A JobDefinition is a managed resource that represents an AWS Batch JobDefinition.
Type
CRD
Group
batch.aws.crossplane.io
Version
v1alpha1
apiVersion: batch.aws.crossplane.io/v1alpha1
kind: JobDefinition
A JobDefinitionSpec defines the desired state of a JobDefinition.
JobDefinitionParameters define the desired state of a Batch JobDefinition
An object with various properties specific to single-node container-based jobs. If the job definition's type parameter is container, then you must specify either containerProperties or nodeProperties.
If the job runs on Fargate resources, then you must not specify nodeProperties; use only containerProperties.
The command that's passed to the container. This parameter maps to Cmd in the Create a container (https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the Docker Remote API (https://docs.docker.com/engine/api/v1.23/) and the COMMAND parameter to docker run (https://docs.docker.com/engine/reference/run/). For more information, see https://docs.docker.com/engine/reference/builder/#cmd (https://docs.docker.com/engine/reference/builder/#cmd).
The environment variables to pass to a container. This parameter maps to Env in the Create a container (https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the Docker Remote API (https://docs.docker.com/engine/api/v1.23/) and the --env option to docker run (https://docs.docker.com/engine/reference/run/).
We don't recommend using plaintext environment variables for sensitive information, such as credential data.
Environment variables must not start with AWS_BATCH; this naming convention is reserved for variables that are set by the Batch service.
ExecutionRoleARNRef is a reference to an ARN of the IAM role used to set the ExecutionRoleARN.
Policies for referencing.
ExecutionRoleARNSelector selects references to an ARN of the IAM role used to set the ExecutionRoleARN.
Policies for selection.
The platform configuration for jobs that are running on Fargate resources. Jobs that are running on EC2 resources must not specify this parameter.
JobRoleARNRef is a reference to an ARN of the IAM role used to set the JobRoleARN.
Policies for referencing.
JobRoleARNSelector selects references to an ARN of the IAM role used to set the JobRoleARN.
Policies for selection.
Linux-specific modifications that are applied to the container, such as details for device mappings.
Any host devices to expose to the container. This parameter maps to Devices in the Create a container (https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the Docker Remote API (https://docs.docker.com/engine/api/v1.23/) and the --device option to docker run (https://docs.docker.com/engine/reference/run/).
This parameter isn't applicable to jobs that are running on Fargate resources and shouldn't be provided.
The explicit permissions to provide to the container for the device. By default, the container has permissions for read, write, and mknod for the device.
The container path, mount options, and size (in MiB) of the tmpfs mount. This parameter maps to the --tmpfs option to docker run (https://docs.docker.com/engine/reference/run/).
This parameter isn't applicable to jobs that are running on Fargate resources and shouldn't be provided.
The list of tmpfs volume mount options.
Valid values: "defaults" | "ro" | "rw" | "suid" | "nosuid" | "dev" | "nodev" | "exec" | "noexec" | "sync" | "async" | "dirsync" | "remount" | "mand" | "nomand" | "atime" | "noatime" | "diratime" | "nodiratime" | "bind" | "rbind" | "unbindable" | "runbindable" | "private" | "rprivate" | "shared" | "rshared" | "slave" | "rslave" | "relatime" | "norelatime" | "strictatime" | "nostrictatime" | "mode" | "uid" | "gid" | "nr_inodes" | "nr_blocks" | "mpol"
The log configuration specification for the container.
This parameter maps to LogConfig in the Create a container (https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the Docker Remote API (https://docs.docker.com/engine/api/v1.23/) and the --log-driver option to docker run (https://docs.docker.com/engine/reference/run/). By default, containers use the same logging driver that the Docker daemon uses. However the container might use a different logging driver than the Docker daemon by specifying a log driver with this parameter in the container definition. To use a different logging driver for a container, the log system must be configured properly on the container instance (or on a different log server for remote logging options). For more information on the options for different supported log drivers, see Configure logging drivers (https://docs.docker.com/engine/admin/logging/overview/) in the Docker documentation.
Batch currently supports a subset of the logging drivers available to the Docker daemon (shown in the LogConfiguration data type).
This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log into your container instance and run the following command: sudo docker version | grep "Server API version"
The Amazon ECS container agent running on a container instance must register the logging drivers available on that instance with the ECS_AVAILABLE_LOGGING_DRIVERS environment variable before containers placed on that instance can use these log configuration options. For more information, see Amazon ECS Container Agent Configuration (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the Amazon Elastic Container Service Developer Guide.
The secrets to pass to the log configuration. For more information, see Specifying Sensitive Data (https://docs.aws.amazon.com/batch/latest/userguide/specifying-sensitive-data.html) in the Batch User Guide.
The mount points for data volumes in your container. This parameter maps to Volumes in the Create a container (https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the Docker Remote API (https://docs.docker.com/engine/api/v1.23/) and the --volume option to docker run (https://docs.docker.com/engine/reference/run/).
The network configuration for jobs that are running on Fargate resources. Jobs that are running on EC2 resources must not specify this parameter.
The type and amount of resources to assign to a container. The supported resources include GPU, MEMORY, and VCPU.
The secrets for the container. For more information, see Specifying sensitive data (https://docs.aws.amazon.com/batch/latest/userguide/specifying-sensitive-data.html) in the Batch User Guide.
A list of ulimits to set in the container. This parameter maps to Ulimits in the Create a container (https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the Docker Remote API (https://docs.docker.com/engine/api/v1.23/) and the --ulimit option to docker run (https://docs.docker.com/engine/reference/run/).
This parameter isn't applicable to jobs that are running on Fargate resources and shouldn't be provided.
A list of data volumes used in a job.
This parameter is specified when you are using an Amazon Elastic File System file system for job storage. Jobs that are running on Fargate resources must specify a platformVersion of at least 1.4.0.
The authorization configuration details for the Amazon EFS file system.
AccessPointIDRef are references to AccessPoint used to set the AccessPointID.
Policies for referencing.
AccessPointIDSelector selects references to AccessPoint used to set the AccessPointID.
Policies for selection.
FileSystemIDRef are references to Filesystem used to set the FileSystemID.
Policies for referencing.
FileSystemIDSelector selects references to Filesystem used to set the FileSystemID.
Policies for selection.
The contents of the host parameter determine whether your data volume persists on the host container instance and where it is stored. If the host parameter is empty, then the Docker daemon assigns a host path for your data volume. However, the data isn't guaranteed to persist after the containers associated with it stop running.
This parameter isn't applicable to jobs that are running on Fargate resources and shouldn't be provided.
An object with various properties specific to multi-node parallel jobs.
If the job runs on Fargate resources, then you must not specify nodeProperties; use containerProperties instead.
A list of node ranges and their properties associated with a multi-node parallel job.
NodeRangeProperties is a required field
The container details for the node range.
The command that's passed to the container. This parameter maps to Cmd in the Create a container (https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the Docker Remote API (https://docs.docker.com/engine/api/v1.23/) and the COMMAND parameter to docker run (https://docs.docker.com/engine/reference/run/). For more information, see https://docs.docker.com/engine/reference/builder/#cmd (https://docs.docker.com/engine/reference/builder/#cmd).
The environment variables to pass to a container. This parameter maps to Env in the Create a container (https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the Docker Remote API (https://docs.docker.com/engine/api/v1.23/) and the --env option to docker run (https://docs.docker.com/engine/reference/run/).
We don't recommend using plaintext environment variables for sensitive information, such as credential data.
Environment variables must not start with AWS_BATCH; this naming convention is reserved for variables that are set by the Batch service.
ExecutionRoleARNRef is a reference to an ARN of the IAM role used to set the ExecutionRoleARN.
Policies for referencing.
ExecutionRoleARNSelector selects references to an ARN of the IAM role used to set the ExecutionRoleARN.
Policies for selection.
The platform configuration for jobs that are running on Fargate resources. Jobs that are running on EC2 resources must not specify this parameter.
JobRoleARNRef is a reference to an ARN of the IAM role used to set the JobRoleARN.
Policies for referencing.
JobRoleARNSelector selects references to an ARN of the IAM role used to set the JobRoleARN.
Policies for selection.
Linux-specific modifications that are applied to the container, such as details for device mappings.
Any host devices to expose to the container. This parameter maps to Devices in the Create a container (https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the Docker Remote API (https://docs.docker.com/engine/api/v1.23/) and the --device option to docker run (https://docs.docker.com/engine/reference/run/).
This parameter isn't applicable to jobs that are running on Fargate resources and shouldn't be provided.
The explicit permissions to provide to the container for the device. By default, the container has permissions for read, write, and mknod for the device.
The container path, mount options, and size (in MiB) of the tmpfs mount. This parameter maps to the --tmpfs option to docker run (https://docs.docker.com/engine/reference/run/).
This parameter isn't applicable to jobs that are running on Fargate resources and shouldn't be provided.
The list of tmpfs volume mount options.
Valid values: "defaults" | "ro" | "rw" | "suid" | "nosuid" | "dev" | "nodev" | "exec" | "noexec" | "sync" | "async" | "dirsync" | "remount" | "mand" | "nomand" | "atime" | "noatime" | "diratime" | "nodiratime" | "bind" | "rbind" | "unbindable" | "runbindable" | "private" | "rprivate" | "shared" | "rshared" | "slave" | "rslave" | "relatime" | "norelatime" | "strictatime" | "nostrictatime" | "mode" | "uid" | "gid" | "nr_inodes" | "nr_blocks" | "mpol"
The log configuration specification for the container.
This parameter maps to LogConfig in the Create a container (https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the Docker Remote API (https://docs.docker.com/engine/api/v1.23/) and the --log-driver option to docker run (https://docs.docker.com/engine/reference/run/). By default, containers use the same logging driver that the Docker daemon uses. However the container might use a different logging driver than the Docker daemon by specifying a log driver with this parameter in the container definition. To use a different logging driver for a container, the log system must be configured properly on the container instance (or on a different log server for remote logging options). For more information on the options for different supported log drivers, see Configure logging drivers (https://docs.docker.com/engine/admin/logging/overview/) in the Docker documentation.
Batch currently supports a subset of the logging drivers available to the Docker daemon (shown in the LogConfiguration data type).
This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log into your container instance and run the following command: sudo docker version | grep "Server API version"
The Amazon ECS container agent running on a container instance must register the logging drivers available on that instance with the ECS_AVAILABLE_LOGGING_DRIVERS environment variable before containers placed on that instance can use these log configuration options. For more information, see Amazon ECS Container Agent Configuration (https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the Amazon Elastic Container Service Developer Guide.
The secrets to pass to the log configuration. For more information, see Specifying Sensitive Data (https://docs.aws.amazon.com/batch/latest/userguide/specifying-sensitive-data.html) in the Batch User Guide.
The mount points for data volumes in your container. This parameter maps to Volumes in the Create a container (https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the Docker Remote API (https://docs.docker.com/engine/api/v1.23/) and the --volume option to docker run (https://docs.docker.com/engine/reference/run/).
The network configuration for jobs that are running on Fargate resources. Jobs that are running on EC2 resources must not specify this parameter.
The type and amount of resources to assign to a container. The supported resources include GPU, MEMORY, and VCPU.
The secrets for the container. For more information, see Specifying sensitive data (https://docs.aws.amazon.com/batch/latest/userguide/specifying-sensitive-data.html) in the Batch User Guide.
A list of ulimits to set in the container. This parameter maps to Ulimits in the Create a container (https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the Docker Remote API (https://docs.docker.com/engine/api/v1.23/) and the --ulimit option to docker run (https://docs.docker.com/engine/reference/run/).
This parameter isn't applicable to jobs that are running on Fargate resources and shouldn't be provided.
A list of data volumes used in a job.
This parameter is specified when you are using an Amazon Elastic File System file system for job storage. Jobs that are running on Fargate resources must specify a platformVersion of at least 1.4.0.
The authorization configuration details for the Amazon EFS file system.
AccessPointIDRef are references to AccessPoint used to set the AccessPointID.
Policies for referencing.
AccessPointIDSelector selects references to AccessPoint used to set the AccessPointID.
Policies for selection.
FileSystemIDRef are references to Filesystem used to set the FileSystemID.
Policies for referencing.
FileSystemIDSelector selects references to Filesystem used to set the FileSystemID.
Policies for selection.
The contents of the host parameter determine whether your data volume persists on the host container instance and where it is stored. If the host parameter is empty, then the Docker daemon assigns a host path for your data volume. However, the data isn't guaranteed to persist after the containers associated with it stop running.
This parameter isn't applicable to jobs that are running on Fargate resources and shouldn't be provided.
The platform capabilities required by the job definition. If no value is specified, it defaults to EC2. To run the job on Fargate resources, specify FARGATE.
The retry strategy to use for failed jobs that are submitted with this job definition. Any retry strategy that's specified during a SubmitJob operation overrides the retry strategy defined here. If a job is terminated due to a timeout, it isn't retried.
Array of up to 5 objects that specify conditions under which the job should be retried or failed. If this parameter is specified, then the attempts parameter must also be specified.
The timeout configuration for jobs that are submitted with this job definition, after which Batch terminates your jobs if they have not finished. If a job is terminated due to a timeout, it isn't retried. The minimum value for the timeout is 60 seconds. Any timeout configuration that's specified during a SubmitJob operation overrides the timeout configuration defined here. For more information, see Job Timeouts (https://docs.aws.amazon.com/batch/latest/userguide/job_timeouts.html) in the Batch User Guide.
THIS IS A BETA FIELD. It is on by default but can be opted out through a Crossplane feature flag. ManagementPolicies specify the array of actions Crossplane is allowed to take on the managed and external resources. This field is planned to replace the DeletionPolicy field in a future release. Currently, both could be set independently and non-default values would be honored if the feature flag is enabled. If both are custom, the DeletionPolicy field will be ignored. See the design doc for more information: https://github.com/crossplane/crossplane/blob/499895a25d1a1a0ba1604944ef98ac7a1a71f197/design/design-doc-observe-only-resources.md?plain=1#L223 and this one: https://github.com/crossplane/crossplane/blob/444267e84783136daa93568b364a5f01228cacbe/design/one-pager-ignore-changes.md
ProviderConfigReference specifies how the provider that will be used to create, observe, update, and delete this managed resource should be configured.
Policies for referencing.
PublishConnectionDetailsTo specifies the connection secret config which contains a name, metadata and a reference to secret store config to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource.
WriteConnectionSecretToReference specifies the namespace and name of a Secret to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource. This field is planned to be replaced in a future release in favor of PublishConnectionDetailsTo. Currently, both could be set independently and connection details would be published to both without affecting each other.
A JobDefinitionStatus represents the observed state of a JobDefinition.
JobDefinitionObservation keeps the state for the external resource
Conditions of the resource.
example-multinode-jobdefinition
apiVersion: batch.aws.crossplane.io/v1alpha1
kind: JobDefinition
metadata:
name: example-multinode-jobdefinition
spec:
forProvider:
jobDefinitionType: multinode
nodeProperties:
mainNode: 0
nodeRangeProperties:
- container:
command:
- echo
- hello world
executionRoleARNRef:
name: ecs-task-execution-role
image: public.ecr.aws/amazonlinux/amazonlinux:latest
instanceType: m4.large
jobRoleARNRef:
name: ecs-task-execution-role
linuxParameters:
initProcessEnabled: true
maxSwap: 50
sharedMemorySize: 123
swappiness: 42
tmpfs:
- containerPath: /home/tmpfs/cpath
mountOptions:
- defaults
- async
size: 111
mountPoints:
- containerPath: /home/cpath
readOnly: true
sourceVolume: hostvolumeName
privileged: true
resourceRequirements:
- resourceType: VCPU
value: "1"
- resourceType: MEMORY
value: "1024"
ulimits:
- hardLimit: 69
name: nice
softLimit: 42
volumes:
- host:
sourcePath: /home/hPath
name: hostvolumeName
targetNodes: "0:"
numNodes: 1
propagateTags: true
region: us-east-1
retryStrategy:
attempts: 3
evaluateOnExit:
- action: exit
onExitCode: "3242"
onReason: didnotWork
onStatusReason: invalidSTHorso
tags:
jd: my-jobdefinition-ec2-multinode
other: bla
providerConfigRef:
name: example
example-jobdefinition
apiVersion: batch.aws.crossplane.io/v1alpha1
kind: JobDefinition
metadata:
name: example-jobdefinition
spec:
forProvider:
containerProperties:
command:
- echo
- hello world
executionRoleARNRef:
name: ecs-task-execution-role
fargatePlatformConfiguration:
platformVersion: 1.4.0
image: public.ecr.aws/amazonlinux/amazonlinux:latest
jobRoleARNRef:
name: ecs-task-execution-role
logConfiguration:
logDriver: awslogs
networkConfiguration:
assignPublicIp: ENABLED
readonlyRootFilesystem: true
resourceRequirements:
- resourceType: VCPU
value: "1"
- resourceType: MEMORY
value: "4096"
volumes:
- efsVolumeConfiguration:
authorizationConfig:
accessPointIdRef:
name: example
fileSystemIdRef:
name: example
rootDirectory: /
transitEncryption: ENABLED
name: efsvolumeName
jobDefinitionType: container
platformCapabilities:
- FARGATE
propagateTags: true
region: us-east-1
retryStrategy:
attempts: 3
evaluateOnExit:
- action: exit
onExitCode: "3242"
onReason: didnotWork
onStatusReason: invalidSTHorso
tags:
jd: my-jobdefinition-fargate
other: bla
timeout:
attemptDurationSeconds: 70
providerConfigRef:
name: example