data that is accessible across multiple containers in a container instance. You can attach up to 32 volumes to single container instance. list[object] No - -

Spec.containers[]

Back to ContainerInstance spec

ContainerInstanceContainer defines nested fields for ContainerInstance.Container.

Field Description Type Required Default Enum
arguments A list of string arguments for a container's ENTRYPOINT process. Many containers use an ENTRYPOINT process pointing to a shell (/bin/bash). For those containers, this argument list specifies the main command in the container process. The total size of all arguments combined must be 64 KB or smaller. list[string] No - -
command An optional command that overrides the ENTRYPOINT process. If you do not provide a value, the existing ENTRYPOINT process defined in the image is used. list[string] No - -
definedTags Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace": {"bar-key": "value"}}. map[string, map[string, string]] No - -
displayName A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information. If you don't provide a name, a name is generated automatically. string No - -
environmentVariables A map of additional environment variables to set in the environment of the container's ENTRYPOINT process. These variables are in addition to any variables already defined in the container's image. The total size of all environment variables combined, name and values, must be 64 KB or smaller. map[string, string] No - -
freeformTags Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"} map[string, string] No - -
healthChecks list of container health checks to check container status and take appropriate action if container status is failed. There are two types of health checks that we currently support HTTP and TCP. list[object] No - -
imageUrl A URL identifying the image that the container runs in, such as docker.io/library/busybox:latest. If you do not provide a tag, the tag will default to latest. If no registry is provided, will default the registry to public docker hub docker.io/library. The registry used for container image must be reachable over the Container Instance's VNIC. string Yes - -
isResourcePrincipalDisabled Determines if the container will have access to the container instance resource principal. This method utilizes resource principal version 2.2. For information on how to use the exposed resource principal elements, see https://docs.oracle.com/en-us/iaas/Content/API/Concepts/sdk_authentication_methods.htm#sdk_authentication_methods_resource_principal. boolean No - -
resourceConfig ContainerInstanceContainerResourceConfig defines nested fields for ContainerInstance.Container.ResourceConfig. object No - -
securityContext ContainerInstanceContainerSecurityContext defines nested fields for ContainerInstance.Container.SecurityContext. object No - -
volumeMounts List of the volume mounts. list[object] No - -
workingDirectory The working directory within the container's filesystem for the container process. If not specified, the default working directory from the image is used. string No - -

Spec.containers[].healthChecks[]

Back to ContainerInstance spec

ContainerInstanceContainerHealthCheck defines nested fields for ContainerInstance.Container.HealthCheck.

Field Description Type Required Default Enum
failureAction The action will be triggered when the container health check fails. There are two types of action: KILL or NONE. The default action is KILL. If failure action is KILL, the container will be subject to the container restart policy. string No - -
failureThreshold Number of consecutive failures at which we consider the check failed. integer No - -
headers Container health check HTTP headers. list[object] No - -
healthCheckType - string No - -
initialDelayInSeconds The initial delay in seconds before start checking container health status. integer No - -
intervalInSeconds Number of seconds between two consecutive runs for checking container health. integer No - -
jsonData - string No - -
name Health check name. string No - -
path Container health check HTTP path. string No - -
port Container health check port. integer No - -
successThreshold Number of consecutive successes at which we consider the check succeeded again after it was in failure state. integer No - -
timeoutInSeconds Length of waiting time in seconds before marking health check failed. integer No - -

Spec.containers[].healthChecks[].headers[]

Back to ContainerInstance spec

ContainerInstanceContainerHealthCheckHeader defines nested fields for ContainerInstance.Container.HealthCheck.Header.

Field Description Type Required Default Enum
name Container HTTP header Key. string Yes - -
value Container HTTP header value. string Yes - -

Spec.containers[].resourceConfig

Back to ContainerInstance spec

ContainerInstanceContainerResourceConfig defines nested fields for ContainerInstance.Container.ResourceConfig.

Field Description Type Required Default Enum
memoryLimitInGBs The maximum amount of memory that can be consumed by the container's process. If you do not set a value, then the process may use all available memory on the instance. number No - -
vcpusLimit The maximum amount of CPUs that can be consumed by the container's process. If you do not set a value, then the process can use all available CPU resources on the instance. CPU usage is defined in terms of logical CPUs. This means that the maximum possible value on an E3 ContainerInstance with 1 OCPU is 2.0. A container with a 2.0 vcpusLimit could consume up to 100% of the CPU resources available on the container instance. Values can be fractional. A value of "1.5" means that the container can consume at most the equivalent of 1 and a half logical CPUs worth of CPU capacity. number No - -

Spec.containers[].securityContext

Back to ContainerInstance spec

ContainerInstanceContainerSecurityContext defines nested fields for ContainerInstance.Container.SecurityContext.

Field Description Type Required Default Enum
capabilities ContainerInstanceContainerSecurityContextCapabilities defines nested fields for ContainerInstance.Container.SecurityContext.Capabilities. object No - -
isNonRootUserCheckEnabled Indicates if the container must run as a non-root user. If true, the service validates the container image at runtime to ensure that it is not going to run with UID 0 (root) and fails the container instance creation if the validation fails. boolean No - -
isRootFileSystemReadonly Determines if the container will have a read-only root file system. Default value is false. boolean No - -
jsonData - string No - -
runAsGroup The group ID (GID) to run the entrypoint process of the container. Uses runtime default if not provided. integer No - -
runAsUser The user ID (UID) to run the entrypoint process of the container. Defaults to user specified UID in container image metadata if not provided. This must be provided if runAsGroup is provided. integer No - -
securityContextType - string No - -

Spec.containers[].securityContext.capabilities

Back to ContainerInstance spec

ContainerInstanceContainerSecurityContextCapabilities defines nested fields for ContainerInstance.Container.SecurityContext.Capabilities.

Field Description Type Required Default Enum
addCapabilities A list of additional configurable container capabilities. list[string] No - -
dropCapabilities A list of container capabilities that can be dropped. list[string] No - -

Spec.containers[].volumeMounts[]

Back to ContainerInstance spec

ContainerInstanceContainerVolumeMount defines nested fields for ContainerInstance.Container.VolumeMount.

Field Description Type Required Default Enum
isReadOnly Whether the volume was mounted in read-only mode. By default, the volume is not read-only. boolean No - -
mountPath The volume access path. string Yes - -
partition If there is more than one partition in the volume, reference this number of partitions. Here is an example: Number Start End Size File system Name Flags 1 1049kB 106MB 105MB fat16 EFI System Partition boot, esp 2 106MB 1180MB 1074MB xfs 3 1180MB 50.0GB 48.8GB lvm integer No - -
subPath A subpath inside the referenced volume. string No - -
volumeName The name of the volume. Avoid entering confidential information. string Yes - -

Spec.dnsConfig

Back to ContainerInstance spec

ContainerInstanceDnsConfig defines nested fields for ContainerInstance.DnsConfig.

Field Description Type Required Default Enum
nameservers IP address of a name server that the resolver should query, either an IPv4 address (in dot notation), or an IPv6 address in colon (and possibly dot) notation. If null, uses nameservers from subnet dhcpDnsOptions. list[string] No - -
options Options allows certain internal resolver variables to be modified. Options are a list of objects in https://man7.org/linux/man-pages/man5/resolv.conf.5.html. Examples: ["ndots:n", "edns0"]. list[string] No - -
searches Search list for host-name lookup. If null, we will use searches from subnet dhcpDnsOptios. list[string] No - -

Spec.imagePullSecrets[]

Back to ContainerInstance spec

ContainerInstanceImagePullSecret defines nested fields for ContainerInstance.ImagePullSecret.

Field Description Type Required Default Enum
jsonData - string No - -
password The password which should be used with the registry for authentication. The value is expected in base64 format. string No - -
registryEndpoint The registry endpoint of the container image. string Yes - -
secretId The OCID of the secret for registry credentials. string No - -
secretType - string No - -
username The username which should be used with the registry for authentication. The value is expected in base64 format. string No - -

Spec.shapeConfig

Back to ContainerInstance spec

ContainerInstanceShapeConfig defines nested fields for ContainerInstance.ShapeConfig.

Field Description Type Required Default Enum
memoryInGBs The total amount of memory available to the container instance (GB). number No - -
ocpus The total number of OCPUs available to the container instance. number Yes - -

Spec.vnics[]

Back to ContainerInstance spec

ContainerInstanceVnic defines nested fields for ContainerInstance.Vnic.

Field Description Type Required Default Enum
definedTags Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace": {"bar-key": "value"}}. map[string, map[string, string]] No - -
displayName A user-friendly name for the VNIC. Does not have to be unique. Avoid entering confidential information. string No - -
freeformTags Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"} map[string, string] No - -
hostnameLabel The hostname for the VNIC's primary private IP. Used for DNS. string No - -
isPublicIpAssigned Whether the VNIC should be assigned a public IP address. boolean No - -
nsgIds A list of the OCIDs of the network security groups (NSGs) to add the VNIC to. list[string] No - -
privateIp A private IP address of your choice to assign to the VNIC. Must be an available IP address within the subnet's CIDR. string No - -
skipSourceDestCheck Whether the source/destination check is disabled on the VNIC. boolean No - -
subnetId The OCID of the subnet to create the VNIC in. string Yes - -

Spec.volumes[]

Back to ContainerInstance spec

ContainerInstanceVolume defines nested fields for ContainerInstance.Volume.

Field Description Type Required Default Enum
backingStore The volume type of the empty directory, can be either File Storage or Memory. string No - -
configs Contains key value pairs which can be mounted as individual files inside the container. The value needs to be base64 encoded. It is decoded to plain text before the mount. list[object] No - -
jsonData - string No - -
name The name of the volume. This must be unique within a single container instance. string Yes - -
volumeType - string No - -

Spec.volumes[].configs[]

Back to ContainerInstance spec

ContainerInstanceVolumeConfig defines nested fields for ContainerInstance.Volume.Config.

Field Description Type Required Default Enum
data The base64 encoded contents of the file. The contents are decoded to plain text before mounted as a file to a container inside container instance. string Yes - -
fileName The name of the file. The fileName should be unique across the volume. string Yes - -
path (Optional) Relative path for this file inside the volume mount directory. By default, the file is presented at the root of the volume mount path. string No - -

Status

ContainerInstanceStatus defines the observed state of ContainerInstance.

Field Description Type Required Default Enum
availabilityDomain The availability domain to place the container instance. string No - -
compartmentId The OCID of the compartment. string No - -
containerCount The number of containers on the container instance. integer No - -
containerRestartPolicy The container restart policy is applied for all containers in container instance. string No - -
containers The containers on the container instance. list[object] No - -
definedTags Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"foo-namespace": {"bar-key": "value"}}. map[string, map[string, string]] No - -
displayName A user-friendly name. Does not have to be unique, and it's changeable. Avoid entering confidential information. string No - -
dnsConfig ContainerInstanceDnsConfig defines nested fields for ContainerInstance.DnsConfig. object No - -
faultDomain The fault domain to place the container instance. string No - -
freeformTags Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. Example: {"bar-key": "value"} map[string, string] No - -
gracefulShutdownTimeoutInSeconds The amount of time that processes in a container have to gracefully end when the container must be stopped. For example, when you delete a container instance. After the timeout is reached, the processes are sent a signal to be deleted. integer (int64) No - -
id An OCID that cannot be changed. string No - -
imagePullSecrets The image pulls secrets so you can access private registry to pull container images. list[object] No - -
lifecycleDetails A message that describes the current state of the container in more detail. Can be used to provide actionable information. string No - -
lifecycleState The current state of the container instance. string No - -
shape The shape of the container instance. The shape determines the number of OCPUs, amount of memory, and other resources that are allocated to a container instance. string No - -
shapeConfig ContainerInstanceShapeConfigObservedState defines nested fields for ContainerInstance.ShapeConfig. object No - -
status - object Yes - -
systemTags Usage of system tag keys. These predefined keys are scoped to namespaces. Example: {"orcl-cloud": {"free-tier-retained": "true"}}. map[string, map[string, string]] No - -
timeCreated The time the container instance was created, in the format defined by RFC 3339 (https://tools.ietf.org/rfc/rfc3339). string No - -
timeUpdated The time the container instance was updated, in the format defined by RFC 3339 (https://tools.ietf.org/rfc/rfc3339). string No - -
vnics The virtual networks available to the containers in the container instance. list[object] No - -
volumeCount The number of volumes that are attached to the container instance. integer No - -
volumes A volume is a directory with data that is accessible across multiple containers in a container instance. list[object] No - -

Status.containers[]

Back to ContainerInstance status

ContainerInstanceContainerObservedState defines nested fields for ContainerInstance.Container.

Field Description Type Required Default Enum
containerId The OCID of the container. string No - -
displayName Display name for the Container. string No - -

Status.dnsConfig

Back to ContainerInstance status

ContainerInstanceDnsConfig defines nested fields for ContainerInstance.DnsConfig.

Field Description Type Required Default Enum
nameservers IP address of a name server that the resolver should query, either an IPv4 address (in dot notation), or an IPv6 address in colon (and possibly dot) notation. If null, uses nameservers from subnet dhcpDnsOptions. list[string] No - -
options Options allows certain internal resolver variables to be modified. Options are a list of objects in https://man7.org/linux/man-pages/man5/resolv.conf.5.html. Examples: ["ndots:n", "edns0"]. list[string] No - -
searches Search list for host-name lookup. If null, we will use searches from subnet dhcpDnsOptios. list[string] No - -

Status.imagePullSecrets[]

Back to ContainerInstance status

ContainerInstanceImagePullSecretObservedState defines nested fields for ContainerInstance.ImagePullSecret.

Field Description Type Required Default Enum
jsonData - string No - -
registryEndpoint The registry endpoint of the container image. string No - -
secretId The OCID of the secret for registry credentials. string No - -
secretType - string No - -

Status.shapeConfig

Back to ContainerInstance status

ContainerInstanceShapeConfigObservedState defines nested fields for ContainerInstance.ShapeConfig.

Field Description Type Required Default Enum
memoryInGBs The total amount of memory available to the container instance, in gigabytes. number No - -
networkingBandwidthInGbps The networking bandwidth available to the container instance, in gigabits per second. number No - -
ocpus The total number of OCPUs available to the container instance. number No - -
processorDescription A short description of the container instance's processor (CPU). string No - -

Status.status

Back to ContainerInstance status

Field Description Type Required Default Enum
async Async is the canonical controller-owned async contract. Resource-local legacy work-request fields may remain as compatibility mirrors while follow-on migrations land, but new async state should project here first. object No - -
conditions - list[object] No - -
createdAt - string (date-time) No - -
deletedAt - string (date-time) No - -
message - string No - -
ocid - string No - -
opcRequestId OpcRequestID is the latest non-empty OCI request ID from a mutating OCI response or surfaced OCI service error that materially contributed to the current shared status projection. Headerless follow-up observations keep the last non-empty value intact. string No - -
reason - string No - -
requestedAt - string (date-time) No - -
updatedAt - string (date-time) No - -

Status.status.async

Back to ContainerInstance status

Async is the canonical controller-owned async contract. Resource-local legacy work-request fields may remain as compatibility mirrors while follow-on migrations land, but new async state should project here first.

Field Description Type Required Default Enum
current - object No - -

Status.status.async.current

Back to ContainerInstance status

Field Description Type Required Default Enum
message - string No - -
normalizedClass - string Yes - attention, canceled, failed, pending, succeeded, unknown
percentComplete - number No - -
phase - string Yes - create, delete, update
rawOperationType - string No - -
rawStatus - string No - -
source - string Yes - lifecycle, none, workrequest
updatedAt - string (date-time) Yes - -
workRequestId - string No - -

Status.status.conditions[]

Back to ContainerInstance status

Field Description Type Required Default Enum
lastTransitionTime - string (date-time) No - -
message - string No - -
reason - string No - -
status - string Yes - -
type - string Yes - -

Status.vnics[]

Back to ContainerInstance status

ContainerInstanceVnicObservedState defines nested fields for ContainerInstance.Vnic.

Field Description Type Required Default Enum
vnicId The identifier of the virtual network interface card (VNIC) over which the containers accessing this network can communicate with the larger virtual cloud network. string No - -

Status.volumes[]

Back to ContainerInstance status

ContainerInstanceVolumeObservedState defines nested fields for ContainerInstance.Volume.

Field Description Type Required Default Enum
backingStore The volume type of the empty directory, can be either File Storage or Memory. string No - -
configs Contains string key value pairs which can be mounted as individual files inside the container. The value needs to be base64 encoded. It is decoded to plain text before the mount. list[object] No - -
jsonData - string No - -
name The name of the volume. This must be unique within a single container instance. string No - -
volumeType - string No - -

Status.volumes[].configs[]

Back to ContainerInstance status

ContainerInstanceVolumeConfig defines nested fields for ContainerInstance.Volume.Config.

Field Description Type Required Default Enum
data The base64 encoded contents of the file. The contents are decoded to plain text before mounted as a file to a container inside container instance. string Yes - -
fileName The name of the file. The fileName should be unique across the volume. string Yes - -
path (Optional) Relative path for this file inside the volume mount directory. By default, the file is presented at the root of the volume mount path. string No - -