From 1cfa8462f5d0c65897238d4e78ae143a3f609160 Mon Sep 17 00:00:00 2001 From: Victor Morales Date: Wed, 28 Feb 2024 16:34:26 -0800 Subject: [PATCH 1/6] Enable update package util script Signed-off-by: Victor Morales --- .gitignore | 1 + update_packages.sh | 62 ++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 63 insertions(+) create mode 100644 .gitignore create mode 100755 update_packages.sh diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..e660fd9 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +bin/ diff --git a/update_packages.sh b/update_packages.sh new file mode 100755 index 0000000..e6b5eda --- /dev/null +++ b/update_packages.sh @@ -0,0 +1,62 @@ +#!/usr/bin/env bash +# SPDX-license-identifier: Apache-2.0 +############################################################################## +# Copyright (c) 2024 The Nephio Authors. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## + +set -o pipefail +set -o errexit +set -o nounset +[[ ${DEBUG:-false} != "true" ]] || set -o xtrace + +function get_github_latest_release { + version="" + attempt_counter=0 + max_attempts=5 + + until [ "$version" ]; do + url_effective=$(curl -sL -o /dev/null -w '%{url_effective}' "https://github.com/$1/releases/latest") + if [ "$url_effective" ]; then + version="${url_effective##*/}" + break + elif [ ${attempt_counter} -eq ${max_attempts} ]; then + echo "Max attempts reached" + exit 1 + fi + attempt_counter=$((attempt_counter + 1)) + sleep $((attempt_counter * 2)) + done + echo "${version#v}" +} + +# cert-manager +CERT_MANAGER_VERSION="v$(get_github_latest_release cert-manager/cert-manager)" +curl -sL -o ./distros/sandbox/cert-manager/cert-manager.yaml "https://github.com/cert-manager/cert-manager/releases/download/$CERT_MANAGER_VERSION/cert-manager.yaml" + +# cluster-api +CLUSTER_API_VERSION="v$(get_github_latest_release kubernetes-sigs/cluster-api)" +OS="$(uname | tr '[:upper:]' '[:lower:]')" +ARCH="$(uname -m | sed -e 's/x86_64/amd64/' -e 's/\(arm\)\(64\)\?.*/\1\2/' -e 's/aarch64$/arm64/')" +CLUSTERCMD_PATH="$(pwd)/bin/clusterctl" +export CLUSTER_TOPOLOGY=true +export GOPROXY=off + +if [ ! -f "$CLUSTERCMD_PATH" ] || [ "$("$CLUSTERCMD_PATH" version -o short)" != "$CLUSTER_API_VERSION" ]; then + mkdir -p "$(dirname "$CLUSTERCMD_PATH")" + curl -sL -o ./bin/clusterctl "https://github.com/kubernetes-sigs/cluster-api/releases/download/$CLUSTER_API_VERSION/clusterctl-$OS-$ARCH" + chmod +x ./bin/clusterctl +fi + +"$CLUSTERCMD_PATH" generate provider --core cluster-api --write-to ./infra/capi/cluster-capi/cluster-api-core.yaml +"$CLUSTERCMD_PATH" generate provider --bootstrap kubeadm --write-to ./infra/capi/cluster-capi/cluster-api-bootstrap.yaml +"$CLUSTERCMD_PATH" generate provider --control-plane kubeadm --write-to ./infra/capi/cluster-capi/cluster-api-control-plane.yaml +"$CLUSTERCMD_PATH" generate provider --infrastructure docker --write-to ./infra/capi/cluster-capi-infrastructure-docker/cluster-api-infrastructure-docker.yaml + +# Multus +multus_version="v$(get_github_latest_release k8snetworkplumbingwg/multus-cni)" +curl -sL -o multus/multus-daemonset-thick.yml "https://raw.githubusercontent.com/k8snetworkplumbingwg/multus-cni/$multus_version/deployments/multus-daemonset-thick.yml" +sed -i "s/snapshot-thick/$multus_version-thick/g" ./infra/capi/multus/multus-daemonset-thick.yml From c0bf8ee4f44f8d27a399f5342e0edba21f4e93ac Mon Sep 17 00:00:00 2001 From: Victor Morales Date: Wed, 28 Feb 2024 16:35:05 -0800 Subject: [PATCH 2/6] Bump cert-manager version to 1.14.3 Signed-off-by: Victor Morales --- .../sandbox/cert-manager/cert-manager.yaml | 454 +++++++++++++----- 1 file changed, 334 insertions(+), 120 deletions(-) diff --git a/distros/sandbox/cert-manager/cert-manager.yaml b/distros/sandbox/cert-manager/cert-manager.yaml index 15f67a1..88c6fee 100644 --- a/distros/sandbox/cert-manager/cert-manager.yaml +++ b/distros/sandbox/cert-manager/cert-manager.yaml @@ -27,7 +27,7 @@ metadata: app.kubernetes.io/name: 'cert-manager' app.kubernetes.io/instance: 'cert-manager' # Generated labels - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" spec: group: cert-manager.io names: @@ -225,7 +225,7 @@ metadata: app.kubernetes.io/name: 'cert-manager' app.kubernetes.io/instance: 'cert-manager' # Generated labels - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" spec: group: cert-manager.io names: @@ -387,9 +387,83 @@ spec: name: description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string + profile: + description: "Profile specifies the key and certificate encryption algorithms and the HMAC algorithm used to create the PKCS12 keystore. Default value is `LegacyRC2` for backward compatibility. \n If provided, allowed values are: `LegacyRC2`: Deprecated. Not supported by default in OpenSSL 3 or Java 20. `LegacyDES`: Less secure algorithm. Use this option for maximal compatibility. `Modern2023`: Secure algorithm. Use this option in case you have to always use secure algorithms (eg. because of company policy). Please note that the security of the algorithm is not that important in reality, because the unencrypted certificate and private key are also stored in the Secret." + type: string + enum: + - LegacyRC2 + - LegacyDES + - Modern2023 literalSubject: description: "Requested X.509 certificate subject, represented using the LDAP \"String Representation of a Distinguished Name\" [1]. Important: the LDAP string format also specifies the order of the attributes in the subject, this is important when issuing certs for LDAP authentication. Example: `CN=foo,DC=corp,DC=example,DC=com` More info [1]: https://datatracker.ietf.org/doc/html/rfc4514 More info: https://github.com/cert-manager/cert-manager/issues/3203 More info: https://github.com/cert-manager/cert-manager/issues/4424 \n Cannot be set if the `subject` or `commonName` field is set. This is an Alpha Feature and is only enabled with the `--feature-gates=LiteralCertificateSubject=true` option set on both the controller and webhook components." type: string + nameConstraints: + description: "x.509 certificate NameConstraint extension which MUST NOT be used in a non-CA certificate. More Info: https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.10 \n This is an Alpha Feature and is only enabled with the `--feature-gates=NameConstraints=true` option set on both the controller and webhook components." + type: object + properties: + critical: + description: if true then the name constraints are marked critical. + type: boolean + excluded: + description: Excluded contains the constraints which must be disallowed. Any name matching a restriction in the excluded field is invalid regardless of information appearing in the permitted + type: object + properties: + dnsDomains: + description: DNSDomains is a list of DNS domains that are permitted or excluded. + type: array + items: + type: string + emailAddresses: + description: EmailAddresses is a list of Email Addresses that are permitted or excluded. + type: array + items: + type: string + ipRanges: + description: IPRanges is a list of IP Ranges that are permitted or excluded. This should be a valid CIDR notation. + type: array + items: + type: string + uriDomains: + description: URIDomains is a list of URI domains that are permitted or excluded. + type: array + items: + type: string + permitted: + description: Permitted contains the constraints in which the names must be located. + type: object + properties: + dnsDomains: + description: DNSDomains is a list of DNS domains that are permitted or excluded. + type: array + items: + type: string + emailAddresses: + description: EmailAddresses is a list of Email Addresses that are permitted or excluded. + type: array + items: + type: string + ipRanges: + description: IPRanges is a list of IP Ranges that are permitted or excluded. This should be a valid CIDR notation. + type: array + items: + type: string + uriDomains: + description: URIDomains is a list of URI domains that are permitted or excluded. + type: array + items: + type: string + otherNames: + description: '`otherNames` is an escape hatch for SAN that allows any type. We currently restrict the support to string like otherNames, cf RFC 5280 p 37 Any UTF8 String valued otherName can be passed with by setting the keys oid: x.x.x.x and UTF8Value: somevalue for `otherName`. Most commonly this would be UPN set with oid: 1.3.6.1.4.1.311.20.2.3 You should ensure that any OID passed is valid for the UTF8String type as we do not explicitly validate this.' + type: array + items: + type: object + properties: + oid: + description: OID is the object identifier for the otherName SAN. The object identifier must be expressed as a dotted string, for example, "1.2.840.113556.1.4.221". + type: string + utf8Value: + description: utf8Value is the string value of the otherName SAN. The utf8Value accepts any valid UTF8 string to set as value for the otherName SAN. + type: string privateKey: description: Private key options. These include the key algorithm and size, the used encoding and the rotation policy. type: object @@ -596,7 +670,7 @@ metadata: app.kubernetes.io/name: 'cert-manager' app.kubernetes.io/instance: 'cert-manager' # Generated labels - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" spec: group: acme.cert-manager.io names: @@ -761,10 +835,10 @@ spec: - subscriptionID properties: clientID: - description: if both this and ClientSecret are left unset MSI will be used + description: 'Auth: Azure Service Principal: The ClientID of the Azure Service Principal used to authenticate with Azure DNS. If set, ClientSecret and TenantID must also be set.' type: string clientSecretSecretRef: - description: if both this and ClientID are left unset MSI will be used + description: 'Auth: Azure Service Principal: A reference to a Secret containing the password associated with the Service Principal. If set, ClientID and TenantID must also be set.' type: object required: - name @@ -787,14 +861,14 @@ spec: description: name of the DNS zone that should be used type: string managedIdentity: - description: managed identity configuration, can not be used at the same time as clientID, clientSecretSecretRef or tenantID + description: 'Auth: Azure Workload Identity or Azure Managed Service Identity: Settings to enable Azure Workload Identity or Azure Managed Service Identity If set, ClientID, ClientSecret and TenantID must not be set.' type: object properties: clientID: description: client ID of the managed identity, can not be used at the same time as resourceID type: string resourceID: - description: resource ID of the managed identity, can not be used at the same time as clientID + description: resource ID of the managed identity, can not be used at the same time as clientID Cannot be used for Azure Managed Service Identity type: string resourceGroupName: description: resource group the DNS zone is located in @@ -803,7 +877,7 @@ spec: description: ID of the Azure subscription type: string tenantID: - description: when specifying ClientID and ClientSecret then this field is also needed + description: 'Auth: Azure Service Principal: The TenantID of the Azure Service Principal used to authenticate with Azure DNS. If set, ClientID and ClientSecret must also be set.' type: string cloudDNS: description: Use the Google Cloud DNS API to manage DNS01 challenge records. @@ -1009,13 +1083,13 @@ spec: maxLength: 253 minLength: 1 namespace: - description: "Namespace is the namespace of the referent. When unspecified, this refers to the local namespace of the Route. \n Note that there are specific rules for ParentRefs which cross namespace boundaries. Cross-namespace references are only valid if they are explicitly allowed by something in the namespace they are referring to. For example: Gateway has the AllowedRoutes field, and ReferenceGrant provides a generic way to enable any other kind of cross-namespace reference. \n ParentRefs from a Route to a Service in the same namespace are \"producer\" routes, which apply default routing rules to inbound connections from any namespace to the Service. \n ParentRefs from a Route to a Service in a different namespace are \"consumer\" routes, and these routing rules are only applied to outbound connections originating from the same namespace as the Route, for which the intended destination of the connections are a Service targeted as a ParentRef of the Route. \n Support: Core" + description: "Namespace is the namespace of the referent. When unspecified, this refers to the local namespace of the Route. \n Note that there are specific rules for ParentRefs which cross namespace boundaries. Cross-namespace references are only valid if they are explicitly allowed by something in the namespace they are referring to. For example: Gateway has the AllowedRoutes field, and ReferenceGrant provides a generic way to enable any other kind of cross-namespace reference. \n ParentRefs from a Route to a Service in the same namespace are \"producer\" routes, which apply default routing rules to inbound connections from any namespace to the Service. \n ParentRefs from a Route to a Service in a different namespace are \"consumer\" routes, and these routing rules are only applied to outbound connections originating from the same namespace as the Route, for which the intended destination of the connections are a Service targeted as a ParentRef of the Route. \n Support: Core" type: string maxLength: 63 minLength: 1 pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ port: - description: "Port is the network port this Route targets. It can be interpreted differently based on the type of parent resource. \n When the parent resource is a Gateway, this targets all listeners listening on the specified port that also support this kind of Route(and select this Route). It's not recommended to set `Port` unless the networking behaviors specified in a Route must apply to a specific port as opposed to a listener(s) whose port(s) may be changed. When both Port and SectionName are specified, the name and port of the selected listener must match both specified values. \n When the parent resource is a Service, this targets a specific port in the Service spec. When both Port (experimental) and SectionName are specified, the name and port of the selected port must match both specified values. \n Implementations MAY choose to support other parent resources. Implementations supporting other types of parent resources MUST clearly document how/if Port is interpreted. \n For the purpose of status, an attachment is considered successful as long as the parent resource accepts it partially. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Extended \n " + description: "Port is the network port this Route targets. It can be interpreted differently based on the type of parent resource. \n When the parent resource is a Gateway, this targets all listeners listening on the specified port that also support this kind of Route(and select this Route). It's not recommended to set `Port` unless the networking behaviors specified in a Route must apply to a specific port as opposed to a listener(s) whose port(s) may be changed. When both Port and SectionName are specified, the name and port of the selected listener must match both specified values. \n When the parent resource is a Service, this targets a specific port in the Service spec. When both Port (experimental) and SectionName are specified, the name and port of the selected port must match both specified values. \n Implementations MAY choose to support other parent resources. Implementations supporting other types of parent resources MUST clearly document how/if Port is interpreted. \n For the purpose of status, an attachment is considered successful as long as the parent resource accepts it partially. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Extended \n " type: integer format: int32 maximum: 65535 @@ -1229,7 +1303,7 @@ spec: - topologyKey properties: labelSelector: - description: A label query over a set of resources, in this case pods. + description: A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. type: object properties: matchExpressions: @@ -1259,6 +1333,18 @@ spec: additionalProperties: type: string x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic namespaceSelector: description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. type: object @@ -1312,7 +1398,7 @@ spec: - topologyKey properties: labelSelector: - description: A label query over a set of resources, in this case pods. + description: A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. type: object properties: matchExpressions: @@ -1342,6 +1428,18 @@ spec: additionalProperties: type: string x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic namespaceSelector: description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. type: object @@ -1402,7 +1500,7 @@ spec: - topologyKey properties: labelSelector: - description: A label query over a set of resources, in this case pods. + description: A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. type: object properties: matchExpressions: @@ -1432,6 +1530,18 @@ spec: additionalProperties: type: string x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic namespaceSelector: description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. type: object @@ -1485,7 +1595,7 @@ spec: - topologyKey properties: labelSelector: - description: A label query over a set of resources, in this case pods. + description: A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. type: object properties: matchExpressions: @@ -1515,6 +1625,18 @@ spec: additionalProperties: type: string x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic namespaceSelector: description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. type: object @@ -1674,7 +1796,7 @@ metadata: app.kubernetes.io/name: 'cert-manager' app.kubernetes.io/instance: "cert-manager" # Generated labels - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" spec: group: cert-manager.io names: @@ -1878,10 +2000,10 @@ spec: - subscriptionID properties: clientID: - description: if both this and ClientSecret are left unset MSI will be used + description: 'Auth: Azure Service Principal: The ClientID of the Azure Service Principal used to authenticate with Azure DNS. If set, ClientSecret and TenantID must also be set.' type: string clientSecretSecretRef: - description: if both this and ClientID are left unset MSI will be used + description: 'Auth: Azure Service Principal: A reference to a Secret containing the password associated with the Service Principal. If set, ClientID and TenantID must also be set.' type: object required: - name @@ -1904,14 +2026,14 @@ spec: description: name of the DNS zone that should be used type: string managedIdentity: - description: managed identity configuration, can not be used at the same time as clientID, clientSecretSecretRef or tenantID + description: 'Auth: Azure Workload Identity or Azure Managed Service Identity: Settings to enable Azure Workload Identity or Azure Managed Service Identity If set, ClientID, ClientSecret and TenantID must not be set.' type: object properties: clientID: description: client ID of the managed identity, can not be used at the same time as resourceID type: string resourceID: - description: resource ID of the managed identity, can not be used at the same time as clientID + description: resource ID of the managed identity, can not be used at the same time as clientID Cannot be used for Azure Managed Service Identity type: string resourceGroupName: description: resource group the DNS zone is located in @@ -1920,7 +2042,7 @@ spec: description: ID of the Azure subscription type: string tenantID: - description: when specifying ClientID and ClientSecret then this field is also needed + description: 'Auth: Azure Service Principal: The TenantID of the Azure Service Principal used to authenticate with Azure DNS. If set, ClientID and ClientSecret must also be set.' type: string cloudDNS: description: Use the Google Cloud DNS API to manage DNS01 challenge records. @@ -2126,13 +2248,13 @@ spec: maxLength: 253 minLength: 1 namespace: - description: "Namespace is the namespace of the referent. When unspecified, this refers to the local namespace of the Route. \n Note that there are specific rules for ParentRefs which cross namespace boundaries. Cross-namespace references are only valid if they are explicitly allowed by something in the namespace they are referring to. For example: Gateway has the AllowedRoutes field, and ReferenceGrant provides a generic way to enable any other kind of cross-namespace reference. \n ParentRefs from a Route to a Service in the same namespace are \"producer\" routes, which apply default routing rules to inbound connections from any namespace to the Service. \n ParentRefs from a Route to a Service in a different namespace are \"consumer\" routes, and these routing rules are only applied to outbound connections originating from the same namespace as the Route, for which the intended destination of the connections are a Service targeted as a ParentRef of the Route. \n Support: Core" + description: "Namespace is the namespace of the referent. When unspecified, this refers to the local namespace of the Route. \n Note that there are specific rules for ParentRefs which cross namespace boundaries. Cross-namespace references are only valid if they are explicitly allowed by something in the namespace they are referring to. For example: Gateway has the AllowedRoutes field, and ReferenceGrant provides a generic way to enable any other kind of cross-namespace reference. \n ParentRefs from a Route to a Service in the same namespace are \"producer\" routes, which apply default routing rules to inbound connections from any namespace to the Service. \n ParentRefs from a Route to a Service in a different namespace are \"consumer\" routes, and these routing rules are only applied to outbound connections originating from the same namespace as the Route, for which the intended destination of the connections are a Service targeted as a ParentRef of the Route. \n Support: Core" type: string maxLength: 63 minLength: 1 pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ port: - description: "Port is the network port this Route targets. It can be interpreted differently based on the type of parent resource. \n When the parent resource is a Gateway, this targets all listeners listening on the specified port that also support this kind of Route(and select this Route). It's not recommended to set `Port` unless the networking behaviors specified in a Route must apply to a specific port as opposed to a listener(s) whose port(s) may be changed. When both Port and SectionName are specified, the name and port of the selected listener must match both specified values. \n When the parent resource is a Service, this targets a specific port in the Service spec. When both Port (experimental) and SectionName are specified, the name and port of the selected port must match both specified values. \n Implementations MAY choose to support other parent resources. Implementations supporting other types of parent resources MUST clearly document how/if Port is interpreted. \n For the purpose of status, an attachment is considered successful as long as the parent resource accepts it partially. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Extended \n " + description: "Port is the network port this Route targets. It can be interpreted differently based on the type of parent resource. \n When the parent resource is a Gateway, this targets all listeners listening on the specified port that also support this kind of Route(and select this Route). It's not recommended to set `Port` unless the networking behaviors specified in a Route must apply to a specific port as opposed to a listener(s) whose port(s) may be changed. When both Port and SectionName are specified, the name and port of the selected listener must match both specified values. \n When the parent resource is a Service, this targets a specific port in the Service spec. When both Port (experimental) and SectionName are specified, the name and port of the selected port must match both specified values. \n Implementations MAY choose to support other parent resources. Implementations supporting other types of parent resources MUST clearly document how/if Port is interpreted. \n For the purpose of status, an attachment is considered successful as long as the parent resource accepts it partially. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Extended \n " type: integer format: int32 maximum: 65535 @@ -2346,7 +2468,7 @@ spec: - topologyKey properties: labelSelector: - description: A label query over a set of resources, in this case pods. + description: A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. type: object properties: matchExpressions: @@ -2376,6 +2498,18 @@ spec: additionalProperties: type: string x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic namespaceSelector: description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. type: object @@ -2429,7 +2563,7 @@ spec: - topologyKey properties: labelSelector: - description: A label query over a set of resources, in this case pods. + description: A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. type: object properties: matchExpressions: @@ -2459,6 +2593,18 @@ spec: additionalProperties: type: string x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic namespaceSelector: description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. type: object @@ -2519,7 +2665,7 @@ spec: - topologyKey properties: labelSelector: - description: A label query over a set of resources, in this case pods. + description: A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. type: object properties: matchExpressions: @@ -2549,6 +2695,18 @@ spec: additionalProperties: type: string x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic namespaceSelector: description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. type: object @@ -2602,7 +2760,7 @@ spec: - topologyKey properties: labelSelector: - description: A label query over a set of resources, in this case pods. + description: A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. type: object properties: matchExpressions: @@ -2632,6 +2790,18 @@ spec: additionalProperties: type: string x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic namespaceSelector: description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. type: object @@ -2749,6 +2919,11 @@ spec: type: array items: type: string + issuingCertificateURLs: + description: IssuingCertificateURLs is a list of URLs which this issuer should embed into certificates it creates. See https://www.rfc-editor.org/rfc/rfc5280#section-4.2.2.1 for more details. As an example, such a URL might be "http://ca.domain.com/ca.crt". + type: array + items: + type: string ocspServers: description: The OCSP server list is an X.509 v3 extension that defines a list of URLs of OCSP responders. The OCSP responders can be queried for the revocation status of an issued certificate. If not set, the certificate will be issued with no OCSP servers set. For example, an OCSP server URL could be "http://ocsp.int-x3.letsencrypt.org". type: array @@ -2994,7 +3169,7 @@ metadata: app.kubernetes.io/name: 'cert-manager' app.kubernetes.io/instance: "cert-manager" # Generated labels - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" spec: group: cert-manager.io names: @@ -3198,10 +3373,10 @@ spec: - subscriptionID properties: clientID: - description: if both this and ClientSecret are left unset MSI will be used + description: 'Auth: Azure Service Principal: The ClientID of the Azure Service Principal used to authenticate with Azure DNS. If set, ClientSecret and TenantID must also be set.' type: string clientSecretSecretRef: - description: if both this and ClientID are left unset MSI will be used + description: 'Auth: Azure Service Principal: A reference to a Secret containing the password associated with the Service Principal. If set, ClientID and TenantID must also be set.' type: object required: - name @@ -3224,14 +3399,14 @@ spec: description: name of the DNS zone that should be used type: string managedIdentity: - description: managed identity configuration, can not be used at the same time as clientID, clientSecretSecretRef or tenantID + description: 'Auth: Azure Workload Identity or Azure Managed Service Identity: Settings to enable Azure Workload Identity or Azure Managed Service Identity If set, ClientID, ClientSecret and TenantID must not be set.' type: object properties: clientID: description: client ID of the managed identity, can not be used at the same time as resourceID type: string resourceID: - description: resource ID of the managed identity, can not be used at the same time as clientID + description: resource ID of the managed identity, can not be used at the same time as clientID Cannot be used for Azure Managed Service Identity type: string resourceGroupName: description: resource group the DNS zone is located in @@ -3240,7 +3415,7 @@ spec: description: ID of the Azure subscription type: string tenantID: - description: when specifying ClientID and ClientSecret then this field is also needed + description: 'Auth: Azure Service Principal: The TenantID of the Azure Service Principal used to authenticate with Azure DNS. If set, ClientID and ClientSecret must also be set.' type: string cloudDNS: description: Use the Google Cloud DNS API to manage DNS01 challenge records. @@ -3446,13 +3621,13 @@ spec: maxLength: 253 minLength: 1 namespace: - description: "Namespace is the namespace of the referent. When unspecified, this refers to the local namespace of the Route. \n Note that there are specific rules for ParentRefs which cross namespace boundaries. Cross-namespace references are only valid if they are explicitly allowed by something in the namespace they are referring to. For example: Gateway has the AllowedRoutes field, and ReferenceGrant provides a generic way to enable any other kind of cross-namespace reference. \n ParentRefs from a Route to a Service in the same namespace are \"producer\" routes, which apply default routing rules to inbound connections from any namespace to the Service. \n ParentRefs from a Route to a Service in a different namespace are \"consumer\" routes, and these routing rules are only applied to outbound connections originating from the same namespace as the Route, for which the intended destination of the connections are a Service targeted as a ParentRef of the Route. \n Support: Core" + description: "Namespace is the namespace of the referent. When unspecified, this refers to the local namespace of the Route. \n Note that there are specific rules for ParentRefs which cross namespace boundaries. Cross-namespace references are only valid if they are explicitly allowed by something in the namespace they are referring to. For example: Gateway has the AllowedRoutes field, and ReferenceGrant provides a generic way to enable any other kind of cross-namespace reference. \n ParentRefs from a Route to a Service in the same namespace are \"producer\" routes, which apply default routing rules to inbound connections from any namespace to the Service. \n ParentRefs from a Route to a Service in a different namespace are \"consumer\" routes, and these routing rules are only applied to outbound connections originating from the same namespace as the Route, for which the intended destination of the connections are a Service targeted as a ParentRef of the Route. \n Support: Core" type: string maxLength: 63 minLength: 1 pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ port: - description: "Port is the network port this Route targets. It can be interpreted differently based on the type of parent resource. \n When the parent resource is a Gateway, this targets all listeners listening on the specified port that also support this kind of Route(and select this Route). It's not recommended to set `Port` unless the networking behaviors specified in a Route must apply to a specific port as opposed to a listener(s) whose port(s) may be changed. When both Port and SectionName are specified, the name and port of the selected listener must match both specified values. \n When the parent resource is a Service, this targets a specific port in the Service spec. When both Port (experimental) and SectionName are specified, the name and port of the selected port must match both specified values. \n Implementations MAY choose to support other parent resources. Implementations supporting other types of parent resources MUST clearly document how/if Port is interpreted. \n For the purpose of status, an attachment is considered successful as long as the parent resource accepts it partially. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Extended \n " + description: "Port is the network port this Route targets. It can be interpreted differently based on the type of parent resource. \n When the parent resource is a Gateway, this targets all listeners listening on the specified port that also support this kind of Route(and select this Route). It's not recommended to set `Port` unless the networking behaviors specified in a Route must apply to a specific port as opposed to a listener(s) whose port(s) may be changed. When both Port and SectionName are specified, the name and port of the selected listener must match both specified values. \n When the parent resource is a Service, this targets a specific port in the Service spec. When both Port (experimental) and SectionName are specified, the name and port of the selected port must match both specified values. \n Implementations MAY choose to support other parent resources. Implementations supporting other types of parent resources MUST clearly document how/if Port is interpreted. \n For the purpose of status, an attachment is considered successful as long as the parent resource accepts it partially. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Extended \n " type: integer format: int32 maximum: 65535 @@ -3666,7 +3841,7 @@ spec: - topologyKey properties: labelSelector: - description: A label query over a set of resources, in this case pods. + description: A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. type: object properties: matchExpressions: @@ -3696,6 +3871,18 @@ spec: additionalProperties: type: string x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic namespaceSelector: description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. type: object @@ -3749,7 +3936,7 @@ spec: - topologyKey properties: labelSelector: - description: A label query over a set of resources, in this case pods. + description: A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. type: object properties: matchExpressions: @@ -3779,6 +3966,18 @@ spec: additionalProperties: type: string x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic namespaceSelector: description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. type: object @@ -3839,7 +4038,7 @@ spec: - topologyKey properties: labelSelector: - description: A label query over a set of resources, in this case pods. + description: A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. type: object properties: matchExpressions: @@ -3869,6 +4068,18 @@ spec: additionalProperties: type: string x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic namespaceSelector: description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. type: object @@ -3922,7 +4133,7 @@ spec: - topologyKey properties: labelSelector: - description: A label query over a set of resources, in this case pods. + description: A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. type: object properties: matchExpressions: @@ -3952,6 +4163,18 @@ spec: additionalProperties: type: string x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic namespaceSelector: description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. type: object @@ -4069,6 +4292,11 @@ spec: type: array items: type: string + issuingCertificateURLs: + description: IssuingCertificateURLs is a list of URLs which this issuer should embed into certificates it creates. See https://www.rfc-editor.org/rfc/rfc5280#section-4.2.2.1 for more details. As an example, such a URL might be "http://ca.domain.com/ca.crt". + type: array + items: + type: string ocspServers: description: The OCSP server list is an X.509 v3 extension that defines a list of URLs of OCSP responders. The OCSP responders can be queried for the revocation status of an issued certificate. If not set, the certificate will be issued with no OCSP servers set. For example, an OCSP server URL could be "http://ocsp.int-x3.letsencrypt.org". type: array @@ -4314,7 +4542,7 @@ metadata: app.kubernetes.io/name: 'cert-manager' app.kubernetes.io/instance: 'cert-manager' # Generated labels - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" spec: group: acme.cert-manager.io names: @@ -4498,7 +4726,7 @@ metadata: app.kubernetes.io/name: cainjector app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cainjector" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" --- # Source: cert-manager/templates/serviceaccount.yaml apiVersion: v1 @@ -4512,7 +4740,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" --- # Source: cert-manager/templates/webhook-serviceaccount.yaml apiVersion: v1 @@ -4526,35 +4754,7 @@ metadata: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.13.2" ---- -# Source: cert-manager/templates/controller-config.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: cert-manager - namespace: cert-manager - labels: - app: cert-manager - app.kubernetes.io/name: cert-manager - app.kubernetes.io/instance: cert-manager - app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.2" -data: ---- -# Source: cert-manager/templates/webhook-config.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: cert-manager-webhook - namespace: cert-manager - labels: - app: webhook - app.kubernetes.io/name: webhook - app.kubernetes.io/instance: cert-manager - app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.13.2" -data: + app.kubernetes.io/version: "v1.14.3" --- # Source: cert-manager/templates/cainjector-rbac.yaml apiVersion: rbac.authorization.k8s.io/v1 @@ -4566,7 +4766,7 @@ metadata: app.kubernetes.io/name: cainjector app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cainjector" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" rules: - apiGroups: ["cert-manager.io"] resources: ["certificates"] @@ -4598,7 +4798,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" rules: - apiGroups: ["cert-manager.io"] resources: ["issuers", "issuers/status"] @@ -4624,7 +4824,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" rules: - apiGroups: ["cert-manager.io"] resources: ["clusterissuers", "clusterissuers/status"] @@ -4650,7 +4850,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" rules: - apiGroups: ["cert-manager.io"] resources: ["certificates", "certificates/status", "certificaterequests", "certificaterequests/status"] @@ -4685,7 +4885,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" rules: - apiGroups: ["acme.cert-manager.io"] resources: ["orders", "orders/status"] @@ -4723,7 +4923,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" rules: # Use to update challenge resource status - apiGroups: ["acme.cert-manager.io"] @@ -4783,7 +4983,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" rules: - apiGroups: ["cert-manager.io"] resources: ["certificates", "certificaterequests"] @@ -4820,7 +5020,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" rbac.authorization.k8s.io/aggregate-to-cluster-reader: "true" rules: - apiGroups: ["cert-manager.io"] @@ -4837,7 +5037,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" rbac.authorization.k8s.io/aggregate-to-view: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-admin: "true" @@ -4860,7 +5060,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-admin: "true" rules: @@ -4885,7 +5085,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cert-manager" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" rules: - apiGroups: ["cert-manager.io"] resources: ["signers"] @@ -4905,7 +5105,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cert-manager" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" rules: - apiGroups: ["certificates.k8s.io"] resources: ["certificatesigningrequests"] @@ -4931,7 +5131,7 @@ metadata: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" rules: - apiGroups: ["authorization.k8s.io"] resources: ["subjectaccessreviews"] @@ -4947,7 +5147,7 @@ metadata: app.kubernetes.io/name: cainjector app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cainjector" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -4967,7 +5167,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -4987,7 +5187,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -5007,7 +5207,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -5027,7 +5227,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -5047,7 +5247,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -5067,7 +5267,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -5087,7 +5287,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cert-manager" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -5107,7 +5307,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cert-manager" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -5127,7 +5327,7 @@ metadata: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -5150,7 +5350,7 @@ metadata: app.kubernetes.io/name: cainjector app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cainjector" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" rules: # Used for leader election by the controller # cert-manager-cainjector-leader-election is used by the CertificateBased injector controller @@ -5176,7 +5376,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" rules: - apiGroups: ["coordination.k8s.io"] resources: ["leases"] @@ -5197,7 +5397,7 @@ metadata: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" rules: - apiGroups: [""] resources: ["secrets"] @@ -5222,7 +5422,7 @@ metadata: app.kubernetes.io/name: cainjector app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cainjector" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" roleRef: apiGroup: rbac.authorization.k8s.io kind: Role @@ -5245,7 +5445,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" roleRef: apiGroup: rbac.authorization.k8s.io kind: Role @@ -5267,7 +5467,7 @@ metadata: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" roleRef: apiGroup: rbac.authorization.k8s.io kind: Role @@ -5289,7 +5489,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" spec: type: ClusterIP ports: @@ -5313,7 +5513,7 @@ metadata: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" spec: type: ClusterIP ports: @@ -5337,7 +5537,7 @@ metadata: app.kubernetes.io/name: cainjector app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cainjector" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" spec: replicas: 1 selector: @@ -5352,7 +5552,7 @@ spec: app.kubernetes.io/name: cainjector app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cainjector" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" spec: serviceAccountName: cert-manager-cainjector enableServiceLinks: false @@ -5362,7 +5562,7 @@ spec: type: RuntimeDefault containers: - name: cert-manager-cainjector - image: "quay.io/jetstack/cert-manager-cainjector:v1.13.2" + image: "quay.io/jetstack/cert-manager-cainjector:v1.14.3" imagePullPolicy: IfNotPresent args: - --v=2 @@ -5377,6 +5577,7 @@ spec: capabilities: drop: - ALL + readOnlyRootFilesystem: true nodeSelector: kubernetes.io/os: linux --- @@ -5391,7 +5592,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" spec: replicas: 1 selector: @@ -5406,7 +5607,7 @@ spec: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" annotations: prometheus.io/path: "/metrics" prometheus.io/scrape: 'true' @@ -5420,13 +5621,13 @@ spec: type: RuntimeDefault containers: - name: cert-manager-controller - image: "quay.io/jetstack/cert-manager-controller:v1.13.2" + image: "quay.io/jetstack/cert-manager-controller:v1.14.3" imagePullPolicy: IfNotPresent args: - --v=2 - --cluster-resource-namespace=$(POD_NAMESPACE) - --leader-election-namespace=kube-system - - --acme-http01-solver-image=quay.io/jetstack/cert-manager-acmesolver:v1.13.2 + - --acme-http01-solver-image=quay.io/jetstack/cert-manager-acmesolver:v1.14.3 - --max-concurrent-challenges=60 ports: - containerPort: 9402 @@ -5440,11 +5641,25 @@ spec: capabilities: drop: - ALL + readOnlyRootFilesystem: true env: - name: POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace + # LivenessProbe settings are based on those used for the Kubernetes + # controller-manager. See: + # https://github.com/kubernetes/kubernetes/blob/806b30170c61a38fedd54cc9ede4cd6275a1ad3b/cmd/kubeadm/app/util/staticpod/utils.go#L241-L245 + livenessProbe: + httpGet: + port: http-healthz + path: /livez + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 15 + successThreshold: 1 + failureThreshold: 8 nodeSelector: kubernetes.io/os: linux --- @@ -5459,7 +5674,7 @@ metadata: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" spec: replicas: 1 selector: @@ -5474,7 +5689,7 @@ spec: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" spec: serviceAccountName: cert-manager-webhook enableServiceLinks: false @@ -5484,7 +5699,7 @@ spec: type: RuntimeDefault containers: - name: cert-manager-webhook - image: "quay.io/jetstack/cert-manager-webhook:v1.13.2" + image: "quay.io/jetstack/cert-manager-webhook:v1.14.3" imagePullPolicy: IfNotPresent args: - --v=2 @@ -5527,6 +5742,7 @@ spec: capabilities: drop: - ALL + readOnlyRootFilesystem: true env: - name: POD_NAMESPACE valueFrom: @@ -5545,7 +5761,7 @@ metadata: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" annotations: cert-manager.io/inject-ca-from-secret: "cert-manager/cert-manager-webhook-ca" webhooks: @@ -5553,20 +5769,18 @@ webhooks: rules: - apiGroups: - "cert-manager.io" - - "acme.cert-manager.io" apiVersions: - "v1" operations: - CREATE - - UPDATE resources: - - "*/*" + - "certificaterequests" admissionReviewVersions: ["v1"] # This webhook only accepts v1 cert-manager resources. # Equivalent matchPolicy ensures that non-v1 resource requests are sent to # this webhook (after the resources have been converted to v1). matchPolicy: Equivalent - timeoutSeconds: 10 + timeoutSeconds: 30 failurePolicy: Fail # Only include 'sideEffects' field in Kubernetes 1.12+ sideEffects: None @@ -5586,15 +5800,15 @@ metadata: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.13.2" + app.kubernetes.io/version: "v1.14.3" annotations: cert-manager.io/inject-ca-from-secret: "cert-manager/cert-manager-webhook-ca" webhooks: - name: webhook.cert-manager.io namespaceSelector: matchExpressions: - - key: "cert-manager.io/disable-validation" - operator: "NotIn" + - key: cert-manager.io/disable-validation + operator: NotIn values: - "true" rules: @@ -5613,7 +5827,7 @@ webhooks: # Equivalent matchPolicy ensures that non-v1 resource requests are sent to # this webhook (after the resources have been converted to v1). matchPolicy: Equivalent - timeoutSeconds: 10 + timeoutSeconds: 30 failurePolicy: Fail sideEffects: None clientConfig: From e85ffa6390ae771bd70b55cd2d5e380b129df6ad Mon Sep 17 00:00:00 2001 From: Victor Morales Date: Wed, 28 Feb 2024 16:37:30 -0800 Subject: [PATCH 3/6] Bump Cluster API version to 1.6.2 Signed-off-by: Victor Morales --- .../cluster-api-infrastructure-docker.yaml | 710 +- .../cluster-capi/cluster-api-bootstrap.yaml | 2412 ++++- .../cluster-api-control-plane.yaml | 1176 +- infra/capi/cluster-capi/cluster-api-core.yaml | 9596 +++++++++++------ 4 files changed, 10079 insertions(+), 3815 deletions(-) diff --git a/infra/capi/cluster-capi-infrastructure-docker/cluster-api-infrastructure-docker.yaml b/infra/capi/cluster-capi-infrastructure-docker/cluster-api-infrastructure-docker.yaml index a054341..7ba8539 100644 --- a/infra/capi/cluster-capi-infrastructure-docker/cluster-api-infrastructure-docker.yaml +++ b/infra/capi/cluster-capi-infrastructure-docker/cluster-api-infrastructure-docker.yaml @@ -46,6 +46,146 @@ spec: singular: dockercluster scope: Namespaced versions: + - deprecated: true + name: v1alpha3 + schema: + openAPIV3Schema: + description: "DockerCluster is the Schema for the dockerclusters API. \n Deprecated: + This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DockerClusterSpec defines the desired state of DockerCluster. + properties: + controlPlaneEndpoint: + description: ControlPlaneEndpoint represents the endpoint used to + communicate with the control plane. + properties: + host: + description: Host is the hostname on which the API server is serving. + type: string + port: + description: Port is the port on which the API server is serving. + type: integer + required: + - host + - port + type: object + failureDomains: + additionalProperties: + description: FailureDomainSpec is the Schema for Cluster API failure + domains. It allows controllers to understand how many failure + domains a cluster can optionally span across. + properties: + attributes: + additionalProperties: + type: string + description: Attributes is a free form map of attributes an + infrastructure provider might use or require. + type: object + controlPlane: + description: ControlPlane determines if this failure domain + is suitable for use by control plane machines. + type: boolean + type: object + description: FailureDomains are not usulaly defined on the spec. The + docker provider is special since failure domains don't mean anything + in a local docker environment. Instead, the docker cluster controller + will simply copy these into the Status and allow the Cluster API + controllers to do what they will with the defined failure domains. + type: object + type: object + status: + description: DockerClusterStatus defines the observed state of DockerCluster. + properties: + conditions: + description: Conditions defines current service state of the DockerCluster. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - status + - type + type: object + type: array + failureDomains: + additionalProperties: + description: FailureDomainSpec is the Schema for Cluster API failure + domains. It allows controllers to understand how many failure + domains a cluster can optionally span across. + properties: + attributes: + additionalProperties: + type: string + description: Attributes is a free form map of attributes an + infrastructure provider might use or require. + type: object + controlPlane: + description: ControlPlane determines if this failure domain + is suitable for use by control plane machines. + type: boolean + type: object + description: FailureDomains don't mean much in CAPD since it's all + local, but we can see how the rest of cluster API will use this + if we populate it. + type: object + ready: + description: Ready denotes that the docker cluster (infrastructure) + is ready. + type: boolean + required: + - ready + type: object + type: object + served: false + storage: false + subresources: + status: {} - additionalPrinterColumns: - description: Time duration since creation of DockerCluster jsonPath: .metadata.creationTimestamp @@ -725,13 +865,8 @@ spec: singular: dockermachinepool scope: Namespaced versions: - - additionalPrinterColumns: - - description: Time duration since creation of DockerMachinePool - jsonPath: .metadata.creationTimestamp - name: Age - type: date - deprecated: true - name: v1alpha4 + - deprecated: true + name: v1alpha3 schema: openAPIV3Schema: description: "DockerMachinePool is the Schema for the dockermachinepools API. @@ -916,10 +1051,12 @@ spec: jsonPath: .metadata.creationTimestamp name: Age type: date - name: v1beta1 + deprecated: true + name: v1alpha4 schema: openAPIV3Schema: - description: DockerMachinePool is the Schema for the dockermachinepools API. + description: "DockerMachinePool is the Schema for the dockermachinepools API. + \n Deprecated: This type will be removed in one of the next releases." properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -1026,15 +1163,10 @@ spec: important. type: string required: - - lastTransitionTime - status - type type: object type: array - infrastructureMachineKind: - description: InfrastructureMachineKind is the kind of the infrastructure - resources behind MachinePool Machines. - type: string instances: description: Instances contains the status for each instance in the pool @@ -1053,8 +1185,8 @@ spec: description: The machine address. type: string type: - description: Machine address type, one of Hostname, ExternalIP, - InternalIP, ExternalDNS or InternalDNS. + description: Machine address type, one of Hostname, ExternalIP + or InternalIP. type: string required: - address @@ -1062,10 +1194,8 @@ spec: type: object type: array bootstrapped: - description: "Bootstrapped is true when the kubeadm bootstrapping - has been run against this machine \n Deprecated: This field - will be removed in the next apiVersion. When removing also - remove from staticcheck exclude-rules for SA1019 in golangci.yml" + description: Bootstrapped is true when the kubeadm bootstrapping + has been run against this machine type: boolean instanceName: description: InstanceName is the identification of the Machine @@ -1098,63 +1228,19 @@ spec: type: integer type: object type: object - served: true - storage: true + served: false + storage: false subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - cert-manager.io/inject-ca-from: capd-system/capd-serving-cert - controller-gen.kubebuilder.io/version: v0.13.0 - creationTimestamp: null - labels: - cluster.x-k8s.io/provider: infrastructure-docker - cluster.x-k8s.io/v1alpha4: v1alpha4 - cluster.x-k8s.io/v1beta1: v1beta1 - clusterctl.cluster.x-k8s.io: "" - name: dockermachinepooltemplates.infrastructure.cluster.x-k8s.io -spec: - conversion: - strategy: Webhook - webhook: - clientConfig: - caBundle: Cg== - service: - name: capd-webhook-service - namespace: capd-system - path: /convert - conversionReviewVersions: - - v1 - - v1beta1 - group: infrastructure.cluster.x-k8s.io - names: - categories: - - cluster-api - kind: DockerMachinePoolTemplate - listKind: DockerMachinePoolTemplateList - plural: dockermachinepooltemplates - singular: dockermachinepooltemplate - scope: Namespaced - versions: - additionalPrinterColumns: - - description: Time duration since creation of DockerMachinePoolTemplate + - description: Time duration since creation of DockerMachinePool jsonPath: .metadata.creationTimestamp name: Age type: date name: v1beta1 schema: openAPIV3Schema: - description: DockerMachinePoolTemplate is the Schema for the dockermachinepooltemplates - API. + description: DockerMachinePool is the Schema for the dockermachinepools API. properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -1169,23 +1255,258 @@ spec: metadata: type: object spec: - description: DockerMachinePoolTemplateSpec defines the desired state of - DockerMachinePoolTemplate. + description: DockerMachinePoolSpec defines the desired state of DockerMachinePool. properties: + providerID: + description: ProviderID is the identification ID of the Machine Pool + type: string + providerIDList: + description: ProviderIDList is the list of identification IDs of machine + instances managed by this Machine Pool + items: + type: string + type: array template: - description: DockerMachinePoolTemplateResource describes the data - needed to create a DockerMachine from a template. + description: Template contains the details used to build a replica + machine within the Machine Pool properties: - metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' - properties: - annotations: - additionalProperties: + customImage: + description: CustomImage allows customizing the container image + that is used for running the machine + type: string + extraMounts: + description: ExtraMounts describes additional mount points for + the node container These may be used to bind a hostPath + items: + description: Mount specifies a host volume to mount into a container. + This is a simplified version of kind v1alpha4.Mount types. + properties: + containerPath: + description: Path of the mount within the container. type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: + hostPath: + description: Path of the mount on the host. If the hostPath + doesn't exist, then runtimes should report error. If the + hostpath is a symbolic link, runtimes should follow the + symlink and mount the real destination to container. + type: string + readOnly: + description: If set, the mount is read-only. + type: boolean + type: object + type: array + preLoadImages: + description: PreLoadImages allows to pre-load images in a newly + created machine. This can be used to speed up tests by avoiding + e.g. to download CNI images on all the containers. + items: + type: string + type: array + type: object + type: object + status: + description: DockerMachinePoolStatus defines the observed state of DockerMachinePool. + properties: + conditions: + description: Conditions defines current service state of the DockerMachinePool. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + infrastructureMachineKind: + description: InfrastructureMachineKind is the kind of the infrastructure + resources behind MachinePool Machines. + type: string + instances: + description: Instances contains the status for each instance in the + pool + items: + description: DockerMachinePoolInstanceStatus contains status information + about a DockerMachinePool. + properties: + addresses: + description: Addresses contains the associated addresses for + the docker machine. + items: + description: MachineAddress contains information for the node's + address. + properties: + address: + description: The machine address. + type: string + type: + description: Machine address type, one of Hostname, ExternalIP, + InternalIP, ExternalDNS or InternalDNS. + type: string + required: + - address + - type + type: object + type: array + bootstrapped: + description: "Bootstrapped is true when the kubeadm bootstrapping + has been run against this machine \n Deprecated: This field + will be removed in the next apiVersion. When removing also + remove from staticcheck exclude-rules for SA1019 in golangci.yml" + type: boolean + instanceName: + description: InstanceName is the identification of the Machine + Instance within the Machine Pool + type: string + providerID: + description: ProviderID is the provider identification of the + Machine Pool Instance + type: string + ready: + description: Ready denotes that the machine (docker container) + is ready + type: boolean + version: + description: Version defines the Kubernetes version for the + Machine Instance + type: string + type: object + type: array + observedGeneration: + description: The generation observed by the deployment controller. + format: int64 + type: integer + ready: + description: Ready denotes that the machine pool is ready + type: boolean + replicas: + description: Replicas is the most recently observed number of replicas. + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: capd-system/capd-serving-cert + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: infrastructure-docker + cluster.x-k8s.io/v1alpha4: v1alpha4 + cluster.x-k8s.io/v1beta1: v1beta1 + clusterctl.cluster.x-k8s.io: "" + name: dockermachinepooltemplates.infrastructure.cluster.x-k8s.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + caBundle: Cg== + service: + name: capd-webhook-service + namespace: capd-system + path: /convert + conversionReviewVersions: + - v1 + - v1beta1 + group: infrastructure.cluster.x-k8s.io + names: + categories: + - cluster-api + kind: DockerMachinePoolTemplate + listKind: DockerMachinePoolTemplateList + plural: dockermachinepooltemplates + singular: dockermachinepooltemplate + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Time duration since creation of DockerMachinePoolTemplate + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: DockerMachinePoolTemplate is the Schema for the dockermachinepooltemplates + API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DockerMachinePoolTemplateSpec defines the desired state of + DockerMachinePoolTemplate. + properties: + template: + description: DockerMachinePoolTemplateResource describes the data + needed to create a DockerMachine from a template. + properties: + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not queryable + and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' type: object labels: @@ -1305,6 +1626,149 @@ spec: singular: dockermachine scope: Namespaced versions: + - deprecated: true + name: v1alpha3 + schema: + openAPIV3Schema: + description: "DockerMachine is the Schema for the dockermachines API. \n Deprecated: + This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DockerMachineSpec defines the desired state of DockerMachine. + properties: + bootstrapped: + description: Bootstrapped is true when the kubeadm bootstrapping has + been run against this machine + type: boolean + customImage: + description: CustomImage allows customizing the container image that + is used for running the machine + type: string + extraMounts: + description: ExtraMounts describes additional mount points for the + node container These may be used to bind a hostPath + items: + description: Mount specifies a host volume to mount into a container. + This is a simplified version of kind v1alpha4.Mount types. + properties: + containerPath: + description: Path of the mount within the container. + type: string + hostPath: + description: Path of the mount on the host. If the hostPath + doesn't exist, then runtimes should report error. If the hostpath + is a symbolic link, runtimes should follow the symlink and + mount the real destination to container. + type: string + readOnly: + description: If set, the mount is read-only. + type: boolean + type: object + type: array + preLoadImages: + description: PreLoadImages allows to pre-load images in a newly created + machine. This can be used to speed up tests by avoiding e.g. to + download CNI images on all the containers. + items: + type: string + type: array + providerID: + description: ProviderID will be the container name in ProviderID format + (docker:////) + type: string + type: object + status: + description: DockerMachineStatus defines the observed state of DockerMachine. + properties: + addresses: + description: Addresses contains the associated addresses for the docker + machine. + items: + description: MachineAddress contains information for the node's + address. + properties: + address: + description: The machine address. + type: string + type: + description: Machine address type, one of Hostname, ExternalIP + or InternalIP. + type: string + required: + - address + - type + type: object + type: array + conditions: + description: Conditions defines current service state of the DockerMachine. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - status + - type + type: object + type: array + loadBalancerConfigured: + description: LoadBalancerConfigured denotes that the machine has been + added to the load balancer + type: boolean + ready: + description: Ready denotes that the machine (docker container) is + ready + type: boolean + type: object + type: object + served: false + storage: false + subresources: + status: {} - additionalPrinterColumns: - description: Time duration since creation of DockerMachine jsonPath: .metadata.creationTimestamp @@ -1661,6 +2125,88 @@ spec: singular: dockermachinetemplate scope: Namespaced versions: + - deprecated: true + name: v1alpha3 + schema: + openAPIV3Schema: + description: "DockerMachineTemplate is the Schema for the dockermachinetemplates + API. \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DockerMachineTemplateSpec defines the desired state of DockerMachineTemplate. + properties: + template: + description: DockerMachineTemplateResource describes the data needed + to create a DockerMachine from a template. + properties: + spec: + description: Spec is the specification of the desired behavior + of the machine. + properties: + bootstrapped: + description: Bootstrapped is true when the kubeadm bootstrapping + has been run against this machine + type: boolean + customImage: + description: CustomImage allows customizing the container + image that is used for running the machine + type: string + extraMounts: + description: ExtraMounts describes additional mount points + for the node container These may be used to bind a hostPath + items: + description: Mount specifies a host volume to mount into + a container. This is a simplified version of kind v1alpha4.Mount + types. + properties: + containerPath: + description: Path of the mount within the container. + type: string + hostPath: + description: Path of the mount on the host. If the hostPath + doesn't exist, then runtimes should report error. + If the hostpath is a symbolic link, runtimes should + follow the symlink and mount the real destination + to container. + type: string + readOnly: + description: If set, the mount is read-only. + type: boolean + type: object + type: array + preLoadImages: + description: PreLoadImages allows to pre-load images in a + newly created machine. This can be used to speed up tests + by avoiding e.g. to download CNI images on all the containers. + items: + type: string + type: array + providerID: + description: ProviderID will be the container name in ProviderID + format (docker:////) + type: string + type: object + required: + - spec + type: object + required: + - template + type: object + type: object + served: false + storage: false - additionalPrinterColumns: - description: Time duration since creation of DockerMachineTemplate jsonPath: .metadata.creationTimestamp @@ -2125,7 +2671,7 @@ spec: fieldRef: fieldPath: metadata.uid - name: DOCKER_HOST - image: gcr.io/k8s-staging-cluster-api/capd-manager:v1.6.0 + image: gcr.io/k8s-staging-cluster-api/capd-manager:v1.6.2 imagePullPolicy: IfNotPresent livenessProbe: httpGet: diff --git a/infra/capi/cluster-capi/cluster-api-bootstrap.yaml b/infra/capi/cluster-capi/cluster-api-bootstrap.yaml index 3eb46e0..df30fef 100644 --- a/infra/capi/cluster-capi/cluster-api-bootstrap.yaml +++ b/infra/capi/cluster-capi/cluster-api-bootstrap.yaml @@ -43,13 +43,8 @@ spec: singular: kubeadmconfig scope: Namespaced versions: - - additionalPrinterColumns: - - description: Time duration since creation of KubeadmConfig - jsonPath: .metadata.creationTimestamp - name: Age - type: date - deprecated: true - name: v1alpha4 + - deprecated: true + name: v1alpha3 schema: openAPIV3Schema: description: "KubeadmConfig is the Schema for the kubeadmconfigs API. \n Deprecated: @@ -215,6 +210,9 @@ spec: In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. type: string + type: + description: Type defines the DNS add-on to be used + type: string type: object etcd: description: 'Etcd holds configuration for etcd. NB: This value @@ -296,12 +294,12 @@ spec: type: object imageRepository: description: ImageRepository sets the container registry to pull - images from. If empty, `registry.k8s.io` will be used by default; + images from. If empty, `k8s.gcr.io` will be used by default; in case of kubernetes version is a CI build (kubernetes version starts with `ci/` or `ci-cross/`) `gcr.io/k8s-staging-ci-images` will be used as a default for control plane components and for - kube-proxy, while `registry.k8s.io` will be used for all the - other images. + kube-proxy, while `k8s.gcr.io` will be used for all the other + images. type: string kind: description: 'Kind is a string value representing the REST resource @@ -378,6 +376,11 @@ spec: type: object type: array type: object + useHyperKubeImage: + description: UseHyperKubeImage controls if hyperkube should be + used for Kubernetes components instead of their respective separate + images + type: boolean type: object diskSetup: description: DiskSetup specifies options for the creation of partition @@ -603,6 +606,9 @@ spec: to bind to. Defaults to 6443. format: int32 type: integer + required: + - advertiseAddress + - bindPort type: object nodeRegistration: description: NodeRegistration holds fields that relate to registering @@ -615,12 +621,6 @@ spec: info. This information will be annotated to the Node API object, for later re-use type: string - ignorePreflightErrors: - description: IgnorePreflightErrors provides a slice of pre-flight - errors to be ignored when the current node is registered. - items: - type: string - type: array kubeletExtraArgs: additionalProperties: type: string @@ -712,6 +712,9 @@ spec: Server to bind to. Defaults to 6443. format: int32 type: integer + required: + - advertiseAddress + - bindPort type: object type: object discovery: @@ -755,6 +758,7 @@ spec: type: boolean required: - token + - unsafeSkipCAVerification type: object file: description: File is used to specify a file or URL to a kubeconfig @@ -773,11 +777,12 @@ spec: description: Timeout modifies the discovery timeout type: string tlsBootstrapToken: - description: TLSBootstrapToken is a token used for TLS bootstrapping. + description: 'TLSBootstrapToken is a token used for TLS bootstrapping. If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, but can be overridden. If .File is set, this field **must be set** in case the KubeConfigFile does not contain any - other authentication information + other authentication information TODO: revisit when there + is defaulting from k/k' type: string type: object kind: @@ -797,12 +802,6 @@ spec: info. This information will be annotated to the Node API object, for later re-use type: string - ignorePreflightErrors: - description: IgnorePreflightErrors provides a slice of pre-flight - errors to be ignored when the current node is registered. - items: - type: string - type: array kubeletExtraArgs: additionalProperties: type: string @@ -960,6 +959,11 @@ spec: status: description: KubeadmConfigStatus defines the observed state of KubeadmConfig. properties: + bootstrapData: + description: "BootstrapData will be a cloud-init script for now. \n + Deprecated: Switch to DataSecretName." + format: byte + type: string conditions: description: Conditions defines current service state of the KubeadmConfig. items: @@ -1030,18 +1034,16 @@ spec: subresources: status: {} - additionalPrinterColumns: - - description: Cluster - jsonPath: .metadata.labels['cluster\.x-k8s\.io/cluster-name'] - name: Cluster - type: string - description: Time duration since creation of KubeadmConfig jsonPath: .metadata.creationTimestamp name: Age type: date - name: v1beta1 + deprecated: true + name: v1alpha4 schema: openAPIV3Schema: - description: KubeadmConfig is the Schema for the kubeadmconfigs API. + description: "KubeadmConfig is the Schema for the kubeadmconfigs API. \n Deprecated: + This type will be removed in one of the next releases." properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -1283,19 +1285,13 @@ spec: description: FeatureGates enabled by the user. type: object imageRepository: - description: 'ImageRepository sets the container registry to pull - images from. * If not set, the default registry of kubeadm will - be used, i.e. * registry.k8s.io (new registry): >= v1.22.17, - >= v1.23.15, >= v1.24.9, >= v1.25.0 * k8s.gcr.io (old registry): - all older versions Please note that when imageRepository is - not set we don''t allow upgrades to versions >= v1.22.0 which - use the old registry (k8s.gcr.io). Please use a newer patch - version with the new registry instead (i.e. >= v1.22.17, >= - v1.23.15, >= v1.24.9, >= v1.25.0). * If the version is a CI - build (kubernetes version starts with `ci/` or `ci-cross/`) - `gcr.io/k8s-staging-ci-images` will be used as a default for - control plane components and for kube-proxy, while `registry.k8s.io` - will be used for all the other images.' + description: ImageRepository sets the container registry to pull + images from. If empty, `registry.k8s.io` will be used by default; + in case of kubernetes version is a CI build (kubernetes version + starts with `ci/` or `ci-cross/`) `gcr.io/k8s-staging-ci-images` + will be used as a default for control plane components and for + kube-proxy, while `registry.k8s.io` will be used for all the + other images. type: string kind: description: 'Kind is a string value representing the REST resource @@ -1460,10 +1456,6 @@ spec: description: File defines the input for generating write_files in cloud-init. properties: - append: - description: Append specifies whether to append Content to existing - file if Path exists. - type: boolean content: description: Content is the actual content of the file. type: string @@ -1517,26 +1509,7 @@ spec: description: Format specifies the output format of the bootstrap data enum: - cloud-config - - ignition type: string - ignition: - description: Ignition contains Ignition specific configuration. - properties: - containerLinuxConfig: - description: ContainerLinuxConfig contains CLC specific configuration. - properties: - additionalConfig: - description: "AdditionalConfig contains additional configuration - to be merged with the Ignition configuration generated by - the bootstrapper controller. More info: https://coreos.github.io/ignition/operator-notes/#config-merging - \n The data format is documented here: https://kinvolk.io/docs/flatcar-container-linux/latest/provisioning/cl-config/" - type: string - strict: - description: Strict controls if AdditionalConfig should be - strictly parsed. If so, warnings are treated as errors. - type: boolean - type: object - type: object initConfiguration: description: InitConfiguration along with ClusterConfiguration are the configurations necessary for the init command @@ -1638,17 +1611,6 @@ spec: items: type: string type: array - imagePullPolicy: - description: ImagePullPolicy specifies the policy for image - pulling during kubeadm "init" and "join" operations. The - value of this field must be one of "Always", "IfNotPresent" - or "Never". Defaults to "IfNotPresent". This can be used - only with Kubernetes version equal to 1.22 and later. - enum: - - Always - - IfNotPresent - - Never - type: string kubeletExtraArgs: additionalProperties: type: string @@ -1674,7 +1636,7 @@ spec: nil, in the `kubeadm init` process it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. If you don''t want to taint your control-plane node, set this - field to an empty slice, i.e. `taints: []` in the YAML file. + field to an empty slice, i.e. `taints: {}` in the YAML file. This field is solely used for Node registration.' items: description: The node this Taint is attached to has the @@ -1705,35 +1667,6 @@ spec: type: object type: array type: object - patches: - description: Patches contains options related to applying patches - to components deployed by kubeadm during "kubeadm init". The - minimum kubernetes version needed to support Patches is v1.22 - properties: - directory: - description: Directory is a path to a directory that contains - files named "target[suffix][+patchtype].extension". For - example, "kube-apiserver0+merge.yaml" or just "etcd.json". - "target" can be one of "kube-apiserver", "kube-controller-manager", - "kube-scheduler", "etcd". "patchtype" can be one of "strategic" - "merge" or "json" and they match the patch formats supported - by kubectl. The default "patchtype" is "strategic". "extension" - must be either "json" or "yaml". "suffix" is an optional - string that can be used to determine which patches are applied - first alpha-numerically. These files can be written into - the target directory via KubeadmConfig.Files which specifies - additional files to be created on the machine, either with - content inline or by referencing a secret. - type: string - type: object - skipPhases: - description: SkipPhases is a list of phases to skip during command - execution. The list of phases can be obtained with the "kubeadm - init --help" command. This option takes effect only on Kubernetes - >=1.22.0. - items: - type: string - type: array type: object joinConfiguration: description: JoinConfiguration is the kubeadm configuration for the @@ -1860,17 +1793,6 @@ spec: items: type: string type: array - imagePullPolicy: - description: ImagePullPolicy specifies the policy for image - pulling during kubeadm "init" and "join" operations. The - value of this field must be one of "Always", "IfNotPresent" - or "Never". Defaults to "IfNotPresent". This can be used - only with Kubernetes version equal to 1.22 and later. - enum: - - Always - - IfNotPresent - - Never - type: string kubeletExtraArgs: additionalProperties: type: string @@ -1896,7 +1818,7 @@ spec: nil, in the `kubeadm init` process it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. If you don''t want to taint your control-plane node, set this - field to an empty slice, i.e. `taints: []` in the YAML file. + field to an empty slice, i.e. `taints: {}` in the YAML file. This field is solely used for Node registration.' items: description: The node this Taint is attached to has the @@ -1927,35 +1849,6 @@ spec: type: object type: array type: object - patches: - description: Patches contains options related to applying patches - to components deployed by kubeadm during "kubeadm join". The - minimum kubernetes version needed to support Patches is v1.22 - properties: - directory: - description: Directory is a path to a directory that contains - files named "target[suffix][+patchtype].extension". For - example, "kube-apiserver0+merge.yaml" or just "etcd.json". - "target" can be one of "kube-apiserver", "kube-controller-manager", - "kube-scheduler", "etcd". "patchtype" can be one of "strategic" - "merge" or "json" and they match the patch formats supported - by kubectl. The default "patchtype" is "strategic". "extension" - must be either "json" or "yaml". "suffix" is an optional - string that can be used to determine which patches are applied - first alpha-numerically. These files can be written into - the target directory via KubeadmConfig.Files which specifies - additional files to be created on the machine, either with - content inline or by referencing a secret. - type: string - type: object - skipPhases: - description: SkipPhases is a list of phases to skip during command - execution. The list of phases can be obtained with the "kubeadm - init --help" command. This option takes effect only on Kubernetes - >=1.22.0. - items: - type: string - type: array type: object mounts: description: Mounts specifies a list of mount points to be setup. @@ -1996,10 +1889,7 @@ spec: joins fail due to timing (and other issues). The long term goal is to add retries to kubeadm proper and use that functionality. \n This will add about 40KB to userdata \n For more information, - refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055. - \n Deprecated: This experimental fix is no longer needed and this - field will be removed in a future release. When removing also remove - from staticcheck exclude-rules for SA1019 in golangci.yml" + refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055." type: boolean users: description: Users specifies extra users to add @@ -2031,29 +1921,6 @@ spec: passwd: description: Passwd specifies a hashed password for the user type: string - passwdFrom: - description: PasswdFrom is a referenced source of passwd to - populate the passwd. - properties: - secret: - description: Secret represents a secret that should populate - this password. - properties: - key: - description: Key is the key in the secret's data map - for this value. - type: string - name: - description: Name of the secret in the KubeadmBootstrapConfig's - namespace to use. - type: string - required: - - key - - name - type: object - required: - - secret - type: object primaryGroup: description: PrimaryGroup specifies the primary group for the user @@ -2123,7 +1990,6 @@ spec: important. type: string required: - - lastTransitionTime - status - type type: object @@ -2149,53 +2015,2155 @@ spec: type: boolean type: object type: object - served: true - storage: true + served: false + storage: false subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - cert-manager.io/inject-ca-from: capi-kubeadm-bootstrap-system/capi-kubeadm-bootstrap-serving-cert - controller-gen.kubebuilder.io/version: v0.13.0 - creationTimestamp: null - labels: - cluster.x-k8s.io/provider: bootstrap-kubeadm - cluster.x-k8s.io/v1alpha4: v1alpha4 - cluster.x-k8s.io/v1beta1: v1beta1 - clusterctl.cluster.x-k8s.io: "" - name: kubeadmconfigtemplates.bootstrap.cluster.x-k8s.io -spec: - conversion: - strategy: Webhook - webhook: - clientConfig: - caBundle: Cg== - service: - name: capi-kubeadm-bootstrap-webhook-service - namespace: capi-kubeadm-bootstrap-system - path: /convert - conversionReviewVersions: - - v1 - - v1beta1 - group: bootstrap.cluster.x-k8s.io - names: - categories: - - cluster-api - kind: KubeadmConfigTemplate - listKind: KubeadmConfigTemplateList - plural: kubeadmconfigtemplates - singular: kubeadmconfigtemplate - scope: Namespaced - versions: + - additionalPrinterColumns: + - description: Cluster + jsonPath: .metadata.labels['cluster\.x-k8s\.io/cluster-name'] + name: Cluster + type: string + - description: Time duration since creation of KubeadmConfig + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: KubeadmConfig is the Schema for the kubeadmconfigs API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KubeadmConfigSpec defines the desired state of KubeadmConfig. + Either ClusterConfiguration and InitConfiguration should be defined + or the JoinConfiguration should be defined. + properties: + clusterConfiguration: + description: ClusterConfiguration along with InitConfiguration are + the configurations necessary for the init command + properties: + apiServer: + description: APIServer contains extra settings for the API server + control plane component + properties: + certSANs: + description: CertSANs sets extra Subject Alternative Names + for the API Server signing cert. + items: + type: string + type: array + extraArgs: + additionalProperties: + type: string + description: 'ExtraArgs is an extra set of flags to pass to + the control plane component. TODO: This is temporary and + ideally we would like to switch all components to use ComponentConfig + + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, + mounted to the control plane component. + items: + description: HostPathMount contains elements describing + volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host that will + be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the pod where + hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + timeoutForControlPlane: + description: TimeoutForControlPlane controls the timeout that + we use for API server to appear + type: string + type: object + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + certificatesDir: + description: 'CertificatesDir specifies where to store or look + for all required certificates. NB: if not provided, this will + default to `/etc/kubernetes/pki`' + type: string + clusterName: + description: The cluster name + type: string + controlPlaneEndpoint: + description: 'ControlPlaneEndpoint sets a stable IP address or + DNS name for the control plane; it can be a valid IP address + or a RFC-1123 DNS subdomain, both with optional TCP port. In + case the ControlPlaneEndpoint is not specified, the AdvertiseAddress + + BindPort are used; in case the ControlPlaneEndpoint is specified + but without a TCP port, the BindPort is used. Possible usages + are: e.g. In a cluster with more than one control plane instances, + this field should be assigned the address of the external load + balancer in front of the control plane instances. e.g. in environments + with enforced node recycling, the ControlPlaneEndpoint could + be used for assigning a stable DNS to the control plane. NB: + This value defaults to the first value in the Cluster object + status.apiEndpoints array.' + type: string + controllerManager: + description: ControllerManager contains extra settings for the + controller manager control plane component + properties: + extraArgs: + additionalProperties: + type: string + description: 'ExtraArgs is an extra set of flags to pass to + the control plane component. TODO: This is temporary and + ideally we would like to switch all components to use ComponentConfig + + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, + mounted to the control plane component. + items: + description: HostPathMount contains elements describing + volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host that will + be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the pod where + hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + type: object + dns: + description: DNS defines the options for the DNS add-on installed + in the cluster. + properties: + imageRepository: + description: ImageRepository sets the container registry to + pull images from. if not set, the ImageRepository defined + in ClusterConfiguration will be used instead. + type: string + imageTag: + description: ImageTag allows to specify a tag for the image. + In case this value is set, kubeadm does not change automatically + the version of the above components during upgrades. + type: string + type: object + etcd: + description: 'Etcd holds configuration for etcd. NB: This value + defaults to a Local (stacked) etcd' + properties: + external: + description: External describes how to connect to an external + etcd cluster Local and External are mutually exclusive + properties: + caFile: + description: CAFile is an SSL Certificate Authority file + used to secure etcd communication. Required if using + a TLS connection. + type: string + certFile: + description: CertFile is an SSL certification file used + to secure etcd communication. Required if using a TLS + connection. + type: string + endpoints: + description: Endpoints of etcd members. Required for ExternalEtcd. + items: + type: string + type: array + keyFile: + description: KeyFile is an SSL key file used to secure + etcd communication. Required if using a TLS connection. + type: string + required: + - caFile + - certFile + - endpoints + - keyFile + type: object + local: + description: Local provides configuration knobs for configuring + the local etcd instance Local and External are mutually + exclusive + properties: + dataDir: + description: DataDir is the directory etcd will place + its data. Defaults to "/var/lib/etcd". + type: string + extraArgs: + additionalProperties: + type: string + description: ExtraArgs are extra arguments provided to + the etcd binary when run inside a static pod. + type: object + imageRepository: + description: ImageRepository sets the container registry + to pull images from. if not set, the ImageRepository + defined in ClusterConfiguration will be used instead. + type: string + imageTag: + description: ImageTag allows to specify a tag for the + image. In case this value is set, kubeadm does not change + automatically the version of the above components during + upgrades. + type: string + peerCertSANs: + description: PeerCertSANs sets extra Subject Alternative + Names for the etcd peer signing cert. + items: + type: string + type: array + serverCertSANs: + description: ServerCertSANs sets extra Subject Alternative + Names for the etcd server signing cert. + items: + type: string + type: array + type: object + type: object + featureGates: + additionalProperties: + type: boolean + description: FeatureGates enabled by the user. + type: object + imageRepository: + description: 'ImageRepository sets the container registry to pull + images from. * If not set, the default registry of kubeadm will + be used, i.e. * registry.k8s.io (new registry): >= v1.22.17, + >= v1.23.15, >= v1.24.9, >= v1.25.0 * k8s.gcr.io (old registry): + all older versions Please note that when imageRepository is + not set we don''t allow upgrades to versions >= v1.22.0 which + use the old registry (k8s.gcr.io). Please use a newer patch + version with the new registry instead (i.e. >= v1.22.17, >= + v1.23.15, >= v1.24.9, >= v1.25.0). * If the version is a CI + build (kubernetes version starts with `ci/` or `ci-cross/`) + `gcr.io/k8s-staging-ci-images` will be used as a default for + control plane components and for kube-proxy, while `registry.k8s.io` + will be used for all the other images.' + type: string + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + kubernetesVersion: + description: 'KubernetesVersion is the target version of the control + plane. NB: This value defaults to the Machine object spec.version' + type: string + networking: + description: 'Networking holds configuration for the networking + topology of the cluster. NB: This value defaults to the Cluster + object spec.clusterNetwork.' + properties: + dnsDomain: + description: DNSDomain is the dns domain used by k8s services. + Defaults to "cluster.local". + type: string + podSubnet: + description: PodSubnet is the subnet used by pods. If unset, + the API server will not allocate CIDR ranges for every node. + Defaults to a comma-delimited string of the Cluster object's + spec.clusterNetwork.services.cidrBlocks if that is set + type: string + serviceSubnet: + description: ServiceSubnet is the subnet used by k8s services. + Defaults to a comma-delimited string of the Cluster object's + spec.clusterNetwork.pods.cidrBlocks, or to "10.96.0.0/12" + if that's unset. + type: string + type: object + scheduler: + description: Scheduler contains extra settings for the scheduler + control plane component + properties: + extraArgs: + additionalProperties: + type: string + description: 'ExtraArgs is an extra set of flags to pass to + the control plane component. TODO: This is temporary and + ideally we would like to switch all components to use ComponentConfig + + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, + mounted to the control plane component. + items: + description: HostPathMount contains elements describing + volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host that will + be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the pod where + hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + type: object + type: object + diskSetup: + description: DiskSetup specifies options for the creation of partition + tables and file systems on devices. + properties: + filesystems: + description: Filesystems specifies the list of file systems to + setup. + items: + description: Filesystem defines the file systems to be created. + properties: + device: + description: Device specifies the device name + type: string + extraOpts: + description: ExtraOpts defined extra options to add to the + command for creating the file system. + items: + type: string + type: array + filesystem: + description: Filesystem specifies the file system type. + type: string + label: + description: Label specifies the file system label to be + used. If set to None, no label is used. + type: string + overwrite: + description: Overwrite defines whether or not to overwrite + any existing filesystem. If true, any pre-existing file + system will be destroyed. Use with Caution. + type: boolean + partition: + description: 'Partition specifies the partition to use. + The valid options are: "auto|any", "auto", "any", "none", + and , where NUM is the actual partition number.' + type: string + replaceFS: + description: 'ReplaceFS is a special directive, used for + Microsoft Azure that instructs cloud-init to replace a + file system of . NOTE: unless you define a label, + this requires the use of the ''any'' partition directive.' + type: string + required: + - device + - filesystem + - label + type: object + type: array + partitions: + description: Partitions specifies the list of the partitions to + setup. + items: + description: Partition defines how to create and layout a partition. + properties: + device: + description: Device is the name of the device. + type: string + layout: + description: Layout specifies the device layout. If it is + true, a single partition will be created for the entire + device. When layout is false, it means don't partition + or ignore existing partitioning. + type: boolean + overwrite: + description: Overwrite describes whether to skip checks + and create the partition if a partition or filesystem + is found on the device. Use with caution. Default is 'false'. + type: boolean + tableType: + description: 'TableType specifies the tupe of partition + table. The following are supported: ''mbr'': default and + setups a MS-DOS partition table ''gpt'': setups a GPT + partition table' + type: string + required: + - device + - layout + type: object + type: array + type: object + files: + description: Files specifies extra files to be passed to user_data + upon creation. + items: + description: File defines the input for generating write_files in + cloud-init. + properties: + append: + description: Append specifies whether to append Content to existing + file if Path exists. + type: boolean + content: + description: Content is the actual content of the file. + type: string + contentFrom: + description: ContentFrom is a referenced source of content to + populate the file. + properties: + secret: + description: Secret represents a secret that should populate + this file. + properties: + key: + description: Key is the key in the secret's data map + for this value. + type: string + name: + description: Name of the secret in the KubeadmBootstrapConfig's + namespace to use. + type: string + required: + - key + - name + type: object + required: + - secret + type: object + encoding: + description: Encoding specifies the encoding of the file contents. + enum: + - base64 + - gzip + - gzip+base64 + type: string + owner: + description: Owner specifies the ownership of the file, e.g. + "root:root". + type: string + path: + description: Path specifies the full path on disk where to store + the file. + type: string + permissions: + description: Permissions specifies the permissions to assign + to the file, e.g. "0640". + type: string + required: + - path + type: object + type: array + format: + description: Format specifies the output format of the bootstrap data + enum: + - cloud-config + - ignition + type: string + ignition: + description: Ignition contains Ignition specific configuration. + properties: + containerLinuxConfig: + description: ContainerLinuxConfig contains CLC specific configuration. + properties: + additionalConfig: + description: "AdditionalConfig contains additional configuration + to be merged with the Ignition configuration generated by + the bootstrapper controller. More info: https://coreos.github.io/ignition/operator-notes/#config-merging + \n The data format is documented here: https://kinvolk.io/docs/flatcar-container-linux/latest/provisioning/cl-config/" + type: string + strict: + description: Strict controls if AdditionalConfig should be + strictly parsed. If so, warnings are treated as errors. + type: boolean + type: object + type: object + initConfiguration: + description: InitConfiguration along with ClusterConfiguration are + the configurations necessary for the init command + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + bootstrapTokens: + description: BootstrapTokens is respected at `kubeadm init` time + and describes a set of Bootstrap Tokens to create. This information + IS NOT uploaded to the kubeadm cluster configmap, partly because + of its sensitive nature + items: + description: BootstrapToken describes one bootstrap token, stored + as a Secret in the cluster. + properties: + description: + description: Description sets a human-friendly message why + this token exists and what it's used for, so other administrators + can know its purpose. + type: string + expires: + description: Expires specifies the timestamp when this token + expires. Defaults to being set dynamically at runtime + based on the TTL. Expires and TTL are mutually exclusive. + format: date-time + type: string + groups: + description: Groups specifies the extra groups that this + token will authenticate as when/if used for authentication + items: + type: string + type: array + token: + description: Token is used for establishing bidirectional + trust between nodes and control-planes. Used for joining + nodes in the cluster. + type: string + ttl: + description: TTL defines the time to live for this token. + Defaults to 24h. Expires and TTL are mutually exclusive. + type: string + usages: + description: Usages describes the ways in which this token + can be used. Can by default be used for establishing bidirectional + trust, but that can be changed here. + items: + type: string + type: array + required: + - token + type: object + type: array + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + localAPIEndpoint: + description: LocalAPIEndpoint represents the endpoint of the API + server instance that's deployed on this control plane node In + HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint + in the sense that ControlPlaneEndpoint is the global endpoint + for the cluster, which then loadbalances the requests to each + individual API server. This configuration object lets you customize + what IP/DNS name and port the local API server advertises it's + accessible on. By default, kubeadm tries to auto-detect the + IP of the default interface and use that, but in case that process + fails you may set the desired value here. + properties: + advertiseAddress: + description: AdvertiseAddress sets the IP address for the + API server to advertise. + type: string + bindPort: + description: BindPort sets the secure port for the API Server + to bind to. Defaults to 6443. + format: int32 + type: integer + type: object + nodeRegistration: + description: NodeRegistration holds fields that relate to registering + the new control-plane node to the cluster. When used in the + context of control plane nodes, NodeRegistration should remain + consistent across both InitConfiguration and JoinConfiguration + properties: + criSocket: + description: CRISocket is used to retrieve container runtime + info. This information will be annotated to the Node API + object, for later re-use + type: string + ignorePreflightErrors: + description: IgnorePreflightErrors provides a slice of pre-flight + errors to be ignored when the current node is registered. + items: + type: string + type: array + imagePullPolicy: + description: ImagePullPolicy specifies the policy for image + pulling during kubeadm "init" and "join" operations. The + value of this field must be one of "Always", "IfNotPresent" + or "Never". Defaults to "IfNotPresent". This can be used + only with Kubernetes version equal to 1.22 and later. + enum: + - Always + - IfNotPresent + - Never + type: string + kubeletExtraArgs: + additionalProperties: + type: string + description: KubeletExtraArgs passes through extra arguments + to the kubelet. The arguments here are passed to the kubelet + command line via the environment file kubeadm writes at + runtime for the kubelet to source. This overrides the generic + base-level configuration in the kubelet-config-1.X ConfigMap + Flags have higher priority when parsing. These values are + local and specific to the node kubeadm is executing on. + type: object + name: + description: Name is the `.Metadata.Name` field of the Node + API object that will be created in this `kubeadm init` or + `kubeadm join` operation. This field is also used in the + CommonName field of the kubelet's client certificate to + the API server. Defaults to the hostname of the node if + not provided. + type: string + taints: + description: 'Taints specifies the taints the Node API object + should be registered with. If this field is unset, i.e. + nil, in the `kubeadm init` process it will be defaulted + to []v1.Taint{''node-role.kubernetes.io/master=""''}. If + you don''t want to taint your control-plane node, set this + field to an empty slice, i.e. `taints: []` in the YAML file. + This field is solely used for Node registration.' + items: + description: The node this Taint is attached to has the + "effect" on any pod that does not tolerate the Taint. + properties: + effect: + description: Required. The effect of the taint on pods + that do not tolerate the taint. Valid effects are + NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Required. The taint key to be applied to + a node. + type: string + timeAdded: + description: TimeAdded represents the time at which + the taint was added. It is only written for NoExecute + taints. + format: date-time + type: string + value: + description: The taint value corresponding to the taint + key. + type: string + required: + - effect + - key + type: object + type: array + type: object + patches: + description: Patches contains options related to applying patches + to components deployed by kubeadm during "kubeadm init". The + minimum kubernetes version needed to support Patches is v1.22 + properties: + directory: + description: Directory is a path to a directory that contains + files named "target[suffix][+patchtype].extension". For + example, "kube-apiserver0+merge.yaml" or just "etcd.json". + "target" can be one of "kube-apiserver", "kube-controller-manager", + "kube-scheduler", "etcd". "patchtype" can be one of "strategic" + "merge" or "json" and they match the patch formats supported + by kubectl. The default "patchtype" is "strategic". "extension" + must be either "json" or "yaml". "suffix" is an optional + string that can be used to determine which patches are applied + first alpha-numerically. These files can be written into + the target directory via KubeadmConfig.Files which specifies + additional files to be created on the machine, either with + content inline or by referencing a secret. + type: string + type: object + skipPhases: + description: SkipPhases is a list of phases to skip during command + execution. The list of phases can be obtained with the "kubeadm + init --help" command. This option takes effect only on Kubernetes + >=1.22.0. + items: + type: string + type: array + type: object + joinConfiguration: + description: JoinConfiguration is the kubeadm configuration for the + join command + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + caCertPath: + description: 'CACertPath is the path to the SSL certificate authority + used to secure comunications between node and control-plane. + Defaults to "/etc/kubernetes/pki/ca.crt". TODO: revisit when + there is defaulting from k/k' + type: string + controlPlane: + description: ControlPlane defines the additional control plane + instance to be deployed on the joining node. If nil, no additional + control plane instance will be deployed. + properties: + localAPIEndpoint: + description: LocalAPIEndpoint represents the endpoint of the + API server instance to be deployed on this node. + properties: + advertiseAddress: + description: AdvertiseAddress sets the IP address for + the API server to advertise. + type: string + bindPort: + description: BindPort sets the secure port for the API + Server to bind to. Defaults to 6443. + format: int32 + type: integer + type: object + type: object + discovery: + description: 'Discovery specifies the options for the kubelet + to use during the TLS Bootstrap process TODO: revisit when there + is defaulting from k/k' + properties: + bootstrapToken: + description: BootstrapToken is used to set the options for + bootstrap token based discovery BootstrapToken and File + are mutually exclusive + properties: + apiServerEndpoint: + description: APIServerEndpoint is an IP or domain name + to the API server from which info will be fetched. + type: string + caCertHashes: + description: 'CACertHashes specifies a set of public key + pins to verify when token-based discovery is used. The + root CA found during discovery must match one of these + values. Specifying an empty set disables root CA pinning, + which can be unsafe. Each hash is specified as ":", + where the only currently supported type is "sha256". + This is a hex-encoded SHA-256 hash of the Subject Public + Key Info (SPKI) object in DER-encoded ASN.1. These hashes + can be calculated using, for example, OpenSSL: openssl + x509 -pubkey -in ca.crt openssl rsa -pubin -outform + der 2>&/dev/null | openssl dgst -sha256 -hex' + items: + type: string + type: array + token: + description: Token is a token used to validate cluster + information fetched from the control-plane. + type: string + unsafeSkipCAVerification: + description: UnsafeSkipCAVerification allows token-based + discovery without CA verification via CACertHashes. + This can weaken the security of kubeadm since other + nodes can impersonate the control-plane. + type: boolean + required: + - token + type: object + file: + description: File is used to specify a file or URL to a kubeconfig + file from which to load cluster information BootstrapToken + and File are mutually exclusive + properties: + kubeConfigPath: + description: KubeConfigPath is used to specify the actual + file path or URL to the kubeconfig file from which to + load cluster information + type: string + required: + - kubeConfigPath + type: object + timeout: + description: Timeout modifies the discovery timeout + type: string + tlsBootstrapToken: + description: TLSBootstrapToken is a token used for TLS bootstrapping. + If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, + but can be overridden. If .File is set, this field **must + be set** in case the KubeConfigFile does not contain any + other authentication information + type: string + type: object + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + nodeRegistration: + description: NodeRegistration holds fields that relate to registering + the new control-plane node to the cluster. When used in the + context of control plane nodes, NodeRegistration should remain + consistent across both InitConfiguration and JoinConfiguration + properties: + criSocket: + description: CRISocket is used to retrieve container runtime + info. This information will be annotated to the Node API + object, for later re-use + type: string + ignorePreflightErrors: + description: IgnorePreflightErrors provides a slice of pre-flight + errors to be ignored when the current node is registered. + items: + type: string + type: array + imagePullPolicy: + description: ImagePullPolicy specifies the policy for image + pulling during kubeadm "init" and "join" operations. The + value of this field must be one of "Always", "IfNotPresent" + or "Never". Defaults to "IfNotPresent". This can be used + only with Kubernetes version equal to 1.22 and later. + enum: + - Always + - IfNotPresent + - Never + type: string + kubeletExtraArgs: + additionalProperties: + type: string + description: KubeletExtraArgs passes through extra arguments + to the kubelet. The arguments here are passed to the kubelet + command line via the environment file kubeadm writes at + runtime for the kubelet to source. This overrides the generic + base-level configuration in the kubelet-config-1.X ConfigMap + Flags have higher priority when parsing. These values are + local and specific to the node kubeadm is executing on. + type: object + name: + description: Name is the `.Metadata.Name` field of the Node + API object that will be created in this `kubeadm init` or + `kubeadm join` operation. This field is also used in the + CommonName field of the kubelet's client certificate to + the API server. Defaults to the hostname of the node if + not provided. + type: string + taints: + description: 'Taints specifies the taints the Node API object + should be registered with. If this field is unset, i.e. + nil, in the `kubeadm init` process it will be defaulted + to []v1.Taint{''node-role.kubernetes.io/master=""''}. If + you don''t want to taint your control-plane node, set this + field to an empty slice, i.e. `taints: []` in the YAML file. + This field is solely used for Node registration.' + items: + description: The node this Taint is attached to has the + "effect" on any pod that does not tolerate the Taint. + properties: + effect: + description: Required. The effect of the taint on pods + that do not tolerate the taint. Valid effects are + NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Required. The taint key to be applied to + a node. + type: string + timeAdded: + description: TimeAdded represents the time at which + the taint was added. It is only written for NoExecute + taints. + format: date-time + type: string + value: + description: The taint value corresponding to the taint + key. + type: string + required: + - effect + - key + type: object + type: array + type: object + patches: + description: Patches contains options related to applying patches + to components deployed by kubeadm during "kubeadm join". The + minimum kubernetes version needed to support Patches is v1.22 + properties: + directory: + description: Directory is a path to a directory that contains + files named "target[suffix][+patchtype].extension". For + example, "kube-apiserver0+merge.yaml" or just "etcd.json". + "target" can be one of "kube-apiserver", "kube-controller-manager", + "kube-scheduler", "etcd". "patchtype" can be one of "strategic" + "merge" or "json" and they match the patch formats supported + by kubectl. The default "patchtype" is "strategic". "extension" + must be either "json" or "yaml". "suffix" is an optional + string that can be used to determine which patches are applied + first alpha-numerically. These files can be written into + the target directory via KubeadmConfig.Files which specifies + additional files to be created on the machine, either with + content inline or by referencing a secret. + type: string + type: object + skipPhases: + description: SkipPhases is a list of phases to skip during command + execution. The list of phases can be obtained with the "kubeadm + init --help" command. This option takes effect only on Kubernetes + >=1.22.0. + items: + type: string + type: array + type: object + mounts: + description: Mounts specifies a list of mount points to be setup. + items: + description: MountPoints defines input for generated mounts in cloud-init. + items: + type: string + type: array + type: array + ntp: + description: NTP specifies NTP configuration + properties: + enabled: + description: Enabled specifies whether NTP should be enabled + type: boolean + servers: + description: Servers specifies which NTP servers to use + items: + type: string + type: array + type: object + postKubeadmCommands: + description: PostKubeadmCommands specifies extra commands to run after + kubeadm runs + items: + type: string + type: array + preKubeadmCommands: + description: PreKubeadmCommands specifies extra commands to run before + kubeadm runs + items: + type: string + type: array + useExperimentalRetryJoin: + description: "UseExperimentalRetryJoin replaces a basic kubeadm command + with a shell script with retries for joins. \n This is meant to + be an experimental temporary workaround on some environments where + joins fail due to timing (and other issues). The long term goal + is to add retries to kubeadm proper and use that functionality. + \n This will add about 40KB to userdata \n For more information, + refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055. + \n Deprecated: This experimental fix is no longer needed and this + field will be removed in a future release. When removing also remove + from staticcheck exclude-rules for SA1019 in golangci.yml" + type: boolean + users: + description: Users specifies extra users to add + items: + description: User defines the input for a generated user in cloud-init. + properties: + gecos: + description: Gecos specifies the gecos to use for the user + type: string + groups: + description: Groups specifies the additional groups for the + user + type: string + homeDir: + description: HomeDir specifies the home directory to use for + the user + type: string + inactive: + description: Inactive specifies whether to mark the user as + inactive + type: boolean + lockPassword: + description: LockPassword specifies if password login should + be disabled + type: boolean + name: + description: Name specifies the user name + type: string + passwd: + description: Passwd specifies a hashed password for the user + type: string + passwdFrom: + description: PasswdFrom is a referenced source of passwd to + populate the passwd. + properties: + secret: + description: Secret represents a secret that should populate + this password. + properties: + key: + description: Key is the key in the secret's data map + for this value. + type: string + name: + description: Name of the secret in the KubeadmBootstrapConfig's + namespace to use. + type: string + required: + - key + - name + type: object + required: + - secret + type: object + primaryGroup: + description: PrimaryGroup specifies the primary group for the + user + type: string + shell: + description: Shell specifies the user's shell + type: string + sshAuthorizedKeys: + description: SSHAuthorizedKeys specifies a list of ssh authorized + keys for the user + items: + type: string + type: array + sudo: + description: Sudo specifies a sudo role for the user + type: string + required: + - name + type: object + type: array + verbosity: + description: Verbosity is the number for the kubeadm log level verbosity. + It overrides the `--v` flag in kubeadm commands. + format: int32 + type: integer + type: object + status: + description: KubeadmConfigStatus defines the observed state of KubeadmConfig. + properties: + conditions: + description: Conditions defines current service state of the KubeadmConfig. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + dataSecretName: + description: DataSecretName is the name of the secret that stores + the bootstrap data script. + type: string + failureMessage: + description: FailureMessage will be set on non-retryable errors + type: string + failureReason: + description: FailureReason will be set on non-retryable errors + type: string + observedGeneration: + description: ObservedGeneration is the latest generation observed + by the controller. + format: int64 + type: integer + ready: + description: Ready indicates the BootstrapData field is ready to be + consumed + type: boolean + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: capi-kubeadm-bootstrap-system/capi-kubeadm-bootstrap-serving-cert + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: bootstrap-kubeadm + cluster.x-k8s.io/v1alpha4: v1alpha4 + cluster.x-k8s.io/v1beta1: v1beta1 + clusterctl.cluster.x-k8s.io: "" + name: kubeadmconfigtemplates.bootstrap.cluster.x-k8s.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + caBundle: Cg== + service: + name: capi-kubeadm-bootstrap-webhook-service + namespace: capi-kubeadm-bootstrap-system + path: /convert + conversionReviewVersions: + - v1 + - v1beta1 + group: bootstrap.cluster.x-k8s.io + names: + categories: + - cluster-api + kind: KubeadmConfigTemplate + listKind: KubeadmConfigTemplateList + plural: kubeadmconfigtemplates + singular: kubeadmconfigtemplate + scope: Namespaced + versions: + - deprecated: true + name: v1alpha3 + schema: + openAPIV3Schema: + description: "KubeadmConfigTemplate is the Schema for the kubeadmconfigtemplates + API. \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KubeadmConfigTemplateSpec defines the desired state of KubeadmConfigTemplate. + properties: + template: + description: KubeadmConfigTemplateResource defines the Template structure. + properties: + spec: + description: KubeadmConfigSpec defines the desired state of KubeadmConfig. + Either ClusterConfiguration and InitConfiguration should be + defined or the JoinConfiguration should be defined. + properties: + clusterConfiguration: + description: ClusterConfiguration along with InitConfiguration + are the configurations necessary for the init command + properties: + apiServer: + description: APIServer contains extra settings for the + API server control plane component + properties: + certSANs: + description: CertSANs sets extra Subject Alternative + Names for the API Server signing cert. + items: + type: string + type: array + extraArgs: + additionalProperties: + type: string + description: 'ExtraArgs is an extra set of flags to + pass to the control plane component. TODO: This + is temporary and ideally we would like to switch + all components to use ComponentConfig + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host + volumes, mounted to the control plane component. + items: + description: HostPathMount contains elements describing + volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host + that will be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the + pod where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod + template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access + to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + timeoutForControlPlane: + description: TimeoutForControlPlane controls the timeout + that we use for API server to appear + type: string + type: object + apiVersion: + description: 'APIVersion defines the versioned schema + of this representation of an object. Servers should + convert recognized schemas to the latest internal value, + and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + certificatesDir: + description: 'CertificatesDir specifies where to store + or look for all required certificates. NB: if not provided, + this will default to `/etc/kubernetes/pki`' + type: string + clusterName: + description: The cluster name + type: string + controlPlaneEndpoint: + description: 'ControlPlaneEndpoint sets a stable IP address + or DNS name for the control plane; it can be a valid + IP address or a RFC-1123 DNS subdomain, both with optional + TCP port. In case the ControlPlaneEndpoint is not specified, + the AdvertiseAddress + BindPort are used; in case the + ControlPlaneEndpoint is specified but without a TCP + port, the BindPort is used. Possible usages are: e.g. + In a cluster with more than one control plane instances, + this field should be assigned the address of the external + load balancer in front of the control plane instances. + e.g. in environments with enforced node recycling, + the ControlPlaneEndpoint could be used for assigning + a stable DNS to the control plane. NB: This value defaults + to the first value in the Cluster object status.apiEndpoints + array.' + type: string + controllerManager: + description: ControllerManager contains extra settings + for the controller manager control plane component + properties: + extraArgs: + additionalProperties: + type: string + description: 'ExtraArgs is an extra set of flags to + pass to the control plane component. TODO: This + is temporary and ideally we would like to switch + all components to use ComponentConfig + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host + volumes, mounted to the control plane component. + items: + description: HostPathMount contains elements describing + volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host + that will be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the + pod where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod + template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access + to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + type: object + dns: + description: DNS defines the options for the DNS add-on + installed in the cluster. + properties: + imageRepository: + description: ImageRepository sets the container registry + to pull images from. if not set, the ImageRepository + defined in ClusterConfiguration will be used instead. + type: string + imageTag: + description: ImageTag allows to specify a tag for + the image. In case this value is set, kubeadm does + not change automatically the version of the above + components during upgrades. + type: string + type: + description: Type defines the DNS add-on to be used + type: string + type: object + etcd: + description: 'Etcd holds configuration for etcd. NB: This + value defaults to a Local (stacked) etcd' + properties: + external: + description: External describes how to connect to + an external etcd cluster Local and External are + mutually exclusive + properties: + caFile: + description: CAFile is an SSL Certificate Authority + file used to secure etcd communication. Required + if using a TLS connection. + type: string + certFile: + description: CertFile is an SSL certification + file used to secure etcd communication. Required + if using a TLS connection. + type: string + endpoints: + description: Endpoints of etcd members. Required + for ExternalEtcd. + items: + type: string + type: array + keyFile: + description: KeyFile is an SSL key file used to + secure etcd communication. Required if using + a TLS connection. + type: string + required: + - caFile + - certFile + - endpoints + - keyFile + type: object + local: + description: Local provides configuration knobs for + configuring the local etcd instance Local and External + are mutually exclusive + properties: + dataDir: + description: DataDir is the directory etcd will + place its data. Defaults to "/var/lib/etcd". + type: string + extraArgs: + additionalProperties: + type: string + description: ExtraArgs are extra arguments provided + to the etcd binary when run inside a static + pod. + type: object + imageRepository: + description: ImageRepository sets the container + registry to pull images from. if not set, the + ImageRepository defined in ClusterConfiguration + will be used instead. + type: string + imageTag: + description: ImageTag allows to specify a tag + for the image. In case this value is set, kubeadm + does not change automatically the version of + the above components during upgrades. + type: string + peerCertSANs: + description: PeerCertSANs sets extra Subject Alternative + Names for the etcd peer signing cert. + items: + type: string + type: array + serverCertSANs: + description: ServerCertSANs sets extra Subject + Alternative Names for the etcd server signing + cert. + items: + type: string + type: array + type: object + type: object + featureGates: + additionalProperties: + type: boolean + description: FeatureGates enabled by the user. + type: object + imageRepository: + description: ImageRepository sets the container registry + to pull images from. If empty, `k8s.gcr.io` will be + used by default; in case of kubernetes version is a + CI build (kubernetes version starts with `ci/` or `ci-cross/`) + `gcr.io/k8s-staging-ci-images` will be used as a default + for control plane components and for kube-proxy, while + `k8s.gcr.io` will be used for all the other images. + type: string + kind: + description: 'Kind is a string value representing the + REST resource this object represents. Servers may infer + this from the endpoint the client submits requests to. + Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + kubernetesVersion: + description: 'KubernetesVersion is the target version + of the control plane. NB: This value defaults to the + Machine object spec.version' + type: string + networking: + description: 'Networking holds configuration for the networking + topology of the cluster. NB: This value defaults to + the Cluster object spec.clusterNetwork.' + properties: + dnsDomain: + description: DNSDomain is the dns domain used by k8s + services. Defaults to "cluster.local". + type: string + podSubnet: + description: PodSubnet is the subnet used by pods. + If unset, the API server will not allocate CIDR + ranges for every node. Defaults to a comma-delimited + string of the Cluster object's spec.clusterNetwork.services.cidrBlocks + if that is set + type: string + serviceSubnet: + description: ServiceSubnet is the subnet used by k8s + services. Defaults to a comma-delimited string of + the Cluster object's spec.clusterNetwork.pods.cidrBlocks, + or to "10.96.0.0/12" if that's unset. + type: string + type: object + scheduler: + description: Scheduler contains extra settings for the + scheduler control plane component + properties: + extraArgs: + additionalProperties: + type: string + description: 'ExtraArgs is an extra set of flags to + pass to the control plane component. TODO: This + is temporary and ideally we would like to switch + all components to use ComponentConfig + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host + volumes, mounted to the control plane component. + items: + description: HostPathMount contains elements describing + volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host + that will be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the + pod where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod + template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access + to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + type: object + useHyperKubeImage: + description: UseHyperKubeImage controls if hyperkube should + be used for Kubernetes components instead of their respective + separate images + type: boolean + type: object + diskSetup: + description: DiskSetup specifies options for the creation + of partition tables and file systems on devices. + properties: + filesystems: + description: Filesystems specifies the list of file systems + to setup. + items: + description: Filesystem defines the file systems to + be created. + properties: + device: + description: Device specifies the device name + type: string + extraOpts: + description: ExtraOpts defined extra options to + add to the command for creating the file system. + items: + type: string + type: array + filesystem: + description: Filesystem specifies the file system + type. + type: string + label: + description: Label specifies the file system label + to be used. If set to None, no label is used. + type: string + overwrite: + description: Overwrite defines whether or not to + overwrite any existing filesystem. If true, any + pre-existing file system will be destroyed. Use + with Caution. + type: boolean + partition: + description: 'Partition specifies the partition + to use. The valid options are: "auto|any", "auto", + "any", "none", and , where NUM is the actual + partition number.' + type: string + replaceFS: + description: 'ReplaceFS is a special directive, + used for Microsoft Azure that instructs cloud-init + to replace a file system of . NOTE: unless + you define a label, this requires the use of the + ''any'' partition directive.' + type: string + required: + - device + - filesystem + - label + type: object + type: array + partitions: + description: Partitions specifies the list of the partitions + to setup. + items: + description: Partition defines how to create and layout + a partition. + properties: + device: + description: Device is the name of the device. + type: string + layout: + description: Layout specifies the device layout. + If it is true, a single partition will be created + for the entire device. When layout is false, it + means don't partition or ignore existing partitioning. + type: boolean + overwrite: + description: Overwrite describes whether to skip + checks and create the partition if a partition + or filesystem is found on the device. Use with + caution. Default is 'false'. + type: boolean + tableType: + description: 'TableType specifies the tupe of partition + table. The following are supported: ''mbr'': default + and setups a MS-DOS partition table ''gpt'': setups + a GPT partition table' + type: string + required: + - device + - layout + type: object + type: array + type: object + files: + description: Files specifies extra files to be passed to user_data + upon creation. + items: + description: File defines the input for generating write_files + in cloud-init. + properties: + content: + description: Content is the actual content of the file. + type: string + contentFrom: + description: ContentFrom is a referenced source of content + to populate the file. + properties: + secret: + description: Secret represents a secret that should + populate this file. + properties: + key: + description: Key is the key in the secret's + data map for this value. + type: string + name: + description: Name of the secret in the KubeadmBootstrapConfig's + namespace to use. + type: string + required: + - key + - name + type: object + required: + - secret + type: object + encoding: + description: Encoding specifies the encoding of the + file contents. + enum: + - base64 + - gzip + - gzip+base64 + type: string + owner: + description: Owner specifies the ownership of the file, + e.g. "root:root". + type: string + path: + description: Path specifies the full path on disk where + to store the file. + type: string + permissions: + description: Permissions specifies the permissions to + assign to the file, e.g. "0640". + type: string + required: + - path + type: object + type: array + format: + description: Format specifies the output format of the bootstrap + data + enum: + - cloud-config + type: string + initConfiguration: + description: InitConfiguration along with ClusterConfiguration + are the configurations necessary for the init command + properties: + apiVersion: + description: 'APIVersion defines the versioned schema + of this representation of an object. Servers should + convert recognized schemas to the latest internal value, + and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + bootstrapTokens: + description: BootstrapTokens is respected at `kubeadm + init` time and describes a set of Bootstrap Tokens to + create. This information IS NOT uploaded to the kubeadm + cluster configmap, partly because of its sensitive nature + items: + description: BootstrapToken describes one bootstrap + token, stored as a Secret in the cluster. + properties: + description: + description: Description sets a human-friendly message + why this token exists and what it's used for, + so other administrators can know its purpose. + type: string + expires: + description: Expires specifies the timestamp when + this token expires. Defaults to being set dynamically + at runtime based on the TTL. Expires and TTL are + mutually exclusive. + format: date-time + type: string + groups: + description: Groups specifies the extra groups that + this token will authenticate as when/if used for + authentication + items: + type: string + type: array + token: + description: Token is used for establishing bidirectional + trust between nodes and control-planes. Used for + joining nodes in the cluster. + type: string + ttl: + description: TTL defines the time to live for this + token. Defaults to 24h. Expires and TTL are mutually + exclusive. + type: string + usages: + description: Usages describes the ways in which + this token can be used. Can by default be used + for establishing bidirectional trust, but that + can be changed here. + items: + type: string + type: array + required: + - token + type: object + type: array + kind: + description: 'Kind is a string value representing the + REST resource this object represents. Servers may infer + this from the endpoint the client submits requests to. + Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + localAPIEndpoint: + description: LocalAPIEndpoint represents the endpoint + of the API server instance that's deployed on this control + plane node In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint + in the sense that ControlPlaneEndpoint is the global + endpoint for the cluster, which then loadbalances the + requests to each individual API server. This configuration + object lets you customize what IP/DNS name and port + the local API server advertises it's accessible on. + By default, kubeadm tries to auto-detect the IP of the + default interface and use that, but in case that process + fails you may set the desired value here. + properties: + advertiseAddress: + description: AdvertiseAddress sets the IP address + for the API server to advertise. + type: string + bindPort: + description: BindPort sets the secure port for the + API Server to bind to. Defaults to 6443. + format: int32 + type: integer + required: + - advertiseAddress + - bindPort + type: object + nodeRegistration: + description: NodeRegistration holds fields that relate + to registering the new control-plane node to the cluster. + When used in the context of control plane nodes, NodeRegistration + should remain consistent across both InitConfiguration + and JoinConfiguration + properties: + criSocket: + description: CRISocket is used to retrieve container + runtime info. This information will be annotated + to the Node API object, for later re-use + type: string + kubeletExtraArgs: + additionalProperties: + type: string + description: KubeletExtraArgs passes through extra + arguments to the kubelet. The arguments here are + passed to the kubelet command line via the environment + file kubeadm writes at runtime for the kubelet to + source. This overrides the generic base-level configuration + in the kubelet-config-1.X ConfigMap Flags have higher + priority when parsing. These values are local and + specific to the node kubeadm is executing on. + type: object + name: + description: Name is the `.Metadata.Name` field of + the Node API object that will be created in this + `kubeadm init` or `kubeadm join` operation. This + field is also used in the CommonName field of the + kubelet's client certificate to the API server. + Defaults to the hostname of the node if not provided. + type: string + taints: + description: 'Taints specifies the taints the Node + API object should be registered with. If this field + is unset, i.e. nil, in the `kubeadm init` process + it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. + If you don''t want to taint your control-plane node, + set this field to an empty slice, i.e. `taints: + {}` in the YAML file. This field is solely used + for Node registration.' + items: + description: The node this Taint is attached to + has the "effect" on any pod that does not tolerate + the Taint. + properties: + effect: + description: Required. The effect of the taint + on pods that do not tolerate the taint. Valid + effects are NoSchedule, PreferNoSchedule and + NoExecute. + type: string + key: + description: Required. The taint key to be applied + to a node. + type: string + timeAdded: + description: TimeAdded represents the time at + which the taint was added. It is only written + for NoExecute taints. + format: date-time + type: string + value: + description: The taint value corresponding to + the taint key. + type: string + required: + - effect + - key + type: object + type: array + type: object + type: object + joinConfiguration: + description: JoinConfiguration is the kubeadm configuration + for the join command + properties: + apiVersion: + description: 'APIVersion defines the versioned schema + of this representation of an object. Servers should + convert recognized schemas to the latest internal value, + and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + caCertPath: + description: 'CACertPath is the path to the SSL certificate + authority used to secure comunications between node + and control-plane. Defaults to "/etc/kubernetes/pki/ca.crt". + TODO: revisit when there is defaulting from k/k' + type: string + controlPlane: + description: ControlPlane defines the additional control + plane instance to be deployed on the joining node. If + nil, no additional control plane instance will be deployed. + properties: + localAPIEndpoint: + description: LocalAPIEndpoint represents the endpoint + of the API server instance to be deployed on this + node. + properties: + advertiseAddress: + description: AdvertiseAddress sets the IP address + for the API server to advertise. + type: string + bindPort: + description: BindPort sets the secure port for + the API Server to bind to. Defaults to 6443. + format: int32 + type: integer + required: + - advertiseAddress + - bindPort + type: object + type: object + discovery: + description: 'Discovery specifies the options for the + kubelet to use during the TLS Bootstrap process TODO: + revisit when there is defaulting from k/k' + properties: + bootstrapToken: + description: BootstrapToken is used to set the options + for bootstrap token based discovery BootstrapToken + and File are mutually exclusive + properties: + apiServerEndpoint: + description: APIServerEndpoint is an IP or domain + name to the API server from which info will + be fetched. + type: string + caCertHashes: + description: 'CACertHashes specifies a set of + public key pins to verify when token-based discovery + is used. The root CA found during discovery + must match one of these values. Specifying an + empty set disables root CA pinning, which can + be unsafe. Each hash is specified as ":", + where the only currently supported type is "sha256". + This is a hex-encoded SHA-256 hash of the Subject + Public Key Info (SPKI) object in DER-encoded + ASN.1. These hashes can be calculated using, + for example, OpenSSL: openssl x509 -pubkey -in + ca.crt openssl rsa -pubin -outform der 2>&/dev/null + | openssl dgst -sha256 -hex' + items: + type: string + type: array + token: + description: Token is a token used to validate + cluster information fetched from the control-plane. + type: string + unsafeSkipCAVerification: + description: UnsafeSkipCAVerification allows token-based + discovery without CA verification via CACertHashes. + This can weaken the security of kubeadm since + other nodes can impersonate the control-plane. + type: boolean + required: + - token + - unsafeSkipCAVerification + type: object + file: + description: File is used to specify a file or URL + to a kubeconfig file from which to load cluster + information BootstrapToken and File are mutually + exclusive + properties: + kubeConfigPath: + description: KubeConfigPath is used to specify + the actual file path or URL to the kubeconfig + file from which to load cluster information + type: string + required: + - kubeConfigPath + type: object + timeout: + description: Timeout modifies the discovery timeout + type: string + tlsBootstrapToken: + description: 'TLSBootstrapToken is a token used for + TLS bootstrapping. If .BootstrapToken is set, this + field is defaulted to .BootstrapToken.Token, but + can be overridden. If .File is set, this field **must + be set** in case the KubeConfigFile does not contain + any other authentication information TODO: revisit + when there is defaulting from k/k' + type: string + type: object + kind: + description: 'Kind is a string value representing the + REST resource this object represents. Servers may infer + this from the endpoint the client submits requests to. + Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + nodeRegistration: + description: NodeRegistration holds fields that relate + to registering the new control-plane node to the cluster. + When used in the context of control plane nodes, NodeRegistration + should remain consistent across both InitConfiguration + and JoinConfiguration + properties: + criSocket: + description: CRISocket is used to retrieve container + runtime info. This information will be annotated + to the Node API object, for later re-use + type: string + kubeletExtraArgs: + additionalProperties: + type: string + description: KubeletExtraArgs passes through extra + arguments to the kubelet. The arguments here are + passed to the kubelet command line via the environment + file kubeadm writes at runtime for the kubelet to + source. This overrides the generic base-level configuration + in the kubelet-config-1.X ConfigMap Flags have higher + priority when parsing. These values are local and + specific to the node kubeadm is executing on. + type: object + name: + description: Name is the `.Metadata.Name` field of + the Node API object that will be created in this + `kubeadm init` or `kubeadm join` operation. This + field is also used in the CommonName field of the + kubelet's client certificate to the API server. + Defaults to the hostname of the node if not provided. + type: string + taints: + description: 'Taints specifies the taints the Node + API object should be registered with. If this field + is unset, i.e. nil, in the `kubeadm init` process + it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. + If you don''t want to taint your control-plane node, + set this field to an empty slice, i.e. `taints: + {}` in the YAML file. This field is solely used + for Node registration.' + items: + description: The node this Taint is attached to + has the "effect" on any pod that does not tolerate + the Taint. + properties: + effect: + description: Required. The effect of the taint + on pods that do not tolerate the taint. Valid + effects are NoSchedule, PreferNoSchedule and + NoExecute. + type: string + key: + description: Required. The taint key to be applied + to a node. + type: string + timeAdded: + description: TimeAdded represents the time at + which the taint was added. It is only written + for NoExecute taints. + format: date-time + type: string + value: + description: The taint value corresponding to + the taint key. + type: string + required: + - effect + - key + type: object + type: array + type: object + type: object + mounts: + description: Mounts specifies a list of mount points to be + setup. + items: + description: MountPoints defines input for generated mounts + in cloud-init. + items: + type: string + type: array + type: array + ntp: + description: NTP specifies NTP configuration + properties: + enabled: + description: Enabled specifies whether NTP should be enabled + type: boolean + servers: + description: Servers specifies which NTP servers to use + items: + type: string + type: array + type: object + postKubeadmCommands: + description: PostKubeadmCommands specifies extra commands + to run after kubeadm runs + items: + type: string + type: array + preKubeadmCommands: + description: PreKubeadmCommands specifies extra commands to + run before kubeadm runs + items: + type: string + type: array + useExperimentalRetryJoin: + description: "UseExperimentalRetryJoin replaces a basic kubeadm + command with a shell script with retries for joins. \n This + is meant to be an experimental temporary workaround on some + environments where joins fail due to timing (and other issues). + The long term goal is to add retries to kubeadm proper and + use that functionality. \n This will add about 40KB to userdata + \n For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055." + type: boolean + users: + description: Users specifies extra users to add + items: + description: User defines the input for a generated user + in cloud-init. + properties: + gecos: + description: Gecos specifies the gecos to use for the + user + type: string + groups: + description: Groups specifies the additional groups + for the user + type: string + homeDir: + description: HomeDir specifies the home directory to + use for the user + type: string + inactive: + description: Inactive specifies whether to mark the + user as inactive + type: boolean + lockPassword: + description: LockPassword specifies if password login + should be disabled + type: boolean + name: + description: Name specifies the user name + type: string + passwd: + description: Passwd specifies a hashed password for + the user + type: string + primaryGroup: + description: PrimaryGroup specifies the primary group + for the user + type: string + shell: + description: Shell specifies the user's shell + type: string + sshAuthorizedKeys: + description: SSHAuthorizedKeys specifies a list of ssh + authorized keys for the user + items: + type: string + type: array + sudo: + description: Sudo specifies a sudo role for the user + type: string + required: + - name + type: object + type: array + verbosity: + description: Verbosity is the number for the kubeadm log level + verbosity. It overrides the `--v` flag in kubeadm commands. + format: int32 + type: integer + type: object + type: object + required: + - template + type: object + type: object + served: false + storage: false - additionalPrinterColumns: - description: Time duration since creation of KubeadmConfigTemplate jsonPath: .metadata.creationTimestamp @@ -4520,7 +6488,7 @@ spec: - --bootstrap-token-ttl=15m command: - /manager - image: registry.k8s.io/cluster-api/kubeadm-bootstrap-controller:v1.6.0 + image: registry.k8s.io/cluster-api/kubeadm-bootstrap-controller:v1.6.2 imagePullPolicy: IfNotPresent livenessProbe: httpGet: diff --git a/infra/capi/cluster-capi/cluster-api-control-plane.yaml b/infra/capi/cluster-capi/cluster-api-control-plane.yaml index 8ea6fce..b7ea7a4 100644 --- a/infra/capi/cluster-capi/cluster-api-control-plane.yaml +++ b/infra/capi/cluster-capi/cluster-api-control-plane.yaml @@ -45,6 +45,1180 @@ spec: singular: kubeadmcontrolplane scope: Namespaced versions: + - additionalPrinterColumns: + - description: This denotes whether or not the control plane has the uploaded + kubeadm-config configmap + jsonPath: .status.initialized + name: Initialized + type: boolean + - description: KubeadmControlPlane API Server is ready to receive requests + jsonPath: .status.ready + name: API Server Available + type: boolean + - description: Kubernetes version associated with this control plane + jsonPath: .spec.version + name: Version + type: string + - description: Total number of non-terminated machines targeted by this control + plane + jsonPath: .status.replicas + name: Replicas + type: integer + - description: Total number of fully running and ready control plane machines + jsonPath: .status.readyReplicas + name: Ready + type: integer + - description: Total number of non-terminated machines targeted by this control + plane that have the desired template spec + jsonPath: .status.updatedReplicas + name: Updated + type: integer + - description: Total number of unavailable machines targeted by this control plane + jsonPath: .status.unavailableReplicas + name: Unavailable + type: integer + deprecated: true + name: v1alpha3 + schema: + openAPIV3Schema: + description: "KubeadmControlPlane is the Schema for the KubeadmControlPlane + API. \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KubeadmControlPlaneSpec defines the desired state of KubeadmControlPlane. + properties: + infrastructureTemplate: + description: InfrastructureTemplate is a required reference to a custom + resource offered by an infrastructure provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + kubeadmConfigSpec: + description: KubeadmConfigSpec is a KubeadmConfigSpec to use for initializing + and joining machines to the control plane. + properties: + clusterConfiguration: + description: ClusterConfiguration along with InitConfiguration + are the configurations necessary for the init command + properties: + apiServer: + description: APIServer contains extra settings for the API + server control plane component + properties: + certSANs: + description: CertSANs sets extra Subject Alternative Names + for the API Server signing cert. + items: + type: string + type: array + extraArgs: + additionalProperties: + type: string + description: 'ExtraArgs is an extra set of flags to pass + to the control plane component. TODO: This is temporary + and ideally we would like to switch all components to + use ComponentConfig + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, + mounted to the control plane component. + items: + description: HostPathMount contains elements describing + volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host that + will be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the pod + where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the + volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + timeoutForControlPlane: + description: TimeoutForControlPlane controls the timeout + that we use for API server to appear + type: string + type: object + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + certificatesDir: + description: 'CertificatesDir specifies where to store or + look for all required certificates. NB: if not provided, + this will default to `/etc/kubernetes/pki`' + type: string + clusterName: + description: The cluster name + type: string + controlPlaneEndpoint: + description: 'ControlPlaneEndpoint sets a stable IP address + or DNS name for the control plane; it can be a valid IP + address or a RFC-1123 DNS subdomain, both with optional + TCP port. In case the ControlPlaneEndpoint is not specified, + the AdvertiseAddress + BindPort are used; in case the ControlPlaneEndpoint + is specified but without a TCP port, the BindPort is used. + Possible usages are: e.g. In a cluster with more than one + control plane instances, this field should be assigned the + address of the external load balancer in front of the control + plane instances. e.g. in environments with enforced node + recycling, the ControlPlaneEndpoint could be used for assigning + a stable DNS to the control plane. NB: This value defaults + to the first value in the Cluster object status.apiEndpoints + array.' + type: string + controllerManager: + description: ControllerManager contains extra settings for + the controller manager control plane component + properties: + extraArgs: + additionalProperties: + type: string + description: 'ExtraArgs is an extra set of flags to pass + to the control plane component. TODO: This is temporary + and ideally we would like to switch all components to + use ComponentConfig + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, + mounted to the control plane component. + items: + description: HostPathMount contains elements describing + volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host that + will be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the pod + where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the + volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + type: object + dns: + description: DNS defines the options for the DNS add-on installed + in the cluster. + properties: + imageRepository: + description: ImageRepository sets the container registry + to pull images from. if not set, the ImageRepository + defined in ClusterConfiguration will be used instead. + type: string + imageTag: + description: ImageTag allows to specify a tag for the + image. In case this value is set, kubeadm does not change + automatically the version of the above components during + upgrades. + type: string + type: + description: Type defines the DNS add-on to be used + type: string + type: object + etcd: + description: 'Etcd holds configuration for etcd. NB: This + value defaults to a Local (stacked) etcd' + properties: + external: + description: External describes how to connect to an external + etcd cluster Local and External are mutually exclusive + properties: + caFile: + description: CAFile is an SSL Certificate Authority + file used to secure etcd communication. Required + if using a TLS connection. + type: string + certFile: + description: CertFile is an SSL certification file + used to secure etcd communication. Required if using + a TLS connection. + type: string + endpoints: + description: Endpoints of etcd members. Required for + ExternalEtcd. + items: + type: string + type: array + keyFile: + description: KeyFile is an SSL key file used to secure + etcd communication. Required if using a TLS connection. + type: string + required: + - caFile + - certFile + - endpoints + - keyFile + type: object + local: + description: Local provides configuration knobs for configuring + the local etcd instance Local and External are mutually + exclusive + properties: + dataDir: + description: DataDir is the directory etcd will place + its data. Defaults to "/var/lib/etcd". + type: string + extraArgs: + additionalProperties: + type: string + description: ExtraArgs are extra arguments provided + to the etcd binary when run inside a static pod. + type: object + imageRepository: + description: ImageRepository sets the container registry + to pull images from. if not set, the ImageRepository + defined in ClusterConfiguration will be used instead. + type: string + imageTag: + description: ImageTag allows to specify a tag for + the image. In case this value is set, kubeadm does + not change automatically the version of the above + components during upgrades. + type: string + peerCertSANs: + description: PeerCertSANs sets extra Subject Alternative + Names for the etcd peer signing cert. + items: + type: string + type: array + serverCertSANs: + description: ServerCertSANs sets extra Subject Alternative + Names for the etcd server signing cert. + items: + type: string + type: array + type: object + type: object + featureGates: + additionalProperties: + type: boolean + description: FeatureGates enabled by the user. + type: object + imageRepository: + description: ImageRepository sets the container registry to + pull images from. If empty, `k8s.gcr.io` will be used by + default; in case of kubernetes version is a CI build (kubernetes + version starts with `ci/` or `ci-cross/`) `gcr.io/k8s-staging-ci-images` + will be used as a default for control plane components and + for kube-proxy, while `k8s.gcr.io` will be used for all + the other images. + type: string + kind: + description: 'Kind is a string value representing the REST + resource this object represents. Servers may infer this + from the endpoint the client submits requests to. Cannot + be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + kubernetesVersion: + description: 'KubernetesVersion is the target version of the + control plane. NB: This value defaults to the Machine object + spec.version' + type: string + networking: + description: 'Networking holds configuration for the networking + topology of the cluster. NB: This value defaults to the + Cluster object spec.clusterNetwork.' + properties: + dnsDomain: + description: DNSDomain is the dns domain used by k8s services. + Defaults to "cluster.local". + type: string + podSubnet: + description: PodSubnet is the subnet used by pods. If + unset, the API server will not allocate CIDR ranges + for every node. Defaults to a comma-delimited string + of the Cluster object's spec.clusterNetwork.services.cidrBlocks + if that is set + type: string + serviceSubnet: + description: ServiceSubnet is the subnet used by k8s services. + Defaults to a comma-delimited string of the Cluster + object's spec.clusterNetwork.pods.cidrBlocks, or to + "10.96.0.0/12" if that's unset. + type: string + type: object + scheduler: + description: Scheduler contains extra settings for the scheduler + control plane component + properties: + extraArgs: + additionalProperties: + type: string + description: 'ExtraArgs is an extra set of flags to pass + to the control plane component. TODO: This is temporary + and ideally we would like to switch all components to + use ComponentConfig + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, + mounted to the control plane component. + items: + description: HostPathMount contains elements describing + volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host that + will be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the pod + where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the + volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + type: object + useHyperKubeImage: + description: UseHyperKubeImage controls if hyperkube should + be used for Kubernetes components instead of their respective + separate images + type: boolean + type: object + diskSetup: + description: DiskSetup specifies options for the creation of partition + tables and file systems on devices. + properties: + filesystems: + description: Filesystems specifies the list of file systems + to setup. + items: + description: Filesystem defines the file systems to be created. + properties: + device: + description: Device specifies the device name + type: string + extraOpts: + description: ExtraOpts defined extra options to add + to the command for creating the file system. + items: + type: string + type: array + filesystem: + description: Filesystem specifies the file system type. + type: string + label: + description: Label specifies the file system label to + be used. If set to None, no label is used. + type: string + overwrite: + description: Overwrite defines whether or not to overwrite + any existing filesystem. If true, any pre-existing + file system will be destroyed. Use with Caution. + type: boolean + partition: + description: 'Partition specifies the partition to use. + The valid options are: "auto|any", "auto", "any", + "none", and , where NUM is the actual partition + number.' + type: string + replaceFS: + description: 'ReplaceFS is a special directive, used + for Microsoft Azure that instructs cloud-init to replace + a file system of . NOTE: unless you define + a label, this requires the use of the ''any'' partition + directive.' + type: string + required: + - device + - filesystem + - label + type: object + type: array + partitions: + description: Partitions specifies the list of the partitions + to setup. + items: + description: Partition defines how to create and layout + a partition. + properties: + device: + description: Device is the name of the device. + type: string + layout: + description: Layout specifies the device layout. If + it is true, a single partition will be created for + the entire device. When layout is false, it means + don't partition or ignore existing partitioning. + type: boolean + overwrite: + description: Overwrite describes whether to skip checks + and create the partition if a partition or filesystem + is found on the device. Use with caution. Default + is 'false'. + type: boolean + tableType: + description: 'TableType specifies the tupe of partition + table. The following are supported: ''mbr'': default + and setups a MS-DOS partition table ''gpt'': setups + a GPT partition table' + type: string + required: + - device + - layout + type: object + type: array + type: object + files: + description: Files specifies extra files to be passed to user_data + upon creation. + items: + description: File defines the input for generating write_files + in cloud-init. + properties: + content: + description: Content is the actual content of the file. + type: string + contentFrom: + description: ContentFrom is a referenced source of content + to populate the file. + properties: + secret: + description: Secret represents a secret that should + populate this file. + properties: + key: + description: Key is the key in the secret's data + map for this value. + type: string + name: + description: Name of the secret in the KubeadmBootstrapConfig's + namespace to use. + type: string + required: + - key + - name + type: object + required: + - secret + type: object + encoding: + description: Encoding specifies the encoding of the file + contents. + enum: + - base64 + - gzip + - gzip+base64 + type: string + owner: + description: Owner specifies the ownership of the file, + e.g. "root:root". + type: string + path: + description: Path specifies the full path on disk where + to store the file. + type: string + permissions: + description: Permissions specifies the permissions to assign + to the file, e.g. "0640". + type: string + required: + - path + type: object + type: array + format: + description: Format specifies the output format of the bootstrap + data + enum: + - cloud-config + type: string + initConfiguration: + description: InitConfiguration along with ClusterConfiguration + are the configurations necessary for the init command + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + bootstrapTokens: + description: BootstrapTokens is respected at `kubeadm init` + time and describes a set of Bootstrap Tokens to create. + This information IS NOT uploaded to the kubeadm cluster + configmap, partly because of its sensitive nature + items: + description: BootstrapToken describes one bootstrap token, + stored as a Secret in the cluster. + properties: + description: + description: Description sets a human-friendly message + why this token exists and what it's used for, so other + administrators can know its purpose. + type: string + expires: + description: Expires specifies the timestamp when this + token expires. Defaults to being set dynamically at + runtime based on the TTL. Expires and TTL are mutually + exclusive. + format: date-time + type: string + groups: + description: Groups specifies the extra groups that + this token will authenticate as when/if used for authentication + items: + type: string + type: array + token: + description: Token is used for establishing bidirectional + trust between nodes and control-planes. Used for joining + nodes in the cluster. + type: string + ttl: + description: TTL defines the time to live for this token. + Defaults to 24h. Expires and TTL are mutually exclusive. + type: string + usages: + description: Usages describes the ways in which this + token can be used. Can by default be used for establishing + bidirectional trust, but that can be changed here. + items: + type: string + type: array + required: + - token + type: object + type: array + kind: + description: 'Kind is a string value representing the REST + resource this object represents. Servers may infer this + from the endpoint the client submits requests to. Cannot + be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + localAPIEndpoint: + description: LocalAPIEndpoint represents the endpoint of the + API server instance that's deployed on this control plane + node In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint + in the sense that ControlPlaneEndpoint is the global endpoint + for the cluster, which then loadbalances the requests to + each individual API server. This configuration object lets + you customize what IP/DNS name and port the local API server + advertises it's accessible on. By default, kubeadm tries + to auto-detect the IP of the default interface and use that, + but in case that process fails you may set the desired value + here. + properties: + advertiseAddress: + description: AdvertiseAddress sets the IP address for + the API server to advertise. + type: string + bindPort: + description: BindPort sets the secure port for the API + Server to bind to. Defaults to 6443. + format: int32 + type: integer + required: + - advertiseAddress + - bindPort + type: object + nodeRegistration: + description: NodeRegistration holds fields that relate to + registering the new control-plane node to the cluster. When + used in the context of control plane nodes, NodeRegistration + should remain consistent across both InitConfiguration and + JoinConfiguration + properties: + criSocket: + description: CRISocket is used to retrieve container runtime + info. This information will be annotated to the Node + API object, for later re-use + type: string + kubeletExtraArgs: + additionalProperties: + type: string + description: KubeletExtraArgs passes through extra arguments + to the kubelet. The arguments here are passed to the + kubelet command line via the environment file kubeadm + writes at runtime for the kubelet to source. This overrides + the generic base-level configuration in the kubelet-config-1.X + ConfigMap Flags have higher priority when parsing. These + values are local and specific to the node kubeadm is + executing on. + type: object + name: + description: Name is the `.Metadata.Name` field of the + Node API object that will be created in this `kubeadm + init` or `kubeadm join` operation. This field is also + used in the CommonName field of the kubelet's client + certificate to the API server. Defaults to the hostname + of the node if not provided. + type: string + taints: + description: 'Taints specifies the taints the Node API + object should be registered with. If this field is unset, + i.e. nil, in the `kubeadm init` process it will be defaulted + to []v1.Taint{''node-role.kubernetes.io/master=""''}. + If you don''t want to taint your control-plane node, + set this field to an empty slice, i.e. `taints: {}` + in the YAML file. This field is solely used for Node + registration.' + items: + description: The node this Taint is attached to has + the "effect" on any pod that does not tolerate the + Taint. + properties: + effect: + description: Required. The effect of the taint on + pods that do not tolerate the taint. Valid effects + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Required. The taint key to be applied + to a node. + type: string + timeAdded: + description: TimeAdded represents the time at which + the taint was added. It is only written for NoExecute + taints. + format: date-time + type: string + value: + description: The taint value corresponding to the + taint key. + type: string + required: + - effect + - key + type: object + type: array + type: object + type: object + joinConfiguration: + description: JoinConfiguration is the kubeadm configuration for + the join command + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + caCertPath: + description: 'CACertPath is the path to the SSL certificate + authority used to secure comunications between node and + control-plane. Defaults to "/etc/kubernetes/pki/ca.crt". + TODO: revisit when there is defaulting from k/k' + type: string + controlPlane: + description: ControlPlane defines the additional control plane + instance to be deployed on the joining node. If nil, no + additional control plane instance will be deployed. + properties: + localAPIEndpoint: + description: LocalAPIEndpoint represents the endpoint + of the API server instance to be deployed on this node. + properties: + advertiseAddress: + description: AdvertiseAddress sets the IP address + for the API server to advertise. + type: string + bindPort: + description: BindPort sets the secure port for the + API Server to bind to. Defaults to 6443. + format: int32 + type: integer + required: + - advertiseAddress + - bindPort + type: object + type: object + discovery: + description: 'Discovery specifies the options for the kubelet + to use during the TLS Bootstrap process TODO: revisit when + there is defaulting from k/k' + properties: + bootstrapToken: + description: BootstrapToken is used to set the options + for bootstrap token based discovery BootstrapToken and + File are mutually exclusive + properties: + apiServerEndpoint: + description: APIServerEndpoint is an IP or domain + name to the API server from which info will be fetched. + type: string + caCertHashes: + description: 'CACertHashes specifies a set of public + key pins to verify when token-based discovery is + used. The root CA found during discovery must match + one of these values. Specifying an empty set disables + root CA pinning, which can be unsafe. Each hash + is specified as ":", where the only + currently supported type is "sha256". This is a + hex-encoded SHA-256 hash of the Subject Public Key + Info (SPKI) object in DER-encoded ASN.1. These hashes + can be calculated using, for example, OpenSSL: openssl + x509 -pubkey -in ca.crt openssl rsa -pubin -outform + der 2>&/dev/null | openssl dgst -sha256 -hex' + items: + type: string + type: array + token: + description: Token is a token used to validate cluster + information fetched from the control-plane. + type: string + unsafeSkipCAVerification: + description: UnsafeSkipCAVerification allows token-based + discovery without CA verification via CACertHashes. + This can weaken the security of kubeadm since other + nodes can impersonate the control-plane. + type: boolean + required: + - token + - unsafeSkipCAVerification + type: object + file: + description: File is used to specify a file or URL to + a kubeconfig file from which to load cluster information + BootstrapToken and File are mutually exclusive + properties: + kubeConfigPath: + description: KubeConfigPath is used to specify the + actual file path or URL to the kubeconfig file from + which to load cluster information + type: string + required: + - kubeConfigPath + type: object + timeout: + description: Timeout modifies the discovery timeout + type: string + tlsBootstrapToken: + description: 'TLSBootstrapToken is a token used for TLS + bootstrapping. If .BootstrapToken is set, this field + is defaulted to .BootstrapToken.Token, but can be overridden. + If .File is set, this field **must be set** in case + the KubeConfigFile does not contain any other authentication + information TODO: revisit when there is defaulting from + k/k' + type: string + type: object + kind: + description: 'Kind is a string value representing the REST + resource this object represents. Servers may infer this + from the endpoint the client submits requests to. Cannot + be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + nodeRegistration: + description: NodeRegistration holds fields that relate to + registering the new control-plane node to the cluster. When + used in the context of control plane nodes, NodeRegistration + should remain consistent across both InitConfiguration and + JoinConfiguration + properties: + criSocket: + description: CRISocket is used to retrieve container runtime + info. This information will be annotated to the Node + API object, for later re-use + type: string + kubeletExtraArgs: + additionalProperties: + type: string + description: KubeletExtraArgs passes through extra arguments + to the kubelet. The arguments here are passed to the + kubelet command line via the environment file kubeadm + writes at runtime for the kubelet to source. This overrides + the generic base-level configuration in the kubelet-config-1.X + ConfigMap Flags have higher priority when parsing. These + values are local and specific to the node kubeadm is + executing on. + type: object + name: + description: Name is the `.Metadata.Name` field of the + Node API object that will be created in this `kubeadm + init` or `kubeadm join` operation. This field is also + used in the CommonName field of the kubelet's client + certificate to the API server. Defaults to the hostname + of the node if not provided. + type: string + taints: + description: 'Taints specifies the taints the Node API + object should be registered with. If this field is unset, + i.e. nil, in the `kubeadm init` process it will be defaulted + to []v1.Taint{''node-role.kubernetes.io/master=""''}. + If you don''t want to taint your control-plane node, + set this field to an empty slice, i.e. `taints: {}` + in the YAML file. This field is solely used for Node + registration.' + items: + description: The node this Taint is attached to has + the "effect" on any pod that does not tolerate the + Taint. + properties: + effect: + description: Required. The effect of the taint on + pods that do not tolerate the taint. Valid effects + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Required. The taint key to be applied + to a node. + type: string + timeAdded: + description: TimeAdded represents the time at which + the taint was added. It is only written for NoExecute + taints. + format: date-time + type: string + value: + description: The taint value corresponding to the + taint key. + type: string + required: + - effect + - key + type: object + type: array + type: object + type: object + mounts: + description: Mounts specifies a list of mount points to be setup. + items: + description: MountPoints defines input for generated mounts + in cloud-init. + items: + type: string + type: array + type: array + ntp: + description: NTP specifies NTP configuration + properties: + enabled: + description: Enabled specifies whether NTP should be enabled + type: boolean + servers: + description: Servers specifies which NTP servers to use + items: + type: string + type: array + type: object + postKubeadmCommands: + description: PostKubeadmCommands specifies extra commands to run + after kubeadm runs + items: + type: string + type: array + preKubeadmCommands: + description: PreKubeadmCommands specifies extra commands to run + before kubeadm runs + items: + type: string + type: array + useExperimentalRetryJoin: + description: "UseExperimentalRetryJoin replaces a basic kubeadm + command with a shell script with retries for joins. \n This + is meant to be an experimental temporary workaround on some + environments where joins fail due to timing (and other issues). + The long term goal is to add retries to kubeadm proper and use + that functionality. \n This will add about 40KB to userdata + \n For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055." + type: boolean + users: + description: Users specifies extra users to add + items: + description: User defines the input for a generated user in + cloud-init. + properties: + gecos: + description: Gecos specifies the gecos to use for the user + type: string + groups: + description: Groups specifies the additional groups for + the user + type: string + homeDir: + description: HomeDir specifies the home directory to use + for the user + type: string + inactive: + description: Inactive specifies whether to mark the user + as inactive + type: boolean + lockPassword: + description: LockPassword specifies if password login should + be disabled + type: boolean + name: + description: Name specifies the user name + type: string + passwd: + description: Passwd specifies a hashed password for the + user + type: string + primaryGroup: + description: PrimaryGroup specifies the primary group for + the user + type: string + shell: + description: Shell specifies the user's shell + type: string + sshAuthorizedKeys: + description: SSHAuthorizedKeys specifies a list of ssh authorized + keys for the user + items: + type: string + type: array + sudo: + description: Sudo specifies a sudo role for the user + type: string + required: + - name + type: object + type: array + verbosity: + description: Verbosity is the number for the kubeadm log level + verbosity. It overrides the `--v` flag in kubeadm commands. + format: int32 + type: integer + type: object + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time that the + controller will spend on draining a controlplane node The default + value is 0, meaning that the node can be drained without any time + limitations. NOTE: NodeDrainTimeout is different from `kubectl drain + --timeout`' + type: string + replicas: + description: Number of desired machines. Defaults to 1. When stacked + etcd is used only odd numbers are permitted, as per [etcd best practice](https://etcd.io/docs/v3.3.12/faq/#why-an-odd-number-of-cluster-members). + This is a pointer to distinguish between explicit zero and not specified. + format: int32 + type: integer + rolloutStrategy: + description: The RolloutStrategy to use to replace control plane machines + with new ones. + properties: + rollingUpdate: + description: Rolling update config params. Present only if RolloutStrategyType + = RollingUpdate. + properties: + maxSurge: + anyOf: + - type: integer + - type: string + description: 'The maximum number of control planes that can + be scheduled above or under the desired number of control + planes. Value can be an absolute number 1 or 0. Defaults + to 1. Example: when this is set to 1, the control plane + can be scaled up immediately when the rolling update starts.' + x-kubernetes-int-or-string: true + type: object + type: + description: Type of rollout. Currently the only supported strategy + is "RollingUpdate". Default is RollingUpdate. + type: string + type: object + upgradeAfter: + description: UpgradeAfter is a field to indicate an upgrade should + be performed after the specified time even if no changes have been + made to the KubeadmControlPlane + format: date-time + type: string + version: + description: Version defines the desired Kubernetes version. + type: string + required: + - infrastructureTemplate + - kubeadmConfigSpec + - version + type: object + status: + description: KubeadmControlPlaneStatus defines the observed state of KubeadmControlPlane. + properties: + conditions: + description: Conditions defines current service state of the KubeadmControlPlane. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - status + - type + type: object + type: array + failureMessage: + description: ErrorMessage indicates that there is a terminal problem + reconciling the state, and will be set to a descriptive error message. + type: string + failureReason: + description: FailureReason indicates that there is a terminal problem + reconciling the state, and will be set to a token value suitable + for programmatic interpretation. + type: string + initialized: + description: Initialized denotes whether or not the control plane + has the uploaded kubeadm-config configmap. + type: boolean + observedGeneration: + description: ObservedGeneration is the latest generation observed + by the controller. + format: int64 + type: integer + ready: + description: Ready denotes that the KubeadmControlPlane API Server + is ready to receive requests. + type: boolean + readyReplicas: + description: Total number of fully running and ready control plane + machines. + format: int32 + type: integer + replicas: + description: Total number of non-terminated machines targeted by this + control plane (their labels match the selector). + format: int32 + type: integer + selector: + description: 'Selector is the label selector in string format to avoid + introspection by clients, and is used to provide the CRD-based integration + for the scale subresource and additional integrations for things + like kubectl describe.. The string will be in the same format as + the query-param syntax. More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors' + type: string + unavailableReplicas: + description: Total number of unavailable machines targeted by this + control plane. This is the total number of machines that are still + required for the deployment to have 100% available capacity. They + may either be machines that are running but not yet ready or machines + that still have not been created. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated machines targeted by this + control plane that have the desired template spec. + format: int32 + type: integer + type: object + type: object + served: false + storage: false + subresources: + scale: + labelSelectorPath: .status.selector + specReplicasPath: .spec.replicas + statusReplicasPath: .status.replicas + status: {} - additionalPrinterColumns: - description: Time duration since creation of KubeadmControlPlane jsonPath: .metadata.creationTimestamp @@ -5519,7 +6693,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.uid - image: registry.k8s.io/cluster-api/kubeadm-control-plane-controller:v1.6.0 + image: registry.k8s.io/cluster-api/kubeadm-control-plane-controller:v1.6.2 imagePullPolicy: IfNotPresent livenessProbe: httpGet: diff --git a/infra/capi/cluster-capi/cluster-api-core.yaml b/infra/capi/cluster-capi/cluster-api-core.yaml index 0d52752..76d6a15 100644 --- a/infra/capi/cluster-capi/cluster-api-core.yaml +++ b/infra/capi/cluster-capi/cluster-api-core.yaml @@ -1980,6 +1980,91 @@ spec: singular: clusterresourcesetbinding scope: Namespaced versions: + - deprecated: true + name: v1alpha3 + schema: + openAPIV3Schema: + description: "ClusterResourceSetBinding lists all matching ClusterResourceSets + with the cluster it belongs to. \n Deprecated: This type will be removed + in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ClusterResourceSetBindingSpec defines the desired state of + ClusterResourceSetBinding. + properties: + bindings: + description: Bindings is a list of ClusterResourceSets and their resources. + items: + description: ResourceSetBinding keeps info on all of the resources + in a ClusterResourceSet. + properties: + clusterResourceSetName: + description: ClusterResourceSetName is the name of the ClusterResourceSet + that is applied to the owner cluster of the binding. + type: string + resources: + description: Resources is a list of resources that the ClusterResourceSet + has. + items: + description: ResourceBinding shows the status of a resource + that belongs to a ClusterResourceSet matched by the owner + cluster of the ClusterResourceSetBinding object. + properties: + applied: + description: Applied is to track if a resource is applied + to the cluster or not. + type: boolean + hash: + description: Hash is the hash of a resource's data. This + can be used to decide if a resource is changed. For + "ApplyOnce" ClusterResourceSet.spec.strategy, this is + no-op as that strategy does not act on change. + type: string + kind: + description: 'Kind of the resource. Supported kinds are: + Secrets and ConfigMaps.' + enum: + - Secret + - ConfigMap + type: string + lastAppliedTime: + description: LastAppliedTime identifies when this resource + was last applied to the cluster. + format: date-time + type: string + name: + description: Name of the resource that is in the same + namespace with ClusterResourceSet object. + minLength: 1 + type: string + required: + - applied + - kind + - name + type: object + type: array + required: + - clusterResourceSetName + type: object + type: array + type: object + type: object + served: false + storage: false + subresources: + status: {} - additionalPrinterColumns: - description: Time duration since creation of ClusterResourceSetBinding jsonPath: .metadata.creationTimestamp @@ -2203,6 +2288,165 @@ spec: singular: clusterresourceset scope: Namespaced versions: + - deprecated: true + name: v1alpha3 + schema: + openAPIV3Schema: + description: "ClusterResourceSet is the Schema for the clusterresourcesets + API. \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ClusterResourceSetSpec defines the desired state of ClusterResourceSet. + properties: + clusterSelector: + description: Label selector for Clusters. The Clusters that are selected + by this will be the ones affected by this ClusterResourceSet. It + must match the Cluster labels. This field is immutable. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + resources: + description: Resources is a list of Secrets/ConfigMaps where each + contains 1 or more resources to be applied to remote clusters. + items: + description: ResourceRef specifies a resource. + properties: + kind: + description: 'Kind of the resource. Supported kinds are: Secrets + and ConfigMaps.' + enum: + - Secret + - ConfigMap + type: string + name: + description: Name of the resource that is in the same namespace + with ClusterResourceSet object. + minLength: 1 + type: string + required: + - kind + - name + type: object + type: array + strategy: + description: Strategy is the strategy to be used during applying resources. + Defaults to ApplyOnce. This field is immutable. + enum: + - ApplyOnce + type: string + required: + - clusterSelector + type: object + status: + description: ClusterResourceSetStatus defines the observed state of ClusterResourceSet. + properties: + conditions: + description: Conditions defines current state of the ClusterResourceSet. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - status + - type + type: object + type: array + observedGeneration: + description: ObservedGeneration reflects the generation of the most + recently observed ClusterResourceSet. + format: int64 + type: integer + type: object + type: object + served: false + storage: false + subresources: + status: {} - additionalPrinterColumns: - description: Time duration since creation of ClusterResourceSet jsonPath: .metadata.creationTimestamp @@ -2578,20 +2822,15 @@ spec: scope: Namespaced versions: - additionalPrinterColumns: - - description: Time duration since creation of Cluster - jsonPath: .metadata.creationTimestamp - name: Age - type: date - description: Cluster status such as Pending/Provisioning/Provisioned/Deleting/Failed jsonPath: .status.phase name: Phase type: string deprecated: true - name: v1alpha4 + name: v1alpha3 schema: openAPIV3Schema: - description: "Cluster is the Schema for the clusters API. \n Deprecated: This - type will be removed in one of the next releases." + description: Cluster is the Schema for the clusters API. properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -2737,135 +2976,6 @@ spec: description: Paused can be used to prevent controllers from processing the Cluster and all its associated objects. type: boolean - topology: - description: 'This encapsulates the topology for the cluster. NOTE: - It is required to enable the ClusterTopology feature gate flag to - activate managed topologies support; this feature is highly experimental, - and parts of it might still be not implemented.' - properties: - class: - description: The name of the ClusterClass object to create the - topology. - type: string - controlPlane: - description: ControlPlane describes the cluster control plane. - properties: - metadata: - description: "Metadata is the metadata applied to the machines - of the ControlPlane. At runtime this metadata is merged - with the corresponding metadata from the ClusterClass. \n - This field is supported if and only if the control plane - provider template referenced in the ClusterClass is Machine - based." - properties: - annotations: - additionalProperties: - type: string - description: 'Annotations is an unstructured key value - map stored with a resource that may be set by external - tools to store and retrieve arbitrary metadata. They - are not queryable and should be preserved when modifying - objects. More info: http://kubernetes.io/docs/user-guide/annotations' - type: object - labels: - additionalProperties: - type: string - description: 'Map of string keys and values that can be - used to organize and categorize (scope and select) objects. - May match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' - type: object - type: object - replicas: - description: Replicas is the number of control plane nodes. - If the value is nil, the ControlPlane object is created - without the number of Replicas and it's assumed that the - control plane controller does not implement support for - this field. When specified against a control plane provider - that lacks support for this field, this value will be ignored. - format: int32 - type: integer - type: object - rolloutAfter: - description: RolloutAfter performs a rollout of the entire cluster - one component at a time, control plane first and then machine - deployments. - format: date-time - type: string - version: - description: The Kubernetes version of the cluster. - type: string - workers: - description: Workers encapsulates the different constructs that - form the worker nodes for the cluster. - properties: - machineDeployments: - description: MachineDeployments is a list of machine deployments - in the cluster. - items: - description: MachineDeploymentTopology specifies the different - parameters for a set of worker nodes in the topology. - This set of nodes is managed by a MachineDeployment object - whose lifecycle is managed by the Cluster controller. - properties: - class: - description: Class is the name of the MachineDeploymentClass - used to create the set of worker nodes. This should - match one of the deployment classes defined in the - ClusterClass object mentioned in the `Cluster.Spec.Class` - field. - type: string - metadata: - description: Metadata is the metadata applied to the - machines of the MachineDeployment. At runtime this - metadata is merged with the corresponding metadata - from the ClusterClass. - properties: - annotations: - additionalProperties: - type: string - description: 'Annotations is an unstructured key - value map stored with a resource that may be set - by external tools to store and retrieve arbitrary - metadata. They are not queryable and should be - preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' - type: object - labels: - additionalProperties: - type: string - description: 'Map of string keys and values that - can be used to organize and categorize (scope - and select) objects. May match selectors of replication - controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' - type: object - type: object - name: - description: Name is the unique identifier for this - MachineDeploymentTopology. The value is used with - other unique identifiers to create a MachineDeployment's - Name (e.g. cluster's name, etc). In case the name - is greater than the allowed maximum length, the values - are hashed together. - type: string - replicas: - description: Replicas is the number of worker nodes - belonging to this set. If the value is nil, the MachineDeployment - is created without the number of Replicas (defaulting - to zero) and it's assumed that an external entity - (like cluster autoscaler) is responsible for the management - of this value. - format: int32 - type: integer - required: - - class - - name - type: object - type: array - type: object - required: - - class - - version - type: object type: object status: description: ClusterStatus defines the observed state of Cluster. @@ -2914,6 +3024,10 @@ spec: - type type: object type: array + controlPlaneInitialized: + description: ControlPlaneInitialized defines if the control plane + has been initialized. + type: boolean controlPlaneReady: description: ControlPlaneReady defines if the control plane is ready. type: boolean @@ -2966,27 +3080,20 @@ spec: subresources: status: {} - additionalPrinterColumns: - - description: ClusterClass of this Cluster, empty if the Cluster is not using - a ClusterClass - jsonPath: .spec.topology.class - name: ClusterClass - type: string - - description: Cluster status such as Pending/Provisioning/Provisioned/Deleting/Failed - jsonPath: .status.phase - name: Phase - type: string - description: Time duration since creation of Cluster jsonPath: .metadata.creationTimestamp name: Age type: date - - description: Kubernetes version associated with this Cluster - jsonPath: .spec.topology.version - name: Version + - description: Cluster status such as Pending/Provisioning/Provisioned/Deleting/Failed + jsonPath: .status.phase + name: Phase type: string - name: v1beta1 + deprecated: true + name: v1alpha4 schema: openAPIV3Schema: - description: Cluster is the Schema for the clusters API. + description: "Cluster is the Schema for the clusters API. \n Deprecated: This + type will be removed in one of the next releases." properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -3145,135 +3252,22 @@ spec: controlPlane: description: ControlPlane describes the cluster control plane. properties: - machineHealthCheck: - description: MachineHealthCheck allows to enable, disable - and override the MachineHealthCheck configuration in the - ClusterClass for this control plane. + metadata: + description: "Metadata is the metadata applied to the machines + of the ControlPlane. At runtime this metadata is merged + with the corresponding metadata from the ClusterClass. \n + This field is supported if and only if the control plane + provider template referenced in the ClusterClass is Machine + based." properties: - enable: - description: "Enable controls if a MachineHealthCheck - should be created for the target machines. \n If false: - No MachineHealthCheck will be created. \n If not set(default): - A MachineHealthCheck will be created if it is defined - here or in the associated ClusterClass. If no MachineHealthCheck - is defined then none will be created. \n If true: A - MachineHealthCheck is guaranteed to be created. Cluster - validation will block if `enable` is true and no MachineHealthCheck - definition is available." - type: boolean - maxUnhealthy: - anyOf: - - type: integer - - type: string - description: Any further remediation is only allowed if - at most "MaxUnhealthy" machines selected by "selector" - are not healthy. - x-kubernetes-int-or-string: true - nodeStartupTimeout: - description: Machines older than this duration without - a node will be considered to have failed and will be - remediated. If you wish to disable this feature, set - the value explicitly to 0. - type: string - remediationTemplate: - description: "RemediationTemplate is a reference to a - remediation template provided by an infrastructure provider. - \n This field is completely optional, when filled, the - MachineHealthCheck controller creates a new object from - the template referenced and hands off remediation of - the machine to a controller that lives outside of Cluster - API." - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object - instead of an entire object, this string should - contain a valid JSON/Go field access statement, - such as desiredState.manifest.containers[2]. For - example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container - that triggered the event) or if no container name - is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only - to have some well-defined way of referencing a part - of an object. TODO: this design is not final and - this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this - reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - unhealthyConditions: - description: UnhealthyConditions contains a list of the - conditions that determine whether a node is considered - unhealthy. The conditions are combined in a logical - OR, i.e. if any of the conditions is met, the node is - unhealthy. - items: - description: UnhealthyCondition represents a Node condition - type and value with a timeout specified as a duration. When - the named condition has been in the given status for - at least the timeout value, a node is considered unhealthy. - properties: - status: - minLength: 1 - type: string - timeout: - type: string - type: - minLength: 1 - type: string - required: - - status - - timeout - - type - type: object - type: array - unhealthyRange: - description: 'Any further remediation is only allowed - if the number of machines selected by "selector" as - not healthy is within the range of "UnhealthyRange". - Takes precedence over MaxUnhealthy. Eg. "[3-5]" - This - means that remediation will be allowed only when: (a) - there are at least 3 unhealthy machines (and) (b) there - are at most 5 unhealthy machines' - pattern: ^\[[0-9]+-[0-9]+\]$ - type: string - type: object - metadata: - description: Metadata is the metadata applied to the ControlPlane - and the Machines of the ControlPlane if the ControlPlaneTemplate - referenced by the ClusterClass is machine based. If not, - it is applied only to the ControlPlane. At runtime this - metadata is merged with the corresponding metadata from - the ClusterClass. - properties: - annotations: - additionalProperties: - type: string - description: 'Annotations is an unstructured key value - map stored with a resource that may be set by external - tools to store and retrieve arbitrary metadata. They - are not queryable and should be preserved when modifying - objects. More info: http://kubernetes.io/docs/user-guide/annotations' + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value + map stored with a resource that may be set by external + tools to store and retrieve arbitrary metadata. They + are not queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' type: object labels: additionalProperties: @@ -3284,25 +3278,6 @@ spec: More info: http://kubernetes.io/docs/user-guide/labels' type: object type: object - nodeDeletionTimeout: - description: NodeDeletionTimeout defines how long the controller - will attempt to delete the Node that the Machine hosts after - the Machine is marked for deletion. A duration of 0 will - retry deletion indefinitely. Defaults to 10 seconds. - type: string - nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of time - that the controller will spend on draining a node. The default - value is 0, meaning that the node can be drained without - any time limitations. NOTE: NodeDrainTimeout is different - from `kubectl drain --timeout`' - type: string - nodeVolumeDetachTimeout: - description: NodeVolumeDetachTimeout is the total amount of - time that the controller will spend on waiting for all volumes - to be detached. The default value is 0, meaning that the - volumes can be detached without any time limitations. - type: string replicas: description: Replicas is the number of control plane nodes. If the value is nil, the ControlPlane object is created @@ -3314,47 +3289,11 @@ spec: type: integer type: object rolloutAfter: - description: "RolloutAfter performs a rollout of the entire cluster + description: RolloutAfter performs a rollout of the entire cluster one component at a time, control plane first and then machine - deployments. \n Deprecated: This field has no function and is - going to be removed in the next apiVersion." + deployments. format: date-time type: string - variables: - description: Variables can be used to customize the Cluster through - patches. They must comply to the corresponding VariableClasses - defined in the ClusterClass. - items: - description: ClusterVariable can be used to customize the Cluster - through patches. Each ClusterVariable is associated with a - Variable definition in the ClusterClass `status` variables. - properties: - definitionFrom: - description: 'DefinitionFrom specifies where the definition - of this Variable is from. DefinitionFrom is `inline` when - the definition is from the ClusterClass `.spec.variables` - or the name of a patch defined in the ClusterClass `.spec.patches` - where the patch is external and provides external variables. - This field is mandatory if the variable has `DefinitionsConflict: - true` in ClusterClass `status.variables[]`' - type: string - name: - description: Name of the variable. - type: string - value: - description: 'Value of the variable. Note: the value will - be validated against the schema of the corresponding ClusterClassVariable - from the ClusterClass. Note: We have to use apiextensionsv1.JSON - instead of a custom JSON type, because controller-tools - has a hard-coded schema for apiextensionsv1.JSON which - cannot be produced by another type via controller-tools, - i.e. it is not possible to have no type field. Ref: https://github.com/kubernetes-sigs/controller-tools/blob/d0e03a142d0ecdd5491593e941ee1d6b5d91dba6/pkg/crd/known_types.go#L106-L111' - x-kubernetes-preserve-unknown-fields: true - required: - - name - - value - type: object - type: array version: description: The Kubernetes version of the cluster. type: string @@ -3378,138 +3317,11 @@ spec: ClusterClass object mentioned in the `Cluster.Spec.Class` field. type: string - failureDomain: - description: FailureDomain is the failure domain the - machines will be created in. Must match a key in the - FailureDomains map stored on the cluster object. - type: string - machineHealthCheck: - description: MachineHealthCheck allows to enable, disable - and override the MachineHealthCheck configuration - in the ClusterClass for this MachineDeployment. - properties: - enable: - description: "Enable controls if a MachineHealthCheck - should be created for the target machines. \n - If false: No MachineHealthCheck will be created. - \n If not set(default): A MachineHealthCheck will - be created if it is defined here or in the associated - ClusterClass. If no MachineHealthCheck is defined - then none will be created. \n If true: A MachineHealthCheck - is guaranteed to be created. Cluster validation - will block if `enable` is true and no MachineHealthCheck - definition is available." - type: boolean - maxUnhealthy: - anyOf: - - type: integer - - type: string - description: Any further remediation is only allowed - if at most "MaxUnhealthy" machines selected by - "selector" are not healthy. - x-kubernetes-int-or-string: true - nodeStartupTimeout: - description: Machines older than this duration without - a node will be considered to have failed and will - be remediated. If you wish to disable this feature, - set the value explicitly to 0. - type: string - remediationTemplate: - description: "RemediationTemplate is a reference - to a remediation template provided by an infrastructure - provider. \n This field is completely optional, - when filled, the MachineHealthCheck controller - creates a new object from the template referenced - and hands off remediation of the machine to a - controller that lives outside of Cluster API." - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an - object instead of an entire object, this string - should contain a valid JSON/Go field access - statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to - a container within a pod, this would take - on a value like: "spec.containers{name}" (where - "name" refers to the name of the container - that triggered the event) or if no container - name is specified "spec.containers[2]" (container - with index 2 in this pod). This syntax is - chosen only to have some well-defined way - of referencing a part of an object. TODO: - this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which - this reference is made, if any. More info: - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - unhealthyConditions: - description: UnhealthyConditions contains a list - of the conditions that determine whether a node - is considered unhealthy. The conditions are combined - in a logical OR, i.e. if any of the conditions - is met, the node is unhealthy. - items: - description: UnhealthyCondition represents a Node - condition type and value with a timeout specified - as a duration. When the named condition has - been in the given status for at least the timeout - value, a node is considered unhealthy. - properties: - status: - minLength: 1 - type: string - timeout: - type: string - type: - minLength: 1 - type: string - required: - - status - - timeout - - type - type: object - type: array - unhealthyRange: - description: 'Any further remediation is only allowed - if the number of machines selected by "selector" - as not healthy is within the range of "UnhealthyRange". - Takes precedence over MaxUnhealthy. Eg. "[3-5]" - - This means that remediation will be allowed - only when: (a) there are at least 3 unhealthy - machines (and) (b) there are at most 5 unhealthy - machines' - pattern: ^\[[0-9]+-[0-9]+\]$ - type: string - type: object metadata: description: Metadata is the metadata applied to the - MachineDeployment and the machines of the MachineDeployment. - At runtime this metadata is merged with the corresponding - metadata from the ClusterClass. + machines of the MachineDeployment. At runtime this + metadata is merged with the corresponding metadata + from the ClusterClass. properties: annotations: additionalProperties: @@ -3529,12 +3341,6 @@ spec: controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' type: object type: object - minReadySeconds: - description: Minimum number of seconds for which a newly - created machine should be ready. Defaults to 0 (machine - will be considered available as soon as it is ready) - format: int32 - type: integer name: description: Name is the unique identifier for this MachineDeploymentTopology. The value is used with @@ -3543,296 +3349,15 @@ spec: is greater than the allowed maximum length, the values are hashed together. type: string - nodeDeletionTimeout: - description: NodeDeletionTimeout defines how long the - controller will attempt to delete the Node that the - Machine hosts after the Machine is marked for deletion. - A duration of 0 will retry deletion indefinitely. - Defaults to 10 seconds. - type: string - nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of - time that the controller will spend on draining a - node. The default value is 0, meaning that the node - can be drained without any time limitations. NOTE: - NodeDrainTimeout is different from `kubectl drain - --timeout`' - type: string - nodeVolumeDetachTimeout: - description: NodeVolumeDetachTimeout is the total amount - of time that the controller will spend on waiting - for all volumes to be detached. The default value - is 0, meaning that the volumes can be detached without - any time limitations. - type: string replicas: description: Replicas is the number of worker nodes belonging to this set. If the value is nil, the MachineDeployment is created without the number of Replicas (defaulting - to 1) and it's assumed that an external entity (like - cluster autoscaler) is responsible for the management + to zero) and it's assumed that an external entity + (like cluster autoscaler) is responsible for the management of this value. format: int32 type: integer - strategy: - description: The deployment strategy to use to replace - existing machines with new ones. - properties: - rollingUpdate: - description: Rolling update config params. Present - only if MachineDeploymentStrategyType = RollingUpdate. - properties: - deletePolicy: - description: DeletePolicy defines the policy - used by the MachineDeployment to identify - nodes to delete when downscaling. Valid values - are "Random, "Newest", "Oldest" When no value - is supplied, the default DeletePolicy of MachineSet - is used - enum: - - Random - - Newest - - Oldest - type: string - maxSurge: - anyOf: - - type: integer - - type: string - description: 'The maximum number of machines - that can be scheduled above the desired number - of machines. Value can be an absolute number - (ex: 5) or a percentage of desired machines - (ex: 10%). This can not be 0 if MaxUnavailable - is 0. Absolute number is calculated from percentage - by rounding up. Defaults to 1. Example: when - this is set to 30%, the new MachineSet can - be scaled up immediately when the rolling - update starts, such that the total number - of old and new machines do not exceed 130% - of desired machines. Once old machines have - been killed, new MachineSet can be scaled - up further, ensuring that total number of - machines running at any time during the update - is at most 130% of desired machines.' - x-kubernetes-int-or-string: true - maxUnavailable: - anyOf: - - type: integer - - type: string - description: 'The maximum number of machines - that can be unavailable during the update. - Value can be an absolute number (ex: 5) or - a percentage of desired machines (ex: 10%). - Absolute number is calculated from percentage - by rounding down. This can not be 0 if MaxSurge - is 0. Defaults to 0. Example: when this is - set to 30%, the old MachineSet can be scaled - down to 70% of desired machines immediately - when the rolling update starts. Once new machines - are ready, old MachineSet can be scaled down - further, followed by scaling up the new MachineSet, - ensuring that the total number of machines - available at all times during the update is - at least 70% of desired machines.' - x-kubernetes-int-or-string: true - type: object - type: - description: Type of deployment. Allowed values - are RollingUpdate and OnDelete. The default is - RollingUpdate. - enum: - - RollingUpdate - - OnDelete - type: string - type: object - variables: - description: Variables can be used to customize the - MachineDeployment through patches. - properties: - overrides: - description: Overrides can be used to override Cluster - level variables. - items: - description: ClusterVariable can be used to customize - the Cluster through patches. Each ClusterVariable - is associated with a Variable definition in - the ClusterClass `status` variables. - properties: - definitionFrom: - description: 'DefinitionFrom specifies where - the definition of this Variable is from. - DefinitionFrom is `inline` when the definition - is from the ClusterClass `.spec.variables` - or the name of a patch defined in the ClusterClass - `.spec.patches` where the patch is external - and provides external variables. This field - is mandatory if the variable has `DefinitionsConflict: - true` in ClusterClass `status.variables[]`' - type: string - name: - description: Name of the variable. - type: string - value: - description: 'Value of the variable. Note: - the value will be validated against the - schema of the corresponding ClusterClassVariable - from the ClusterClass. Note: We have to - use apiextensionsv1.JSON instead of a custom - JSON type, because controller-tools has - a hard-coded schema for apiextensionsv1.JSON - which cannot be produced by another type - via controller-tools, i.e. it is not possible - to have no type field. Ref: https://github.com/kubernetes-sigs/controller-tools/blob/d0e03a142d0ecdd5491593e941ee1d6b5d91dba6/pkg/crd/known_types.go#L106-L111' - x-kubernetes-preserve-unknown-fields: true - required: - - name - - value - type: object - type: array - type: object - required: - - class - - name - type: object - type: array - machinePools: - description: MachinePools is a list of machine pools in the - cluster. - items: - description: MachinePoolTopology specifies the different - parameters for a pool of worker nodes in the topology. - This pool of nodes is managed by a MachinePool object - whose lifecycle is managed by the Cluster controller. - properties: - class: - description: Class is the name of the MachinePoolClass - used to create the pool of worker nodes. This should - match one of the deployment classes defined in the - ClusterClass object mentioned in the `Cluster.Spec.Class` - field. - type: string - failureDomains: - description: FailureDomains is the list of failure domains - the machine pool will be created in. Must match a - key in the FailureDomains map stored on the cluster - object. - items: - type: string - type: array - metadata: - description: Metadata is the metadata applied to the - MachinePool. At runtime this metadata is merged with - the corresponding metadata from the ClusterClass. - properties: - annotations: - additionalProperties: - type: string - description: 'Annotations is an unstructured key - value map stored with a resource that may be set - by external tools to store and retrieve arbitrary - metadata. They are not queryable and should be - preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' - type: object - labels: - additionalProperties: - type: string - description: 'Map of string keys and values that - can be used to organize and categorize (scope - and select) objects. May match selectors of replication - controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' - type: object - type: object - minReadySeconds: - description: Minimum number of seconds for which a newly - created machine pool should be ready. Defaults to - 0 (machine will be considered available as soon as - it is ready) - format: int32 - type: integer - name: - description: Name is the unique identifier for this - MachinePoolTopology. The value is used with other - unique identifiers to create a MachinePool's Name - (e.g. cluster's name, etc). In case the name is greater - than the allowed maximum length, the values are hashed - together. - type: string - nodeDeletionTimeout: - description: NodeDeletionTimeout defines how long the - controller will attempt to delete the Node that the - MachinePool hosts after the MachinePool is marked - for deletion. A duration of 0 will retry deletion - indefinitely. Defaults to 10 seconds. - type: string - nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of - time that the controller will spend on draining a - node. The default value is 0, meaning that the node - can be drained without any time limitations. NOTE: - NodeDrainTimeout is different from `kubectl drain - --timeout`' - type: string - nodeVolumeDetachTimeout: - description: NodeVolumeDetachTimeout is the total amount - of time that the controller will spend on waiting - for all volumes to be detached. The default value - is 0, meaning that the volumes can be detached without - any time limitations. - type: string - replicas: - description: Replicas is the number of nodes belonging - to this pool. If the value is nil, the MachinePool - is created without the number of Replicas (defaulting - to 1) and it's assumed that an external entity (like - cluster autoscaler) is responsible for the management - of this value. - format: int32 - type: integer - variables: - description: Variables can be used to customize the - MachinePool through patches. - properties: - overrides: - description: Overrides can be used to override Cluster - level variables. - items: - description: ClusterVariable can be used to customize - the Cluster through patches. Each ClusterVariable - is associated with a Variable definition in - the ClusterClass `status` variables. - properties: - definitionFrom: - description: 'DefinitionFrom specifies where - the definition of this Variable is from. - DefinitionFrom is `inline` when the definition - is from the ClusterClass `.spec.variables` - or the name of a patch defined in the ClusterClass - `.spec.patches` where the patch is external - and provides external variables. This field - is mandatory if the variable has `DefinitionsConflict: - true` in ClusterClass `status.variables[]`' - type: string - name: - description: Name of the variable. - type: string - value: - description: 'Value of the variable. Note: - the value will be validated against the - schema of the corresponding ClusterClassVariable - from the ClusterClass. Note: We have to - use apiextensionsv1.JSON instead of a custom - JSON type, because controller-tools has - a hard-coded schema for apiextensionsv1.JSON - which cannot be produced by another type - via controller-tools, i.e. it is not possible - to have no type field. Ref: https://github.com/kubernetes-sigs/controller-tools/blob/d0e03a142d0ecdd5491593e941ee1d6b5d91dba6/pkg/crd/known_types.go#L106-L111' - x-kubernetes-preserve-unknown-fields: true - required: - - name - - value - type: object - type: array - type: object required: - class - name @@ -3887,7 +3412,6 @@ spec: important. type: string required: - - lastTransitionTime - status - type type: object @@ -3939,49 +3463,32 @@ spec: type: string type: object type: object - served: true - storage: true + served: false + storage: false subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.13.0 - creationTimestamp: null - labels: - cluster.x-k8s.io/provider: cluster-api - clusterctl.cluster.x-k8s.io: "" - name: extensionconfigs.runtime.cluster.x-k8s.io -spec: - group: runtime.cluster.x-k8s.io - names: - categories: - - cluster-api - kind: ExtensionConfig - listKind: ExtensionConfigList - plural: extensionconfigs - shortNames: - - ext - singular: extensionconfig - scope: Cluster - versions: - additionalPrinterColumns: - - description: Time duration since creation of ExtensionConfig + - description: ClusterClass of this Cluster, empty if the Cluster is not using + a ClusterClass + jsonPath: .spec.topology.class + name: ClusterClass + type: string + - description: Cluster status such as Pending/Provisioning/Provisioned/Deleting/Failed + jsonPath: .status.phase + name: Phase + type: string + - description: Time duration since creation of Cluster jsonPath: .metadata.creationTimestamp name: Age type: date - name: v1alpha1 + - description: Kubernetes version associated with this Cluster + jsonPath: .spec.topology.version + name: Version + type: string + name: v1beta1 schema: openAPIV3Schema: - description: ExtensionConfig is the Schema for the ExtensionConfig API. + description: Cluster is the Schema for the clusters API. properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -3996,379 +3503,3511 @@ spec: metadata: type: object spec: - description: ExtensionConfigSpec is the desired state of the ExtensionConfig + description: ClusterSpec defines the desired state of Cluster. properties: - clientConfig: - description: ClientConfig defines how to communicate with the Extension - server. + clusterNetwork: + description: Cluster network configuration. properties: - caBundle: - description: CABundle is a PEM encoded CA bundle which will be - used to validate the Extension server's server certificate. - format: byte + apiServerPort: + description: APIServerPort specifies the port the API Server should + bind to. Defaults to 6443. + format: int32 + type: integer + pods: + description: The network ranges from which Pod networks are allocated. + properties: + cidrBlocks: + items: + type: string + type: array + required: + - cidrBlocks + type: object + serviceDomain: + description: Domain name for services. type: string - service: - description: "Service is a reference to the Kubernetes service - for the Extension server. Note: Exactly one of `url` or `service` - must be specified. \n If the Extension server is running within - a cluster, then you should use `service`." + services: + description: The network ranges from which service VIPs are allocated. properties: - name: - description: Name is the name of the service. - type: string - namespace: - description: Namespace is the namespace of the service. - type: string - path: - description: Path is an optional URL path and if present may - be any string permissible in a URL. If a path is set it - will be used as prefix to the hook-specific path. - type: string - port: - description: Port is the port on the service that's hosting - the Extension server. Defaults to 443. Port should be a - valid port number (1-65535, inclusive). - format: int32 - type: integer + cidrBlocks: + items: + type: string + type: array required: - - name - - namespace + - cidrBlocks type: object - url: - description: "URL gives the location of the Extension server, - in standard URL form (`scheme://host:port/path`). Note: Exactly - one of `url` or `service` must be specified. \n The scheme must - be \"https\". \n The `host` should not refer to a service running - in the cluster; use the `service` field instead. \n A path is - optional, and if present may be any string permissible in a - URL. If a path is set it will be used as prefix to the hook-specific - path. \n Attempting to use a user or basic auth e.g. \"user:password@\" - is not allowed. Fragments (\"#...\") and query parameters (\"?...\") - are not allowed either." + type: object + controlPlaneEndpoint: + description: ControlPlaneEndpoint represents the endpoint used to + communicate with the control plane. + properties: + host: + description: The hostname on which the API server is serving. type: string + port: + description: The port on which the API server is serving. + format: int32 + type: integer + required: + - host + - port type: object - namespaceSelector: - description: NamespaceSelector decides whether to call the hook for - an object based on whether the namespace for that object matches - the selector. Defaults to the empty LabelSelector, which matches - all objects. + controlPlaneRef: + description: ControlPlaneRef is an optional reference to a provider-specific + resource that holds the details for provisioning the Control Plane + for a Cluster. properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. - type: object + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string type: object x-kubernetes-map-type: atomic - settings: - additionalProperties: - type: string - description: 'Settings defines key value pairs to be passed to all - calls to all supported RuntimeExtensions. Note: Settings can be - overridden on the ClusterClass.' - type: object - required: - - clientConfig - type: object - status: - description: ExtensionConfigStatus is the current state of the ExtensionConfig - properties: - conditions: - description: Conditions define the current service state of the ExtensionConfig. - items: - description: Condition defines an observation of a Cluster API resource - operational state. - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. - type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. - type: string - required: - - lastTransitionTime - - status - - type - type: object - type: array - handlers: - description: Handlers defines the current ExtensionHandlers supported - by an Extension. - items: - description: ExtensionHandler specifies the details of a handler - for a particular runtime hook registered by an Extension server. - properties: - failurePolicy: - description: FailurePolicy defines how failures in calls to - the ExtensionHandler should be handled by a client. Defaults - to Fail if not set. - type: string - name: - description: Name is the unique name of the ExtensionHandler. - type: string - requestHook: - description: RequestHook defines the versioned runtime hook - which this ExtensionHandler serves. - properties: - apiVersion: - description: APIVersion is the group and version of the - Hook. - type: string - hook: - description: Hook is the name of the hook. - type: string - required: - - apiVersion - - hook - type: object - timeoutSeconds: - description: TimeoutSeconds defines the timeout duration for - client calls to the ExtensionHandler. Defaults to 10 is not - set. - format: int32 - type: integer - required: - - name - - requestHook - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.13.0 - creationTimestamp: null - labels: - cluster.x-k8s.io/provider: cluster-api - clusterctl.cluster.x-k8s.io: "" - name: ipaddressclaims.ipam.cluster.x-k8s.io -spec: - group: ipam.cluster.x-k8s.io - names: - categories: - - cluster-api - kind: IPAddressClaim - listKind: IPAddressClaimList - plural: ipaddressclaims - singular: ipaddressclaim - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: Name of the pool to allocate an address from - jsonPath: .spec.poolRef.name - name: Pool Name - type: string - - description: Kind of the pool to allocate an address from - jsonPath: .spec.poolRef.kind - name: Pool Kind - type: string - - description: Time duration since creation of IPAdressClaim - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: IPAddressClaim is the Schema for the ipaddressclaim API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: IPAddressClaimSpec is the desired state of an IPAddressClaim. - properties: - poolRef: - description: PoolRef is a reference to the pool from which an IP address - should be created. + infrastructureRef: + description: InfrastructureRef is a reference to a provider-specific + resource that holds the details for provisioning infrastructure + for a cluster in said provider. properties: - apiGroup: - description: APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in - the core API group. For any other third-party types, APIGroup - is required. + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' type: string kind: - description: Kind is the type of resource being referenced + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string name: - description: Name is the name of resource being referenced + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string - required: - - kind - - name type: object x-kubernetes-map-type: atomic - required: - - poolRef - type: object - status: - description: IPAddressClaimStatus is the observed status of a IPAddressClaim. - properties: - addressRef: - description: AddressRef is a reference to the address that was created - for this claim. + paused: + description: Paused can be used to prevent controllers from processing + the Cluster and all its associated objects. + type: boolean + topology: + description: 'This encapsulates the topology for the cluster. NOTE: + It is required to enable the ClusterTopology feature gate flag to + activate managed topologies support; this feature is highly experimental, + and parts of it might still be not implemented.' properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + class: + description: The name of the ClusterClass object to create the + topology. type: string - type: object - x-kubernetes-map-type: atomic - conditions: - description: Conditions summarises the current state of the IPAddressClaim - items: - description: Condition defines an observation of a Cluster API resource - operational state. - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. - type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. - type: string - required: - - lastTransitionTime - - status - - type - type: object - type: array - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - description: Name of the pool to allocate an address from - jsonPath: .spec.poolRef.name + controlPlane: + description: ControlPlane describes the cluster control plane. + properties: + machineHealthCheck: + description: MachineHealthCheck allows to enable, disable + and override the MachineHealthCheck configuration in the + ClusterClass for this control plane. + properties: + enable: + description: "Enable controls if a MachineHealthCheck + should be created for the target machines. \n If false: + No MachineHealthCheck will be created. \n If not set(default): + A MachineHealthCheck will be created if it is defined + here or in the associated ClusterClass. If no MachineHealthCheck + is defined then none will be created. \n If true: A + MachineHealthCheck is guaranteed to be created. Cluster + validation will block if `enable` is true and no MachineHealthCheck + definition is available." + type: boolean + maxUnhealthy: + anyOf: + - type: integer + - type: string + description: Any further remediation is only allowed if + at most "MaxUnhealthy" machines selected by "selector" + are not healthy. + x-kubernetes-int-or-string: true + nodeStartupTimeout: + description: Machines older than this duration without + a node will be considered to have failed and will be + remediated. If you wish to disable this feature, set + the value explicitly to 0. + type: string + remediationTemplate: + description: "RemediationTemplate is a reference to a + remediation template provided by an infrastructure provider. + \n This field is completely optional, when filled, the + MachineHealthCheck controller creates a new object from + the template referenced and hands off remediation of + the machine to a controller that lives outside of Cluster + API." + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only + to have some well-defined way of referencing a part + of an object. TODO: this design is not final and + this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + unhealthyConditions: + description: UnhealthyConditions contains a list of the + conditions that determine whether a node is considered + unhealthy. The conditions are combined in a logical + OR, i.e. if any of the conditions is met, the node is + unhealthy. + items: + description: UnhealthyCondition represents a Node condition + type and value with a timeout specified as a duration. When + the named condition has been in the given status for + at least the timeout value, a node is considered unhealthy. + properties: + status: + minLength: 1 + type: string + timeout: + type: string + type: + minLength: 1 + type: string + required: + - status + - timeout + - type + type: object + type: array + unhealthyRange: + description: 'Any further remediation is only allowed + if the number of machines selected by "selector" as + not healthy is within the range of "UnhealthyRange". + Takes precedence over MaxUnhealthy. Eg. "[3-5]" - This + means that remediation will be allowed only when: (a) + there are at least 3 unhealthy machines (and) (b) there + are at most 5 unhealthy machines' + pattern: ^\[[0-9]+-[0-9]+\]$ + type: string + type: object + metadata: + description: Metadata is the metadata applied to the ControlPlane + and the Machines of the ControlPlane if the ControlPlaneTemplate + referenced by the ClusterClass is machine based. If not, + it is applied only to the ControlPlane. At runtime this + metadata is merged with the corresponding metadata from + the ClusterClass. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value + map stored with a resource that may be set by external + tools to store and retrieve arbitrary metadata. They + are not queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + nodeDeletionTimeout: + description: NodeDeletionTimeout defines how long the controller + will attempt to delete the Node that the Machine hosts after + the Machine is marked for deletion. A duration of 0 will + retry deletion indefinitely. Defaults to 10 seconds. + type: string + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time + that the controller will spend on draining a node. The default + value is 0, meaning that the node can be drained without + any time limitations. NOTE: NodeDrainTimeout is different + from `kubectl drain --timeout`' + type: string + nodeVolumeDetachTimeout: + description: NodeVolumeDetachTimeout is the total amount of + time that the controller will spend on waiting for all volumes + to be detached. The default value is 0, meaning that the + volumes can be detached without any time limitations. + type: string + replicas: + description: Replicas is the number of control plane nodes. + If the value is nil, the ControlPlane object is created + without the number of Replicas and it's assumed that the + control plane controller does not implement support for + this field. When specified against a control plane provider + that lacks support for this field, this value will be ignored. + format: int32 + type: integer + type: object + rolloutAfter: + description: "RolloutAfter performs a rollout of the entire cluster + one component at a time, control plane first and then machine + deployments. \n Deprecated: This field has no function and is + going to be removed in the next apiVersion." + format: date-time + type: string + variables: + description: Variables can be used to customize the Cluster through + patches. They must comply to the corresponding VariableClasses + defined in the ClusterClass. + items: + description: ClusterVariable can be used to customize the Cluster + through patches. Each ClusterVariable is associated with a + Variable definition in the ClusterClass `status` variables. + properties: + definitionFrom: + description: 'DefinitionFrom specifies where the definition + of this Variable is from. DefinitionFrom is `inline` when + the definition is from the ClusterClass `.spec.variables` + or the name of a patch defined in the ClusterClass `.spec.patches` + where the patch is external and provides external variables. + This field is mandatory if the variable has `DefinitionsConflict: + true` in ClusterClass `status.variables[]`' + type: string + name: + description: Name of the variable. + type: string + value: + description: 'Value of the variable. Note: the value will + be validated against the schema of the corresponding ClusterClassVariable + from the ClusterClass. Note: We have to use apiextensionsv1.JSON + instead of a custom JSON type, because controller-tools + has a hard-coded schema for apiextensionsv1.JSON which + cannot be produced by another type via controller-tools, + i.e. it is not possible to have no type field. Ref: https://github.com/kubernetes-sigs/controller-tools/blob/d0e03a142d0ecdd5491593e941ee1d6b5d91dba6/pkg/crd/known_types.go#L106-L111' + x-kubernetes-preserve-unknown-fields: true + required: + - name + - value + type: object + type: array + version: + description: The Kubernetes version of the cluster. + type: string + workers: + description: Workers encapsulates the different constructs that + form the worker nodes for the cluster. + properties: + machineDeployments: + description: MachineDeployments is a list of machine deployments + in the cluster. + items: + description: MachineDeploymentTopology specifies the different + parameters for a set of worker nodes in the topology. + This set of nodes is managed by a MachineDeployment object + whose lifecycle is managed by the Cluster controller. + properties: + class: + description: Class is the name of the MachineDeploymentClass + used to create the set of worker nodes. This should + match one of the deployment classes defined in the + ClusterClass object mentioned in the `Cluster.Spec.Class` + field. + type: string + failureDomain: + description: FailureDomain is the failure domain the + machines will be created in. Must match a key in the + FailureDomains map stored on the cluster object. + type: string + machineHealthCheck: + description: MachineHealthCheck allows to enable, disable + and override the MachineHealthCheck configuration + in the ClusterClass for this MachineDeployment. + properties: + enable: + description: "Enable controls if a MachineHealthCheck + should be created for the target machines. \n + If false: No MachineHealthCheck will be created. + \n If not set(default): A MachineHealthCheck will + be created if it is defined here or in the associated + ClusterClass. If no MachineHealthCheck is defined + then none will be created. \n If true: A MachineHealthCheck + is guaranteed to be created. Cluster validation + will block if `enable` is true and no MachineHealthCheck + definition is available." + type: boolean + maxUnhealthy: + anyOf: + - type: integer + - type: string + description: Any further remediation is only allowed + if at most "MaxUnhealthy" machines selected by + "selector" are not healthy. + x-kubernetes-int-or-string: true + nodeStartupTimeout: + description: Machines older than this duration without + a node will be considered to have failed and will + be remediated. If you wish to disable this feature, + set the value explicitly to 0. + type: string + remediationTemplate: + description: "RemediationTemplate is a reference + to a remediation template provided by an infrastructure + provider. \n This field is completely optional, + when filled, the MachineHealthCheck controller + creates a new object from the template referenced + and hands off remediation of the machine to a + controller that lives outside of Cluster API." + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an + object instead of an entire object, this string + should contain a valid JSON/Go field access + statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to + a container within a pod, this would take + on a value like: "spec.containers{name}" (where + "name" refers to the name of the container + that triggered the event) or if no container + name is specified "spec.containers[2]" (container + with index 2 in this pod). This syntax is + chosen only to have some well-defined way + of referencing a part of an object. TODO: + this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which + this reference is made, if any. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + unhealthyConditions: + description: UnhealthyConditions contains a list + of the conditions that determine whether a node + is considered unhealthy. The conditions are combined + in a logical OR, i.e. if any of the conditions + is met, the node is unhealthy. + items: + description: UnhealthyCondition represents a Node + condition type and value with a timeout specified + as a duration. When the named condition has + been in the given status for at least the timeout + value, a node is considered unhealthy. + properties: + status: + minLength: 1 + type: string + timeout: + type: string + type: + minLength: 1 + type: string + required: + - status + - timeout + - type + type: object + type: array + unhealthyRange: + description: 'Any further remediation is only allowed + if the number of machines selected by "selector" + as not healthy is within the range of "UnhealthyRange". + Takes precedence over MaxUnhealthy. Eg. "[3-5]" + - This means that remediation will be allowed + only when: (a) there are at least 3 unhealthy + machines (and) (b) there are at most 5 unhealthy + machines' + pattern: ^\[[0-9]+-[0-9]+\]$ + type: string + type: object + metadata: + description: Metadata is the metadata applied to the + MachineDeployment and the machines of the MachineDeployment. + At runtime this metadata is merged with the corresponding + metadata from the ClusterClass. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key + value map stored with a resource that may be set + by external tools to store and retrieve arbitrary + metadata. They are not queryable and should be + preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that + can be used to organize and categorize (scope + and select) objects. May match selectors of replication + controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + minReadySeconds: + description: Minimum number of seconds for which a newly + created machine should be ready. Defaults to 0 (machine + will be considered available as soon as it is ready) + format: int32 + type: integer + name: + description: Name is the unique identifier for this + MachineDeploymentTopology. The value is used with + other unique identifiers to create a MachineDeployment's + Name (e.g. cluster's name, etc). In case the name + is greater than the allowed maximum length, the values + are hashed together. + type: string + nodeDeletionTimeout: + description: NodeDeletionTimeout defines how long the + controller will attempt to delete the Node that the + Machine hosts after the Machine is marked for deletion. + A duration of 0 will retry deletion indefinitely. + Defaults to 10 seconds. + type: string + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of + time that the controller will spend on draining a + node. The default value is 0, meaning that the node + can be drained without any time limitations. NOTE: + NodeDrainTimeout is different from `kubectl drain + --timeout`' + type: string + nodeVolumeDetachTimeout: + description: NodeVolumeDetachTimeout is the total amount + of time that the controller will spend on waiting + for all volumes to be detached. The default value + is 0, meaning that the volumes can be detached without + any time limitations. + type: string + replicas: + description: Replicas is the number of worker nodes + belonging to this set. If the value is nil, the MachineDeployment + is created without the number of Replicas (defaulting + to 1) and it's assumed that an external entity (like + cluster autoscaler) is responsible for the management + of this value. + format: int32 + type: integer + strategy: + description: The deployment strategy to use to replace + existing machines with new ones. + properties: + rollingUpdate: + description: Rolling update config params. Present + only if MachineDeploymentStrategyType = RollingUpdate. + properties: + deletePolicy: + description: DeletePolicy defines the policy + used by the MachineDeployment to identify + nodes to delete when downscaling. Valid values + are "Random, "Newest", "Oldest" When no value + is supplied, the default DeletePolicy of MachineSet + is used + enum: + - Random + - Newest + - Oldest + type: string + maxSurge: + anyOf: + - type: integer + - type: string + description: 'The maximum number of machines + that can be scheduled above the desired number + of machines. Value can be an absolute number + (ex: 5) or a percentage of desired machines + (ex: 10%). This can not be 0 if MaxUnavailable + is 0. Absolute number is calculated from percentage + by rounding up. Defaults to 1. Example: when + this is set to 30%, the new MachineSet can + be scaled up immediately when the rolling + update starts, such that the total number + of old and new machines do not exceed 130% + of desired machines. Once old machines have + been killed, new MachineSet can be scaled + up further, ensuring that total number of + machines running at any time during the update + is at most 130% of desired machines.' + x-kubernetes-int-or-string: true + maxUnavailable: + anyOf: + - type: integer + - type: string + description: 'The maximum number of machines + that can be unavailable during the update. + Value can be an absolute number (ex: 5) or + a percentage of desired machines (ex: 10%). + Absolute number is calculated from percentage + by rounding down. This can not be 0 if MaxSurge + is 0. Defaults to 0. Example: when this is + set to 30%, the old MachineSet can be scaled + down to 70% of desired machines immediately + when the rolling update starts. Once new machines + are ready, old MachineSet can be scaled down + further, followed by scaling up the new MachineSet, + ensuring that the total number of machines + available at all times during the update is + at least 70% of desired machines.' + x-kubernetes-int-or-string: true + type: object + type: + description: Type of deployment. Allowed values + are RollingUpdate and OnDelete. The default is + RollingUpdate. + enum: + - RollingUpdate + - OnDelete + type: string + type: object + variables: + description: Variables can be used to customize the + MachineDeployment through patches. + properties: + overrides: + description: Overrides can be used to override Cluster + level variables. + items: + description: ClusterVariable can be used to customize + the Cluster through patches. Each ClusterVariable + is associated with a Variable definition in + the ClusterClass `status` variables. + properties: + definitionFrom: + description: 'DefinitionFrom specifies where + the definition of this Variable is from. + DefinitionFrom is `inline` when the definition + is from the ClusterClass `.spec.variables` + or the name of a patch defined in the ClusterClass + `.spec.patches` where the patch is external + and provides external variables. This field + is mandatory if the variable has `DefinitionsConflict: + true` in ClusterClass `status.variables[]`' + type: string + name: + description: Name of the variable. + type: string + value: + description: 'Value of the variable. Note: + the value will be validated against the + schema of the corresponding ClusterClassVariable + from the ClusterClass. Note: We have to + use apiextensionsv1.JSON instead of a custom + JSON type, because controller-tools has + a hard-coded schema for apiextensionsv1.JSON + which cannot be produced by another type + via controller-tools, i.e. it is not possible + to have no type field. Ref: https://github.com/kubernetes-sigs/controller-tools/blob/d0e03a142d0ecdd5491593e941ee1d6b5d91dba6/pkg/crd/known_types.go#L106-L111' + x-kubernetes-preserve-unknown-fields: true + required: + - name + - value + type: object + type: array + type: object + required: + - class + - name + type: object + type: array + machinePools: + description: MachinePools is a list of machine pools in the + cluster. + items: + description: MachinePoolTopology specifies the different + parameters for a pool of worker nodes in the topology. + This pool of nodes is managed by a MachinePool object + whose lifecycle is managed by the Cluster controller. + properties: + class: + description: Class is the name of the MachinePoolClass + used to create the pool of worker nodes. This should + match one of the deployment classes defined in the + ClusterClass object mentioned in the `Cluster.Spec.Class` + field. + type: string + failureDomains: + description: FailureDomains is the list of failure domains + the machine pool will be created in. Must match a + key in the FailureDomains map stored on the cluster + object. + items: + type: string + type: array + metadata: + description: Metadata is the metadata applied to the + MachinePool. At runtime this metadata is merged with + the corresponding metadata from the ClusterClass. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key + value map stored with a resource that may be set + by external tools to store and retrieve arbitrary + metadata. They are not queryable and should be + preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that + can be used to organize and categorize (scope + and select) objects. May match selectors of replication + controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + minReadySeconds: + description: Minimum number of seconds for which a newly + created machine pool should be ready. Defaults to + 0 (machine will be considered available as soon as + it is ready) + format: int32 + type: integer + name: + description: Name is the unique identifier for this + MachinePoolTopology. The value is used with other + unique identifiers to create a MachinePool's Name + (e.g. cluster's name, etc). In case the name is greater + than the allowed maximum length, the values are hashed + together. + type: string + nodeDeletionTimeout: + description: NodeDeletionTimeout defines how long the + controller will attempt to delete the Node that the + MachinePool hosts after the MachinePool is marked + for deletion. A duration of 0 will retry deletion + indefinitely. Defaults to 10 seconds. + type: string + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of + time that the controller will spend on draining a + node. The default value is 0, meaning that the node + can be drained without any time limitations. NOTE: + NodeDrainTimeout is different from `kubectl drain + --timeout`' + type: string + nodeVolumeDetachTimeout: + description: NodeVolumeDetachTimeout is the total amount + of time that the controller will spend on waiting + for all volumes to be detached. The default value + is 0, meaning that the volumes can be detached without + any time limitations. + type: string + replicas: + description: Replicas is the number of nodes belonging + to this pool. If the value is nil, the MachinePool + is created without the number of Replicas (defaulting + to 1) and it's assumed that an external entity (like + cluster autoscaler) is responsible for the management + of this value. + format: int32 + type: integer + variables: + description: Variables can be used to customize the + MachinePool through patches. + properties: + overrides: + description: Overrides can be used to override Cluster + level variables. + items: + description: ClusterVariable can be used to customize + the Cluster through patches. Each ClusterVariable + is associated with a Variable definition in + the ClusterClass `status` variables. + properties: + definitionFrom: + description: 'DefinitionFrom specifies where + the definition of this Variable is from. + DefinitionFrom is `inline` when the definition + is from the ClusterClass `.spec.variables` + or the name of a patch defined in the ClusterClass + `.spec.patches` where the patch is external + and provides external variables. This field + is mandatory if the variable has `DefinitionsConflict: + true` in ClusterClass `status.variables[]`' + type: string + name: + description: Name of the variable. + type: string + value: + description: 'Value of the variable. Note: + the value will be validated against the + schema of the corresponding ClusterClassVariable + from the ClusterClass. Note: We have to + use apiextensionsv1.JSON instead of a custom + JSON type, because controller-tools has + a hard-coded schema for apiextensionsv1.JSON + which cannot be produced by another type + via controller-tools, i.e. it is not possible + to have no type field. Ref: https://github.com/kubernetes-sigs/controller-tools/blob/d0e03a142d0ecdd5491593e941ee1d6b5d91dba6/pkg/crd/known_types.go#L106-L111' + x-kubernetes-preserve-unknown-fields: true + required: + - name + - value + type: object + type: array + type: object + required: + - class + - name + type: object + type: array + type: object + required: + - class + - version + type: object + type: object + status: + description: ClusterStatus defines the observed state of Cluster. + properties: + conditions: + description: Conditions defines current service state of the cluster. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + controlPlaneReady: + description: ControlPlaneReady defines if the control plane is ready. + type: boolean + failureDomains: + additionalProperties: + description: FailureDomainSpec is the Schema for Cluster API failure + domains. It allows controllers to understand how many failure + domains a cluster can optionally span across. + properties: + attributes: + additionalProperties: + type: string + description: Attributes is a free form map of attributes an + infrastructure provider might use or require. + type: object + controlPlane: + description: ControlPlane determines if this failure domain + is suitable for use by control plane machines. + type: boolean + type: object + description: FailureDomains is a slice of failure domain objects synced + from the infrastructure provider. + type: object + failureMessage: + description: FailureMessage indicates that there is a fatal problem + reconciling the state, and will be set to a descriptive error message. + type: string + failureReason: + description: FailureReason indicates that there is a fatal problem + reconciling the state, and will be set to a token value suitable + for programmatic interpretation. + type: string + infrastructureReady: + description: InfrastructureReady is the state of the infrastructure + provider. + type: boolean + observedGeneration: + description: ObservedGeneration is the latest generation observed + by the controller. + format: int64 + type: integer + phase: + description: Phase represents the current phase of cluster actuation. + E.g. Pending, Running, Terminating, Failed etc. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: cluster-api + clusterctl.cluster.x-k8s.io: "" + name: extensionconfigs.runtime.cluster.x-k8s.io +spec: + group: runtime.cluster.x-k8s.io + names: + categories: + - cluster-api + kind: ExtensionConfig + listKind: ExtensionConfigList + plural: extensionconfigs + shortNames: + - ext + singular: extensionconfig + scope: Cluster + versions: + - additionalPrinterColumns: + - description: Time duration since creation of ExtensionConfig + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: ExtensionConfig is the Schema for the ExtensionConfig API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ExtensionConfigSpec is the desired state of the ExtensionConfig + properties: + clientConfig: + description: ClientConfig defines how to communicate with the Extension + server. + properties: + caBundle: + description: CABundle is a PEM encoded CA bundle which will be + used to validate the Extension server's server certificate. + format: byte + type: string + service: + description: "Service is a reference to the Kubernetes service + for the Extension server. Note: Exactly one of `url` or `service` + must be specified. \n If the Extension server is running within + a cluster, then you should use `service`." + properties: + name: + description: Name is the name of the service. + type: string + namespace: + description: Namespace is the namespace of the service. + type: string + path: + description: Path is an optional URL path and if present may + be any string permissible in a URL. If a path is set it + will be used as prefix to the hook-specific path. + type: string + port: + description: Port is the port on the service that's hosting + the Extension server. Defaults to 443. Port should be a + valid port number (1-65535, inclusive). + format: int32 + type: integer + required: + - name + - namespace + type: object + url: + description: "URL gives the location of the Extension server, + in standard URL form (`scheme://host:port/path`). Note: Exactly + one of `url` or `service` must be specified. \n The scheme must + be \"https\". \n The `host` should not refer to a service running + in the cluster; use the `service` field instead. \n A path is + optional, and if present may be any string permissible in a + URL. If a path is set it will be used as prefix to the hook-specific + path. \n Attempting to use a user or basic auth e.g. \"user:password@\" + is not allowed. Fragments (\"#...\") and query parameters (\"?...\") + are not allowed either." + type: string + type: object + namespaceSelector: + description: NamespaceSelector decides whether to call the hook for + an object based on whether the namespace for that object matches + the selector. Defaults to the empty LabelSelector, which matches + all objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + settings: + additionalProperties: + type: string + description: 'Settings defines key value pairs to be passed to all + calls to all supported RuntimeExtensions. Note: Settings can be + overridden on the ClusterClass.' + type: object + required: + - clientConfig + type: object + status: + description: ExtensionConfigStatus is the current state of the ExtensionConfig + properties: + conditions: + description: Conditions define the current service state of the ExtensionConfig. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + handlers: + description: Handlers defines the current ExtensionHandlers supported + by an Extension. + items: + description: ExtensionHandler specifies the details of a handler + for a particular runtime hook registered by an Extension server. + properties: + failurePolicy: + description: FailurePolicy defines how failures in calls to + the ExtensionHandler should be handled by a client. Defaults + to Fail if not set. + type: string + name: + description: Name is the unique name of the ExtensionHandler. + type: string + requestHook: + description: RequestHook defines the versioned runtime hook + which this ExtensionHandler serves. + properties: + apiVersion: + description: APIVersion is the group and version of the + Hook. + type: string + hook: + description: Hook is the name of the hook. + type: string + required: + - apiVersion + - hook + type: object + timeoutSeconds: + description: TimeoutSeconds defines the timeout duration for + client calls to the ExtensionHandler. Defaults to 10 is not + set. + format: int32 + type: integer + required: + - name + - requestHook + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: cluster-api + clusterctl.cluster.x-k8s.io: "" + name: ipaddressclaims.ipam.cluster.x-k8s.io +spec: + group: ipam.cluster.x-k8s.io + names: + categories: + - cluster-api + kind: IPAddressClaim + listKind: IPAddressClaimList + plural: ipaddressclaims + singular: ipaddressclaim + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Name of the pool to allocate an address from + jsonPath: .spec.poolRef.name + name: Pool Name + type: string + - description: Kind of the pool to allocate an address from + jsonPath: .spec.poolRef.kind + name: Pool Kind + type: string + - description: Time duration since creation of IPAdressClaim + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: IPAddressClaim is the Schema for the ipaddressclaim API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: IPAddressClaimSpec is the desired state of an IPAddressClaim. + properties: + poolRef: + description: PoolRef is a reference to the pool from which an IP address + should be created. + properties: + apiGroup: + description: APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in + the core API group. For any other third-party types, APIGroup + is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + required: + - poolRef + type: object + status: + description: IPAddressClaimStatus is the observed status of a IPAddressClaim. + properties: + addressRef: + description: AddressRef is a reference to the address that was created + for this claim. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + conditions: + description: Conditions summarises the current state of the IPAddressClaim + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Name of the pool to allocate an address from + jsonPath: .spec.poolRef.name + name: Pool Name + type: string + - description: Kind of the pool to allocate an address from + jsonPath: .spec.poolRef.kind + name: Pool Kind + type: string + - description: Time duration since creation of IPAdressClaim + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: IPAddressClaim is the Schema for the ipaddressclaim API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: IPAddressClaimSpec is the desired state of an IPAddressClaim. + properties: + poolRef: + description: PoolRef is a reference to the pool from which an IP address + should be created. + properties: + apiGroup: + description: APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in + the core API group. For any other third-party types, APIGroup + is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + required: + - poolRef + type: object + status: + description: IPAddressClaimStatus is the observed status of a IPAddressClaim. + properties: + addressRef: + description: AddressRef is a reference to the address that was created + for this claim. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + conditions: + description: Conditions summarises the current state of the IPAddressClaim + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: cluster-api + clusterctl.cluster.x-k8s.io: "" + name: ipaddresses.ipam.cluster.x-k8s.io +spec: + group: ipam.cluster.x-k8s.io + names: + categories: + - cluster-api + kind: IPAddress + listKind: IPAddressList + plural: ipaddresses + singular: ipaddress + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Address + jsonPath: .spec.address + name: Address + type: string + - description: Name of the pool the address is from + jsonPath: .spec.poolRef.name + name: Pool Name + type: string + - description: Kind of the pool the address is from + jsonPath: .spec.poolRef.kind + name: Pool Kind + type: string + - description: Time duration since creation of IPAdress + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: IPAddress is the Schema for the ipaddress API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: IPAddressSpec is the desired state of an IPAddress. + properties: + address: + description: Address is the IP address. + type: string + claimRef: + description: ClaimRef is a reference to the claim this IPAddress was + created for. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + gateway: + description: Gateway is the network gateway of the network the address + is from. + type: string + poolRef: + description: PoolRef is a reference to the pool that this IPAddress + was created from. + properties: + apiGroup: + description: APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in + the core API group. For any other third-party types, APIGroup + is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + prefix: + description: Prefix is the prefix of the address. + type: integer + required: + - address + - claimRef + - poolRef + - prefix + type: object + type: object + served: true + storage: false + subresources: {} + - additionalPrinterColumns: + - description: Address + jsonPath: .spec.address + name: Address + type: string + - description: Name of the pool the address is from + jsonPath: .spec.poolRef.name name: Pool Name type: string - - description: Kind of the pool to allocate an address from - jsonPath: .spec.poolRef.kind - name: Pool Kind + - description: Kind of the pool the address is from + jsonPath: .spec.poolRef.kind + name: Pool Kind + type: string + - description: Time duration since creation of IPAdress + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: IPAddress is the Schema for the ipaddress API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: IPAddressSpec is the desired state of an IPAddress. + properties: + address: + description: Address is the IP address. + type: string + claimRef: + description: ClaimRef is a reference to the claim this IPAddress was + created for. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + gateway: + description: Gateway is the network gateway of the network the address + is from. + type: string + poolRef: + description: PoolRef is a reference to the pool that this IPAddress + was created from. + properties: + apiGroup: + description: APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in + the core API group. For any other third-party types, APIGroup + is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + prefix: + description: Prefix is the prefix of the address. + type: integer + required: + - address + - claimRef + - poolRef + - prefix + type: object + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: capi-system/capi-serving-cert + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: cluster-api + clusterctl.cluster.x-k8s.io: "" + name: machinedeployments.cluster.x-k8s.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + caBundle: Cg== + service: + name: capi-webhook-service + namespace: capi-system + path: /convert + conversionReviewVersions: + - v1 + - v1beta1 + group: cluster.x-k8s.io + names: + categories: + - cluster-api + kind: MachineDeployment + listKind: MachineDeploymentList + plural: machinedeployments + shortNames: + - md + singular: machinedeployment + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: MachineDeployment status such as ScalingUp/ScalingDown/Running/Failed/Unknown + jsonPath: .status.phase + name: Phase + type: string + - description: Total number of non-terminated machines targeted by this MachineDeployment + jsonPath: .status.replicas + name: Replicas + type: integer + - description: Total number of ready machines targeted by this MachineDeployment + jsonPath: .status.readyReplicas + name: Ready + type: integer + - description: Total number of non-terminated machines targeted by this deployment + that have the desired template spec + jsonPath: .status.updatedReplicas + name: Updated + type: integer + - description: Total number of unavailable machines targeted by this MachineDeployment + jsonPath: .status.unavailableReplicas + name: Unavailable + type: integer + deprecated: true + name: v1alpha3 + schema: + openAPIV3Schema: + description: "MachineDeployment is the Schema for the machinedeployments API. + \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MachineDeploymentSpec defines the desired state of MachineDeployment. + properties: + clusterName: + description: ClusterName is the name of the Cluster this object belongs + to. + minLength: 1 + type: string + minReadySeconds: + description: Minimum number of seconds for which a newly created machine + should be ready. Defaults to 0 (machine will be considered available + as soon as it is ready) + format: int32 + type: integer + paused: + description: Indicates that the deployment is paused. + type: boolean + progressDeadlineSeconds: + description: The maximum time in seconds for a deployment to make + progress before it is considered to be failed. The deployment controller + will continue to process failed deployments and a condition with + a ProgressDeadlineExceeded reason will be surfaced in the deployment + status. Note that progress will not be estimated during the time + a deployment is paused. Defaults to 600s. + format: int32 + type: integer + replicas: + description: Number of desired machines. Defaults to 1. This is a + pointer to distinguish between explicit zero and not specified. + format: int32 + type: integer + revisionHistoryLimit: + description: The number of old MachineSets to retain to allow rollback. + This is a pointer to distinguish between explicit zero and not specified. + Defaults to 1. + format: int32 + type: integer + selector: + description: Label selector for machines. Existing MachineSets whose + machines are selected by this will be the ones affected by this + deployment. It must match the machine template's labels. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + strategy: + description: The deployment strategy to use to replace existing machines + with new ones. + properties: + rollingUpdate: + description: Rolling update config params. Present only if MachineDeploymentStrategyType + = RollingUpdate. + properties: + maxSurge: + anyOf: + - type: integer + - type: string + description: 'The maximum number of machines that can be scheduled + above the desired number of machines. Value can be an absolute + number (ex: 5) or a percentage of desired machines (ex: + 10%). This can not be 0 if MaxUnavailable is 0. Absolute + number is calculated from percentage by rounding up. Defaults + to 1. Example: when this is set to 30%, the new MachineSet + can be scaled up immediately when the rolling update starts, + such that the total number of old and new machines do not + exceed 130% of desired machines. Once old machines have + been killed, new MachineSet can be scaled up further, ensuring + that total number of machines running at any time during + the update is at most 130% of desired machines.' + x-kubernetes-int-or-string: true + maxUnavailable: + anyOf: + - type: integer + - type: string + description: 'The maximum number of machines that can be unavailable + during the update. Value can be an absolute number (ex: + 5) or a percentage of desired machines (ex: 10%). Absolute + number is calculated from percentage by rounding down. This + can not be 0 if MaxSurge is 0. Defaults to 0. Example: when + this is set to 30%, the old MachineSet can be scaled down + to 70% of desired machines immediately when the rolling + update starts. Once new machines are ready, old MachineSet + can be scaled down further, followed by scaling up the new + MachineSet, ensuring that the total number of machines available + at all times during the update is at least 70% of desired + machines.' + x-kubernetes-int-or-string: true + type: object + type: + description: Type of deployment. Currently the only supported + strategy is "RollingUpdate". Default is RollingUpdate. + type: string + type: object + template: + description: Template describes the machines that will be created. + properties: + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not queryable + and should be preserved when modifying objects. More info: + http://kubernetes.io/docs/user-guide/annotations' + type: object + generateName: + description: "GenerateName is an optional prefix, used by + the server, to generate a unique name ONLY IF the Name field + has not been provided. If this field is used, the name returned + to the client will be different than the name passed. This + value will also be combined with a unique suffix. The provided + value has the same validation rules as the Name field, and + may be truncated by the length of the suffix required to + make the value unique on the server. \n If this field is + specified and the generated name exists, the server will + NOT return a 409 - instead, it will either return 201 Created + or 500 with Reason ServerTimeout indicating a unique name + could not be found in the time allotted, and the client + should retry (optionally after the time indicated in the + Retry-After header). \n Applied only if Name is not specified. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency + \n Deprecated: This field has no function and is going to + be removed in a next release." + type: string + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used + to organize and categorize (scope and select) objects. May + match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: "Name must be unique within a namespace. Is required + when creating resources, although some resources may allow + a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence + and configuration definition. Cannot be updated. More info: + http://kubernetes.io/docs/user-guide/identifiers#names \n + Deprecated: This field has no function and is going to be + removed in a next release." + type: string + namespace: + description: "Namespace defines the space within each name + must be unique. An empty namespace is equivalent to the + \"default\" namespace, but \"default\" is the canonical + representation. Not all objects are required to be scoped + to a namespace - the value of this field for those objects + will be empty. \n Must be a DNS_LABEL. Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/namespaces + \n Deprecated: This field has no function and is going to + be removed in a next release." + type: string + ownerReferences: + description: "List of objects depended by this object. If + ALL objects in the list have been deleted, this object will + be garbage collected. If this object is managed by a controller, + then an entry in this list will point to this controller, + with the controller field set to true. There cannot be more + than one managing controller. \n Deprecated: This field + has no function and is going to be removed in a next release." + items: + description: OwnerReference contains enough information + to let you identify an owning object. An owning object + must be in the same namespace as the dependent, or be + cluster-scoped, so there is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from the + key-value store until this reference is removed. See + https://kubernetes.io/docs/concepts/architecture/garbage-collection/#foreground-deletion + for how the garbage collector interacts with this + field and enforces the foreground deletion. Defaults + to false. To set this field, a user needs "delete" + permission of the owner, otherwise 422 (Unprocessable + Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing + controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: object + x-kubernetes-map-type: atomic + type: array + type: object + spec: + description: 'Specification of the desired behavior of the machine. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + bootstrap: + description: Bootstrap is a reference to a local struct which + encapsulates fields to configure the Machine’s bootstrapping + mechanism. + properties: + configRef: + description: ConfigRef is a reference to a bootstrap provider-specific + resource that holds configuration details. The reference + is optional to allow users/operators to specify Bootstrap.Data + without the need of a controller. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only + to have some well-defined way of referencing a part + of an object. TODO: this design is not final and + this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + data: + description: "Data contains the bootstrap data, such as + cloud-init details scripts. If nil, the Machine should + remain in the Pending state. \n Deprecated: Switch to + DataSecretName." + type: string + dataSecretName: + description: DataSecretName is the name of the secret + that stores the bootstrap data script. If nil, the Machine + should remain in the Pending state. + type: string + type: object + clusterName: + description: ClusterName is the name of the Cluster this object + belongs to. + minLength: 1 + type: string + failureDomain: + description: FailureDomain is the failure domain the machine + will be created in. Must match a key in the FailureDomains + map stored on the cluster object. + type: string + infrastructureRef: + description: InfrastructureRef is a required reference to + a custom resource offered by an infrastructure provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that + triggered the event) or if no container name is specified + "spec.containers[2]" (container with index 2 in this + pod). This syntax is chosen only to have some well-defined + way of referencing a part of an object. TODO: this design + is not final and this field is subject to change in + the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time + that the controller will spend on draining a node. The default + value is 0, meaning that the node can be drained without + any time limitations. NOTE: NodeDrainTimeout is different + from `kubectl drain --timeout`' + type: string + providerID: + description: ProviderID is the identification ID of the machine + provided by the provider. This field must match the provider + ID as seen on the node object corresponding to this machine. + This field is required by higher level consumers of cluster-api. + Example use case is cluster autoscaler with cluster-api + as provider. Clean-up logic in the autoscaler compares machines + to nodes to find out machines at provider which could not + get registered as Kubernetes nodes. With cluster-api as + a generic out-of-tree provider for autoscaler, this field + is required by autoscaler to be able to have a provider + view of the list of machines. Another list of nodes is queried + from the k8s apiserver and then a comparison is done to + find out unregistered machines and are marked for delete. + This field will be set by the actuators and consumed by + higher level entities like autoscaler that will be interfacing + with cluster-api as generic provider. + type: string + version: + description: Version defines the desired Kubernetes version. + This field is meant to be optionally used by bootstrap providers. + type: string + required: + - bootstrap + - clusterName + - infrastructureRef + type: object + type: object + required: + - clusterName + - selector + - template + type: object + status: + description: MachineDeploymentStatus defines the observed state of MachineDeployment. + properties: + availableReplicas: + description: Total number of available machines (ready for at least + minReadySeconds) targeted by this deployment. + format: int32 + type: integer + observedGeneration: + description: The generation observed by the deployment controller. + format: int64 + type: integer + phase: + description: Phase represents the current phase of a MachineDeployment + (ScalingUp, ScalingDown, Running, Failed, or Unknown). + type: string + readyReplicas: + description: Total number of ready machines targeted by this deployment. + format: int32 + type: integer + replicas: + description: Total number of non-terminated machines targeted by this + deployment (their labels match the selector). + format: int32 + type: integer + selector: + description: 'Selector is the same as the label selector but in the + string format to avoid introspection by clients. The string will + be in the same format as the query-param syntax. More info about + label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors' + type: string + unavailableReplicas: + description: Total number of unavailable machines targeted by this + deployment. This is the total number of machines that are still + required for the deployment to have 100% available capacity. They + may either be machines that are running but not yet available or + machines that still have not been created. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated machines targeted by this + deployment that have the desired template spec. + format: int32 + type: integer + type: object + type: object + served: false + storage: false + subresources: + scale: + labelSelectorPath: .status.selector + specReplicasPath: .spec.replicas + statusReplicasPath: .status.replicas + status: {} + - additionalPrinterColumns: + - description: Cluster + jsonPath: .spec.clusterName + name: Cluster + type: string + - description: Time duration since creation of MachineDeployment + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: MachineDeployment status such as ScalingUp/ScalingDown/Running/Failed/Unknown + jsonPath: .status.phase + name: Phase + type: string + - description: Total number of non-terminated machines targeted by this MachineDeployment + jsonPath: .status.replicas + name: Replicas + type: integer + - description: Total number of ready machines targeted by this MachineDeployment + jsonPath: .status.readyReplicas + name: Ready + type: integer + - description: Total number of non-terminated machines targeted by this deployment + that have the desired template spec + jsonPath: .status.updatedReplicas + name: Updated + type: integer + - description: Total number of unavailable machines targeted by this MachineDeployment + jsonPath: .status.unavailableReplicas + name: Unavailable + type: integer + deprecated: true + name: v1alpha4 + schema: + openAPIV3Schema: + description: "MachineDeployment is the Schema for the machinedeployments API. + \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MachineDeploymentSpec defines the desired state of MachineDeployment. + properties: + clusterName: + description: ClusterName is the name of the Cluster this object belongs + to. + minLength: 1 + type: string + minReadySeconds: + description: Minimum number of seconds for which a newly created machine + should be ready. Defaults to 0 (machine will be considered available + as soon as it is ready) + format: int32 + type: integer + paused: + description: Indicates that the deployment is paused. + type: boolean + progressDeadlineSeconds: + description: The maximum time in seconds for a deployment to make + progress before it is considered to be failed. The deployment controller + will continue to process failed deployments and a condition with + a ProgressDeadlineExceeded reason will be surfaced in the deployment + status. Note that progress will not be estimated during the time + a deployment is paused. Defaults to 600s. + format: int32 + type: integer + replicas: + default: 1 + description: Number of desired machines. Defaults to 1. This is a + pointer to distinguish between explicit zero and not specified. + format: int32 + type: integer + revisionHistoryLimit: + description: The number of old MachineSets to retain to allow rollback. + This is a pointer to distinguish between explicit zero and not specified. + Defaults to 1. + format: int32 + type: integer + selector: + description: Label selector for machines. Existing MachineSets whose + machines are selected by this will be the ones affected by this + deployment. It must match the machine template's labels. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + strategy: + description: The deployment strategy to use to replace existing machines + with new ones. + properties: + rollingUpdate: + description: Rolling update config params. Present only if MachineDeploymentStrategyType + = RollingUpdate. + properties: + deletePolicy: + description: DeletePolicy defines the policy used by the MachineDeployment + to identify nodes to delete when downscaling. Valid values + are "Random, "Newest", "Oldest" When no value is supplied, + the default DeletePolicy of MachineSet is used + enum: + - Random + - Newest + - Oldest + type: string + maxSurge: + anyOf: + - type: integer + - type: string + description: 'The maximum number of machines that can be scheduled + above the desired number of machines. Value can be an absolute + number (ex: 5) or a percentage of desired machines (ex: + 10%). This can not be 0 if MaxUnavailable is 0. Absolute + number is calculated from percentage by rounding up. Defaults + to 1. Example: when this is set to 30%, the new MachineSet + can be scaled up immediately when the rolling update starts, + such that the total number of old and new machines do not + exceed 130% of desired machines. Once old machines have + been killed, new MachineSet can be scaled up further, ensuring + that total number of machines running at any time during + the update is at most 130% of desired machines.' + x-kubernetes-int-or-string: true + maxUnavailable: + anyOf: + - type: integer + - type: string + description: 'The maximum number of machines that can be unavailable + during the update. Value can be an absolute number (ex: + 5) or a percentage of desired machines (ex: 10%). Absolute + number is calculated from percentage by rounding down. This + can not be 0 if MaxSurge is 0. Defaults to 0. Example: when + this is set to 30%, the old MachineSet can be scaled down + to 70% of desired machines immediately when the rolling + update starts. Once new machines are ready, old MachineSet + can be scaled down further, followed by scaling up the new + MachineSet, ensuring that the total number of machines available + at all times during the update is at least 70% of desired + machines.' + x-kubernetes-int-or-string: true + type: object + type: + description: Type of deployment. Default is RollingUpdate. + enum: + - RollingUpdate + - OnDelete + type: string + type: object + template: + description: Template describes the machines that will be created. + properties: + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not queryable + and should be preserved when modifying objects. More info: + http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used + to organize and categorize (scope and select) objects. May + match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: 'Specification of the desired behavior of the machine. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + bootstrap: + description: Bootstrap is a reference to a local struct which + encapsulates fields to configure the Machine’s bootstrapping + mechanism. + properties: + configRef: + description: ConfigRef is a reference to a bootstrap provider-specific + resource that holds configuration details. The reference + is optional to allow users/operators to specify Bootstrap.DataSecretName + without the need of a controller. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only + to have some well-defined way of referencing a part + of an object. TODO: this design is not final and + this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + dataSecretName: + description: DataSecretName is the name of the secret + that stores the bootstrap data script. If nil, the Machine + should remain in the Pending state. + type: string + type: object + clusterName: + description: ClusterName is the name of the Cluster this object + belongs to. + minLength: 1 + type: string + failureDomain: + description: FailureDomain is the failure domain the machine + will be created in. Must match a key in the FailureDomains + map stored on the cluster object. + type: string + infrastructureRef: + description: InfrastructureRef is a required reference to + a custom resource offered by an infrastructure provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that + triggered the event) or if no container name is specified + "spec.containers[2]" (container with index 2 in this + pod). This syntax is chosen only to have some well-defined + way of referencing a part of an object. TODO: this design + is not final and this field is subject to change in + the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time + that the controller will spend on draining a node. The default + value is 0, meaning that the node can be drained without + any time limitations. NOTE: NodeDrainTimeout is different + from `kubectl drain --timeout`' + type: string + providerID: + description: ProviderID is the identification ID of the machine + provided by the provider. This field must match the provider + ID as seen on the node object corresponding to this machine. + This field is required by higher level consumers of cluster-api. + Example use case is cluster autoscaler with cluster-api + as provider. Clean-up logic in the autoscaler compares machines + to nodes to find out machines at provider which could not + get registered as Kubernetes nodes. With cluster-api as + a generic out-of-tree provider for autoscaler, this field + is required by autoscaler to be able to have a provider + view of the list of machines. Another list of nodes is queried + from the k8s apiserver and then a comparison is done to + find out unregistered machines and are marked for delete. + This field will be set by the actuators and consumed by + higher level entities like autoscaler that will be interfacing + with cluster-api as generic provider. + type: string + version: + description: Version defines the desired Kubernetes version. + This field is meant to be optionally used by bootstrap providers. + type: string + required: + - bootstrap + - clusterName + - infrastructureRef + type: object + type: object + required: + - clusterName + - selector + - template + type: object + status: + description: MachineDeploymentStatus defines the observed state of MachineDeployment. + properties: + availableReplicas: + description: Total number of available machines (ready for at least + minReadySeconds) targeted by this deployment. + format: int32 + type: integer + conditions: + description: Conditions defines current service state of the MachineDeployment. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - status + - type + type: object + type: array + observedGeneration: + description: The generation observed by the deployment controller. + format: int64 + type: integer + phase: + description: Phase represents the current phase of a MachineDeployment + (ScalingUp, ScalingDown, Running, Failed, or Unknown). + type: string + readyReplicas: + description: Total number of ready machines targeted by this deployment. + format: int32 + type: integer + replicas: + description: Total number of non-terminated machines targeted by this + deployment (their labels match the selector). + format: int32 + type: integer + selector: + description: 'Selector is the same as the label selector but in the + string format to avoid introspection by clients. The string will + be in the same format as the query-param syntax. More info about + label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors' + type: string + unavailableReplicas: + description: Total number of unavailable machines targeted by this + deployment. This is the total number of machines that are still + required for the deployment to have 100% available capacity. They + may either be machines that are running but not yet available or + machines that still have not been created. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated machines targeted by this + deployment that have the desired template spec. + format: int32 + type: integer + type: object + type: object + served: false + storage: false + subresources: + scale: + labelSelectorPath: .status.selector + specReplicasPath: .spec.replicas + statusReplicasPath: .status.replicas + status: {} + - additionalPrinterColumns: + - description: Cluster + jsonPath: .spec.clusterName + name: Cluster + type: string + - description: Total number of machines desired by this MachineDeployment + jsonPath: .spec.replicas + name: Desired + priority: 10 + type: integer + - description: Total number of non-terminated machines targeted by this MachineDeployment + jsonPath: .status.replicas + name: Replicas + type: integer + - description: Total number of ready machines targeted by this MachineDeployment + jsonPath: .status.readyReplicas + name: Ready + type: integer + - description: Total number of non-terminated machines targeted by this deployment + that have the desired template spec + jsonPath: .status.updatedReplicas + name: Updated + type: integer + - description: Total number of unavailable machines targeted by this MachineDeployment + jsonPath: .status.unavailableReplicas + name: Unavailable + type: integer + - description: MachineDeployment status such as ScalingUp/ScalingDown/Running/Failed/Unknown + jsonPath: .status.phase + name: Phase + type: string + - description: Time duration since creation of MachineDeployment + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Kubernetes version associated with this MachineDeployment + jsonPath: .spec.template.spec.version + name: Version + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: MachineDeployment is the Schema for the machinedeployments API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MachineDeploymentSpec defines the desired state of MachineDeployment. + properties: + clusterName: + description: ClusterName is the name of the Cluster this object belongs + to. + minLength: 1 + type: string + minReadySeconds: + description: MinReadySeconds is the minimum number of seconds for + which a Node for a newly created machine should be ready before + considering the replica available. Defaults to 0 (machine will be + considered available as soon as the Node is ready) + format: int32 + type: integer + paused: + description: Indicates that the deployment is paused. + type: boolean + progressDeadlineSeconds: + description: The maximum time in seconds for a deployment to make + progress before it is considered to be failed. The deployment controller + will continue to process failed deployments and a condition with + a ProgressDeadlineExceeded reason will be surfaced in the deployment + status. Note that progress will not be estimated during the time + a deployment is paused. Defaults to 600s. + format: int32 + type: integer + replicas: + description: "Number of desired machines. This is a pointer to distinguish + between explicit zero and not specified. \n Defaults to: * if the + Kubernetes autoscaler min size and max size annotations are set: + - if it's a new MachineDeployment, use min size - if the replicas + field of the old MachineDeployment is < min size, use min size - + if the replicas field of the old MachineDeployment is > max size, + use max size - if the replicas field of the old MachineDeployment + is in the (min size, max size) range, keep the value from the oldMD + * otherwise use 1 Note: Defaulting will be run whenever the replicas + field is not set: * A new MachineDeployment is created with replicas + not set. * On an existing MachineDeployment the replicas field was + first set and is now unset. Those cases are especially relevant + for the following Kubernetes autoscaler use cases: * A new MachineDeployment + is created and replicas should be managed by the autoscaler * An + existing MachineDeployment which initially wasn't controlled by + the autoscaler should be later controlled by the autoscaler" + format: int32 + type: integer + revisionHistoryLimit: + description: The number of old MachineSets to retain to allow rollback. + This is a pointer to distinguish between explicit zero and not specified. + Defaults to 1. + format: int32 + type: integer + rolloutAfter: + description: 'RolloutAfter is a field to indicate a rollout should + be performed after the specified time even if no changes have been + made to the MachineDeployment. Example: In the YAML the time can + be specified in the RFC3339 format. To specify the rolloutAfter + target as March 9, 2023, at 9 am UTC use "2023-03-09T09:00:00Z".' + format: date-time + type: string + selector: + description: Label selector for machines. Existing MachineSets whose + machines are selected by this will be the ones affected by this + deployment. It must match the machine template's labels. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + strategy: + description: The deployment strategy to use to replace existing machines + with new ones. + properties: + rollingUpdate: + description: Rolling update config params. Present only if MachineDeploymentStrategyType + = RollingUpdate. + properties: + deletePolicy: + description: DeletePolicy defines the policy used by the MachineDeployment + to identify nodes to delete when downscaling. Valid values + are "Random, "Newest", "Oldest" When no value is supplied, + the default DeletePolicy of MachineSet is used + enum: + - Random + - Newest + - Oldest + type: string + maxSurge: + anyOf: + - type: integer + - type: string + description: 'The maximum number of machines that can be scheduled + above the desired number of machines. Value can be an absolute + number (ex: 5) or a percentage of desired machines (ex: + 10%). This can not be 0 if MaxUnavailable is 0. Absolute + number is calculated from percentage by rounding up. Defaults + to 1. Example: when this is set to 30%, the new MachineSet + can be scaled up immediately when the rolling update starts, + such that the total number of old and new machines do not + exceed 130% of desired machines. Once old machines have + been killed, new MachineSet can be scaled up further, ensuring + that total number of machines running at any time during + the update is at most 130% of desired machines.' + x-kubernetes-int-or-string: true + maxUnavailable: + anyOf: + - type: integer + - type: string + description: 'The maximum number of machines that can be unavailable + during the update. Value can be an absolute number (ex: + 5) or a percentage of desired machines (ex: 10%). Absolute + number is calculated from percentage by rounding down. This + can not be 0 if MaxSurge is 0. Defaults to 0. Example: when + this is set to 30%, the old MachineSet can be scaled down + to 70% of desired machines immediately when the rolling + update starts. Once new machines are ready, old MachineSet + can be scaled down further, followed by scaling up the new + MachineSet, ensuring that the total number of machines available + at all times during the update is at least 70% of desired + machines.' + x-kubernetes-int-or-string: true + type: object + type: + description: Type of deployment. Allowed values are RollingUpdate + and OnDelete. The default is RollingUpdate. + enum: + - RollingUpdate + - OnDelete + type: string + type: object + template: + description: Template describes the machines that will be created. + properties: + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not queryable + and should be preserved when modifying objects. More info: + http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used + to organize and categorize (scope and select) objects. May + match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: 'Specification of the desired behavior of the machine. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + bootstrap: + description: Bootstrap is a reference to a local struct which + encapsulates fields to configure the Machine’s bootstrapping + mechanism. + properties: + configRef: + description: ConfigRef is a reference to a bootstrap provider-specific + resource that holds configuration details. The reference + is optional to allow users/operators to specify Bootstrap.DataSecretName + without the need of a controller. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only + to have some well-defined way of referencing a part + of an object. TODO: this design is not final and + this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + dataSecretName: + description: DataSecretName is the name of the secret + that stores the bootstrap data script. If nil, the Machine + should remain in the Pending state. + type: string + type: object + clusterName: + description: ClusterName is the name of the Cluster this object + belongs to. + minLength: 1 + type: string + failureDomain: + description: FailureDomain is the failure domain the machine + will be created in. Must match a key in the FailureDomains + map stored on the cluster object. + type: string + infrastructureRef: + description: InfrastructureRef is a required reference to + a custom resource offered by an infrastructure provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that + triggered the event) or if no container name is specified + "spec.containers[2]" (container with index 2 in this + pod). This syntax is chosen only to have some well-defined + way of referencing a part of an object. TODO: this design + is not final and this field is subject to change in + the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + nodeDeletionTimeout: + description: NodeDeletionTimeout defines how long the controller + will attempt to delete the Node that the Machine hosts after + the Machine is marked for deletion. A duration of 0 will + retry deletion indefinitely. Defaults to 10 seconds. + type: string + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time + that the controller will spend on draining a node. The default + value is 0, meaning that the node can be drained without + any time limitations. NOTE: NodeDrainTimeout is different + from `kubectl drain --timeout`' + type: string + nodeVolumeDetachTimeout: + description: NodeVolumeDetachTimeout is the total amount of + time that the controller will spend on waiting for all volumes + to be detached. The default value is 0, meaning that the + volumes can be detached without any time limitations. + type: string + providerID: + description: ProviderID is the identification ID of the machine + provided by the provider. This field must match the provider + ID as seen on the node object corresponding to this machine. + This field is required by higher level consumers of cluster-api. + Example use case is cluster autoscaler with cluster-api + as provider. Clean-up logic in the autoscaler compares machines + to nodes to find out machines at provider which could not + get registered as Kubernetes nodes. With cluster-api as + a generic out-of-tree provider for autoscaler, this field + is required by autoscaler to be able to have a provider + view of the list of machines. Another list of nodes is queried + from the k8s apiserver and then a comparison is done to + find out unregistered machines and are marked for delete. + This field will be set by the actuators and consumed by + higher level entities like autoscaler that will be interfacing + with cluster-api as generic provider. + type: string + version: + description: Version defines the desired Kubernetes version. + This field is meant to be optionally used by bootstrap providers. + type: string + required: + - bootstrap + - clusterName + - infrastructureRef + type: object + type: object + required: + - clusterName + - selector + - template + type: object + status: + description: MachineDeploymentStatus defines the observed state of MachineDeployment. + properties: + availableReplicas: + description: Total number of available machines (ready for at least + minReadySeconds) targeted by this deployment. + format: int32 + type: integer + conditions: + description: Conditions defines current service state of the MachineDeployment. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + observedGeneration: + description: The generation observed by the deployment controller. + format: int64 + type: integer + phase: + description: Phase represents the current phase of a MachineDeployment + (ScalingUp, ScalingDown, Running, Failed, or Unknown). + type: string + readyReplicas: + description: Total number of ready machines targeted by this deployment. + format: int32 + type: integer + replicas: + description: Total number of non-terminated machines targeted by this + deployment (their labels match the selector). + format: int32 + type: integer + selector: + description: 'Selector is the same as the label selector but in the + string format to avoid introspection by clients. The string will + be in the same format as the query-param syntax. More info about + label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors' + type: string + unavailableReplicas: + description: Total number of unavailable machines targeted by this + deployment. This is the total number of machines that are still + required for the deployment to have 100% available capacity. They + may either be machines that are running but not yet available or + machines that still have not been created. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated machines targeted by this + deployment that have the desired template spec. + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + scale: + labelSelectorPath: .status.selector + specReplicasPath: .spec.replicas + statusReplicasPath: .status.replicas + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: capi-system/capi-serving-cert + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: cluster-api + clusterctl.cluster.x-k8s.io: "" + name: machinehealthchecks.cluster.x-k8s.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + caBundle: Cg== + service: + name: capi-webhook-service + namespace: capi-system + path: /convert + conversionReviewVersions: + - v1 + - v1beta1 + group: cluster.x-k8s.io + names: + categories: + - cluster-api + kind: MachineHealthCheck + listKind: MachineHealthCheckList + plural: machinehealthchecks + shortNames: + - mhc + - mhcs + singular: machinehealthcheck + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Maximum number of unhealthy machines allowed + jsonPath: .spec.maxUnhealthy + name: MaxUnhealthy + type: string + - description: Number of machines currently monitored + jsonPath: .status.expectedMachines + name: ExpectedMachines + type: integer + - description: Current observed healthy machines + jsonPath: .status.currentHealthy + name: CurrentHealthy + type: integer + deprecated: true + name: v1alpha3 + schema: + openAPIV3Schema: + description: "MachineHealthCheck is the Schema for the machinehealthchecks + API. \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Specification of machine health check policy + properties: + clusterName: + description: ClusterName is the name of the Cluster this object belongs + to. + minLength: 1 + type: string + maxUnhealthy: + anyOf: + - type: integer + - type: string + description: Any further remediation is only allowed if at most "MaxUnhealthy" + machines selected by "selector" are not healthy. + x-kubernetes-int-or-string: true + nodeStartupTimeout: + description: Machines older than this duration without a node will + be considered to have failed and will be remediated. + type: string + remediationTemplate: + description: "RemediationTemplate is a reference to a remediation + template provided by an infrastructure provider. \n This field is + completely optional, when filled, the MachineHealthCheck controller + creates a new object from the template referenced and hands off + remediation of the machine to a controller that lives outside of + Cluster API." + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + selector: + description: Label selector to match machines whose health will be + exercised + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + unhealthyConditions: + description: UnhealthyConditions contains a list of the conditions + that determine whether a node is considered unhealthy. The conditions + are combined in a logical OR, i.e. if any of the conditions is met, + the node is unhealthy. + items: + description: UnhealthyCondition represents a Node condition type + and value with a timeout specified as a duration. When the named + condition has been in the given status for at least the timeout + value, a node is considered unhealthy. + properties: + status: + minLength: 1 + type: string + timeout: + type: string + type: + minLength: 1 + type: string + required: + - status + - timeout + - type + type: object + minItems: 1 + type: array + required: + - clusterName + - selector + - unhealthyConditions + type: object + status: + description: Most recently observed status of MachineHealthCheck resource + properties: + conditions: + description: Conditions defines current service state of the MachineHealthCheck. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - status + - type + type: object + type: array + currentHealthy: + description: total number of healthy machines counted by this machine + health check + format: int32 + minimum: 0 + type: integer + expectedMachines: + description: total number of machines counted by this machine health + check + format: int32 + minimum: 0 + type: integer + observedGeneration: + description: ObservedGeneration is the latest generation observed + by the controller. + format: int64 + type: integer + remediationsAllowed: + description: RemediationsAllowed is the number of further remediations + allowed by this machine health check before maxUnhealthy short circuiting + will be applied + format: int32 + minimum: 0 + type: integer + targets: + description: Targets shows the current list of machines the machine + health check is watching + items: + type: string + type: array + type: object + type: object + served: false + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Cluster + jsonPath: .spec.clusterName + name: Cluster type: string - - description: Time duration since creation of IPAdressClaim + - description: Time duration since creation of MachineHealthCheck jsonPath: .metadata.creationTimestamp name: Age type: date - name: v1beta1 + - description: Maximum number of unhealthy machines allowed + jsonPath: .spec.maxUnhealthy + name: MaxUnhealthy + type: string + - description: Number of machines currently monitored + jsonPath: .status.expectedMachines + name: ExpectedMachines + type: integer + - description: Current observed healthy machines + jsonPath: .status.currentHealthy + name: CurrentHealthy + type: integer + deprecated: true + name: v1alpha4 schema: openAPIV3Schema: - description: IPAddressClaim is the Schema for the ipaddressclaim API. + description: "MachineHealthCheck is the Schema for the machinehealthchecks + API. \n Deprecated: This type will be removed in one of the next releases." properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -4383,47 +7022,159 @@ spec: metadata: type: object spec: - description: IPAddressClaimSpec is the desired state of an IPAddressClaim. + description: Specification of machine health check policy properties: - poolRef: - description: PoolRef is a reference to the pool from which an IP address - should be created. + clusterName: + description: ClusterName is the name of the Cluster this object belongs + to. + minLength: 1 + type: string + maxUnhealthy: + anyOf: + - type: integer + - type: string + description: Any further remediation is only allowed if at most "MaxUnhealthy" + machines selected by "selector" are not healthy. + x-kubernetes-int-or-string: true + nodeStartupTimeout: + description: Machines older than this duration without a node will + be considered to have failed and will be remediated. If not set, + this value is defaulted to 10 minutes. If you wish to disable this + feature, set the value explicitly to 0. + type: string + remediationTemplate: + description: "RemediationTemplate is a reference to a remediation + template provided by an infrastructure provider. \n This field is + completely optional, when filled, the MachineHealthCheck controller + creates a new object from the template referenced and hands off + remediation of the machine to a controller that lives outside of + Cluster API." properties: - apiGroup: - description: APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in - the core API group. For any other third-party types, APIGroup - is required. + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' type: string kind: - description: Kind is the type of resource being referenced + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string name: - description: Name is the name of resource being referenced + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - required: - - kind - - name + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + selector: + description: Label selector to match machines whose health will be + exercised + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object type: object x-kubernetes-map-type: atomic + unhealthyConditions: + description: UnhealthyConditions contains a list of the conditions + that determine whether a node is considered unhealthy. The conditions + are combined in a logical OR, i.e. if any of the conditions is met, + the node is unhealthy. + items: + description: UnhealthyCondition represents a Node condition type + and value with a timeout specified as a duration. When the named + condition has been in the given status for at least the timeout + value, a node is considered unhealthy. + properties: + status: + minLength: 1 + type: string + timeout: + type: string + type: + minLength: 1 + type: string + required: + - status + - timeout + - type + type: object + minItems: 1 + type: array + unhealthyRange: + description: 'Any further remediation is only allowed if the number + of machines selected by "selector" as not healthy is within the + range of "UnhealthyRange". Takes precedence over MaxUnhealthy. Eg. + "[3-5]" - This means that remediation will be allowed only when: + (a) there are at least 3 unhealthy machines (and) (b) there are + at most 5 unhealthy machines' + pattern: ^\[[0-9]+-[0-9]+\]$ + type: string required: - - poolRef + - clusterName + - selector + - unhealthyConditions type: object status: - description: IPAddressClaimStatus is the observed status of a IPAddressClaim. + description: Most recently observed status of MachineHealthCheck resource properties: - addressRef: - description: AddressRef is a reference to the address that was created - for this claim. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - x-kubernetes-map-type: atomic conditions: - description: Conditions summarises the current state of the IPAddressClaim + description: Conditions defines current service state of the MachineHealthCheck. items: description: Condition defines an observation of a Cluster API resource operational state. @@ -4462,300 +7213,72 @@ spec: important. type: string required: - - lastTransitionTime - status - type type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.13.0 - creationTimestamp: null - labels: - cluster.x-k8s.io/provider: cluster-api - clusterctl.cluster.x-k8s.io: "" - name: ipaddresses.ipam.cluster.x-k8s.io -spec: - group: ipam.cluster.x-k8s.io - names: - categories: - - cluster-api - kind: IPAddress - listKind: IPAddressList - plural: ipaddresses - singular: ipaddress - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: Address - jsonPath: .spec.address - name: Address - type: string - - description: Name of the pool the address is from - jsonPath: .spec.poolRef.name - name: Pool Name - type: string - - description: Kind of the pool the address is from - jsonPath: .spec.poolRef.kind - name: Pool Kind - type: string - - description: Time duration since creation of IPAdress - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: IPAddress is the Schema for the ipaddress API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: IPAddressSpec is the desired state of an IPAddress. - properties: - address: - description: Address is the IP address. - type: string - claimRef: - description: ClaimRef is a reference to the claim this IPAddress was - created for. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - x-kubernetes-map-type: atomic - gateway: - description: Gateway is the network gateway of the network the address - is from. - type: string - poolRef: - description: PoolRef is a reference to the pool that this IPAddress - was created from. - properties: - apiGroup: - description: APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in - the core API group. For any other third-party types, APIGroup - is required. - type: string - kind: - description: Kind is the type of resource being referenced - type: string - name: - description: Name is the name of resource being referenced - type: string - required: - - kind - - name - type: object - x-kubernetes-map-type: atomic - prefix: - description: Prefix is the prefix of the address. - type: integer - required: - - address - - claimRef - - poolRef - - prefix - type: object - type: object - served: true - storage: false - subresources: {} - - additionalPrinterColumns: - - description: Address - jsonPath: .spec.address - name: Address - type: string - - description: Name of the pool the address is from - jsonPath: .spec.poolRef.name - name: Pool Name - type: string - - description: Kind of the pool the address is from - jsonPath: .spec.poolRef.kind - name: Pool Kind - type: string - - description: Time duration since creation of IPAdress - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: IPAddress is the Schema for the ipaddress API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: IPAddressSpec is the desired state of an IPAddress. - properties: - address: - description: Address is the IP address. - type: string - claimRef: - description: ClaimRef is a reference to the claim this IPAddress was - created for. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - x-kubernetes-map-type: atomic - gateway: - description: Gateway is the network gateway of the network the address - is from. - type: string - poolRef: - description: PoolRef is a reference to the pool that this IPAddress - was created from. - properties: - apiGroup: - description: APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in - the core API group. For any other third-party types, APIGroup - is required. - type: string - kind: - description: Kind is the type of resource being referenced - type: string - name: - description: Name is the name of resource being referenced - type: string - required: - - kind - - name - type: object - x-kubernetes-map-type: atomic - prefix: - description: Prefix is the prefix of the address. - type: integer - required: - - address - - claimRef - - poolRef - - prefix - type: object - type: object - served: true - storage: true - subresources: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - cert-manager.io/inject-ca-from: capi-system/capi-serving-cert - controller-gen.kubebuilder.io/version: v0.13.0 - creationTimestamp: null - labels: - cluster.x-k8s.io/provider: cluster-api - clusterctl.cluster.x-k8s.io: "" - name: machinedeployments.cluster.x-k8s.io -spec: - conversion: - strategy: Webhook - webhook: - clientConfig: - caBundle: Cg== - service: - name: capi-webhook-service - namespace: capi-system - path: /convert - conversionReviewVersions: - - v1 - - v1beta1 - group: cluster.x-k8s.io - names: - categories: - - cluster-api - kind: MachineDeployment - listKind: MachineDeploymentList - plural: machinedeployments - shortNames: - - md - singular: machinedeployment - scope: Namespaced - versions: + type: array + currentHealthy: + description: total number of healthy machines counted by this machine + health check + format: int32 + minimum: 0 + type: integer + expectedMachines: + description: total number of machines counted by this machine health + check + format: int32 + minimum: 0 + type: integer + observedGeneration: + description: ObservedGeneration is the latest generation observed + by the controller. + format: int64 + type: integer + remediationsAllowed: + description: RemediationsAllowed is the number of further remediations + allowed by this machine health check before maxUnhealthy short circuiting + will be applied + format: int32 + minimum: 0 + type: integer + targets: + description: Targets shows the current list of machines the machine + health check is watching + items: + type: string + type: array + type: object + type: object + served: false + storage: false + subresources: + status: {} - additionalPrinterColumns: - description: Cluster jsonPath: .spec.clusterName name: Cluster type: string - - description: Time duration since creation of MachineDeployment + - description: Number of machines currently monitored + jsonPath: .status.expectedMachines + name: ExpectedMachines + type: integer + - description: Maximum number of unhealthy machines allowed + jsonPath: .spec.maxUnhealthy + name: MaxUnhealthy + type: string + - description: Current observed healthy machines + jsonPath: .status.currentHealthy + name: CurrentHealthy + type: integer + - description: Time duration since creation of MachineHealthCheck jsonPath: .metadata.creationTimestamp name: Age type: date - - description: MachineDeployment status such as ScalingUp/ScalingDown/Running/Failed/Unknown - jsonPath: .status.phase - name: Phase - type: string - - description: Total number of non-terminated machines targeted by this MachineDeployment - jsonPath: .status.replicas - name: Replicas - type: integer - - description: Total number of ready machines targeted by this MachineDeployment - jsonPath: .status.readyReplicas - name: Ready - type: integer - - description: Total number of non-terminated machines targeted by this deployment - that have the desired template spec - jsonPath: .status.updatedReplicas - name: Updated - type: integer - - description: Total number of unavailable machines targeted by this MachineDeployment - jsonPath: .status.unavailableReplicas - name: Unavailable - type: integer - deprecated: true - name: v1alpha4 + name: v1beta1 schema: openAPIV3Schema: - description: "MachineDeployment is the Schema for the machinedeployments API. - \n Deprecated: This type will be removed in one of the next releases." + description: MachineHealthCheck is the Schema for the machinehealthchecks + API. properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -4770,331 +7293,159 @@ spec: metadata: type: object spec: - description: MachineDeploymentSpec defines the desired state of MachineDeployment. + description: Specification of machine health check policy properties: clusterName: description: ClusterName is the name of the Cluster this object belongs to. minLength: 1 type: string - minReadySeconds: - description: Minimum number of seconds for which a newly created machine - should be ready. Defaults to 0 (machine will be considered available - as soon as it is ready) - format: int32 - type: integer - paused: - description: Indicates that the deployment is paused. - type: boolean - progressDeadlineSeconds: - description: The maximum time in seconds for a deployment to make - progress before it is considered to be failed. The deployment controller - will continue to process failed deployments and a condition with - a ProgressDeadlineExceeded reason will be surfaced in the deployment - status. Note that progress will not be estimated during the time - a deployment is paused. Defaults to 600s. - format: int32 - type: integer - replicas: - default: 1 - description: Number of desired machines. Defaults to 1. This is a - pointer to distinguish between explicit zero and not specified. - format: int32 - type: integer - revisionHistoryLimit: - description: The number of old MachineSets to retain to allow rollback. - This is a pointer to distinguish between explicit zero and not specified. - Defaults to 1. - format: int32 - type: integer - selector: - description: Label selector for machines. Existing MachineSets whose - machines are selected by this will be the ones affected by this - deployment. It must match the machine template's labels. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - strategy: - description: The deployment strategy to use to replace existing machines - with new ones. + maxUnhealthy: + anyOf: + - type: integer + - type: string + description: Any further remediation is only allowed if at most "MaxUnhealthy" + machines selected by "selector" are not healthy. + x-kubernetes-int-or-string: true + nodeStartupTimeout: + description: Machines older than this duration without a node will + be considered to have failed and will be remediated. If not set, + this value is defaulted to 10 minutes. If you wish to disable this + feature, set the value explicitly to 0. + type: string + remediationTemplate: + description: "RemediationTemplate is a reference to a remediation + template provided by an infrastructure provider. \n This field is + completely optional, when filled, the MachineHealthCheck controller + creates a new object from the template referenced and hands off + remediation of the machine to a controller that lives outside of + Cluster API." properties: - rollingUpdate: - description: Rolling update config params. Present only if MachineDeploymentStrategyType - = RollingUpdate. - properties: - deletePolicy: - description: DeletePolicy defines the policy used by the MachineDeployment - to identify nodes to delete when downscaling. Valid values - are "Random, "Newest", "Oldest" When no value is supplied, - the default DeletePolicy of MachineSet is used - enum: - - Random - - Newest - - Oldest - type: string - maxSurge: - anyOf: - - type: integer - - type: string - description: 'The maximum number of machines that can be scheduled - above the desired number of machines. Value can be an absolute - number (ex: 5) or a percentage of desired machines (ex: - 10%). This can not be 0 if MaxUnavailable is 0. Absolute - number is calculated from percentage by rounding up. Defaults - to 1. Example: when this is set to 30%, the new MachineSet - can be scaled up immediately when the rolling update starts, - such that the total number of old and new machines do not - exceed 130% of desired machines. Once old machines have - been killed, new MachineSet can be scaled up further, ensuring - that total number of machines running at any time during - the update is at most 130% of desired machines.' - x-kubernetes-int-or-string: true - maxUnavailable: - anyOf: - - type: integer - - type: string - description: 'The maximum number of machines that can be unavailable - during the update. Value can be an absolute number (ex: - 5) or a percentage of desired machines (ex: 10%). Absolute - number is calculated from percentage by rounding down. This - can not be 0 if MaxSurge is 0. Defaults to 0. Example: when - this is set to 30%, the old MachineSet can be scaled down - to 70% of desired machines immediately when the rolling - update starts. Once new machines are ready, old MachineSet - can be scaled down further, followed by scaling up the new - MachineSet, ensuring that the total number of machines available - at all times during the update is at least 70% of desired - machines.' - x-kubernetes-int-or-string: true - type: object - type: - description: Type of deployment. Default is RollingUpdate. - enum: - - RollingUpdate - - OnDelete + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string type: object - template: - description: Template describes the machines that will be created. + x-kubernetes-map-type: atomic + selector: + description: Label selector to match machines whose health will be + exercised properties: - metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' - properties: - annotations: - additionalProperties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - http://kubernetes.io/docs/user-guide/annotations' - type: object - labels: - additionalProperties: + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. May - match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' - type: object - type: object - spec: - description: 'Specification of the desired behavior of the machine. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - properties: - bootstrap: - description: Bootstrap is a reference to a local struct which - encapsulates fields to configure the Machine’s bootstrapping - mechanism. - properties: - configRef: - description: ConfigRef is a reference to a bootstrap provider-specific - resource that holds configuration details. The reference - is optional to allow users/operators to specify Bootstrap.DataSecretName - without the need of a controller. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object - instead of an entire object, this string should - contain a valid JSON/Go field access statement, - such as desiredState.manifest.containers[2]. For - example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container - that triggered the event) or if no container name - is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only - to have some well-defined way of referencing a part - of an object. TODO: this design is not final and - this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this - reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - dataSecretName: - description: DataSecretName is the name of the secret - that stores the bootstrap data script. If nil, the Machine - should remain in the Pending state. - type: string - type: object - clusterName: - description: ClusterName is the name of the Cluster this object - belongs to. - minLength: 1 - type: string - failureDomain: - description: FailureDomain is the failure domain the machine - will be created in. Must match a key in the FailureDomains - map stored on the cluster object. - type: string - infrastructureRef: - description: InfrastructureRef is a required reference to - a custom resource offered by an infrastructure provider. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that - triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this - pod). This syntax is chosen only to have some well-defined - way of referencing a part of an object. TODO: this design - is not final and this field is subject to change in - the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: type: string - type: object - x-kubernetes-map-type: atomic - nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of time - that the controller will spend on draining a node. The default - value is 0, meaning that the node can be drained without - any time limitations. NOTE: NodeDrainTimeout is different - from `kubectl drain --timeout`' - type: string - providerID: - description: ProviderID is the identification ID of the machine - provided by the provider. This field must match the provider - ID as seen on the node object corresponding to this machine. - This field is required by higher level consumers of cluster-api. - Example use case is cluster autoscaler with cluster-api - as provider. Clean-up logic in the autoscaler compares machines - to nodes to find out machines at provider which could not - get registered as Kubernetes nodes. With cluster-api as - a generic out-of-tree provider for autoscaler, this field - is required by autoscaler to be able to have a provider - view of the list of machines. Another list of nodes is queried - from the k8s apiserver and then a comparison is done to - find out unregistered machines and are marked for delete. - This field will be set by the actuators and consumed by - higher level entities like autoscaler that will be interfacing - with cluster-api as generic provider. - type: string - version: - description: Version defines the desired Kubernetes version. - This field is meant to be optionally used by bootstrap providers. - type: string - required: - - bootstrap - - clusterName - - infrastructureRef + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. type: object type: object + x-kubernetes-map-type: atomic + unhealthyConditions: + description: UnhealthyConditions contains a list of the conditions + that determine whether a node is considered unhealthy. The conditions + are combined in a logical OR, i.e. if any of the conditions is met, + the node is unhealthy. + items: + description: UnhealthyCondition represents a Node condition type + and value with a timeout specified as a duration. When the named + condition has been in the given status for at least the timeout + value, a node is considered unhealthy. + properties: + status: + minLength: 1 + type: string + timeout: + type: string + type: + minLength: 1 + type: string + required: + - status + - timeout + - type + type: object + minItems: 1 + type: array + unhealthyRange: + description: 'Any further remediation is only allowed if the number + of machines selected by "selector" as not healthy is within the + range of "UnhealthyRange". Takes precedence over MaxUnhealthy. Eg. + "[3-5]" - This means that remediation will be allowed only when: + (a) there are at least 3 unhealthy machines (and) (b) there are + at most 5 unhealthy machines' + pattern: ^\[[0-9]+-[0-9]+\]$ + type: string required: - clusterName - selector - - template + - unhealthyConditions type: object status: - description: MachineDeploymentStatus defines the observed state of MachineDeployment. - properties: - availableReplicas: - description: Total number of available machines (ready for at least - minReadySeconds) targeted by this deployment. - format: int32 - type: integer + description: Most recently observed status of MachineHealthCheck resource + properties: conditions: - description: Conditions defines current service state of the MachineDeployment. + description: Conditions defines current service state of the MachineHealthCheck. items: description: Condition defines an observation of a Cluster API resource operational state. @@ -5133,99 +7484,110 @@ spec: important. type: string required: + - lastTransitionTime - status - type type: object type: array - observedGeneration: - description: The generation observed by the deployment controller. - format: int64 - type: integer - phase: - description: Phase represents the current phase of a MachineDeployment - (ScalingUp, ScalingDown, Running, Failed, or Unknown). - type: string - readyReplicas: - description: Total number of ready machines targeted by this deployment. + currentHealthy: + description: total number of healthy machines counted by this machine + health check format: int32 + minimum: 0 type: integer - replicas: - description: Total number of non-terminated machines targeted by this - deployment (their labels match the selector). + expectedMachines: + description: total number of machines counted by this machine health + check format: int32 + minimum: 0 type: integer - selector: - description: 'Selector is the same as the label selector but in the - string format to avoid introspection by clients. The string will - be in the same format as the query-param syntax. More info about - label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors' - type: string - unavailableReplicas: - description: Total number of unavailable machines targeted by this - deployment. This is the total number of machines that are still - required for the deployment to have 100% available capacity. They - may either be machines that are running but not yet available or - machines that still have not been created. - format: int32 + observedGeneration: + description: ObservedGeneration is the latest generation observed + by the controller. + format: int64 type: integer - updatedReplicas: - description: Total number of non-terminated machines targeted by this - deployment that have the desired template spec. + remediationsAllowed: + description: RemediationsAllowed is the number of further remediations + allowed by this machine health check before maxUnhealthy short circuiting + will be applied format: int32 + minimum: 0 type: integer + targets: + description: Targets shows the current list of machines the machine + health check is watching + items: + type: string + type: array type: object type: object - served: false - storage: false + served: true + storage: true subresources: - scale: - labelSelectorPath: .status.selector - specReplicasPath: .spec.replicas - statusReplicasPath: .status.replicas status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: capi-system/capi-serving-cert + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: cluster-api + clusterctl.cluster.x-k8s.io: "" + name: machinepools.cluster.x-k8s.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + caBundle: Cg== + service: + name: capi-webhook-service + namespace: capi-system + path: /convert + conversionReviewVersions: + - v1 + - v1beta1 + group: cluster.x-k8s.io + names: + categories: + - cluster-api + kind: MachinePool + listKind: MachinePoolList + plural: machinepools + shortNames: + - mp + singular: machinepool + scope: Namespaced + versions: - additionalPrinterColumns: - - description: Cluster - jsonPath: .spec.clusterName - name: Cluster - type: string - - description: Total number of machines desired by this MachineDeployment - jsonPath: .spec.replicas - name: Desired - priority: 10 - type: integer - - description: Total number of non-terminated machines targeted by this MachineDeployment + - description: MachinePool replicas count jsonPath: .status.replicas name: Replicas - type: integer - - description: Total number of ready machines targeted by this MachineDeployment - jsonPath: .status.readyReplicas - name: Ready - type: integer - - description: Total number of non-terminated machines targeted by this deployment - that have the desired template spec - jsonPath: .status.updatedReplicas - name: Updated - type: integer - - description: Total number of unavailable machines targeted by this MachineDeployment - jsonPath: .status.unavailableReplicas - name: Unavailable - type: integer - - description: MachineDeployment status such as ScalingUp/ScalingDown/Running/Failed/Unknown + type: string + - description: MachinePool status such as Terminating/Pending/Provisioning/Running/Failed + etc jsonPath: .status.phase name: Phase type: string - - description: Time duration since creation of MachineDeployment - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - description: Kubernetes version associated with this MachineDeployment + - description: Kubernetes version associated with this MachinePool jsonPath: .spec.template.spec.version name: Version type: string - name: v1beta1 + deprecated: true + name: v1alpha3 schema: openAPIV3Schema: - description: MachineDeployment is the Schema for the machinedeployments API. + description: "MachinePool is the Schema for the machinepools API. \n Deprecated: + This type will be removed in one of the next releases." properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -5237,133 +7599,49 @@ spec: object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - metadata: - type: object - spec: - description: MachineDeploymentSpec defines the desired state of MachineDeployment. - properties: - clusterName: - description: ClusterName is the name of the Cluster this object belongs - to. - minLength: 1 - type: string - minReadySeconds: - description: MinReadySeconds is the minimum number of seconds for - which a Node for a newly created machine should be ready before - considering the replica available. Defaults to 0 (machine will be - considered available as soon as the Node is ready) - format: int32 - type: integer - paused: - description: Indicates that the deployment is paused. - type: boolean - progressDeadlineSeconds: - description: The maximum time in seconds for a deployment to make - progress before it is considered to be failed. The deployment controller - will continue to process failed deployments and a condition with - a ProgressDeadlineExceeded reason will be surfaced in the deployment - status. Note that progress will not be estimated during the time - a deployment is paused. Defaults to 600s. - format: int32 - type: integer - replicas: - description: "Number of desired machines. This is a pointer to distinguish - between explicit zero and not specified. \n Defaults to: * if the - Kubernetes autoscaler min size and max size annotations are set: - - if it's a new MachineDeployment, use min size - if the replicas - field of the old MachineDeployment is < min size, use min size - - if the replicas field of the old MachineDeployment is > max size, - use max size - if the replicas field of the old MachineDeployment - is in the (min size, max size) range, keep the value from the oldMD - * otherwise use 1 Note: Defaulting will be run whenever the replicas - field is not set: * A new MachineDeployment is created with replicas - not set. * On an existing MachineDeployment the replicas field was - first set and is now unset. Those cases are especially relevant - for the following Kubernetes autoscaler use cases: * A new MachineDeployment - is created and replicas should be managed by the autoscaler * An - existing MachineDeployment which initially wasn't controlled by - the autoscaler should be later controlled by the autoscaler" - format: int32 - type: integer - revisionHistoryLimit: - description: The number of old MachineSets to retain to allow rollback. - This is a pointer to distinguish between explicit zero and not specified. - Defaults to 1. - format: int32 - type: integer - rolloutAfter: - description: 'RolloutAfter is a field to indicate a rollout should - be performed after the specified time even if no changes have been - made to the MachineDeployment. Example: In the YAML the time can - be specified in the RFC3339 format. To specify the rolloutAfter - target as March 9, 2023, at 9 am UTC use "2023-03-09T09:00:00Z".' - format: date-time - type: string - selector: - description: Label selector for machines. Existing MachineSets whose - machines are selected by this will be the ones affected by this - deployment. It must match the machine template's labels. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic + metadata: + type: object + spec: + description: MachinePoolSpec defines the desired state of MachinePool. + properties: + clusterName: + description: ClusterName is the name of the Cluster this object belongs + to. + minLength: 1 + type: string + failureDomains: + description: FailureDomains is the list of failure domains this MachinePool + should be attached to. + items: + type: string + type: array + minReadySeconds: + description: Minimum number of seconds for which a newly created machine + instances should be ready. Defaults to 0 (machine instance will + be considered available as soon as it is ready) + format: int32 + type: integer + providerIDList: + description: ProviderIDList are the identification IDs of machine + instances provided by the provider. This field must match the provider + IDs as seen on the node objects corresponding to a machine pool's + machine instances. + items: + type: string + type: array + replicas: + description: Number of desired machines. Defaults to 1. This is a + pointer to distinguish between explicit zero and not specified. + format: int32 + type: integer strategy: - description: The deployment strategy to use to replace existing machines - with new ones. + description: The deployment strategy to use to replace existing machine + instances with new ones. properties: rollingUpdate: description: Rolling update config params. Present only if MachineDeploymentStrategyType = RollingUpdate. properties: - deletePolicy: - description: DeletePolicy defines the policy used by the MachineDeployment - to identify nodes to delete when downscaling. Valid values - are "Random, "Newest", "Oldest" When no value is supplied, - the default DeletePolicy of MachineSet is used - enum: - - Random - - Newest - - Oldest - type: string maxSurge: anyOf: - type: integer @@ -5400,11 +7678,8 @@ spec: x-kubernetes-int-or-string: true type: object type: - description: Type of deployment. Allowed values are RollingUpdate - and OnDelete. The default is RollingUpdate. - enum: - - RollingUpdate - - OnDelete + description: Type of deployment. Currently the only supported + strategy is "RollingUpdate". Default is RollingUpdate. type: string type: object template: @@ -5422,6 +7697,25 @@ spec: and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' type: object + generateName: + description: "GenerateName is an optional prefix, used by + the server, to generate a unique name ONLY IF the Name field + has not been provided. If this field is used, the name returned + to the client will be different than the name passed. This + value will also be combined with a unique suffix. The provided + value has the same validation rules as the Name field, and + may be truncated by the length of the suffix required to + make the value unique on the server. \n If this field is + specified and the generated name exists, the server will + NOT return a 409 - instead, it will either return 201 Created + or 500 with Reason ServerTimeout indicating a unique name + could not be found in the time allotted, and the client + should retry (optionally after the time indicated in the + Retry-After header). \n Applied only if Name is not specified. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency + \n Deprecated: This field has no function and is going to + be removed in a next release." + type: string labels: additionalProperties: type: string @@ -5430,6 +7724,76 @@ spec: match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' type: object + name: + description: "Name must be unique within a namespace. Is required + when creating resources, although some resources may allow + a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence + and configuration definition. Cannot be updated. More info: + http://kubernetes.io/docs/user-guide/identifiers#names \n + Deprecated: This field has no function and is going to be + removed in a next release." + type: string + namespace: + description: "Namespace defines the space within each name + must be unique. An empty namespace is equivalent to the + \"default\" namespace, but \"default\" is the canonical + representation. Not all objects are required to be scoped + to a namespace - the value of this field for those objects + will be empty. \n Must be a DNS_LABEL. Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/namespaces + \n Deprecated: This field has no function and is going to + be removed in a next release." + type: string + ownerReferences: + description: "List of objects depended by this object. If + ALL objects in the list have been deleted, this object will + be garbage collected. If this object is managed by a controller, + then an entry in this list will point to this controller, + with the controller field set to true. There cannot be more + than one managing controller. \n Deprecated: This field + has no function and is going to be removed in a next release." + items: + description: OwnerReference contains enough information + to let you identify an owning object. An owning object + must be in the same namespace as the dependent, or be + cluster-scoped, so there is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from the + key-value store until this reference is removed. See + https://kubernetes.io/docs/concepts/architecture/garbage-collection/#foreground-deletion + for how the garbage collector interacts with this + field and enforces the foreground deletion. Defaults + to false. To set this field, a user needs "delete" + permission of the owner, otherwise 422 (Unprocessable + Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing + controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: object + x-kubernetes-map-type: atomic + type: array type: object spec: description: 'Specification of the desired behavior of the machine. @@ -5443,7 +7807,7 @@ spec: configRef: description: ConfigRef is a reference to a bootstrap provider-specific resource that holds configuration details. The reference - is optional to allow users/operators to specify Bootstrap.DataSecretName + is optional to allow users/operators to specify Bootstrap.Data without the need of a controller. properties: apiVersion: @@ -5483,6 +7847,12 @@ spec: type: string type: object x-kubernetes-map-type: atomic + data: + description: "Data contains the bootstrap data, such as + cloud-init details scripts. If nil, the Machine should + remain in the Pending state. \n Deprecated: Switch to + DataSecretName." + type: string dataSecretName: description: DataSecretName is the name of the secret that stores the bootstrap data script. If nil, the Machine @@ -5538,12 +7908,6 @@ spec: type: string type: object x-kubernetes-map-type: atomic - nodeDeletionTimeout: - description: NodeDeletionTimeout defines how long the controller - will attempt to delete the Node that the Machine hosts after - the Machine is marked for deletion. A duration of 0 will - retry deletion indefinitely. Defaults to 10 seconds. - type: string nodeDrainTimeout: description: 'NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. The default @@ -5551,12 +7915,6 @@ spec: any time limitations. NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`' type: string - nodeVolumeDetachTimeout: - description: NodeVolumeDetachTimeout is the total amount of - time that the controller will spend on waiting for all volumes - to be detached. The default value is 0, meaning that the - volumes can be detached without any time limitations. - type: string providerID: description: ProviderID is the identification ID of the machine provided by the provider. This field must match the provider @@ -5587,19 +7945,21 @@ spec: type: object required: - clusterName - - selector - template type: object status: - description: MachineDeploymentStatus defines the observed state of MachineDeployment. + description: MachinePoolStatus defines the observed state of MachinePool. properties: availableReplicas: - description: Total number of available machines (ready for at least - minReadySeconds) targeted by this deployment. + description: The number of available replicas (ready for at least + minReadySeconds) for this MachinePool. format: int32 type: integer + bootstrapReady: + description: BootstrapReady is the state of the bootstrap provider. + type: boolean conditions: - description: Conditions defines current service state of the MachineDeployment. + description: Conditions define the current service state of the MachinePool. items: description: Condition defines an observation of a Cluster API resource operational state. @@ -5638,128 +7998,149 @@ spec: important. type: string required: - - lastTransitionTime - status - type type: object type: array - observedGeneration: - description: The generation observed by the deployment controller. - format: int64 - type: integer - phase: - description: Phase represents the current phase of a MachineDeployment - (ScalingUp, ScalingDown, Running, Failed, or Unknown). + failureMessage: + description: FailureMessage indicates that there is a problem reconciling + the state, and will be set to a descriptive error message. type: string - readyReplicas: - description: Total number of ready machines targeted by this deployment. - format: int32 - type: integer - replicas: - description: Total number of non-terminated machines targeted by this - deployment (their labels match the selector). - format: int32 - type: integer - selector: - description: 'Selector is the same as the label selector but in the - string format to avoid introspection by clients. The string will - be in the same format as the query-param syntax. More info about - label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors' + failureReason: + description: FailureReason indicates that there is a problem reconciling + the state, and will be set to a token value suitable for programmatic + interpretation. type: string - unavailableReplicas: - description: Total number of unavailable machines targeted by this - deployment. This is the total number of machines that are still - required for the deployment to have 100% available capacity. They - may either be machines that are running but not yet available or - machines that still have not been created. - format: int32 - type: integer - updatedReplicas: - description: Total number of non-terminated machines targeted by this - deployment that have the desired template spec. - format: int32 - type: integer - type: object - type: object - served: true - storage: true - subresources: - scale: - labelSelectorPath: .status.selector - specReplicasPath: .spec.replicas - statusReplicasPath: .status.replicas - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - cert-manager.io/inject-ca-from: capi-system/capi-serving-cert - controller-gen.kubebuilder.io/version: v0.13.0 - creationTimestamp: null - labels: - cluster.x-k8s.io/provider: cluster-api - clusterctl.cluster.x-k8s.io: "" - name: machinehealthchecks.cluster.x-k8s.io -spec: - conversion: - strategy: Webhook - webhook: - clientConfig: - caBundle: Cg== - service: - name: capi-webhook-service - namespace: capi-system - path: /convert - conversionReviewVersions: - - v1 - - v1beta1 - group: cluster.x-k8s.io - names: - categories: - - cluster-api - kind: MachineHealthCheck - listKind: MachineHealthCheckList - plural: machinehealthchecks - shortNames: - - mhc - - mhcs - singular: machinehealthcheck - scope: Namespaced - versions: + infrastructureReady: + description: InfrastructureReady is the state of the infrastructure + provider. + type: boolean + nodeRefs: + description: NodeRefs will point to the corresponding Nodes if it + they exist. + items: + description: "ObjectReference contains enough information to let + you inspect or modify the referred object. --- New uses of this + type are discouraged because of difficulty describing its usage + when embedded in APIs. 1. Ignored fields. It includes many fields + which are not generally honored. For instance, ResourceVersion + and FieldPath are both very rarely valid in actual usage. 2. Invalid + usage help. It is impossible to add specific help for individual + usage. In most embedded usages, there are particular restrictions + like, \"must refer only to types A and B\" or \"UID not honored\" + or \"name must be restricted\". Those cannot be well described + when embedded. 3. Inconsistent validation. Because the usages + are different, the validation rules are different by usage, which + makes it hard for users to predict what will happen. 4. The fields + are both imprecise and overly precise. Kind is not a precise + mapping to a URL. This can produce ambiguity during interpretation + and require a REST mapping. In most cases, the dependency is + on the group,resource tuple and the version of the actual struct + is irrelevant. 5. We cannot easily change it. Because this type + is embedded in many locations, updates to this type will affect + numerous schemas. Don't make new APIs embed an underspecified + API type they do not control. \n Instead of using this type, create + a locally provided and used type that is well-focused on your + reference. For example, ServiceReferences for admission registration: + https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 + ." + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + type: array + observedGeneration: + description: ObservedGeneration is the latest generation observed + by the controller. + format: int64 + type: integer + phase: + description: Phase represents the current phase of cluster actuation. + E.g. Pending, Running, Terminating, Failed etc. + type: string + readyReplicas: + description: The number of ready replicas for this MachinePool. A + machine is considered ready when the node has been created and is + "Ready". + format: int32 + type: integer + replicas: + description: Replicas is the most recently observed number of replicas. + format: int32 + type: integer + unavailableReplicas: + description: Total number of unavailable machine instances targeted + by this machine pool. This is the total number of machine instances + that are still required for the machine pool to have 100% available + capacity. They may either be machine instances that are running + but not yet available or machine instances that still have not been + created. + format: int32 + type: integer + type: object + type: object + served: false + storage: false + subresources: + scale: + specReplicasPath: .spec.replicas + statusReplicasPath: .status.replicas + status: {} - additionalPrinterColumns: - - description: Cluster - jsonPath: .spec.clusterName - name: Cluster - type: string - - description: Time duration since creation of MachineHealthCheck + - description: Time duration since creation of MachinePool jsonPath: .metadata.creationTimestamp name: Age type: date - - description: Maximum number of unhealthy machines allowed - jsonPath: .spec.maxUnhealthy - name: MaxUnhealthy + - description: MachinePool replicas count + jsonPath: .status.replicas + name: Replicas + type: string + - description: MachinePool status such as Terminating/Pending/Provisioning/Running/Failed + etc + jsonPath: .status.phase + name: Phase + type: string + - description: Kubernetes version associated with this MachinePool + jsonPath: .spec.template.spec.version + name: Version type: string - - description: Number of machines currently monitored - jsonPath: .status.expectedMachines - name: ExpectedMachines - type: integer - - description: Current observed healthy machines - jsonPath: .status.currentHealthy - name: CurrentHealthy - type: integer deprecated: true name: v1alpha4 schema: openAPIV3Schema: - description: "MachineHealthCheck is the Schema for the machinehealthchecks - API. \n Deprecated: This type will be removed in one of the next releases." + description: "MachinePool is the Schema for the machinepools API. \n Deprecated: + This type will be removed in one of the next releases." properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -5774,159 +8155,221 @@ spec: metadata: type: object spec: - description: Specification of machine health check policy + description: MachinePoolSpec defines the desired state of MachinePool. properties: clusterName: description: ClusterName is the name of the Cluster this object belongs to. minLength: 1 type: string - maxUnhealthy: - anyOf: - - type: integer - - type: string - description: Any further remediation is only allowed if at most "MaxUnhealthy" - machines selected by "selector" are not healthy. - x-kubernetes-int-or-string: true - nodeStartupTimeout: - description: Machines older than this duration without a node will - be considered to have failed and will be remediated. If not set, - this value is defaulted to 10 minutes. If you wish to disable this - feature, set the value explicitly to 0. - type: string - remediationTemplate: - description: "RemediationTemplate is a reference to a remediation - template provided by an infrastructure provider. \n This field is - completely optional, when filled, the MachineHealthCheck controller - creates a new object from the template referenced and hands off - remediation of the machine to a controller that lives outside of - Cluster API." - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - selector: - description: Label selector to match machines whose health will be - exercised + failureDomains: + description: FailureDomains is the list of failure domains this MachinePool + should be attached to. + items: + type: string + type: array + minReadySeconds: + description: Minimum number of seconds for which a newly created machine + instances should be ready. Defaults to 0 (machine instance will + be considered available as soon as it is ready) + format: int32 + type: integer + providerIDList: + description: ProviderIDList are the identification IDs of machine + instances provided by the provider. This field must match the provider + IDs as seen on the node objects corresponding to a machine pool's + machine instances. + items: + type: string + type: array + replicas: + description: Number of desired machines. Defaults to 1. This is a + pointer to distinguish between explicit zero and not specified. + format: int32 + type: integer + template: + description: Template describes the machines that will be created. properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. - properties: - key: - description: key is the label key that the selector applies - to. + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + properties: + annotations: + additionalProperties: type: string - operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not queryable + and should be preserved when modifying objects. More info: + http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: type: string - values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic - merge patch. - items: + description: 'Map of string keys and values that can be used + to organize and categorize (scope and select) objects. May + match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: 'Specification of the desired behavior of the machine. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + bootstrap: + description: Bootstrap is a reference to a local struct which + encapsulates fields to configure the Machine’s bootstrapping + mechanism. + properties: + configRef: + description: ConfigRef is a reference to a bootstrap provider-specific + resource that holds configuration details. The reference + is optional to allow users/operators to specify Bootstrap.DataSecretName + without the need of a controller. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only + to have some well-defined way of referencing a part + of an object. TODO: this design is not final and + this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + dataSecretName: + description: DataSecretName is the name of the secret + that stores the bootstrap data script. If nil, the Machine + should remain in the Pending state. type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. + type: object + clusterName: + description: ClusterName is the name of the Cluster this object + belongs to. + minLength: 1 + type: string + failureDomain: + description: FailureDomain is the failure domain the machine + will be created in. Must match a key in the FailureDomains + map stored on the cluster object. + type: string + infrastructureRef: + description: InfrastructureRef is a required reference to + a custom resource offered by an infrastructure provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that + triggered the event) or if no container name is specified + "spec.containers[2]" (container with index 2 in this + pod). This syntax is chosen only to have some well-defined + way of referencing a part of an object. TODO: this design + is not final and this field is subject to change in + the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time + that the controller will spend on draining a node. The default + value is 0, meaning that the node can be drained without + any time limitations. NOTE: NodeDrainTimeout is different + from `kubectl drain --timeout`' + type: string + providerID: + description: ProviderID is the identification ID of the machine + provided by the provider. This field must match the provider + ID as seen on the node object corresponding to this machine. + This field is required by higher level consumers of cluster-api. + Example use case is cluster autoscaler with cluster-api + as provider. Clean-up logic in the autoscaler compares machines + to nodes to find out machines at provider which could not + get registered as Kubernetes nodes. With cluster-api as + a generic out-of-tree provider for autoscaler, this field + is required by autoscaler to be able to have a provider + view of the list of machines. Another list of nodes is queried + from the k8s apiserver and then a comparison is done to + find out unregistered machines and are marked for delete. + This field will be set by the actuators and consumed by + higher level entities like autoscaler that will be interfacing + with cluster-api as generic provider. + type: string + version: + description: Version defines the desired Kubernetes version. + This field is meant to be optionally used by bootstrap providers. + type: string + required: + - bootstrap + - clusterName + - infrastructureRef type: object type: object - x-kubernetes-map-type: atomic - unhealthyConditions: - description: UnhealthyConditions contains a list of the conditions - that determine whether a node is considered unhealthy. The conditions - are combined in a logical OR, i.e. if any of the conditions is met, - the node is unhealthy. - items: - description: UnhealthyCondition represents a Node condition type - and value with a timeout specified as a duration. When the named - condition has been in the given status for at least the timeout - value, a node is considered unhealthy. - properties: - status: - minLength: 1 - type: string - timeout: - type: string - type: - minLength: 1 - type: string - required: - - status - - timeout - - type - type: object - minItems: 1 - type: array - unhealthyRange: - description: 'Any further remediation is only allowed if the number - of machines selected by "selector" as not healthy is within the - range of "UnhealthyRange". Takes precedence over MaxUnhealthy. Eg. - "[3-5]" - This means that remediation will be allowed only when: - (a) there are at least 3 unhealthy machines (and) (b) there are - at most 5 unhealthy machines' - pattern: ^\[[0-9]+-[0-9]+\]$ - type: string required: - clusterName - - selector - - unhealthyConditions + - template type: object status: - description: Most recently observed status of MachineHealthCheck resource + description: MachinePoolStatus defines the observed state of MachinePool. properties: + availableReplicas: + description: The number of available replicas (ready for at least + minReadySeconds) for this MachinePool. + format: int32 + type: integer + bootstrapReady: + description: BootstrapReady is the state of the bootstrap provider. + type: boolean conditions: - description: Conditions defines current service state of the MachineHealthCheck. + description: Conditions define the current service state of the MachinePool. items: description: Condition defines an observation of a Cluster API resource operational state. @@ -5969,68 +8412,152 @@ spec: - type type: object type: array - currentHealthy: - description: total number of healthy machines counted by this machine - health check - format: int32 - minimum: 0 - type: integer - expectedMachines: - description: total number of machines counted by this machine health - check - format: int32 - minimum: 0 - type: integer + failureMessage: + description: FailureMessage indicates that there is a problem reconciling + the state, and will be set to a descriptive error message. + type: string + failureReason: + description: FailureReason indicates that there is a problem reconciling + the state, and will be set to a token value suitable for programmatic + interpretation. + type: string + infrastructureReady: + description: InfrastructureReady is the state of the infrastructure + provider. + type: boolean + nodeRefs: + description: NodeRefs will point to the corresponding Nodes if it + they exist. + items: + description: "ObjectReference contains enough information to let + you inspect or modify the referred object. --- New uses of this + type are discouraged because of difficulty describing its usage + when embedded in APIs. 1. Ignored fields. It includes many fields + which are not generally honored. For instance, ResourceVersion + and FieldPath are both very rarely valid in actual usage. 2. Invalid + usage help. It is impossible to add specific help for individual + usage. In most embedded usages, there are particular restrictions + like, \"must refer only to types A and B\" or \"UID not honored\" + or \"name must be restricted\". Those cannot be well described + when embedded. 3. Inconsistent validation. Because the usages + are different, the validation rules are different by usage, which + makes it hard for users to predict what will happen. 4. The fields + are both imprecise and overly precise. Kind is not a precise + mapping to a URL. This can produce ambiguity during interpretation + and require a REST mapping. In most cases, the dependency is + on the group,resource tuple and the version of the actual struct + is irrelevant. 5. We cannot easily change it. Because this type + is embedded in many locations, updates to this type will affect + numerous schemas. Don't make new APIs embed an underspecified + API type they do not control. \n Instead of using this type, create + a locally provided and used type that is well-focused on your + reference. For example, ServiceReferences for admission registration: + https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 + ." + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + type: array observedGeneration: description: ObservedGeneration is the latest generation observed by the controller. format: int64 type: integer - remediationsAllowed: - description: RemediationsAllowed is the number of further remediations - allowed by this machine health check before maxUnhealthy short circuiting - will be applied + phase: + description: Phase represents the current phase of cluster actuation. + E.g. Pending, Running, Terminating, Failed etc. + type: string + readyReplicas: + description: The number of ready replicas for this MachinePool. A + machine is considered ready when the node has been created and is + "Ready". + format: int32 + type: integer + replicas: + description: Replicas is the most recently observed number of replicas. + format: int32 + type: integer + unavailableReplicas: + description: Total number of unavailable machine instances targeted + by this machine pool. This is the total number of machine instances + that are still required for the machine pool to have 100% available + capacity. They may either be machine instances that are running + but not yet available or machine instances that still have not been + created. format: int32 - minimum: 0 type: integer - targets: - description: Targets shows the current list of machines the machine - health check is watching - items: - type: string - type: array type: object type: object served: false storage: false subresources: + scale: + specReplicasPath: .spec.replicas + statusReplicasPath: .status.replicas status: {} - additionalPrinterColumns: - description: Cluster jsonPath: .spec.clusterName name: Cluster type: string - - description: Number of machines currently monitored - jsonPath: .status.expectedMachines - name: ExpectedMachines + - description: Total number of machines desired by this MachinePool + jsonPath: .spec.replicas + name: Desired + priority: 10 type: integer - - description: Maximum number of unhealthy machines allowed - jsonPath: .spec.maxUnhealthy - name: MaxUnhealthy + - description: MachinePool replicas count + jsonPath: .status.replicas + name: Replicas type: string - - description: Current observed healthy machines - jsonPath: .status.currentHealthy - name: CurrentHealthy - type: integer - - description: Time duration since creation of MachineHealthCheck + - description: MachinePool status such as Terminating/Pending/Provisioning/Running/Failed + etc + jsonPath: .status.phase + name: Phase + type: string + - description: Time duration since creation of MachinePool jsonPath: .metadata.creationTimestamp name: Age type: date + - description: Kubernetes version associated with this MachinePool + jsonPath: .spec.template.spec.version + name: Version + type: string name: v1beta1 schema: openAPIV3Schema: - description: MachineHealthCheck is the Schema for the machinehealthchecks - API. + description: MachinePool is the Schema for the machinepools API. properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -6045,159 +8572,234 @@ spec: metadata: type: object spec: - description: Specification of machine health check policy + description: MachinePoolSpec defines the desired state of MachinePool. properties: clusterName: description: ClusterName is the name of the Cluster this object belongs to. minLength: 1 type: string - maxUnhealthy: - anyOf: - - type: integer - - type: string - description: Any further remediation is only allowed if at most "MaxUnhealthy" - machines selected by "selector" are not healthy. - x-kubernetes-int-or-string: true - nodeStartupTimeout: - description: Machines older than this duration without a node will - be considered to have failed and will be remediated. If not set, - this value is defaulted to 10 minutes. If you wish to disable this - feature, set the value explicitly to 0. - type: string - remediationTemplate: - description: "RemediationTemplate is a reference to a remediation - template provided by an infrastructure provider. \n This field is - completely optional, when filled, the MachineHealthCheck controller - creates a new object from the template referenced and hands off - remediation of the machine to a controller that lives outside of - Cluster API." - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - selector: - description: Label selector to match machines whose health will be - exercised + failureDomains: + description: FailureDomains is the list of failure domains this MachinePool + should be attached to. + items: + type: string + type: array + minReadySeconds: + description: 'Minimum number of seconds for which a newly created + machine instances should be ready. Defaults to 0 (machine instance + will be considered available as soon as it is ready) NOTE: No logic + is implemented for this field and it currently has no behaviour.' + format: int32 + type: integer + providerIDList: + description: ProviderIDList are the identification IDs of machine + instances provided by the provider. This field must match the provider + IDs as seen on the node objects corresponding to a machine pool's + machine instances. + items: + type: string + type: array + replicas: + description: Number of desired machines. Defaults to 1. This is a + pointer to distinguish between explicit zero and not specified. + format: int32 + type: integer + template: + description: Template describes the machines that will be created. properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. - properties: - key: - description: key is the label key that the selector applies - to. + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + properties: + annotations: + additionalProperties: type: string - operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not queryable + and should be preserved when modifying objects. More info: + http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: type: string - values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic - merge patch. - items: + description: 'Map of string keys and values that can be used + to organize and categorize (scope and select) objects. May + match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: 'Specification of the desired behavior of the machine. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + bootstrap: + description: Bootstrap is a reference to a local struct which + encapsulates fields to configure the Machine’s bootstrapping + mechanism. + properties: + configRef: + description: ConfigRef is a reference to a bootstrap provider-specific + resource that holds configuration details. The reference + is optional to allow users/operators to specify Bootstrap.DataSecretName + without the need of a controller. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only + to have some well-defined way of referencing a part + of an object. TODO: this design is not final and + this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + dataSecretName: + description: DataSecretName is the name of the secret + that stores the bootstrap data script. If nil, the Machine + should remain in the Pending state. + type: string + type: object + clusterName: + description: ClusterName is the name of the Cluster this object + belongs to. + minLength: 1 + type: string + failureDomain: + description: FailureDomain is the failure domain the machine + will be created in. Must match a key in the FailureDomains + map stored on the cluster object. + type: string + infrastructureRef: + description: InfrastructureRef is a required reference to + a custom resource offered by an infrastructure provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that + triggered the event) or if no container name is specified + "spec.containers[2]" (container with index 2 in this + pod). This syntax is chosen only to have some well-defined + way of referencing a part of an object. TODO: this design + is not final and this field is subject to change in + the future.' type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + nodeDeletionTimeout: + description: NodeDeletionTimeout defines how long the controller + will attempt to delete the Node that the Machine hosts after + the Machine is marked for deletion. A duration of 0 will + retry deletion indefinitely. Defaults to 10 seconds. + type: string + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time + that the controller will spend on draining a node. The default + value is 0, meaning that the node can be drained without + any time limitations. NOTE: NodeDrainTimeout is different + from `kubectl drain --timeout`' + type: string + nodeVolumeDetachTimeout: + description: NodeVolumeDetachTimeout is the total amount of + time that the controller will spend on waiting for all volumes + to be detached. The default value is 0, meaning that the + volumes can be detached without any time limitations. + type: string + providerID: + description: ProviderID is the identification ID of the machine + provided by the provider. This field must match the provider + ID as seen on the node object corresponding to this machine. + This field is required by higher level consumers of cluster-api. + Example use case is cluster autoscaler with cluster-api + as provider. Clean-up logic in the autoscaler compares machines + to nodes to find out machines at provider which could not + get registered as Kubernetes nodes. With cluster-api as + a generic out-of-tree provider for autoscaler, this field + is required by autoscaler to be able to have a provider + view of the list of machines. Another list of nodes is queried + from the k8s apiserver and then a comparison is done to + find out unregistered machines and are marked for delete. + This field will be set by the actuators and consumed by + higher level entities like autoscaler that will be interfacing + with cluster-api as generic provider. + type: string + version: + description: Version defines the desired Kubernetes version. + This field is meant to be optionally used by bootstrap providers. + type: string + required: + - bootstrap + - clusterName + - infrastructureRef type: object type: object - x-kubernetes-map-type: atomic - unhealthyConditions: - description: UnhealthyConditions contains a list of the conditions - that determine whether a node is considered unhealthy. The conditions - are combined in a logical OR, i.e. if any of the conditions is met, - the node is unhealthy. - items: - description: UnhealthyCondition represents a Node condition type - and value with a timeout specified as a duration. When the named - condition has been in the given status for at least the timeout - value, a node is considered unhealthy. - properties: - status: - minLength: 1 - type: string - timeout: - type: string - type: - minLength: 1 - type: string - required: - - status - - timeout - - type - type: object - minItems: 1 - type: array - unhealthyRange: - description: 'Any further remediation is only allowed if the number - of machines selected by "selector" as not healthy is within the - range of "UnhealthyRange". Takes precedence over MaxUnhealthy. Eg. - "[3-5]" - This means that remediation will be allowed only when: - (a) there are at least 3 unhealthy machines (and) (b) there are - at most 5 unhealthy machines' - pattern: ^\[[0-9]+-[0-9]+\]$ - type: string required: - clusterName - - selector - - unhealthyConditions + - template type: object status: - description: Most recently observed status of MachineHealthCheck resource + description: MachinePoolStatus defines the observed state of MachinePool. properties: + availableReplicas: + description: The number of available replicas (ready for at least + minReadySeconds) for this MachinePool. + format: int32 + type: integer + bootstrapReady: + description: BootstrapReady is the state of the bootstrap provider. + type: boolean conditions: - description: Conditions defines current service state of the MachineHealthCheck. + description: Conditions define the current service state of the MachinePool. items: description: Condition defines an observation of a Cluster API resource operational state. @@ -6241,41 +8843,120 @@ spec: - type type: object type: array - currentHealthy: - description: total number of healthy machines counted by this machine - health check - format: int32 - minimum: 0 - type: integer - expectedMachines: - description: total number of machines counted by this machine health - check - format: int32 - minimum: 0 - type: integer + failureMessage: + description: FailureMessage indicates that there is a problem reconciling + the state, and will be set to a descriptive error message. + type: string + failureReason: + description: FailureReason indicates that there is a problem reconciling + the state, and will be set to a token value suitable for programmatic + interpretation. + type: string + infrastructureReady: + description: InfrastructureReady is the state of the infrastructure + provider. + type: boolean + nodeRefs: + description: NodeRefs will point to the corresponding Nodes if it + they exist. + items: + description: "ObjectReference contains enough information to let + you inspect or modify the referred object. --- New uses of this + type are discouraged because of difficulty describing its usage + when embedded in APIs. 1. Ignored fields. It includes many fields + which are not generally honored. For instance, ResourceVersion + and FieldPath are both very rarely valid in actual usage. 2. Invalid + usage help. It is impossible to add specific help for individual + usage. In most embedded usages, there are particular restrictions + like, \"must refer only to types A and B\" or \"UID not honored\" + or \"name must be restricted\". Those cannot be well described + when embedded. 3. Inconsistent validation. Because the usages + are different, the validation rules are different by usage, which + makes it hard for users to predict what will happen. 4. The fields + are both imprecise and overly precise. Kind is not a precise + mapping to a URL. This can produce ambiguity during interpretation + and require a REST mapping. In most cases, the dependency is + on the group,resource tuple and the version of the actual struct + is irrelevant. 5. We cannot easily change it. Because this type + is embedded in many locations, updates to this type will affect + numerous schemas. Don't make new APIs embed an underspecified + API type they do not control. \n Instead of using this type, create + a locally provided and used type that is well-focused on your + reference. For example, ServiceReferences for admission registration: + https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 + ." + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + type: array observedGeneration: description: ObservedGeneration is the latest generation observed by the controller. format: int64 type: integer - remediationsAllowed: - description: RemediationsAllowed is the number of further remediations - allowed by this machine health check before maxUnhealthy short circuiting - will be applied + phase: + description: Phase represents the current phase of cluster actuation. + E.g. Pending, Running, Terminating, Failed etc. + type: string + readyReplicas: + description: The number of ready replicas for this MachinePool. A + machine is considered ready when the node has been created and is + "Ready". + format: int32 + type: integer + replicas: + description: Replicas is the most recently observed number of replicas. + format: int32 + type: integer + unavailableReplicas: + description: Total number of unavailable machine instances targeted + by this machine pool. This is the total number of machine instances + that are still required for the machine pool to have 100% available + capacity. They may either be machine instances that are running + but not yet available or machine instances that still have not been + created. format: int32 - minimum: 0 type: integer - targets: - description: Targets shows the current list of machines the machine - health check is watching - items: - type: string - type: array type: object type: object served: true storage: true subresources: + scale: + specReplicasPath: .spec.replicas + statusReplicasPath: .status.replicas status: {} status: acceptedNames: @@ -6294,7 +8975,7 @@ metadata: labels: cluster.x-k8s.io/provider: cluster-api clusterctl.cluster.x-k8s.io: "" - name: machinepools.cluster.x-k8s.io + name: machines.cluster.x-k8s.io spec: conversion: strategy: Webhook @@ -6312,38 +8993,38 @@ spec: names: categories: - cluster-api - kind: MachinePool - listKind: MachinePoolList - plural: machinepools + kind: Machine + listKind: MachineList + plural: machines shortNames: - - mp - singular: machinepool + - ma + singular: machine scope: Namespaced versions: - additionalPrinterColumns: - - description: Time duration since creation of MachinePool - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - description: MachinePool replicas count - jsonPath: .status.replicas - name: Replicas + - description: Provider ID + jsonPath: .spec.providerID + name: ProviderID type: string - - description: MachinePool status such as Terminating/Pending/Provisioning/Running/Failed - etc + - description: Machine status such as Terminating/Pending/Running/Failed etc jsonPath: .status.phase name: Phase type: string - - description: Kubernetes version associated with this MachinePool - jsonPath: .spec.template.spec.version + - description: Kubernetes version associated with this Machine + jsonPath: .spec.version name: Version type: string + - description: Node name associated with this machine + jsonPath: .status.nodeRef.name + name: NodeName + priority: 1 + type: string deprecated: true - name: v1alpha4 + name: v1alpha3 schema: openAPIV3Schema: - description: "MachinePool is the Schema for the machinepools API. \n Deprecated: - This type will be removed in one of the next releases." + description: "Machine is the Schema for the machines API. \n Deprecated: This + type will be removed in one of the next releases." properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -6358,221 +9039,169 @@ spec: metadata: type: object spec: - description: MachinePoolSpec defines the desired state of MachinePool. + description: MachineSpec defines the desired state of Machine. properties: - clusterName: - description: ClusterName is the name of the Cluster this object belongs - to. - minLength: 1 - type: string - failureDomains: - description: FailureDomains is the list of failure domains this MachinePool - should be attached to. - items: - type: string - type: array - minReadySeconds: - description: Minimum number of seconds for which a newly created machine - instances should be ready. Defaults to 0 (machine instance will - be considered available as soon as it is ready) - format: int32 - type: integer - providerIDList: - description: ProviderIDList are the identification IDs of machine - instances provided by the provider. This field must match the provider - IDs as seen on the node objects corresponding to a machine pool's - machine instances. - items: - type: string - type: array - replicas: - description: Number of desired machines. Defaults to 1. This is a - pointer to distinguish between explicit zero and not specified. - format: int32 - type: integer - template: - description: Template describes the machines that will be created. + bootstrap: + description: Bootstrap is a reference to a local struct which encapsulates + fields to configure the Machine’s bootstrapping mechanism. properties: - metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' - properties: - annotations: - additionalProperties: - type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - http://kubernetes.io/docs/user-guide/annotations' - type: object - labels: - additionalProperties: - type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. May - match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' - type: object - type: object - spec: - description: 'Specification of the desired behavior of the machine. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + configRef: + description: ConfigRef is a reference to a bootstrap provider-specific + resource that holds configuration details. The reference is + optional to allow users/operators to specify Bootstrap.Data + without the need of a controller. properties: - bootstrap: - description: Bootstrap is a reference to a local struct which - encapsulates fields to configure the Machine’s bootstrapping - mechanism. - properties: - configRef: - description: ConfigRef is a reference to a bootstrap provider-specific - resource that holds configuration details. The reference - is optional to allow users/operators to specify Bootstrap.DataSecretName - without the need of a controller. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object - instead of an entire object, this string should - contain a valid JSON/Go field access statement, - such as desiredState.manifest.containers[2]. For - example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container - that triggered the event) or if no container name - is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only - to have some well-defined way of referencing a part - of an object. TODO: this design is not final and - this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this - reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - dataSecretName: - description: DataSecretName is the name of the secret - that stores the bootstrap data script. If nil, the Machine - should remain in the Pending state. - type: string - type: object - clusterName: - description: ClusterName is the name of the Cluster this object - belongs to. - minLength: 1 + apiVersion: + description: API version of the referent. type: string - failureDomain: - description: FailureDomain is the failure domain the machine - will be created in. Must match a key in the FailureDomains - map stored on the cluster object. + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part + of an object. TODO: this design is not final and this field + is subject to change in the future.' type: string - infrastructureRef: - description: InfrastructureRef is a required reference to - a custom resource offered by an infrastructure provider. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that - triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this - pod). This syntax is chosen only to have some well-defined - way of referencing a part of an object. TODO: this design - is not final and this field is subject to change in - the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of time - that the controller will spend on draining a node. The default - value is 0, meaning that the node can be drained without - any time limitations. NOTE: NodeDrainTimeout is different - from `kubectl drain --timeout`' + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - providerID: - description: ProviderID is the identification ID of the machine - provided by the provider. This field must match the provider - ID as seen on the node object corresponding to this machine. - This field is required by higher level consumers of cluster-api. - Example use case is cluster autoscaler with cluster-api - as provider. Clean-up logic in the autoscaler compares machines - to nodes to find out machines at provider which could not - get registered as Kubernetes nodes. With cluster-api as - a generic out-of-tree provider for autoscaler, this field - is required by autoscaler to be able to have a provider - view of the list of machines. Another list of nodes is queried - from the k8s apiserver and then a comparison is done to - find out unregistered machines and are marked for delete. - This field will be set by the actuators and consumed by - higher level entities like autoscaler that will be interfacing - with cluster-api as generic provider. + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string - version: - description: Version defines the desired Kubernetes version. - This field is meant to be optionally used by bootstrap providers. + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string - required: - - bootstrap - - clusterName - - infrastructureRef type: object + x-kubernetes-map-type: atomic + data: + description: "Data contains the bootstrap data, such as cloud-init + details scripts. If nil, the Machine should remain in the Pending + state. \n Deprecated: Switch to DataSecretName." + type: string + dataSecretName: + description: DataSecretName is the name of the secret that stores + the bootstrap data script. If nil, the Machine should remain + in the Pending state. + type: string + type: object + clusterName: + description: ClusterName is the name of the Cluster this object belongs + to. + minLength: 1 + type: string + failureDomain: + description: FailureDomain is the failure domain the machine will + be created in. Must match a key in the FailureDomains map stored + on the cluster object. + type: string + infrastructureRef: + description: InfrastructureRef is a required reference to a custom + resource offered by an infrastructure provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string type: object + x-kubernetes-map-type: atomic + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time that the + controller will spend on draining a node. The default value is 0, + meaning that the node can be drained without any time limitations. + NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`' + type: string + providerID: + description: ProviderID is the identification ID of the machine provided + by the provider. This field must match the provider ID as seen on + the node object corresponding to this machine. This field is required + by higher level consumers of cluster-api. Example use case is cluster + autoscaler with cluster-api as provider. Clean-up logic in the autoscaler + compares machines to nodes to find out machines at provider which + could not get registered as Kubernetes nodes. With cluster-api as + a generic out-of-tree provider for autoscaler, this field is required + by autoscaler to be able to have a provider view of the list of + machines. Another list of nodes is queried from the k8s apiserver + and then a comparison is done to find out unregistered machines + and are marked for delete. This field will be set by the actuators + and consumed by higher level entities like autoscaler that will + be interfacing with cluster-api as generic provider. + type: string + version: + description: Version defines the desired Kubernetes version. This + field is meant to be optionally used by bootstrap providers. + type: string required: + - bootstrap - clusterName - - template + - infrastructureRef type: object status: - description: MachinePoolStatus defines the observed state of MachinePool. + description: MachineStatus defines the observed state of Machine. properties: - availableReplicas: - description: The number of available replicas (ready for at least - minReadySeconds) for this MachinePool. - format: int32 - type: integer + addresses: + description: Addresses is a list of addresses assigned to the machine. + This field is copied from the infrastructure provider reference. + items: + description: MachineAddress contains information for the node's + address. + properties: + address: + description: The machine address. + type: string + type: + description: Machine address type, one of Hostname, ExternalIP + or InternalIP. + type: string + required: + - address + - type + type: object + type: array bootstrapReady: description: BootstrapReady is the state of the bootstrap provider. type: boolean conditions: - description: Conditions define the current service state of the MachinePool. + description: Conditions defines current service state of the Machine. items: description: Condition defines an observation of a Cluster API resource operational state. @@ -6616,151 +9245,134 @@ spec: type: object type: array failureMessage: - description: FailureMessage indicates that there is a problem reconciling - the state, and will be set to a descriptive error message. + description: "FailureMessage will be set in the event that there is + a terminal problem reconciling the Machine and will contain a more + verbose string suitable for logging and human consumption. \n This + field should not be set for transitive errors that a controller + faces that are expected to be fixed automatically over time (like + service outages), but instead indicate that something is fundamentally + wrong with the Machine's spec or the configuration of the controller, + and that manual intervention is required. Examples of terminal errors + would be invalid combinations of settings in the spec, values that + are unsupported by the controller, or the responsible controller + itself being critically misconfigured. \n Any transient errors that + occur during the reconciliation of Machines can be added as events + to the Machine object and/or logged in the controller's output." type: string failureReason: - description: FailureReason indicates that there is a problem reconciling - the state, and will be set to a token value suitable for programmatic - interpretation. + description: "FailureReason will be set in the event that there is + a terminal problem reconciling the Machine and will contain a succinct + value suitable for machine interpretation. \n This field should + not be set for transitive errors that a controller faces that are + expected to be fixed automatically over time (like service outages), + but instead indicate that something is fundamentally wrong with + the Machine's spec or the configuration of the controller, and that + manual intervention is required. Examples of terminal errors would + be invalid combinations of settings in the spec, values that are + unsupported by the controller, or the responsible controller itself + being critically misconfigured. \n Any transient errors that occur + during the reconciliation of Machines can be added as events to + the Machine object and/or logged in the controller's output." type: string infrastructureReady: description: InfrastructureReady is the state of the infrastructure provider. type: boolean - nodeRefs: - description: NodeRefs will point to the corresponding Nodes if it - they exist. - items: - description: "ObjectReference contains enough information to let - you inspect or modify the referred object. --- New uses of this - type are discouraged because of difficulty describing its usage - when embedded in APIs. 1. Ignored fields. It includes many fields - which are not generally honored. For instance, ResourceVersion - and FieldPath are both very rarely valid in actual usage. 2. Invalid - usage help. It is impossible to add specific help for individual - usage. In most embedded usages, there are particular restrictions - like, \"must refer only to types A and B\" or \"UID not honored\" - or \"name must be restricted\". Those cannot be well described - when embedded. 3. Inconsistent validation. Because the usages - are different, the validation rules are different by usage, which - makes it hard for users to predict what will happen. 4. The fields - are both imprecise and overly precise. Kind is not a precise - mapping to a URL. This can produce ambiguity during interpretation - and require a REST mapping. In most cases, the dependency is - on the group,resource tuple and the version of the actual struct - is irrelevant. 5. We cannot easily change it. Because this type - is embedded in many locations, updates to this type will affect - numerous schemas. Don't make new APIs embed an underspecified - API type they do not control. \n Instead of using this type, create - a locally provided and used type that is well-focused on your - reference. For example, ServiceReferences for admission registration: - https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 - ." - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - type: array + lastUpdated: + description: LastUpdated identifies when the phase of the Machine + last transitioned. + format: date-time + type: string + nodeRef: + description: NodeRef will point to the corresponding Node if it exists. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic observedGeneration: description: ObservedGeneration is the latest generation observed by the controller. format: int64 type: integer phase: - description: Phase represents the current phase of cluster actuation. + description: Phase represents the current phase of machine actuation. E.g. Pending, Running, Terminating, Failed etc. type: string - readyReplicas: - description: The number of ready replicas for this MachinePool. A - machine is considered ready when the node has been created and is - "Ready". - format: int32 - type: integer - replicas: - description: Replicas is the most recently observed number of replicas. - format: int32 - type: integer - unavailableReplicas: - description: Total number of unavailable machine instances targeted - by this machine pool. This is the total number of machine instances - that are still required for the machine pool to have 100% available - capacity. They may either be machine instances that are running - but not yet available or machine instances that still have not been - created. - format: int32 - type: integer + version: + description: Version specifies the current version of Kubernetes running + on the corresponding Node. This is meant to be a means of bubbling + up status from the Node to the Machine. It is entirely optional, + but useful for end-user UX if it’s present. + type: string type: object type: object served: false storage: false subresources: - scale: - specReplicasPath: .spec.replicas - statusReplicasPath: .status.replicas status: {} - additionalPrinterColumns: - description: Cluster jsonPath: .spec.clusterName name: Cluster type: string - - description: Total number of machines desired by this MachinePool - jsonPath: .spec.replicas - name: Desired - priority: 10 - type: integer - - description: MachinePool replicas count - jsonPath: .status.replicas - name: Replicas + - description: Time duration since creation of Machine + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Provider ID + jsonPath: .spec.providerID + name: ProviderID type: string - - description: MachinePool status such as Terminating/Pending/Provisioning/Running/Failed - etc + - description: Machine status such as Terminating/Pending/Running/Failed etc jsonPath: .status.phase name: Phase type: string - - description: Time duration since creation of MachinePool - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - description: Kubernetes version associated with this MachinePool - jsonPath: .spec.template.spec.version + - description: Kubernetes version associated with this Machine + jsonPath: .spec.version name: Version type: string - name: v1beta1 + - description: Node name associated with this machine + jsonPath: .status.nodeRef.name + name: NodeName + priority: 1 + type: string + deprecated: true + name: v1alpha4 schema: openAPIV3Schema: - description: MachinePool is the Schema for the machinepools API. + description: "Machine is the Schema for the machines API. \n Deprecated: This + type will be removed in one of the next releases." properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -6775,234 +9387,164 @@ spec: metadata: type: object spec: - description: MachinePoolSpec defines the desired state of MachinePool. + description: MachineSpec defines the desired state of Machine. properties: - clusterName: - description: ClusterName is the name of the Cluster this object belongs - to. - minLength: 1 - type: string - failureDomains: - description: FailureDomains is the list of failure domains this MachinePool - should be attached to. - items: - type: string - type: array - minReadySeconds: - description: 'Minimum number of seconds for which a newly created - machine instances should be ready. Defaults to 0 (machine instance - will be considered available as soon as it is ready) NOTE: No logic - is implemented for this field and it currently has no behaviour.' - format: int32 - type: integer - providerIDList: - description: ProviderIDList are the identification IDs of machine - instances provided by the provider. This field must match the provider - IDs as seen on the node objects corresponding to a machine pool's - machine instances. - items: - type: string - type: array - replicas: - description: Number of desired machines. Defaults to 1. This is a - pointer to distinguish between explicit zero and not specified. - format: int32 - type: integer - template: - description: Template describes the machines that will be created. + bootstrap: + description: Bootstrap is a reference to a local struct which encapsulates + fields to configure the Machine’s bootstrapping mechanism. properties: - metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' - properties: - annotations: - additionalProperties: - type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - http://kubernetes.io/docs/user-guide/annotations' - type: object - labels: - additionalProperties: - type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. May - match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' - type: object - type: object - spec: - description: 'Specification of the desired behavior of the machine. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + configRef: + description: ConfigRef is a reference to a bootstrap provider-specific + resource that holds configuration details. The reference is + optional to allow users/operators to specify Bootstrap.DataSecretName + without the need of a controller. properties: - bootstrap: - description: Bootstrap is a reference to a local struct which - encapsulates fields to configure the Machine’s bootstrapping - mechanism. - properties: - configRef: - description: ConfigRef is a reference to a bootstrap provider-specific - resource that holds configuration details. The reference - is optional to allow users/operators to specify Bootstrap.DataSecretName - without the need of a controller. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object - instead of an entire object, this string should - contain a valid JSON/Go field access statement, - such as desiredState.manifest.containers[2]. For - example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container - that triggered the event) or if no container name - is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only - to have some well-defined way of referencing a part - of an object. TODO: this design is not final and - this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this - reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - dataSecretName: - description: DataSecretName is the name of the secret - that stores the bootstrap data script. If nil, the Machine - should remain in the Pending state. - type: string - type: object - clusterName: - description: ClusterName is the name of the Cluster this object - belongs to. - minLength: 1 - type: string - failureDomain: - description: FailureDomain is the failure domain the machine - will be created in. Must match a key in the FailureDomains - map stored on the cluster object. + apiVersion: + description: API version of the referent. type: string - infrastructureRef: - description: InfrastructureRef is a required reference to - a custom resource offered by an infrastructure provider. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that - triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this - pod). This syntax is chosen only to have some well-defined - way of referencing a part of an object. TODO: this design - is not final and this field is subject to change in - the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - nodeDeletionTimeout: - description: NodeDeletionTimeout defines how long the controller - will attempt to delete the Node that the Machine hosts after - the Machine is marked for deletion. A duration of 0 will - retry deletion indefinitely. Defaults to 10 seconds. + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part + of an object. TODO: this design is not final and this field + is subject to change in the future.' type: string - nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of time - that the controller will spend on draining a node. The default - value is 0, meaning that the node can be drained without - any time limitations. NOTE: NodeDrainTimeout is different - from `kubectl drain --timeout`' + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - nodeVolumeDetachTimeout: - description: NodeVolumeDetachTimeout is the total amount of - time that the controller will spend on waiting for all volumes - to be detached. The default value is 0, meaning that the - volumes can be detached without any time limitations. + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - providerID: - description: ProviderID is the identification ID of the machine - provided by the provider. This field must match the provider - ID as seen on the node object corresponding to this machine. - This field is required by higher level consumers of cluster-api. - Example use case is cluster autoscaler with cluster-api - as provider. Clean-up logic in the autoscaler compares machines - to nodes to find out machines at provider which could not - get registered as Kubernetes nodes. With cluster-api as - a generic out-of-tree provider for autoscaler, this field - is required by autoscaler to be able to have a provider - view of the list of machines. Another list of nodes is queried - from the k8s apiserver and then a comparison is done to - find out unregistered machines and are marked for delete. - This field will be set by the actuators and consumed by - higher level entities like autoscaler that will be interfacing - with cluster-api as generic provider. + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string - version: - description: Version defines the desired Kubernetes version. - This field is meant to be optionally used by bootstrap providers. + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string - required: - - bootstrap - - clusterName - - infrastructureRef type: object + x-kubernetes-map-type: atomic + dataSecretName: + description: DataSecretName is the name of the secret that stores + the bootstrap data script. If nil, the Machine should remain + in the Pending state. + type: string + type: object + clusterName: + description: ClusterName is the name of the Cluster this object belongs + to. + minLength: 1 + type: string + failureDomain: + description: FailureDomain is the failure domain the machine will + be created in. Must match a key in the FailureDomains map stored + on the cluster object. + type: string + infrastructureRef: + description: InfrastructureRef is a required reference to a custom + resource offered by an infrastructure provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string type: object + x-kubernetes-map-type: atomic + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time that the + controller will spend on draining a node. The default value is 0, + meaning that the node can be drained without any time limitations. + NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`' + type: string + providerID: + description: ProviderID is the identification ID of the machine provided + by the provider. This field must match the provider ID as seen on + the node object corresponding to this machine. This field is required + by higher level consumers of cluster-api. Example use case is cluster + autoscaler with cluster-api as provider. Clean-up logic in the autoscaler + compares machines to nodes to find out machines at provider which + could not get registered as Kubernetes nodes. With cluster-api as + a generic out-of-tree provider for autoscaler, this field is required + by autoscaler to be able to have a provider view of the list of + machines. Another list of nodes is queried from the k8s apiserver + and then a comparison is done to find out unregistered machines + and are marked for delete. This field will be set by the actuators + and consumed by higher level entities like autoscaler that will + be interfacing with cluster-api as generic provider. + type: string + version: + description: Version defines the desired Kubernetes version. This + field is meant to be optionally used by bootstrap providers. + type: string required: + - bootstrap - clusterName - - template + - infrastructureRef type: object status: - description: MachinePoolStatus defines the observed state of MachinePool. + description: MachineStatus defines the observed state of Machine. properties: - availableReplicas: - description: The number of available replicas (ready for at least - minReadySeconds) for this MachinePool. - format: int32 - type: integer + addresses: + description: Addresses is a list of addresses assigned to the machine. + This field is copied from the infrastructure provider reference. + items: + description: MachineAddress contains information for the node's + address. + properties: + address: + description: The machine address. + type: string + type: + description: Machine address type, one of Hostname, ExternalIP + or InternalIP. + type: string + required: + - address + - type + type: object + type: array bootstrapReady: description: BootstrapReady is the state of the bootstrap provider. type: boolean conditions: - description: Conditions define the current service state of the MachinePool. + description: Conditions defines current service state of the Machine. items: description: Condition defines an observation of a Cluster API resource operational state. @@ -7041,178 +9583,169 @@ spec: important. type: string required: - - lastTransitionTime - status - type type: object type: array failureMessage: - description: FailureMessage indicates that there is a problem reconciling - the state, and will be set to a descriptive error message. - type: string - failureReason: - description: FailureReason indicates that there is a problem reconciling - the state, and will be set to a token value suitable for programmatic - interpretation. + description: "FailureMessage will be set in the event that there is + a terminal problem reconciling the Machine and will contain a more + verbose string suitable for logging and human consumption. \n This + field should not be set for transitive errors that a controller + faces that are expected to be fixed automatically over time (like + service outages), but instead indicate that something is fundamentally + wrong with the Machine's spec or the configuration of the controller, + and that manual intervention is required. Examples of terminal errors + would be invalid combinations of settings in the spec, values that + are unsupported by the controller, or the responsible controller + itself being critically misconfigured. \n Any transient errors that + occur during the reconciliation of Machines can be added as events + to the Machine object and/or logged in the controller's output." type: string - infrastructureReady: - description: InfrastructureReady is the state of the infrastructure - provider. - type: boolean - nodeRefs: - description: NodeRefs will point to the corresponding Nodes if it - they exist. - items: - description: "ObjectReference contains enough information to let - you inspect or modify the referred object. --- New uses of this - type are discouraged because of difficulty describing its usage - when embedded in APIs. 1. Ignored fields. It includes many fields - which are not generally honored. For instance, ResourceVersion - and FieldPath are both very rarely valid in actual usage. 2. Invalid - usage help. It is impossible to add specific help for individual - usage. In most embedded usages, there are particular restrictions - like, \"must refer only to types A and B\" or \"UID not honored\" - or \"name must be restricted\". Those cannot be well described - when embedded. 3. Inconsistent validation. Because the usages - are different, the validation rules are different by usage, which - makes it hard for users to predict what will happen. 4. The fields - are both imprecise and overly precise. Kind is not a precise - mapping to a URL. This can produce ambiguity during interpretation - and require a REST mapping. In most cases, the dependency is - on the group,resource tuple and the version of the actual struct - is irrelevant. 5. We cannot easily change it. Because this type - is embedded in many locations, updates to this type will affect - numerous schemas. Don't make new APIs embed an underspecified - API type they do not control. \n Instead of using this type, create - a locally provided and used type that is well-focused on your - reference. For example, ServiceReferences for admission registration: - https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 - ." - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - type: array + failureReason: + description: "FailureReason will be set in the event that there is + a terminal problem reconciling the Machine and will contain a succinct + value suitable for machine interpretation. \n This field should + not be set for transitive errors that a controller faces that are + expected to be fixed automatically over time (like service outages), + but instead indicate that something is fundamentally wrong with + the Machine's spec or the configuration of the controller, and that + manual intervention is required. Examples of terminal errors would + be invalid combinations of settings in the spec, values that are + unsupported by the controller, or the responsible controller itself + being critically misconfigured. \n Any transient errors that occur + during the reconciliation of Machines can be added as events to + the Machine object and/or logged in the controller's output." + type: string + infrastructureReady: + description: InfrastructureReady is the state of the infrastructure + provider. + type: boolean + lastUpdated: + description: LastUpdated identifies when the phase of the Machine + last transitioned. + format: date-time + type: string + nodeInfo: + description: 'NodeInfo is a set of ids/uuids to uniquely identify + the node. More info: https://kubernetes.io/docs/concepts/nodes/node/#info' + properties: + architecture: + description: The Architecture reported by the node + type: string + bootID: + description: Boot ID reported by the node. + type: string + containerRuntimeVersion: + description: ContainerRuntime Version reported by the node through + runtime remote API (e.g. containerd://1.4.2). + type: string + kernelVersion: + description: Kernel Version reported by the node from 'uname -r' + (e.g. 3.16.0-0.bpo.4-amd64). + type: string + kubeProxyVersion: + description: KubeProxy Version reported by the node. + type: string + kubeletVersion: + description: Kubelet Version reported by the node. + type: string + machineID: + description: 'MachineID reported by the node. For unique machine + identification in the cluster this field is preferred. Learn + more from man(5) machine-id: http://man7.org/linux/man-pages/man5/machine-id.5.html' + type: string + operatingSystem: + description: The Operating System reported by the node + type: string + osImage: + description: OS Image reported by the node from /etc/os-release + (e.g. Debian GNU/Linux 7 (wheezy)). + type: string + systemUUID: + description: SystemUUID reported by the node. For unique machine + identification MachineID is preferred. This field is specific + to Red Hat hosts https://access.redhat.com/documentation/en-us/red_hat_subscription_management/1/html/rhsm/uuid + type: string + required: + - architecture + - bootID + - containerRuntimeVersion + - kernelVersion + - kubeProxyVersion + - kubeletVersion + - machineID + - operatingSystem + - osImage + - systemUUID + type: object + nodeRef: + description: NodeRef will point to the corresponding Node if it exists. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic observedGeneration: description: ObservedGeneration is the latest generation observed by the controller. format: int64 type: integer phase: - description: Phase represents the current phase of cluster actuation. + description: Phase represents the current phase of machine actuation. E.g. Pending, Running, Terminating, Failed etc. type: string - readyReplicas: - description: The number of ready replicas for this MachinePool. A - machine is considered ready when the node has been created and is - "Ready". - format: int32 - type: integer - replicas: - description: Replicas is the most recently observed number of replicas. - format: int32 - type: integer - unavailableReplicas: - description: Total number of unavailable machine instances targeted - by this machine pool. This is the total number of machine instances - that are still required for the machine pool to have 100% available - capacity. They may either be machine instances that are running - but not yet available or machine instances that still have not been - created. - format: int32 - type: integer + version: + description: Version specifies the current version of Kubernetes running + on the corresponding Node. This is meant to be a means of bubbling + up status from the Node to the Machine. It is entirely optional, + but useful for end-user UX if it’s present. + type: string type: object type: object - served: true - storage: true + served: false + storage: false subresources: - scale: - specReplicasPath: .spec.replicas - statusReplicasPath: .status.replicas status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - cert-manager.io/inject-ca-from: capi-system/capi-serving-cert - controller-gen.kubebuilder.io/version: v0.13.0 - creationTimestamp: null - labels: - cluster.x-k8s.io/provider: cluster-api - clusterctl.cluster.x-k8s.io: "" - name: machines.cluster.x-k8s.io -spec: - conversion: - strategy: Webhook - webhook: - clientConfig: - caBundle: Cg== - service: - name: capi-webhook-service - namespace: capi-system - path: /convert - conversionReviewVersions: - - v1 - - v1beta1 - group: cluster.x-k8s.io - names: - categories: - - cluster-api - kind: Machine - listKind: MachineList - plural: machines - shortNames: - - ma - singular: machine - scope: Namespaced - versions: - additionalPrinterColumns: - description: Cluster jsonPath: .spec.clusterName name: Cluster type: string - - description: Time duration since creation of Machine - jsonPath: .metadata.creationTimestamp - name: Age - type: date + - description: Node name associated with this machine + jsonPath: .status.nodeRef.name + name: NodeName + type: string - description: Provider ID jsonPath: .spec.providerID name: ProviderID @@ -7221,21 +9754,18 @@ spec: jsonPath: .status.phase name: Phase type: string + - description: Time duration since creation of Machine + jsonPath: .metadata.creationTimestamp + name: Age + type: date - description: Kubernetes version associated with this Machine jsonPath: .spec.version name: Version type: string - - description: Node name associated with this machine - jsonPath: .status.nodeRef.name - name: NodeName - priority: 1 - type: string - deprecated: true - name: v1alpha4 + name: v1beta1 schema: openAPIV3Schema: - description: "Machine is the Schema for the machines API. \n Deprecated: This - type will be removed in one of the next releases." + description: Machine is the Schema for the machines API. properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -7350,12 +9880,24 @@ spec: type: string type: object x-kubernetes-map-type: atomic + nodeDeletionTimeout: + description: NodeDeletionTimeout defines how long the controller will + attempt to delete the Node that the Machine hosts after the Machine + is marked for deletion. A duration of 0 will retry deletion indefinitely. + Defaults to 10 seconds. + type: string nodeDrainTimeout: description: 'NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. The default value is 0, meaning that the node can be drained without any time limitations. NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`' type: string + nodeVolumeDetachTimeout: + description: NodeVolumeDetachTimeout is the total amount of time that + the controller will spend on waiting for all volumes to be detached. + The default value is 0, meaning that the volumes can be detached + without any time limitations. + type: string providerID: description: ProviderID is the identification ID of the machine provided by the provider. This field must match the provider ID as seen on @@ -7395,8 +9937,8 @@ spec: description: The machine address. type: string type: - description: Machine address type, one of Hostname, ExternalIP - or InternalIP. + description: Machine address type, one of Hostname, ExternalIP, + InternalIP, ExternalDNS or InternalDNS. type: string required: - address @@ -7406,6 +9948,11 @@ spec: bootstrapReady: description: BootstrapReady is the state of the bootstrap provider. type: boolean + certificatesExpiryDate: + description: CertificatesExpiryDate is the expiry date of the machine + certificates. This value is only set for control plane machines. + format: date-time + type: string conditions: description: Conditions defines current service state of the Machine. items: @@ -7446,6 +9993,7 @@ spec: important. type: string required: + - lastTransitionTime - status - type type: object @@ -7588,47 +10136,74 @@ spec: description: Phase represents the current phase of machine actuation. E.g. Pending, Running, Terminating, Failed etc. type: string - version: - description: Version specifies the current version of Kubernetes running - on the corresponding Node. This is meant to be a means of bubbling - up status from the Node to the Machine. It is entirely optional, - but useful for end-user UX if it’s present. - type: string type: object type: object - served: false - storage: false + served: true + storage: true subresources: status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: capi-system/capi-serving-cert + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: cluster-api + clusterctl.cluster.x-k8s.io: "" + name: machinesets.cluster.x-k8s.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + caBundle: Cg== + service: + name: capi-webhook-service + namespace: capi-system + path: /convert + conversionReviewVersions: + - v1 + - v1beta1 + group: cluster.x-k8s.io + names: + categories: + - cluster-api + kind: MachineSet + listKind: MachineSetList + plural: machinesets + shortNames: + - ms + singular: machineset + scope: Namespaced + versions: - additionalPrinterColumns: - - description: Cluster - jsonPath: .spec.clusterName - name: Cluster - type: string - - description: Node name associated with this machine - jsonPath: .status.nodeRef.name - name: NodeName - type: string - - description: Provider ID - jsonPath: .spec.providerID - name: ProviderID - type: string - - description: Machine status such as Terminating/Pending/Running/Failed etc - jsonPath: .status.phase - name: Phase - type: string - - description: Time duration since creation of Machine - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - description: Kubernetes version associated with this Machine - jsonPath: .spec.version - name: Version - type: string - name: v1beta1 + - description: Total number of non-terminated machines targeted by this machineset + jsonPath: .status.replicas + name: Replicas + type: integer + - description: Total number of available machines (ready for at least minReadySeconds) + jsonPath: .status.availableReplicas + name: Available + type: integer + - description: Total number of ready machines targeted by this machineset. + jsonPath: .status.readyReplicas + name: Ready + type: integer + deprecated: true + name: v1alpha3 schema: openAPIV3Schema: - description: Machine is the Schema for the machines API. + description: "MachineSet is the Schema for the machinesets API. \n Deprecated: + This type will be removed in one of the next releases." properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -7643,411 +10218,412 @@ spec: metadata: type: object spec: - description: MachineSpec defines the desired state of Machine. + description: MachineSetSpec defines the desired state of MachineSet. properties: - bootstrap: - description: Bootstrap is a reference to a local struct which encapsulates - fields to configure the Machine’s bootstrapping mechanism. + clusterName: + description: ClusterName is the name of the Cluster this object belongs + to. + minLength: 1 + type: string + deletePolicy: + description: DeletePolicy defines the policy used to identify nodes + to delete when downscaling. Defaults to "Random". Valid values + are "Random, "Newest", "Oldest" + enum: + - Random + - Newest + - Oldest + type: string + minReadySeconds: + description: MinReadySeconds is the minimum number of seconds for + which a newly created machine should be ready. Defaults to 0 (machine + will be considered available as soon as it is ready) + format: int32 + type: integer + replicas: + description: Replicas is the number of desired replicas. This is a + pointer to distinguish between explicit zero and unspecified. Defaults + to 1. + format: int32 + type: integer + selector: + description: 'Selector is a label query over machines that should + match the replica count. Label keys and values that must match in + order to be controlled by this MachineSet. It must match the machine + template''s labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors' properties: - configRef: - description: ConfigRef is a reference to a bootstrap provider-specific - resource that holds configuration details. The reference is - optional to allow users/operators to specify Bootstrap.DataSecretName - without the need of a controller. + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + template: + description: Template is the object that describes the machine that + will be created if insufficient replicas are detected. Object references + to custom resources are treated as templates. + properties: + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part - of an object. TODO: this design is not final and this field - is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not queryable + and should be preserved when modifying objects. More info: + http://kubernetes.io/docs/user-guide/annotations' + type: object + generateName: + description: "GenerateName is an optional prefix, used by + the server, to generate a unique name ONLY IF the Name field + has not been provided. If this field is used, the name returned + to the client will be different than the name passed. This + value will also be combined with a unique suffix. The provided + value has the same validation rules as the Name field, and + may be truncated by the length of the suffix required to + make the value unique on the server. \n If this field is + specified and the generated name exists, the server will + NOT return a 409 - instead, it will either return 201 Created + or 500 with Reason ServerTimeout indicating a unique name + could not be found in the time allotted, and the client + should retry (optionally after the time indicated in the + Retry-After header). \n Applied only if Name is not specified. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency + \n Deprecated: This field has no function and is going to + be removed in a next release." type: string + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used + to organize and categorize (scope and select) objects. May + match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: "Name must be unique within a namespace. Is required + when creating resources, although some resources may allow + a client to request the generation of an appropriate name + automatically. Name is primarily intended for creation idempotence + and configuration definition. Cannot be updated. More info: + http://kubernetes.io/docs/user-guide/identifiers#names \n + Deprecated: This field has no function and is going to be + removed in a next release." type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: "Namespace defines the space within each name + must be unique. An empty namespace is equivalent to the + \"default\" namespace, but \"default\" is the canonical + representation. Not all objects are required to be scoped + to a namespace - the value of this field for those objects + will be empty. \n Must be a DNS_LABEL. Cannot be updated. + More info: http://kubernetes.io/docs/user-guide/namespaces + \n Deprecated: This field has no function and is going to + be removed in a next release." + type: string + ownerReferences: + description: "List of objects depended by this object. If + ALL objects in the list have been deleted, this object will + be garbage collected. If this object is managed by a controller, + then an entry in this list will point to this controller, + with the controller field set to true. There cannot be more + than one managing controller. \n Deprecated: This field + has no function and is going to be removed in a next release." + items: + description: OwnerReference contains enough information + to let you identify an owning object. An owning object + must be in the same namespace as the dependent, or be + cluster-scoped, so there is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" + finalizer, then the owner cannot be deleted from the + key-value store until this reference is removed. See + https://kubernetes.io/docs/concepts/architecture/garbage-collection/#foreground-deletion + for how the garbage collector interacts with this + field and enforces the foreground deletion. Defaults + to false. To set this field, a user needs "delete" + permission of the owner, otherwise 422 (Unprocessable + Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing + controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: object + x-kubernetes-map-type: atomic + type: array + type: object + spec: + description: 'Specification of the desired behavior of the machine. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + bootstrap: + description: Bootstrap is a reference to a local struct which + encapsulates fields to configure the Machine’s bootstrapping + mechanism. + properties: + configRef: + description: ConfigRef is a reference to a bootstrap provider-specific + resource that holds configuration details. The reference + is optional to allow users/operators to specify Bootstrap.Data + without the need of a controller. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only + to have some well-defined way of referencing a part + of an object. TODO: this design is not final and + this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + data: + description: "Data contains the bootstrap data, such as + cloud-init details scripts. If nil, the Machine should + remain in the Pending state. \n Deprecated: Switch to + DataSecretName." + type: string + dataSecretName: + description: DataSecretName is the name of the secret + that stores the bootstrap data script. If nil, the Machine + should remain in the Pending state. + type: string + type: object + clusterName: + description: ClusterName is the name of the Cluster this object + belongs to. + minLength: 1 type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + failureDomain: + description: FailureDomain is the failure domain the machine + will be created in. Must match a key in the FailureDomains + map stored on the cluster object. type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + infrastructureRef: + description: InfrastructureRef is a required reference to + a custom resource offered by an infrastructure provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that + triggered the event) or if no container name is specified + "spec.containers[2]" (container with index 2 in this + pod). This syntax is chosen only to have some well-defined + way of referencing a part of an object. TODO: this design + is not final and this field is subject to change in + the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time + that the controller will spend on draining a node. The default + value is 0, meaning that the node can be drained without + any time limitations. NOTE: NodeDrainTimeout is different + from `kubectl drain --timeout`' type: string - type: object - x-kubernetes-map-type: atomic - dataSecretName: - description: DataSecretName is the name of the secret that stores - the bootstrap data script. If nil, the Machine should remain - in the Pending state. - type: string - type: object - clusterName: - description: ClusterName is the name of the Cluster this object belongs - to. - minLength: 1 - type: string - failureDomain: - description: FailureDomain is the failure domain the machine will - be created in. Must match a key in the FailureDomains map stored - on the cluster object. - type: string - infrastructureRef: - description: InfrastructureRef is a required reference to a custom - resource offered by an infrastructure provider. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - nodeDeletionTimeout: - description: NodeDeletionTimeout defines how long the controller will - attempt to delete the Node that the Machine hosts after the Machine - is marked for deletion. A duration of 0 will retry deletion indefinitely. - Defaults to 10 seconds. - type: string - nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of time that the - controller will spend on draining a node. The default value is 0, - meaning that the node can be drained without any time limitations. - NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`' - type: string - nodeVolumeDetachTimeout: - description: NodeVolumeDetachTimeout is the total amount of time that - the controller will spend on waiting for all volumes to be detached. - The default value is 0, meaning that the volumes can be detached - without any time limitations. - type: string - providerID: - description: ProviderID is the identification ID of the machine provided - by the provider. This field must match the provider ID as seen on - the node object corresponding to this machine. This field is required - by higher level consumers of cluster-api. Example use case is cluster - autoscaler with cluster-api as provider. Clean-up logic in the autoscaler - compares machines to nodes to find out machines at provider which - could not get registered as Kubernetes nodes. With cluster-api as - a generic out-of-tree provider for autoscaler, this field is required - by autoscaler to be able to have a provider view of the list of - machines. Another list of nodes is queried from the k8s apiserver - and then a comparison is done to find out unregistered machines - and are marked for delete. This field will be set by the actuators - and consumed by higher level entities like autoscaler that will - be interfacing with cluster-api as generic provider. - type: string - version: - description: Version defines the desired Kubernetes version. This - field is meant to be optionally used by bootstrap providers. - type: string - required: - - bootstrap - - clusterName - - infrastructureRef - type: object - status: - description: MachineStatus defines the observed state of Machine. - properties: - addresses: - description: Addresses is a list of addresses assigned to the machine. - This field is copied from the infrastructure provider reference. - items: - description: MachineAddress contains information for the node's - address. - properties: - address: - description: The machine address. - type: string - type: - description: Machine address type, one of Hostname, ExternalIP, - InternalIP, ExternalDNS or InternalDNS. - type: string - required: - - address - - type - type: object - type: array - bootstrapReady: - description: BootstrapReady is the state of the bootstrap provider. - type: boolean - certificatesExpiryDate: - description: CertificatesExpiryDate is the expiry date of the machine - certificates. This value is only set for control plane machines. - format: date-time - type: string - conditions: - description: Conditions defines current service state of the Machine. - items: - description: Condition defines an observation of a Cluster API resource - operational state. - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. - type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. - type: string - required: - - lastTransitionTime - - status - - type - type: object - type: array + providerID: + description: ProviderID is the identification ID of the machine + provided by the provider. This field must match the provider + ID as seen on the node object corresponding to this machine. + This field is required by higher level consumers of cluster-api. + Example use case is cluster autoscaler with cluster-api + as provider. Clean-up logic in the autoscaler compares machines + to nodes to find out machines at provider which could not + get registered as Kubernetes nodes. With cluster-api as + a generic out-of-tree provider for autoscaler, this field + is required by autoscaler to be able to have a provider + view of the list of machines. Another list of nodes is queried + from the k8s apiserver and then a comparison is done to + find out unregistered machines and are marked for delete. + This field will be set by the actuators and consumed by + higher level entities like autoscaler that will be interfacing + with cluster-api as generic provider. + type: string + version: + description: Version defines the desired Kubernetes version. + This field is meant to be optionally used by bootstrap providers. + type: string + required: + - bootstrap + - clusterName + - infrastructureRef + type: object + type: object + required: + - clusterName + - selector + type: object + status: + description: MachineSetStatus defines the observed state of MachineSet. + properties: + availableReplicas: + description: The number of available replicas (ready for at least + minReadySeconds) for this MachineSet. + format: int32 + type: integer failureMessage: - description: "FailureMessage will be set in the event that there is - a terminal problem reconciling the Machine and will contain a more - verbose string suitable for logging and human consumption. \n This - field should not be set for transitive errors that a controller - faces that are expected to be fixed automatically over time (like - service outages), but instead indicate that something is fundamentally - wrong with the Machine's spec or the configuration of the controller, - and that manual intervention is required. Examples of terminal errors - would be invalid combinations of settings in the spec, values that - are unsupported by the controller, or the responsible controller - itself being critically misconfigured. \n Any transient errors that - occur during the reconciliation of Machines can be added as events - to the Machine object and/or logged in the controller's output." type: string failureReason: - description: "FailureReason will be set in the event that there is - a terminal problem reconciling the Machine and will contain a succinct - value suitable for machine interpretation. \n This field should - not be set for transitive errors that a controller faces that are - expected to be fixed automatically over time (like service outages), - but instead indicate that something is fundamentally wrong with - the Machine's spec or the configuration of the controller, and that - manual intervention is required. Examples of terminal errors would - be invalid combinations of settings in the spec, values that are - unsupported by the controller, or the responsible controller itself - being critically misconfigured. \n Any transient errors that occur - during the reconciliation of Machines can be added as events to - the Machine object and/or logged in the controller's output." - type: string - infrastructureReady: - description: InfrastructureReady is the state of the infrastructure - provider. - type: boolean - lastUpdated: - description: LastUpdated identifies when the phase of the Machine - last transitioned. - format: date-time + description: "In the event that there is a terminal problem reconciling + the replicas, both FailureReason and FailureMessage will be set. + FailureReason will be populated with a succinct value suitable for + machine interpretation, while FailureMessage will contain a more + verbose string suitable for logging and human consumption. \n These + fields should not be set for transitive errors that a controller + faces that are expected to be fixed automatically over time (like + service outages), but instead indicate that something is fundamentally + wrong with the MachineTemplate's spec or the configuration of the + machine controller, and that manual intervention is required. Examples + of terminal errors would be invalid combinations of settings in + the spec, values that are unsupported by the machine controller, + or the responsible machine controller itself being critically misconfigured. + \n Any transient errors that occur during the reconciliation of + Machines can be added as events to the MachineSet object and/or + logged in the controller's output." type: string - nodeInfo: - description: 'NodeInfo is a set of ids/uuids to uniquely identify - the node. More info: https://kubernetes.io/docs/concepts/nodes/node/#info' - properties: - architecture: - description: The Architecture reported by the node - type: string - bootID: - description: Boot ID reported by the node. - type: string - containerRuntimeVersion: - description: ContainerRuntime Version reported by the node through - runtime remote API (e.g. containerd://1.4.2). - type: string - kernelVersion: - description: Kernel Version reported by the node from 'uname -r' - (e.g. 3.16.0-0.bpo.4-amd64). - type: string - kubeProxyVersion: - description: KubeProxy Version reported by the node. - type: string - kubeletVersion: - description: Kubelet Version reported by the node. - type: string - machineID: - description: 'MachineID reported by the node. For unique machine - identification in the cluster this field is preferred. Learn - more from man(5) machine-id: http://man7.org/linux/man-pages/man5/machine-id.5.html' - type: string - operatingSystem: - description: The Operating System reported by the node - type: string - osImage: - description: OS Image reported by the node from /etc/os-release - (e.g. Debian GNU/Linux 7 (wheezy)). - type: string - systemUUID: - description: SystemUUID reported by the node. For unique machine - identification MachineID is preferred. This field is specific - to Red Hat hosts https://access.redhat.com/documentation/en-us/red_hat_subscription_management/1/html/rhsm/uuid - type: string - required: - - architecture - - bootID - - containerRuntimeVersion - - kernelVersion - - kubeProxyVersion - - kubeletVersion - - machineID - - operatingSystem - - osImage - - systemUUID - type: object - nodeRef: - description: NodeRef will point to the corresponding Node if it exists. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic + fullyLabeledReplicas: + description: The number of replicas that have labels matching the + labels of the machine template of the MachineSet. + format: int32 + type: integer observedGeneration: - description: ObservedGeneration is the latest generation observed - by the controller. + description: ObservedGeneration reflects the generation of the most + recently observed MachineSet. format: int64 type: integer - phase: - description: Phase represents the current phase of machine actuation. - E.g. Pending, Running, Terminating, Failed etc. + readyReplicas: + description: The number of ready replicas for this MachineSet. A machine + is considered ready when the node has been created and is "Ready". + format: int32 + type: integer + replicas: + description: Replicas is the most recently observed number of replicas. + format: int32 + type: integer + selector: + description: 'Selector is the same as the label selector but in the + string format to avoid introspection by clients. The string will + be in the same format as the query-param syntax. More info about + label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors' type: string type: object type: object - served: true - storage: true + served: false + storage: false subresources: + scale: + labelSelectorPath: .status.selector + specReplicasPath: .spec.replicas + statusReplicasPath: .status.replicas status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - cert-manager.io/inject-ca-from: capi-system/capi-serving-cert - controller-gen.kubebuilder.io/version: v0.13.0 - creationTimestamp: null - labels: - cluster.x-k8s.io/provider: cluster-api - clusterctl.cluster.x-k8s.io: "" - name: machinesets.cluster.x-k8s.io -spec: - conversion: - strategy: Webhook - webhook: - clientConfig: - caBundle: Cg== - service: - name: capi-webhook-service - namespace: capi-system - path: /convert - conversionReviewVersions: - - v1 - - v1beta1 - group: cluster.x-k8s.io - names: - categories: - - cluster-api - kind: MachineSet - listKind: MachineSetList - plural: machinesets - shortNames: - - ms - singular: machineset - scope: Namespaced - versions: - additionalPrinterColumns: - description: Cluster jsonPath: .spec.clusterName @@ -9364,7 +11940,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.uid - image: registry.k8s.io/cluster-api/cluster-api-controller:v1.6.0 + image: registry.k8s.io/cluster-api/cluster-api-controller:v1.6.2 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -9896,7 +12472,7 @@ webhooks: service: name: capi-webhook-service namespace: capi-system - path: /validate-ipam-cluster-x-k8s-io-v1alpha1-ipaddress + path: /validate-ipam-cluster-x-k8s-io-v1beta1-ipaddress failurePolicy: Fail matchPolicy: Equivalent name: validation.ipaddress.ipam.cluster.x-k8s.io @@ -9904,7 +12480,7 @@ webhooks: - apiGroups: - ipam.cluster.x-k8s.io apiVersions: - - v1alpha1 + - v1beta1 operations: - CREATE - UPDATE @@ -9919,7 +12495,7 @@ webhooks: service: name: capi-webhook-service namespace: capi-system - path: /validate-ipam-cluster-x-k8s-io-v1alpha1-ipaddressclaim + path: /validate-ipam-cluster-x-k8s-io-v1beta1-ipaddressclaim failurePolicy: Fail matchPolicy: Equivalent name: validation.ipaddressclaim.ipam.cluster.x-k8s.io @@ -9927,7 +12503,7 @@ webhooks: - apiGroups: - ipam.cluster.x-k8s.io apiVersions: - - v1alpha1 + - v1beta1 operations: - CREATE - UPDATE From f8c91ad3a4316a983da2f1c193c55f056f838343 Mon Sep 17 00:00:00 2001 From: Victor Morales Date: Mon, 8 Apr 2024 17:16:16 -0700 Subject: [PATCH 4/6] Enable YAML formatter tool Signed-off-by: Victor Morales --- .gitignore | 1 + .yamlfmt | 11 + Makefile | 18 + .../gcp/cc-rootsync/apply-replacements.yaml | 54 +- .../cert-manager/cert-manager.yaml | 56 +- .../app/controller/clusterrole-approval.yaml | 56 +- .../app/controller/clusterrole-bootstrap.yaml | 82 +- .../app/controller/clusterrole-network.yaml | 312 +- .../app/controller/clusterrole-porch.yaml | 118 +- .../controller/clusterrole-repository.yaml | 64 +- .../app/controller/clusterrole-token.yaml | 88 +- .../clusterrolebinding-approval.yaml | 6 +- .../clusterrolebinding-bootstrap.yaml | 6 +- .../clusterrolebinding-controller.yaml | 6 +- .../clusterrolebinding-network.yaml | 6 +- .../controller/clusterrolebinding-porch.yaml | 6 +- .../clusterrolebinding-repository.yaml | 6 +- .../controller/clusterrolebinding-token.yaml | 6 +- .../app/controller/deployment-controller.yaml | 154 +- .../deployment-token-controller.yaml | 150 +- .../app/controller/role-leader-election.yaml | 62 +- .../rolebinding-leader-election.yaml | 6 +- .../crd/bases/config.nephio.org_networks.yaml | 180 +- .../infra.nephio.org_clustercontexts.yaml | 78 +- .../infra.nephio.org_networkconfigs.yaml | 202 +- .../crd/bases/infra.nephio.org_networks.yaml | 474 +- .../bases/infra.nephio.org_repositories.yaml | 224 +- .../crd/bases/infra.nephio.org_tokens.yaml | 160 +- .../infra.nephio.org_workloadclusters.yaml | 70 +- .../crd/bases/req.nephio.org_capacities.yaml | 86 +- .../req.nephio.org_datanetworknames.yaml | 94 +- .../bases/req.nephio.org_datanetworks.yaml | 256 +- .../crd/bases/req.nephio.org_interfaces.yaml | 290 +- .../workload.nephio.org_amfdeployments.yaml | 536 +- .../workload.nephio.org_smfdeployments.yaml | 536 +- .../workload.nephio.org_upfdeployments.yaml | 536 +- .../nephio-webui/apply-replacements.yaml | 20 +- .../nephio-webui/cluster-role-binding.yaml | 6 +- .../nephio-mgmt/nephio-webui/deployment.yaml | 68 +- .../nephio-webui/gen-configmap.yaml | 110 +- .../gcp/nephio-mgmt/nephio-webui/ingress.yaml | 26 +- .../app/controller/clusterrole-network.yaml | 48 +- .../app/controller/clusterrole-target.yaml | 64 +- .../clusterrolebinding-controller.yaml | 6 +- .../clusterrolebinding-network.yaml | 6 +- .../controller/clusterrolebinding-target.yaml | 6 +- .../app/controller/deployment-controller.yaml | 146 +- .../app/controller/role-leader-election.yaml | 62 +- .../rolebinding-leader-election.yaml | 6 +- .../porch/0-fleetmembershipbindings.yaml | 105 +- .../nephio-mgmt/porch/0-fleetmemberships.yaml | 85 +- .../gcp/nephio-mgmt/porch/0-fleetscopes.yaml | 81 +- .../gcp/nephio-mgmt/porch/0-fleetsyncs.yaml | 178 +- .../gcp/nephio-mgmt/porch/0-packagerevs.yaml | 48 +- .../nephio-mgmt/porch/0-packagevariants.yaml | 558 +- .../porch/0-packagevariantsets.yaml | 1286 +- .../gcp/nephio-mgmt/porch/0-repositories.yaml | 446 +- .../gcp/nephio-mgmt/porch/7-auth-reader.yaml | 6 +- .../nephio-mgmt/porch/8-auth-delegator.yaml | 6 +- .../gcp/nephio-mgmt/porch/9-controllers.yaml | 24 +- .../porch/9-porch-controller-clusterrole.yaml | 38 +- ...rch-controller-fleetsyncs-clusterrole.yaml | 119 +- ...troller-fleetsyncs-clusterrolebinding.yaml | 6 +- ...ontroller-packagevariants-clusterrole.yaml | 100 +- ...er-packagevariants-clusterrolebinding.yaml | 6 +- ...roller-packagevariantsets-clusterrole.yaml | 88 +- ...packagevariantsets-clusterrolebinding.yaml | 6 +- .../nephio-mgmt/porch/apply-replacements.yaml | 54 +- distros/gcp/nephio-mgmt/porch/fleetsync.yaml | 2 +- .../controller/clusterrole-controller.yaml | 158 +- .../clusterrolebinding-controller.yaml | 6 +- .../app/controller/deployment-controller.yaml | 170 +- .../app/controller/grpc/service-grpc.yaml | 8 +- .../app/controller/role-leader-election.yaml | 62 +- .../rolebinding-leader-election.yaml | 6 +- .../crd/bases/inv.nephio.org_endpoints.yaml | 234 +- .../crd/bases/inv.nephio.org_links.yaml | 246 +- .../crd/bases/inv.nephio.org_nodes.yaml | 224 +- .../crd/bases/inv.nephio.org_targets.yaml | 250 +- .../ipam.resource.nephio.org_ipclaims.yaml | 392 +- .../ipam.resource.nephio.org_ipprefixes.yaml | 276 +- ....resource.nephio.org_networkinstances.yaml | 266 +- .../bases/topo.nephio.org_rawtopologies.yaml | 416 +- .../vlan.resource.nephio.org_vlanclaims.yaml | 312 +- .../vlan.resource.nephio.org_vlanindices.yaml | 170 +- .../bases/vlan.resource.nephio.org_vlans.yaml | 248 +- .../sandbox/cert-manager/cert-manager.yaml | 152 +- distros/sandbox/gitea/secret-postgresql.yaml | 24 +- distros/sandbox/gitea/service-gitea.yaml | 14 +- .../metallb-sandbox-config/ipaddresspool.yaml | 2 +- distros/sandbox/metallb/metallb-native.yaml | 3062 ++- distros/sandbox/network/vpc-cu-e1.yaml | 38 +- distros/sandbox/network/vpc-cudu-f1.yaml | 38 +- distros/sandbox/network/vpc-internal.yaml | 30 +- distros/sandbox/network/vpc-internet.yaml | 42 +- distros/sandbox/network/vpc-ran.yaml | 50 +- .../cluster-api-infrastructure-docker.yaml | 4349 ++-- .../cluster_class.yaml | 426 +- ...docker_machine_template_control_plane.yaml | 8 +- .../docker_machine_template_worker.yaml | 8 +- .../kubeadm_controlplane_template.yaml | 8 +- .../cluster-capi-kind/apply-replacements.yaml | 18 +- infra/capi/cluster-capi-kind/cluster.yaml | 34 +- .../cluster-capi/cluster-api-bootstrap.yaml | 9912 ++++---- .../cluster-api-control-plane.yaml | 10220 ++++---- infra/capi/cluster-capi/cluster-api-core.yaml | 19620 +++++++--------- infra/capi/kindnet/clusterrole.yaml | 4 +- infra/capi/kindnet/clusterrolebinding.yaml | 6 +- infra/capi/kindnet/daemonset.yaml | 104 +- infra/capi/kindnet/serviceaccount.yaml | 2 +- .../local-path-provisioner/clusterrole.yaml | 24 +- infra/capi/multus/multus-daemonset-thick.yml | 20 +- .../apply-replacements.yaml | 46 +- .../nephio-workload-cluster/pv-cluster.yaml | 10 +- .../pv-configsync.yaml | 6 +- .../capi/nephio-workload-cluster/pv-crds.yaml | 6 +- .../nephio-workload-cluster/pv-kindnet.yaml | 6 +- .../pv-local-path-provisioner.yaml | 6 +- .../nephio-workload-cluster/pv-metallb.yaml | 6 +- .../nephio-workload-cluster/pv-multus.yaml | 6 +- .../capi/nephio-workload-cluster/pv-repo.yaml | 10 +- .../nephio-workload-cluster/pv-rootsync.yaml | 10 +- .../nephio-workload-cluster/pv-vlanindex.yaml | 10 +- .../workload-cluster.yaml | 6 +- .../apply-replacements.yaml | 54 +- infra/gcp/cc-repo-csr/apply-replacements.yaml | 54 +- .../apply-replacements.yaml | 64 +- infra/gcp/nephio-blueprint-repo/pv-repo.yaml | 4 +- .../apply-replacements.yaml | 104 +- .../pv-cluster.yaml | 10 +- .../config-management-operator.yaml | 510 +- nephio/core/configsync/rootsync-crd.yaml | 2334 +- .../app/controller/clusterrole-approval.yaml | 56 +- .../app/controller/clusterrole-bootstrap.yaml | 82 +- .../app/controller/clusterrole-network.yaml | 312 +- .../app/controller/clusterrole-porch.yaml | 118 +- .../controller/clusterrole-repository.yaml | 64 +- .../app/controller/clusterrole-token.yaml | 88 +- .../clusterrolebinding-approval.yaml | 6 +- .../clusterrolebinding-bootstrap.yaml | 6 +- .../clusterrolebinding-controller.yaml | 6 +- .../clusterrolebinding-network.yaml | 6 +- .../controller/clusterrolebinding-porch.yaml | 6 +- .../clusterrolebinding-repository.yaml | 6 +- .../controller/clusterrolebinding-token.yaml | 6 +- .../app/controller/deployment-controller.yaml | 174 +- .../deployment-token-controller.yaml | 150 +- .../app/controller/role-leader-election.yaml | 62 +- .../rolebinding-leader-election.yaml | 6 +- .../crd/bases/config.nephio.org_networks.yaml | 207 +- .../infra.nephio.org_clustercontexts.yaml | 84 +- .../infra.nephio.org_networkconfigs.yaml | 225 +- .../crd/bases/infra.nephio.org_networks.yaml | 548 +- .../bases/infra.nephio.org_repositories.yaml | 250 +- .../crd/bases/infra.nephio.org_tokens.yaml | 185 +- .../infra.nephio.org_workloadclusters.yaml | 76 +- .../crd/bases/req.nephio.org_capacities.yaml | 96 +- .../req.nephio.org_datanetworknames.yaml | 104 +- .../bases/req.nephio.org_datanetworks.yaml | 300 +- .../crd/bases/req.nephio.org_interfaces.yaml | 365 +- .../workload.nephio.org_amfdeployments.yaml | 639 +- .../workload.nephio.org_smfdeployments.yaml | 639 +- .../workload.nephio.org_upfdeployments.yaml | 639 +- nephio/core/porch/0-packagerevs.yaml | 48 +- nephio/core/porch/0-packagevariants.yaml | 558 +- nephio/core/porch/0-packagevariantsets.yaml | 1286 +- nephio/core/porch/0-repositories.yaml | 446 +- nephio/core/porch/7-auth-reader.yaml | 6 +- nephio/core/porch/8-auth-delegator.yaml | 6 +- .../porch/9-porch-controller-clusterrole.yaml | 38 +- ...ontroller-packagevariants-clusterrole.yaml | 100 +- ...er-packagevariants-clusterrolebinding.yaml | 6 +- ...roller-packagevariantsets-clusterrole.yaml | 88 +- ...packagevariantsets-clusterrolebinding.yaml | 6 +- .../core/workload-crds/package-context.yaml | 2 +- .../workload-crds/ref.nephio.org_configs.yaml | 53 +- .../workload.nephio.org_nfconfigs.yaml | 61 +- .../workload.nephio.org_nfdeployments.yaml | 587 +- .../flux-helm-controllers/clusterrole.yaml | 132 +- .../clusterrolebinding.yaml | 6 +- .../flux-helm-controllers/deployment.yaml | 204 +- .../flux-helm-controllers/flux-crds.yaml | 6507 +++-- .../flux-helm-controllers/service.yaml | 8 +- .../app/controller/clusterrole-network.yaml | 48 +- .../app/controller/clusterrole-target.yaml | 64 +- .../clusterrolebinding-controller.yaml | 6 +- .../clusterrolebinding-network.yaml | 6 +- .../controller/clusterrolebinding-target.yaml | 6 +- .../app/controller/deployment-controller.yaml | 146 +- .../app/controller/role-leader-election.yaml | 62 +- .../rolebinding-leader-election.yaml | 6 +- .../controller/clusterrole-controller.yaml | 158 +- .../clusterrolebinding-controller.yaml | 6 +- .../app/controller/deployment-controller.yaml | 170 +- .../app/controller/grpc/service-grpc.yaml | 8 +- .../app/controller/role-leader-election.yaml | 62 +- .../rolebinding-leader-election.yaml | 6 +- .../crd/bases/inv.nephio.org_endpoints.yaml | 234 +- .../crd/bases/inv.nephio.org_links.yaml | 246 +- .../crd/bases/inv.nephio.org_nodes.yaml | 224 +- .../crd/bases/inv.nephio.org_targets.yaml | 250 +- .../ipam.resource.nephio.org_ipclaims.yaml | 392 +- .../ipam.resource.nephio.org_ipprefixes.yaml | 276 +- ....resource.nephio.org_networkinstances.yaml | 266 +- .../bases/topo.nephio.org_rawtopologies.yaml | 416 +- .../vlan.resource.nephio.org_vlanclaims.yaml | 312 +- .../vlan.resource.nephio.org_vlanindices.yaml | 170 +- .../bases/vlan.resource.nephio.org_vlans.yaml | 248 +- nephio/optional/rootsync/rootsync.yaml | 2 +- .../optional/webui/cluster-role-binding.yaml | 6 +- nephio/optional/webui/deployment.yaml | 48 +- nephio/optional/webui/gen-configmap.yaml | 106 +- update_packages.sh | 2 + .../free5gc-cp/ausf/ausf-configmap.yaml | 5 +- .../free5gc-cp/ausf/ausf-deployment.yaml | 56 +- .../free5gc/free5gc-cp/ausf/ausf-service.yaml | 1 - .../free5gc/free5gc-cp/mongodb/dep-sts.yaml | 7 +- .../free5gc-cp/mongodb/serviceaccount.yaml | 1 - workloads/free5gc/free5gc-cp/mongodb/svc.yaml | 1 - .../free5gc/free5gc-cp/nrf/nrf-configmap.yaml | 3 +- .../free5gc-cp/nrf/nrf-deployment.yaml | 94 +- .../free5gc/free5gc-cp/nrf/nrf-service.yaml | 1 - .../free5gc-cp/nssf/nssf-configmap.yaml | 336 +- .../free5gc-cp/nssf/nssf-deployment.yaml | 54 +- .../free5gc/free5gc-cp/nssf/nssf-service.yaml | 1 - .../free5gc/free5gc-cp/pcf/pcf-configmap.yaml | 5 +- .../free5gc-cp/pcf/pcf-deployment.yaml | 51 +- .../free5gc/free5gc-cp/pcf/pcf-service.yaml | 1 - .../free5gc/free5gc-cp/udm/udm-configmap.yaml | 5 +- .../free5gc-cp/udm/udm-deployment.yaml | 51 +- .../free5gc/free5gc-cp/udm/udm-service.yaml | 1 - .../free5gc/free5gc-cp/udr/udr-configmap.yaml | 36 +- .../free5gc-cp/udr/udr-deployment.yaml | 55 +- .../free5gc/free5gc-cp/udr/udr-service.yaml | 1 - .../free5gc-cp/webui/webui-configmap.yaml | 3 +- .../free5gc-cp/webui/webui-deployment.yaml | 87 +- .../free5gc-cp/webui/webui-service.yaml | 1 - .../operator/clusterrole.yaml | 208 +- .../operator/clusterrolebinding.yaml | 6 +- .../free5gc-operator/operator/deployment.yaml | 110 +- .../operator/role-leader-election.yaml | 62 +- .../operator/rolebinding-leader-election.yaml | 4 +- .../pkg-example-amf-bp/amfdeployment.yaml | 2 +- .../apply-replacements-namespace.yaml | 42 +- .../apply-replacements-owner.yaml | 80 +- .../pkg-example-amf-bp/dependency.yaml | 8 +- .../network_vpc-internal.yaml | 30 +- .../network_vpc-internet.yaml | 42 +- .../pkg-example-amf-bp/network_vpc-ran.yaml | 50 +- .../pkg-example-amf-bp/workload-cluster.yaml | 2 +- .../apply-replacements-namespace.yaml | 42 +- .../apply-replacements-owner.yaml | 80 +- .../pkg-example-smf-bp/dependency.yaml | 8 +- .../network_vpc-internal.yaml | 30 +- .../network_vpc-internet.yaml | 42 +- .../pkg-example-smf-bp/network_vpc-ran.yaml | 50 +- .../pkg-example-smf-bp/workload-cluster.yaml | 2 +- .../apply-replacements-namespace.yaml | 34 +- .../apply-replacements-owner.yaml | 66 +- .../network_vpc-internal.yaml | 30 +- .../network_vpc-internet.yaml | 42 +- .../pkg-example-upf-bp/network_vpc-ran.yaml | 50 +- .../pkg-example-upf-bp/upfdeployment.yaml | 2 +- .../pkg-example-upf-bp/workload-cluster.yaml | 2 +- .../operator/clusterrole.yaml | 208 +- .../oai-ran-operator/operator/deployment.yaml | 28 +- workloads/oai/package-variants/oai-cucp.yaml | 2 +- workloads/oai/package-variants/oai-cuup.yaml | 2 +- workloads/oai/package-variants/oai-du.yaml | 2 +- .../package-variants/oai-ran-operator.yaml | 12 +- workloads/oai/package-variants/oai-ue.yaml | 2 +- .../apply-replacements-namespace.yaml | 56 +- .../apply-replacements-owner.yaml | 52 +- .../pkg-example-cucp-bp/config_ran_nf.yaml | 70 +- .../pkg-example-cucp-bp/cucpdeployment.yaml | 8 +- .../pkg-example-cucp-bp/dependency_amf.yaml | 4 +- .../oai/pkg-example-cucp-bp/interface-e1.yaml | 2 +- .../pkg-example-cucp-bp/interface-f1c.yaml | 2 +- .../oai/pkg-example-cucp-bp/interface-n2.yaml | 2 +- .../network_vpc-cu-e1.yaml | 38 +- .../network_vpc-cudu-f1.yaml | 38 +- .../network_vpc-internal.yaml | 30 +- .../network_vpc-internet.yaml | 42 +- .../pkg-example-cucp-bp/network_vpc-ran.yaml | 50 +- .../pkg-example-cucp-bp/workload-cluster.yaml | 2 +- .../apply-replacements-namespace.yaml | 56 +- .../apply-replacements-owner.yaml | 52 +- .../pkg-example-cuup-bp/config_ran_nf.yaml | 70 +- .../pkg-example-cuup-bp/cuupdeployment.yaml | 4 +- .../pkg-example-cuup-bp/dependency_cucp.yaml | 4 +- .../oai/pkg-example-cuup-bp/interface-e1.yaml | 2 +- .../pkg-example-cuup-bp/interface-f1u.yaml | 2 +- .../oai/pkg-example-cuup-bp/interface-n3.yaml | 2 +- .../network_vpc-cu-e1.yaml | 38 +- .../network_vpc-cudu-f1.yaml | 38 +- .../network_vpc-internal.yaml | 30 +- .../network_vpc-internet.yaml | 42 +- .../pkg-example-cuup-bp/network_vpc-ran.yaml | 50 +- .../pkg-example-cuup-bp/workload-cluster.yaml | 2 +- .../apply-replacements-namespace.yaml | 56 +- .../apply-replacements-owner.yaml | 52 +- .../oai/pkg-example-du-bp/config_ran_nf.yaml | 70 +- .../pkg-example-du-bp/dependency_cucp.yaml | 4 +- .../oai/pkg-example-du-bp/dudeployment.yaml | 4 +- .../oai/pkg-example-du-bp/interface-f1.yaml | 2 +- .../pkg-example-du-bp/network_vpc-cu-e1.yaml | 38 +- .../network_vpc-cudu-f1.yaml | 38 +- .../network_vpc-internal.yaml | 30 +- .../network_vpc-internet.yaml | 42 +- .../pkg-example-du-bp/network_vpc-ran.yaml | 50 +- .../pkg-example-du-bp/workload-cluster.yaml | 2 +- .../oai/pkg-example-ue-bp/oai-ue/sa.yaml | 2 +- .../oai-ue/uedeployment.yaml | 104 +- .../apply-replacements-namespace.yaml | 26 +- .../ueransim/apply-replacements-owner.yaml | 54 +- .../tools/ueransim/gnb/gnb-deployment.yaml | 44 +- .../tools/ueransim/network_vpc-internal.yaml | 30 +- .../tools/ueransim/network_vpc-internet.yaml | 42 +- workloads/tools/ueransim/network_vpc-ran.yaml | 50 +- workloads/tools/ueransim/ue/ue-configmap.yaml | 2 +- .../tools/ueransim/ue/ue-deployment.yaml | 40 +- .../tools/ueransim/workload-cluster.yaml | 2 +- 322 files changed, 38222 insertions(+), 48933 deletions(-) create mode 100644 .yamlfmt create mode 100644 Makefile diff --git a/.gitignore b/.gitignore index e660fd9..b8f6436 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ bin/ +yamlfmt diff --git a/.yamlfmt b/.yamlfmt new file mode 100644 index 0000000..ca3483e --- /dev/null +++ b/.yamlfmt @@ -0,0 +1,11 @@ +# SPDX-license-identifier: Apache-2.0 +############################################################################## +# Copyright (c) 2024 The Nephio Authors. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## +formatter: + type: basic + retain_line_breaks: true diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..7be8a6b --- /dev/null +++ b/Makefile @@ -0,0 +1,18 @@ +# SPDX-license-identifier: Apache-2.0 +############################################################################## +# Copyright (c) 2024 The Nephio Authors. +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +############################################################################## + +DOCKER_CMD ?= $(shell which docker 2> /dev/null || which podman 2> /dev/null || echo docker) + +.PHONY: fmt +fmt: + sudo -E $(DOCKER_CMD) run --rm -u "$$(id -u):$$(id -g)" \ + -v "$$(pwd):/mnt" \ + -w /mnt mvdan/shfmt -l -w -i 4 -s . + [ -f yamlfmt ] || curl -s "https://i.jpillora.com/google/yamlfmt" | bash + ./yamlfmt -dstar **/*.{yaml,yml} diff --git a/distros/gcp/cc-rootsync/apply-replacements.yaml b/distros/gcp/cc-rootsync/apply-replacements.yaml index dce6444..9c53998 100644 --- a/distros/gcp/cc-rootsync/apply-replacements.yaml +++ b/distros/gcp/cc-rootsync/apply-replacements.yaml @@ -5,33 +5,33 @@ metadata: annotations: config.kubernetes.io/local-config: "true" replacements: -- source: - kind: ConfigMap - name: kptfile.kpt.dev - fieldPath: data.name - targets: - - select: + - source: kind: ConfigMap - name: setters - fieldPaths: - - data.name -- source: - kind: ConfigMap - name: gcp-context - fieldPath: data.project-id - targets: - - select: + name: kptfile.kpt.dev + fieldPath: data.name + targets: + - select: + kind: ConfigMap + name: setters + fieldPaths: + - data.name + - source: kind: ConfigMap - name: setters - fieldPaths: - - data.project-id -- source: - kind: ConfigMap - name: gcp-context - fieldPath: data.location - targets: - - select: + name: gcp-context + fieldPath: data.project-id + targets: + - select: + kind: ConfigMap + name: setters + fieldPaths: + - data.project-id + - source: kind: ConfigMap - name: setters - fieldPaths: - - data.location + name: gcp-context + fieldPath: data.location + targets: + - select: + kind: ConfigMap + name: setters + fieldPaths: + - data.location diff --git a/distros/gcp/nephio-mgmt/cert-manager/cert-manager.yaml b/distros/gcp/nephio-mgmt/cert-manager/cert-manager.yaml index fd82e10..060c01f 100644 --- a/distros/gcp/nephio-mgmt/cert-manager/cert-manager.yaml +++ b/distros/gcp/nephio-mgmt/cert-manager/cert-manager.yaml @@ -4951,9 +4951,9 @@ metadata: # kpt-merge: /cert-manager-webhook:subjectaccessreviews annotations: internal.kpt.dev/upstream-identifier: 'rbac.authorization.k8s.io|ClusterRole|default|cert-manager-webhook:subjectaccessreviews' rules: -- apiGroups: ["authorization.k8s.io"] - resources: ["subjectaccessreviews"] - verbs: ["create"] + - apiGroups: ["authorization.k8s.io"] + resources: ["subjectaccessreviews"] + verbs: ["create"] --- # Source: cert-manager/templates/cainjector-rbac.yaml apiVersion: rbac.authorization.k8s.io/v1 @@ -5171,10 +5171,10 @@ roleRef: kind: ClusterRole name: cert-manager-webhook:subjectaccessreviews subjects: -- apiGroup: "" - kind: ServiceAccount - name: cert-manager-webhook - namespace: cert-manager + - apiGroup: "" + kind: ServiceAccount + name: cert-manager-webhook + namespace: cert-manager --- # Source: cert-manager/templates/cainjector-rbac.yaml # leader election rules @@ -5243,15 +5243,15 @@ metadata: # kpt-merge: cert-manager/cert-manager-webhook:dynamic-serving annotations: internal.kpt.dev/upstream-identifier: 'rbac.authorization.k8s.io|Role|cert-manager|cert-manager-webhook:dynamic-serving' rules: -- apiGroups: [""] - resources: ["secrets"] - resourceNames: - - 'cert-manager-webhook-ca' - verbs: ["get", "list", "watch", "update"] -# It's not possible to grant CREATE permission on a single resourceName. -- apiGroups: [""] - resources: ["secrets"] - verbs: ["create"] + - apiGroups: [""] + resources: ["secrets"] + resourceNames: + - 'cert-manager-webhook-ca' + verbs: ["get", "list", "watch", "update"] + # It's not possible to grant CREATE permission on a single resourceName. + - apiGroups: [""] + resources: ["secrets"] + verbs: ["create"] --- # Source: cert-manager/templates/cainjector-rbac.yaml # grant cert-manager permission to manage the leaderelection configmap in the @@ -5323,10 +5323,10 @@ roleRef: kind: Role name: cert-manager-webhook:dynamic-serving subjects: -- apiGroup: "" - kind: ServiceAccount - name: cert-manager-webhook - namespace: cert-manager + - apiGroup: "" + kind: ServiceAccount + name: cert-manager-webhook + namespace: cert-manager --- # Source: cert-manager/templates/service.yaml apiVersion: v1 @@ -5345,10 +5345,10 @@ metadata: # kpt-merge: cert-manager/cert-manager spec: type: ClusterIP ports: - - protocol: TCP - port: 9402 - name: tcp-prometheus-servicemonitor - targetPort: 9402 + - protocol: TCP + port: 9402 + name: tcp-prometheus-servicemonitor + targetPort: 9402 selector: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager @@ -5371,10 +5371,10 @@ metadata: # kpt-merge: cert-manager/cert-manager-webhook spec: type: ClusterIP ports: - - name: https - port: 443 - protocol: TCP - targetPort: "https" + - name: https + port: 443 + protocol: TCP + targetPort: "https" selector: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager diff --git a/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrole-approval.yaml b/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrole-approval.yaml index bd600dd..59c4e9b 100644 --- a/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrole-approval.yaml +++ b/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrole-approval.yaml @@ -13,31 +13,31 @@ metadata: # kpt-merge: /nephio-controller-approval-role annotations: internal.kpt.dev/upstream-identifier: 'rbac.authorization.k8s.io|ClusterRole|default|nephio-controller-approval-role' rules: -- apiGroups: - - porch.kpt.dev - resources: - - packagerevisions - - packagerevisions/status - - packagerevisions/approval - verbs: - - get - - list - - watch - - patch - - update -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch -- apiGroups: - - config.porch.kpt.dev - resources: - - packagevariants - - packagevariants/status - verbs: - - get - - list - - watch + - apiGroups: + - porch.kpt.dev + resources: + - packagerevisions + - packagerevisions/status + - packagerevisions/approval + verbs: + - get + - list + - watch + - patch + - update + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + - apiGroups: + - config.porch.kpt.dev + resources: + - packagevariants + - packagevariants/status + verbs: + - get + - list + - watch diff --git a/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrole-bootstrap.yaml b/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrole-bootstrap.yaml index 5388e6f..cbe9987 100644 --- a/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrole-bootstrap.yaml +++ b/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrole-bootstrap.yaml @@ -13,44 +13,44 @@ metadata: # kpt-merge: /nephio-controller-bootstrap-role annotations: internal.kpt.dev/upstream-identifier: 'rbac.authorization.k8s.io|ClusterRole|default|nephio-controller-bootstrap-role' rules: -- apiGroups: - - cluster.x-k8s.io - resources: - - clusters - verbs: - - get - - list - - watch -- apiGroups: - - '*' - resources: - - secrets - verbs: - - get - - list - - watch -- apiGroups: - - porch.kpt.dev - resources: - - packagerevisionresources - - packagerevisions - verbs: - - get - - list - - watch -- apiGroups: - - config.porch.kpt.dev - resources: - - repositories - verbs: - - get - - list - - watch -- apiGroups: - - porch.kpt.dev - resources: - - packagerevisionresources/status - - packagerevisions/status - - packagerevisions/approval - verbs: - - get + - apiGroups: + - cluster.x-k8s.io + resources: + - clusters + verbs: + - get + - list + - watch + - apiGroups: + - '*' + resources: + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - porch.kpt.dev + resources: + - packagerevisionresources + - packagerevisions + verbs: + - get + - list + - watch + - apiGroups: + - config.porch.kpt.dev + resources: + - repositories + verbs: + - get + - list + - watch + - apiGroups: + - porch.kpt.dev + resources: + - packagerevisionresources/status + - packagerevisions/status + - packagerevisions/approval + verbs: + - get diff --git a/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrole-network.yaml b/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrole-network.yaml index da2c0dc..9467d69 100644 --- a/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrole-network.yaml +++ b/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrole-network.yaml @@ -13,159 +13,159 @@ metadata: # kpt-merge: /nephio-controller-network-role annotations: internal.kpt.dev/upstream-identifier: 'rbac.authorization.k8s.io|ClusterRole|default|nephio-controller-network-role' rules: -- apiGroups: - - inv.nephio.org - resources: - - links - - nodes - - endpoints - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - infra.nephio.org - resources: - - links/status - - nodes/status - - endpoints/status - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - ipam.resource.nephio.org - resources: - - networkinstances - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - ipam.resource.nephio.org - resources: - - networkinstances/status - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - vlan.resource.nephio.org - resources: - - vlanindices - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - vlan.resource.nephio.org - resources: - - vlanindices/status - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - config.nephio.org - resources: - - networks - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - config.nephio.org - resources: - - networks/status - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - infra.nephio.org - resources: - - networks - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - infra.nephio.org - resources: - - networks/status - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - config.nephio.org - resources: - - networks - - networks/status - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - infra.nephio.org - resources: - - networks - - networks/status - - repositories - - repositories/status - - tokens - - tokens/status - - workloadclusters - - workloadclusters/status - verbs: - - get - - list - - watch - - update - - patch - - create - - delete + - apiGroups: + - inv.nephio.org + resources: + - links + - nodes + - endpoints + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - infra.nephio.org + resources: + - links/status + - nodes/status + - endpoints/status + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - ipam.resource.nephio.org + resources: + - networkinstances + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - ipam.resource.nephio.org + resources: + - networkinstances/status + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - vlan.resource.nephio.org + resources: + - vlanindices + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - vlan.resource.nephio.org + resources: + - vlanindices/status + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - config.nephio.org + resources: + - networks + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - config.nephio.org + resources: + - networks/status + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - infra.nephio.org + resources: + - networks + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - infra.nephio.org + resources: + - networks/status + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - config.nephio.org + resources: + - networks + - networks/status + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - infra.nephio.org + resources: + - networks + - networks/status + - repositories + - repositories/status + - tokens + - tokens/status + - workloadclusters + - workloadclusters/status + verbs: + - get + - list + - watch + - update + - patch + - create + - delete diff --git a/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrole-porch.yaml b/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrole-porch.yaml index 612a74f..0c467ea 100644 --- a/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrole-porch.yaml +++ b/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrole-porch.yaml @@ -13,62 +13,62 @@ metadata: # kpt-merge: /nephio-controller-porch-role annotations: internal.kpt.dev/upstream-identifier: 'rbac.authorization.k8s.io|ClusterRole|default|nephio-controller-porch-role' rules: -- apiGroups: - - porch.kpt.dev - resources: - - packagerevisionresources - - packagerevisions - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - porch.kpt.dev - resources: - - packagerevisionresources/status - - packagerevisions/status - - packagerevisions/approval - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - config.nephio.org - resources: - - networks - - networks/status - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - infra.nephio.org - resources: - - networks - - networks/status - - repositories - - repositories/status - - tokens - - tokens/status - - workloadclusters - - workloadclusters/status - verbs: - - get - - list - - watch - - update - - patch - - create - - delete + - apiGroups: + - porch.kpt.dev + resources: + - packagerevisionresources + - packagerevisions + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - porch.kpt.dev + resources: + - packagerevisionresources/status + - packagerevisions/status + - packagerevisions/approval + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - config.nephio.org + resources: + - networks + - networks/status + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - infra.nephio.org + resources: + - networks + - networks/status + - repositories + - repositories/status + - tokens + - tokens/status + - workloadclusters + - workloadclusters/status + verbs: + - get + - list + - watch + - update + - patch + - create + - delete diff --git a/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrole-repository.yaml b/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrole-repository.yaml index 829a937..5df4fcc 100644 --- a/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrole-repository.yaml +++ b/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrole-repository.yaml @@ -13,35 +13,35 @@ metadata: # kpt-merge: /nephio-controller-repository-role annotations: internal.kpt.dev/upstream-identifier: 'rbac.authorization.k8s.io|ClusterRole|default|nephio-controller-repository-role' rules: -- apiGroups: - - '*' - resources: - - services - verbs: - - get - - list - - watch -- apiGroups: - - infra.nephio.org - resources: - - repositories - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - infra.nephio.org - resources: - - repositories/status - verbs: - - get - - list - - watch - - update - - patch - - create - - delete + - apiGroups: + - '*' + resources: + - services + verbs: + - get + - list + - watch + - apiGroups: + - infra.nephio.org + resources: + - repositories + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - infra.nephio.org + resources: + - repositories/status + verbs: + - get + - list + - watch + - update + - patch + - create + - delete diff --git a/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrole-token.yaml b/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrole-token.yaml index 3c48300..2107065 100644 --- a/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrole-token.yaml +++ b/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrole-token.yaml @@ -13,47 +13,47 @@ metadata: # kpt-merge: /nephio-controller-token-role annotations: internal.kpt.dev/upstream-identifier: 'rbac.authorization.k8s.io|ClusterRole|default|nephio-controller-token-role' rules: -- apiGroups: - - '*' - resources: - - services - verbs: - - get - - list - - watch -- apiGroups: - - infra.nephio.org - resources: - - tokens - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - infra.nephio.org - resources: - - tokens/status - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - "" - resources: - - secrets - verbs: - - get - - list - - watch - - update - - patch - - create - - delete + - apiGroups: + - '*' + resources: + - services + verbs: + - get + - list + - watch + - apiGroups: + - infra.nephio.org + resources: + - tokens + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - infra.nephio.org + resources: + - tokens/status + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch + - update + - patch + - create + - delete diff --git a/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrolebinding-approval.yaml b/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrolebinding-approval.yaml index 90d5d03..ed7a87e 100644 --- a/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrolebinding-approval.yaml +++ b/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrolebinding-approval.yaml @@ -17,6 +17,6 @@ roleRef: kind: ClusterRole name: nephio-controller-approval-role subjects: -- kind: ServiceAccount - name: nephio-controller - namespace: nephio-system + - kind: ServiceAccount + name: nephio-controller + namespace: nephio-system diff --git a/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrolebinding-bootstrap.yaml b/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrolebinding-bootstrap.yaml index fa33cee..c05cf89 100644 --- a/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrolebinding-bootstrap.yaml +++ b/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrolebinding-bootstrap.yaml @@ -17,6 +17,6 @@ roleRef: kind: ClusterRole name: nephio-controller-bootstrap-role subjects: -- kind: ServiceAccount - name: nephio-controller - namespace: nephio-system + - kind: ServiceAccount + name: nephio-controller + namespace: nephio-system diff --git a/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrolebinding-controller.yaml b/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrolebinding-controller.yaml index 23799a7..ed9f64e 100644 --- a/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrolebinding-controller.yaml +++ b/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrolebinding-controller.yaml @@ -17,6 +17,6 @@ roleRef: kind: ClusterRole name: nephio-controller-controller-role subjects: -- kind: ServiceAccount - name: nephio-controller - namespace: nephio-system + - kind: ServiceAccount + name: nephio-controller + namespace: nephio-system diff --git a/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrolebinding-network.yaml b/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrolebinding-network.yaml index 63d5369..293a745 100644 --- a/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrolebinding-network.yaml +++ b/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrolebinding-network.yaml @@ -17,6 +17,6 @@ roleRef: kind: ClusterRole name: nephio-controller-network-role subjects: -- kind: ServiceAccount - name: nephio-controller - namespace: nephio-system + - kind: ServiceAccount + name: nephio-controller + namespace: nephio-system diff --git a/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrolebinding-porch.yaml b/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrolebinding-porch.yaml index d392105..d612ac7 100644 --- a/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrolebinding-porch.yaml +++ b/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrolebinding-porch.yaml @@ -17,6 +17,6 @@ roleRef: kind: ClusterRole name: nephio-controller-porch-role subjects: -- kind: ServiceAccount - name: nephio-controller - namespace: nephio-system + - kind: ServiceAccount + name: nephio-controller + namespace: nephio-system diff --git a/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrolebinding-repository.yaml b/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrolebinding-repository.yaml index 51d040d..a94a9c7 100644 --- a/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrolebinding-repository.yaml +++ b/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrolebinding-repository.yaml @@ -17,6 +17,6 @@ roleRef: kind: ClusterRole name: nephio-controller-repository-role subjects: -- kind: ServiceAccount - name: nephio-controller - namespace: nephio-system + - kind: ServiceAccount + name: nephio-controller + namespace: nephio-system diff --git a/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrolebinding-token.yaml b/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrolebinding-token.yaml index 6150e97..3ed3acd 100644 --- a/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrolebinding-token.yaml +++ b/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/clusterrolebinding-token.yaml @@ -17,6 +17,6 @@ roleRef: kind: ClusterRole name: nephio-controller-token-role subjects: -- kind: ServiceAccount - name: nephio-controller - namespace: nephio-system + - kind: ServiceAccount + name: nephio-controller + namespace: nephio-system diff --git a/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/deployment-controller.yaml b/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/deployment-controller.yaml index 4dcb539..ae4cb21 100644 --- a/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/deployment-controller.yaml +++ b/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/deployment-controller.yaml @@ -27,82 +27,82 @@ spec: namespace: nephio-system spec: containers: - - args: - - --secure-listen-address=0.0.0.0:8443 - - --upstream=http://127.0.0.1:8080/ - - --logtostderr=true - - --v=10 - image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0 - name: kube-rbac-proxy - ports: - - containerPort: 8443 - name: https - resources: {} - - args: - - --health-probe-bind-address=:8081 - - --metrics-bind-address=127.0.0.1:8080 - - --leader-elect - command: - - /manager - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: POD_IP - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.podIP - - name: POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - - name: NODE_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: spec.nodeName - - name: NODE_IP - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.hostIP - - name: ENABLE_APPROVAL - value: "true" - - name: ENABLE_GENERICSPECIALIZER - value: "true" - - name: ENABLE_NETWORKS - value: "true" - - name: CLIENT_PROXY_ADDRESS - value: resource-backend-controller-grpc-svc.backend-system.svc.cluster.local:9999 - image: docker.io/nephio/nephio-operator:v2.0.0 - livenessProbe: - httpGet: - path: /healthz - port: 8081 - initialDelaySeconds: 15 - periodSeconds: 20 - name: controller - readinessProbe: - httpGet: - path: /readyz - port: 8081 - initialDelaySeconds: 5 - periodSeconds: 10 - resources: - limits: - cpu: 500m - memory: 128Mi - requests: - cpu: 10m - memory: 64Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL + - args: + - --secure-listen-address=0.0.0.0:8443 + - --upstream=http://127.0.0.1:8080/ + - --logtostderr=true + - --v=10 + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0 + name: kube-rbac-proxy + ports: + - containerPort: 8443 + name: https + resources: {} + - args: + - --health-probe-bind-address=:8081 + - --metrics-bind-address=127.0.0.1:8080 + - --leader-elect + command: + - /manager + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + - name: NODE_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.hostIP + - name: ENABLE_APPROVAL + value: "true" + - name: ENABLE_GENERICSPECIALIZER + value: "true" + - name: ENABLE_NETWORKS + value: "true" + - name: CLIENT_PROXY_ADDRESS + value: resource-backend-controller-grpc-svc.backend-system.svc.cluster.local:9999 + image: docker.io/nephio/nephio-operator:v2.0.0 + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: controller + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 10m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL serviceAccountName: nephio-controller status: {} diff --git a/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/deployment-token-controller.yaml b/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/deployment-token-controller.yaml index f7810d9..2875512 100644 --- a/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/deployment-token-controller.yaml +++ b/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/deployment-token-controller.yaml @@ -27,80 +27,80 @@ spec: namespace: nephio-system spec: containers: - - args: - - --secure-listen-address=0.0.0.0:8443 - - --upstream=http://127.0.0.1:8080/ - - --logtostderr=true - - --v=10 - image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0 - name: kube-rbac-proxy - ports: - - containerPort: 8443 - name: https - resources: {} - - args: - - --health-probe-bind-address=:8081 - - --metrics-bind-address=127.0.0.1:8080 - - --leader-elect - command: - - /manager - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: POD_IP - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.podIP - - name: POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - - name: NODE_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: spec.nodeName - - name: NODE_IP - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.hostIP - - name: GIT_URL - value: http://172.18.0.200:3000 - - name: GIT_NAMESPACE - value: gitea - - name: ENABLE_TOKENS - value: "true" - image: docker.io/nephio/nephio-operator:v2.0.0 - livenessProbe: - httpGet: - path: /healthz - port: 8081 - initialDelaySeconds: 15 - periodSeconds: 20 - name: controller - readinessProbe: - httpGet: - path: /readyz - port: 8081 - initialDelaySeconds: 5 - periodSeconds: 10 - resources: - limits: - cpu: 500m - memory: 128Mi - requests: - cpu: 10m - memory: 64Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL + - args: + - --secure-listen-address=0.0.0.0:8443 + - --upstream=http://127.0.0.1:8080/ + - --logtostderr=true + - --v=10 + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0 + name: kube-rbac-proxy + ports: + - containerPort: 8443 + name: https + resources: {} + - args: + - --health-probe-bind-address=:8081 + - --metrics-bind-address=127.0.0.1:8080 + - --leader-elect + command: + - /manager + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + - name: NODE_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.hostIP + - name: GIT_URL + value: http://172.18.0.200:3000 + - name: GIT_NAMESPACE + value: gitea + - name: ENABLE_TOKENS + value: "true" + image: docker.io/nephio/nephio-operator:v2.0.0 + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: controller + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 10m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL serviceAccountName: nephio-controller status: {} diff --git a/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/role-leader-election.yaml b/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/role-leader-election.yaml index e72fb90..da9fa08 100644 --- a/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/role-leader-election.yaml +++ b/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/role-leader-election.yaml @@ -14,34 +14,34 @@ metadata: # kpt-merge: nephio-system/nephio-controller-leader-election-role annotations: internal.kpt.dev/upstream-identifier: 'rbac.authorization.k8s.io|Role|nephio-system|nephio-controller-leader-election-role' rules: -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch diff --git a/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/rolebinding-leader-election.yaml b/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/rolebinding-leader-election.yaml index 4c82e1a..9ee9a58 100644 --- a/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/rolebinding-leader-election.yaml +++ b/distros/gcp/nephio-mgmt/nephio-controllers/app/controller/rolebinding-leader-election.yaml @@ -18,6 +18,6 @@ roleRef: kind: Role name: nephio-controller-leader-election-role subjects: -- kind: ServiceAccount - name: nephio-controller - namespace: nephio-system + - kind: ServiceAccount + name: nephio-controller + namespace: nephio-system diff --git a/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/config.nephio.org_networks.yaml b/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/config.nephio.org_networks.yaml index 977c0eb..7d21f6c 100644 --- a/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/config.nephio.org_networks.yaml +++ b/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/config.nephio.org_networks.yaml @@ -10,103 +10,103 @@ spec: group: config.nephio.org names: categories: - - nephio - - config + - nephio + - config kind: Network listKind: NetworkList plural: networks singular: network scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: REPO_STATUS - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Network is the Schema for the Network API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: NetworkSpec defines the desired state of Network Configuration - properties: - config: - description: Config defines the configuration to be applied to a target device - type: object - x-kubernetes-preserve-unknown-fields: true - lifecycle: - description: Lifecycle determines the lifecycle policies the resource e.g. delete is orphan or delete will follow - properties: - deletionPolicy: - default: delete - description: DeletionPolicy specifies what will happen to the underlying resource when this resource is deleted - either "delete" or "orphan" the resource. - enum: - - delete - - orphan - type: string - type: object - type: object - status: - description: NetworkStatus defines the observed state of Network - properties: - conditions: - description: Conditions of the resource. - items: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: REPO_STATUS + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Network is the Schema for the Network API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: NetworkSpec defines the desired state of Network Configuration + properties: + config: + description: Config defines the configuration to be applied to a target device + type: object + x-kubernetes-preserve-unknown-fields: true + lifecycle: + description: Lifecycle determines the lifecycle policies the resource e.g. delete is orphan or delete will follow properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. + deletionPolicy: + default: delete + description: DeletionPolicy specifies what will happen to the underlying resource when this resource is deleted - either "delete" or "orphan" the resource. enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + - delete + - orphan type: string - required: - - lastTransitionTime - - message - - reason - - status - - type type: object - type: array - lastAppliedConfig: - description: LastAppliedConfig defines the configuration that was last applied to the target device - type: object - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: object + status: + description: NetworkStatus defines the observed state of Network + properties: + conditions: + description: Conditions of the resource. + items: + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + lastAppliedConfig: + description: LastAppliedConfig defines the configuration that was last applied to the target device + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/infra.nephio.org_clustercontexts.yaml b/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/infra.nephio.org_clustercontexts.yaml index a46fb6e..2900c6b 100644 --- a/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/infra.nephio.org_clustercontexts.yaml +++ b/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/infra.nephio.org_clustercontexts.yaml @@ -15,42 +15,42 @@ spec: singular: clustercontext scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: ClusterContext is the Schema for the clustercontexts API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ClusterContextSpec defines the desired state of ClusterContext - properties: - cniConfig: - description: CNIConfig contains the details of CNI configuration for this cluster - properties: - cniType: - type: string - masterInterface: - type: string - required: - - cniType - - masterInterface - type: object - siteCode: - description: SiteCode identifies this cluster's location - type: string - type: object - status: - description: ClusterContextStatus defines the observed state of ClusterContext - type: object - type: object - served: true - storage: true - subresources: - status: {} + - name: v1alpha1 + schema: + openAPIV3Schema: + description: ClusterContext is the Schema for the clustercontexts API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ClusterContextSpec defines the desired state of ClusterContext + properties: + cniConfig: + description: CNIConfig contains the details of CNI configuration for this cluster + properties: + cniType: + type: string + masterInterface: + type: string + required: + - cniType + - masterInterface + type: object + siteCode: + description: SiteCode identifies this cluster's location + type: string + type: object + status: + description: ClusterContextStatus defines the observed state of ClusterContext + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/infra.nephio.org_networkconfigs.yaml b/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/infra.nephio.org_networkconfigs.yaml index b6af240..9e1e500 100644 --- a/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/infra.nephio.org_networkconfigs.yaml +++ b/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/infra.nephio.org_networkconfigs.yaml @@ -10,113 +10,113 @@ spec: group: infra.nephio.org names: categories: - - nephio - - network + - nephio + - network kind: NetworkConfig listKind: NetworkConfigList plural: networkconfigs singular: networkconfig scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: REPO_STATUS - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: NetworkConfig is the Schema for the Network API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: NetworkConfigSpec defines the desired state of NetworkConfig - properties: - prefixLengths: - description: PrefixLengths define the prefix lengths for ipv4 and ipv6 configuration elements - properties: - ipv4: - description: IPv4 defines the ipv4 prefixlengths - properties: - interfaceExternal: - default: 24 - type: integer - interfaceInternal: - default: 31 - type: integer - pool: - default: 16 - type: integer - type: object - ipv6: - description: IPv6 defines the ipv6 prefixlengths + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: REPO_STATUS + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: NetworkConfig is the Schema for the Network API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: NetworkConfigSpec defines the desired state of NetworkConfig + properties: + prefixLengths: + description: PrefixLengths define the prefix lengths for ipv4 and ipv6 configuration elements + properties: + ipv4: + description: IPv4 defines the ipv4 prefixlengths + properties: + interfaceExternal: + default: 24 + type: integer + interfaceInternal: + default: 31 + type: integer + pool: + default: 16 + type: integer + type: object + ipv6: + description: IPv6 defines the ipv6 prefixlengths + properties: + interfaceExternal: + default: 64 + type: integer + interfaceInternal: + default: 127 + type: integer + pool: + default: 48 + type: integer + type: object + type: object + type: object + status: + description: NetworkStatus defines the observed state of Network + properties: + conditions: + description: Conditions of the resource. + items: properties: - interfaceExternal: - default: 64 - type: integer - interfaceInternal: - default: 127 - type: integer - pool: - default: 48 + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type type: object - type: object - type: object - status: - description: NetworkStatus defines the observed state of Network - properties: - conditions: - description: Conditions of the resource. - items: - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - type: object - type: object - served: true - storage: true - subresources: {} + type: array + type: object + type: object + served: true + storage: true + subresources: {} diff --git a/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/infra.nephio.org_networks.yaml b/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/infra.nephio.org_networks.yaml index 9e727e0..c4fcd7a 100644 --- a/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/infra.nephio.org_networks.yaml +++ b/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/infra.nephio.org_networks.yaml @@ -10,251 +10,251 @@ spec: group: infra.nephio.org names: categories: - - nephio - - network + - nephio + - network kind: Network listKind: NetworkList plural: networks singular: network scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: READY - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Network is the Schema for the Network API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: NetworkSpec defines the desired state of Network - properties: - bridgeDomains: - description: BridgeDomains define a set of logical ports that share the same flooding or broadcast characteristics. Like a virtual LAN (VLAN), a bridge domain spans one or more ports of multiple devices. - items: - properties: - interfaces: - description: Interfaces defines the interfaces belonging to the bridge domain - items: - properties: - attachmentType: - description: 'AttachmentType defines the interface attachement: vlan or none' - enum: - - none - - vlan - type: string - bridgeDomainName: - description: BridgeDomainName defines the name of the bridgeDomain belonging to the interface - type: string - interfaceName: - description: InterfaceName defines the name of the interface - type: string - kind: - default: interface - description: Kind defines the kind of interface. Attached to a routing table both interface and bridgedomain interfaces are allowed. In a BridgeDomain only regular interfaces are allowed - enum: - - interface - - bridgedomain - type: string - nodeName: - description: NodeName defines the name of the node the interface belongs to interface - type: string - selector: - description: Selector defines the selector criterias for the interface selection - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - items: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: READY + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Network is the Schema for the Network API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: NetworkSpec defines the desired state of Network + properties: + bridgeDomains: + description: BridgeDomains define a set of logical ports that share the same flooding or broadcast characteristics. Like a virtual LAN (VLAN), a bridge domain spans one or more ports of multiple devices. + items: + properties: + interfaces: + description: Interfaces defines the interfaces belonging to the bridge domain + items: + properties: + attachmentType: + description: 'AttachmentType defines the interface attachement: vlan or none' + enum: + - none + - vlan + type: string + bridgeDomainName: + description: BridgeDomainName defines the name of the bridgeDomain belonging to the interface + type: string + interfaceName: + description: InterfaceName defines the name of the interface + type: string + kind: + default: interface + description: Kind defines the kind of interface. Attached to a routing table both interface and bridgedomain interfaces are allowed. In a BridgeDomain only regular interfaces are allowed + enum: + - interface + - bridgedomain + type: string + nodeName: + description: NodeName defines the name of the node the interface belongs to interface + type: string + selector: + description: Selector defines the selector criterias for the interface selection + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string - type: array - required: - - key - - operator + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - required: - - kind - type: object - type: array - name: - description: Name defines the name of the bridge domain - type: string - required: - - name - type: object - type: array - routingTables: - description: RoutingTables defines a set of routes belonging to a given routing instance Multiple routing tables are also called virtual routing instances. Each virtual routing instance can hold overlapping IP information A routing table supports both ipv4 and ipv6 - items: - properties: - interfaces: - description: Interfaces defines the interfaces belonging to the routing table - items: - properties: - attachmentType: - description: 'AttachmentType defines the interface attachement: vlan or none' - enum: - - none - - vlan - type: string - bridgeDomainName: - description: BridgeDomainName defines the name of the bridgeDomain belonging to the interface - type: string - interfaceName: - description: InterfaceName defines the name of the interface - type: string - kind: - default: interface - description: Kind defines the kind of interface. Attached to a routing table both interface and bridgedomain interfaces are allowed. In a BridgeDomain only regular interfaces are allowed - enum: - - interface - - bridgedomain - type: string - nodeName: - description: NodeName defines the name of the node the interface belongs to interface - type: string - selector: - description: Selector defines the selector criterias for the interface selection - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - items: + type: object + x-kubernetes-map-type: atomic + required: + - kind + type: object + type: array + name: + description: Name defines the name of the bridge domain + type: string + required: + - name + type: object + type: array + routingTables: + description: RoutingTables defines a set of routes belonging to a given routing instance Multiple routing tables are also called virtual routing instances. Each virtual routing instance can hold overlapping IP information A routing table supports both ipv4 and ipv6 + items: + properties: + interfaces: + description: Interfaces defines the interfaces belonging to the routing table + items: + properties: + attachmentType: + description: 'AttachmentType defines the interface attachement: vlan or none' + enum: + - none + - vlan + type: string + bridgeDomainName: + description: BridgeDomainName defines the name of the bridgeDomain belonging to the interface + type: string + interfaceName: + description: InterfaceName defines the name of the interface + type: string + kind: + default: interface + description: Kind defines the kind of interface. Attached to a routing table both interface and bridgedomain interfaces are allowed. In a BridgeDomain only regular interfaces are allowed + enum: + - interface + - bridgedomain + type: string + nodeName: + description: NodeName defines the name of the node the interface belongs to interface + type: string + selector: + description: Selector defines the selector criterias for the interface selection + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string - type: array - required: - - key - - operator + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - required: - - kind - type: object - type: array - name: - description: Name defines the name of the routing table - type: string - prefixes: - description: Prefixes defines the prefixes belonging to the routing table - items: - properties: - labels: - additionalProperties: + type: object + x-kubernetes-map-type: atomic + required: + - kind + type: object + type: array + name: + description: Name defines the name of the routing table + type: string + prefixes: + description: Prefixes defines the prefixes belonging to the routing table + items: + properties: + labels: + additionalProperties: + type: string + description: Labels as user defined labels + type: object + prefix: + description: Prefix defines the ip cidr in prefix notation. + pattern: (([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/(([0-9])|([1-2][0-9])|(3[0-2]))|((:|[0-9a-fA-F]{0,4}):)([0-9a-fA-F]{0,4}:){0,5}((([0-9a-fA-F]{0,4}:)?(:|[0-9a-fA-F]{0,4}))|(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])))(/(([0-9])|([0-9]{2})|(1[0-1][0-9])|(12[0-8]))) type: string - description: Labels as user defined labels - type: object - prefix: - description: Prefix defines the ip cidr in prefix notation. - pattern: (([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/(([0-9])|([1-2][0-9])|(3[0-2]))|((:|[0-9a-fA-F]{0,4}):)([0-9a-fA-F]{0,4}:){0,5}((([0-9a-fA-F]{0,4}:)?(:|[0-9a-fA-F]{0,4}))|(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])))(/(([0-9])|([0-9]{2})|(1[0-1][0-9])|(12[0-8]))) - type: string - required: - - prefix - type: object - type: array - required: - - name - - prefixes - type: object - type: array - topology: - description: Topology defines the topology to which this network applies - type: string - required: - - topology - type: object - status: - description: NetworkStatus defines the observed state of Network - properties: - conditions: - description: Conditions of the resource. - items: - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} + required: + - prefix + type: object + type: array + required: + - name + - prefixes + type: object + type: array + topology: + description: Topology defines the topology to which this network applies + type: string + required: + - topology + type: object + status: + description: NetworkStatus defines the observed state of Network + properties: + conditions: + description: Conditions of the resource. + items: + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/infra.nephio.org_repositories.yaml b/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/infra.nephio.org_repositories.yaml index 457fbe8..9600997 100644 --- a/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/infra.nephio.org_repositories.yaml +++ b/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/infra.nephio.org_repositories.yaml @@ -15,119 +15,119 @@ spec: singular: repository scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: REPO_STATUS - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Repository is the Schema for the repository API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: RepositorySpec defines the desired state of Repository - properties: - defaultBranch: - description: DefaultBranch of the repository (used when initializes and in template) - type: string - description: - description: Description of the repository to create - type: string - gitignores: - description: Gitignores defines the Gitignores of the repository - type: string - issueLabels: - description: IssueLabels defines the Issue Label set to use - type: string - license: - description: License to use - type: string - lifecycle: - description: Lifecycle determines the deletion lifecycle policies the resource will follow - properties: - deletionPolicy: - default: delete - description: DeletionPolicy specifies what will happen to the underlying resource when this resource is deleted - either "delete" or "orphan" the resource. - enum: - - delete - - orphan - type: string - type: object - private: - description: Private defines whether the repository is private - type: boolean - readme: - description: Readme of the repository to create - type: string - trustModel: - description: TrustModel of the repository - enum: - - default - - collaborator - - committer - - collaboratorcommitter - type: string - type: object - status: - description: RepositoryStatus defines the observed state of Repository - properties: - conditions: - description: Conditions of the resource. - items: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: REPO_STATUS + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Repository is the Schema for the repository API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: RepositorySpec defines the desired state of Repository + properties: + defaultBranch: + description: DefaultBranch of the repository (used when initializes and in template) + type: string + description: + description: Description of the repository to create + type: string + gitignores: + description: Gitignores defines the Gitignores of the repository + type: string + issueLabels: + description: IssueLabels defines the Issue Label set to use + type: string + license: + description: License to use + type: string + lifecycle: + description: Lifecycle determines the deletion lifecycle policies the resource will follow properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. + deletionPolicy: + default: delete + description: DeletionPolicy specifies what will happen to the underlying resource when this resource is deleted - either "delete" or "orphan" the resource. enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + - delete + - orphan type: string - required: - - lastTransitionTime - - message - - reason - - status - - type type: object - type: array - url: - description: URL is the url for the repo - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + private: + description: Private defines whether the repository is private + type: boolean + readme: + description: Readme of the repository to create + type: string + trustModel: + description: TrustModel of the repository + enum: + - default + - collaborator + - committer + - collaboratorcommitter + type: string + type: object + status: + description: RepositoryStatus defines the observed state of Repository + properties: + conditions: + description: Conditions of the resource. + items: + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + url: + description: URL is the url for the repo + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/infra.nephio.org_tokens.yaml b/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/infra.nephio.org_tokens.yaml index 1f90570..209b6bc 100644 --- a/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/infra.nephio.org_tokens.yaml +++ b/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/infra.nephio.org_tokens.yaml @@ -15,87 +15,87 @@ spec: singular: token scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: REPO_TOKEN_STATUS - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Token is the Schema for the repository token API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: TokenSpec defines the desired state of Token - properties: - lifecycle: - description: Lifecycle determines the deletion lifecycle policies the resource will follow - properties: - deletionPolicy: - default: delete - description: DeletionPolicy specifies what will happen to the underlying resource when this resource is deleted - either "delete" or "orphan" the resource. - enum: - - delete - - orphan - type: string - type: object - type: object - status: - description: TokenStatus defines the observed state of the Token - properties: - conditions: - description: Conditions of the resource. - items: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: REPO_TOKEN_STATUS + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Token is the Schema for the repository token API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: TokenSpec defines the desired state of Token + properties: + lifecycle: + description: Lifecycle determines the deletion lifecycle policies the resource will follow properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. + deletionPolicy: + default: delete + description: DeletionPolicy specifies what will happen to the underlying resource when this resource is deleted - either "delete" or "orphan" the resource. enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + - delete + - orphan type: string - required: - - lastTransitionTime - - message - - reason - - status - - type type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: object + status: + description: TokenStatus defines the observed state of the Token + properties: + conditions: + description: Conditions of the resource. + items: + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/infra.nephio.org_workloadclusters.yaml b/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/infra.nephio.org_workloadclusters.yaml index c7332c4..6bb3f94 100644 --- a/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/infra.nephio.org_workloadclusters.yaml +++ b/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/infra.nephio.org_workloadclusters.yaml @@ -15,39 +15,39 @@ spec: singular: workloadcluster scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: WorkloadCluster is the Schema for the clustercontexts API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: WorkloadClusterSpec defines the desired state of WorkloadCluster - properties: - clusterName: - description: ClusterName is the unique name for this cluster - type: string - cnis: - description: CNIs defines the CNIs required for the workload cluster - items: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: WorkloadCluster is the Schema for the clustercontexts API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: WorkloadClusterSpec defines the desired state of WorkloadCluster + properties: + clusterName: + description: ClusterName is the unique name for this cluster type: string - type: array - masterInterface: - description: MasterInterface define the master interface for secondary networking in the nodes on the cluster - type: string - type: object - status: - description: WorkloadClusterStatus defines the observed state of WorkloadCluster - type: object - type: object - served: true - storage: true - subresources: - status: {} + cnis: + description: CNIs defines the CNIs required for the workload cluster + items: + type: string + type: array + masterInterface: + description: MasterInterface define the master interface for secondary networking in the nodes on the cluster + type: string + type: object + status: + description: WorkloadClusterStatus defines the observed state of WorkloadCluster + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/req.nephio.org_capacities.yaml b/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/req.nephio.org_capacities.yaml index 4a65d6a..d65ee39 100644 --- a/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/req.nephio.org_capacities.yaml +++ b/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/req.nephio.org_capacities.yaml @@ -15,46 +15,46 @@ spec: singular: capacity scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - maxDownlinkThroughput: - anyOf: - - type: integer - - type: string - description: MaxDownlinkThroughput defines the max downlink dataplane throughput - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - maxNFConnections: - description: MaxNFConnections defines the max NF(s) that can be connected to this NF/device - type: integer - maxSessions: - description: MaxSessions defines the max sessions of the control plane expressed in unit of 1000s - type: integer - maxSubscribers: - description: MaxSubscribers defines the max subscribers expressed in unit of 1000s - type: integer - maxUplinkThroughput: - anyOf: - - type: integer - - type: string - description: MaxUplinkThroughput defines the max uplink dataplane throughput - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - status: - type: object - type: object - served: true - storage: true + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + maxDownlinkThroughput: + anyOf: + - type: integer + - type: string + description: MaxDownlinkThroughput defines the max downlink dataplane throughput + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + maxNFConnections: + description: MaxNFConnections defines the max NF(s) that can be connected to this NF/device + type: integer + maxSessions: + description: MaxSessions defines the max sessions of the control plane expressed in unit of 1000s + type: integer + maxSubscribers: + description: MaxSubscribers defines the max subscribers expressed in unit of 1000s + type: integer + maxUplinkThroughput: + anyOf: + - type: integer + - type: string + description: MaxUplinkThroughput defines the max uplink dataplane throughput + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + status: + type: object + type: object + served: true + storage: true diff --git a/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/req.nephio.org_datanetworknames.yaml b/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/req.nephio.org_datanetworknames.yaml index a6fe05d..c5b719b 100644 --- a/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/req.nephio.org_datanetworknames.yaml +++ b/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/req.nephio.org_datanetworknames.yaml @@ -15,56 +15,56 @@ spec: singular: datanetworkname scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - networkInstanceReference: - description: NetworkInstance defines the networkInstance context to which this DNN belongs - properties: - name: - description: Name is unique within a namespace to reference a nfClass. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: Namespace is the namespace of the referent. This field is required when referring to a Namespace-scoped resource and MUST be unset when referring to a Cluster-scoped resource. - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - required: - - name - type: object - pools: - description: Pools defines the parameters of the IP pool associated with the DNN - items: + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + networkInstanceReference: + description: NetworkInstance defines the networkInstance context to which this DNN belongs properties: name: - description: Name defines the name of the pool + description: Name is unique within a namespace to reference a nfClass. maxLength: 253 minLength: 1 type: string - prefixLength: - description: PrefixLength define the size of the pool - type: integer + namespace: + description: Namespace is the namespace of the referent. This field is required when referring to a Namespace-scoped resource and MUST be unset when referring to a Cluster-scoped resource. + maxLength: 63 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + type: string + required: + - name type: object - type: array - required: - - networkInstanceReference - type: object - status: - type: object - type: object - served: true - storage: true + pools: + description: Pools defines the parameters of the IP pool associated with the DNN + items: + properties: + name: + description: Name defines the name of the pool + maxLength: 253 + minLength: 1 + type: string + prefixLength: + description: PrefixLength define the size of the pool + type: integer + type: object + type: array + required: + - networkInstanceReference + type: object + status: + type: object + type: object + served: true + storage: true diff --git a/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/req.nephio.org_datanetworks.yaml b/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/req.nephio.org_datanetworks.yaml index e0de2be..2be2505 100644 --- a/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/req.nephio.org_datanetworks.yaml +++ b/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/req.nephio.org_datanetworks.yaml @@ -15,137 +15,137 @@ spec: singular: datanetwork scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - networkInstance: - description: NetworkInstance defines the networkInstance context to which this DNN belongs Name and optionally Namespace is used here - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - pools: - description: Pools defines the parameters of the IP pool associated with the DNN - items: + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + networkInstance: + description: NetworkInstance defines the networkInstance context to which this DNN belongs Name and optionally Namespace is used here properties: - ipFamily: - description: IPFamily defines the ip family of the pool - enum: - - ipv4 - - ipv6 + apiVersion: + description: API version of the referent. type: string - name: - description: Name defines the name of the pool - maxLength: 253 - minLength: 1 + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - prefixLength: - description: PrefixLength define the size of the pool - type: integer - type: object - type: array - required: - - networkInstance - type: object - status: - properties: - pools: - description: Pools contains the statuses of individual pools - items: - properties: - ipClaim: - description: IPClaim holds the result of the IP claim belonging to the pool - properties: - conditions: - description: Conditions of the resource. - items: - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - expiryTime: - description: ExpiryTime defines when the claim expires - type: string - gateway: - description: Gateway defines the gateway IP for the claimed prefix Gateway is only relevant for prefix kind = network - type: string - prefix: - description: Prefix defines the prefix, claimed through the IPAM backend - type: string - type: object name: - description: Name of the pool + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string type: object - type: array - type: object - type: object - served: true - storage: true + x-kubernetes-map-type: atomic + pools: + description: Pools defines the parameters of the IP pool associated with the DNN + items: + properties: + ipFamily: + description: IPFamily defines the ip family of the pool + enum: + - ipv4 + - ipv6 + type: string + name: + description: Name defines the name of the pool + maxLength: 253 + minLength: 1 + type: string + prefixLength: + description: PrefixLength define the size of the pool + type: integer + type: object + type: array + required: + - networkInstance + type: object + status: + properties: + pools: + description: Pools contains the statuses of individual pools + items: + properties: + ipClaim: + description: IPClaim holds the result of the IP claim belonging to the pool + properties: + conditions: + description: Conditions of the resource. + items: + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + expiryTime: + description: ExpiryTime defines when the claim expires + type: string + gateway: + description: Gateway defines the gateway IP for the claimed prefix Gateway is only relevant for prefix kind = network + type: string + prefix: + description: Prefix defines the prefix, claimed through the IPAM backend + type: string + type: object + name: + description: Name of the pool + type: string + type: object + type: array + type: object + type: object + served: true + storage: true diff --git a/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/req.nephio.org_interfaces.yaml b/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/req.nephio.org_interfaces.yaml index ede2b49..d01fa27 100644 --- a/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/req.nephio.org_interfaces.yaml +++ b/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/req.nephio.org_interfaces.yaml @@ -15,76 +15,133 @@ spec: singular: interface scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: TBD how do we distinguish the loopback from the vnic(s) - properties: - attachmentType: - description: AttachmentType defines if the interface is attached using a vlan or not - enum: - - none - - vlan - type: string - cniType: - description: CNIType defines the cniType that is used to attach the interface to the pod - enum: - - sriov - - ipvlan - - macvlan - type: string - ipFamilyPolicy: - description: IpFamilyPolicy defines the ip family policy on this interface to determine single stack, dual stack - enum: - - none - - ipv6-only - - ipv4-only - - dual-stack - type: string - networkInstance: - description: NetworkInstance defines the networkInstance to which this interface belongs Name and optionally Namespace is used here - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - required: - - networkInstance - type: object - status: - properties: - ipClaimStatus: - items: - description: IPClaimStatus defines the observed state of IPClaim + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: TBD how do we distinguish the loopback from the vnic(s) + properties: + attachmentType: + description: AttachmentType defines if the interface is attached using a vlan or not + enum: + - none + - vlan + type: string + cniType: + description: CNIType defines the cniType that is used to attach the interface to the pod + enum: + - sriov + - ipvlan + - macvlan + type: string + ipFamilyPolicy: + description: IpFamilyPolicy defines the ip family policy on this interface to determine single stack, dual stack + enum: + - none + - ipv6-only + - ipv4-only + - dual-stack + type: string + networkInstance: + description: NetworkInstance defines the networkInstance to which this interface belongs Name and optionally Namespace is used here + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - networkInstance + type: object + status: + properties: + ipClaimStatus: + items: + description: IPClaimStatus defines the observed state of IPClaim + properties: + conditions: + description: Conditions of the resource. + items: + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + expiryTime: + description: ExpiryTime defines when the claim expires + type: string + gateway: + description: Gateway defines the gateway IP for the claimed prefix Gateway is only relevant for prefix kind = network + type: string + prefix: + description: Prefix defines the prefix, claimed through the IPAM backend + type: string + type: object + type: array + vlanClaimStatus: + description: VLANClaimStatus defines the observed state of VLANClaim properties: conditions: description: Conditions of the resource. @@ -112,9 +169,9 @@ spec: status: description: status of the condition, one of True, False, Unknown. enum: - - "True" - - "False" - - Unknown + - "True" + - "False" + - Unknown type: string type: description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) @@ -122,81 +179,24 @@ spec: pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - lastTransitionTime + - message + - reason + - status + - type type: object type: array expiryTime: - description: ExpiryTime defines when the claim expires - type: string - gateway: - description: Gateway defines the gateway IP for the claimed prefix Gateway is only relevant for prefix kind = network + description: ExpiryTime indicated when the claim expires type: string - prefix: - description: Prefix defines the prefix, claimed through the IPAM backend + vlanID: + description: VLANID defines the vlan ID, claimed through the VLAN backend + type: integer + vlanRange: + description: VLANRange defines the vlan range, claimed through the VLAN backend type: string type: object - type: array - vlanClaimStatus: - description: VLANClaimStatus defines the observed state of VLANClaim - properties: - conditions: - description: Conditions of the resource. - items: - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - expiryTime: - description: ExpiryTime indicated when the claim expires - type: string - vlanID: - description: VLANID defines the vlan ID, claimed through the VLAN backend - type: integer - vlanRange: - description: VLANRange defines the vlan range, claimed through the VLAN backend - type: string - type: object - type: object - type: object - served: true - storage: true + type: object + type: object + served: true + storage: true diff --git a/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/workload.nephio.org_amfdeployments.yaml b/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/workload.nephio.org_amfdeployments.yaml index 4773051..a2e099c 100644 --- a/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/workload.nephio.org_amfdeployments.yaml +++ b/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/workload.nephio.org_amfdeployments.yaml @@ -15,284 +15,284 @@ spec: singular: amfdeployment scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - capacity: - description: capacity defines the capacity characteristics of the NF deployment - properties: - maxDownlinkThroughput: - anyOf: - - type: integer - - type: string - description: MaxDownlinkThroughput defines the max downlink dataplane throughput - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - maxNFConnections: - description: MaxNFConnections defines the max NF(s) that can be connected to this NF/device - type: integer - maxSessions: - description: MaxSessions defines the max sessions of the control plane expressed in unit of 1000s - type: integer - maxSubscribers: - description: MaxSubscribers defines the max subscribers expressed in unit of 1000s - type: integer - maxUplinkThroughput: - anyOf: - - type: integer - - type: string - description: MaxUplinkThroughput defines the max uplink dataplane throughput - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - configRefs: - description: configRef defines addiitonal configuration references the nf depends upon - items: - description: "ObjectReference contains enough information to let you inspect or modify the referred object. --- New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular restrictions like, \"must refer only to types A and B\" or \"UID not honored\" or \"name must be restricted\". Those cannot be well described when embedded. 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple and the version of the actual struct is irrelevant. 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. \n Instead of using this type, create a locally provided and used type that is well-focused on your reference. For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 ." + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + capacity: + description: capacity defines the capacity characteristics of the NF deployment properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - type: array - interfaces: - description: Interfaces defines the interfaces associated with the NF deployment - items: - description: InterfaceConfig defines the configuration of the interface - properties: - ipv4: - description: IPv4 defines the ipv4 configuration of the interface - properties: - address: - description: Address defines the IPv4 address and prefix length in CIDR notation [IP prefix, range IPv4 with host bits] - type: string - gateway: - description: Gateway defines the IPv4 address associated to the interface as a gateway - type: string - required: - - address - type: object - ipv6: - description: IPv6Config defines the ipv6 configuration of the interface - properties: - address: - description: Address defines the IPv6 address and prefix length in CIDR notation [IP prefix, range IPv6 with host bits] - type: string - gateway: - description: Gateway defines the IPv6 address associated to the interface as a gateway - type: string - required: - - address - type: object - name: - description: Name defines the name of the interface - maxLength: 253 - minLength: 1 - type: string - vlanID: - description: VLANID defines the specific vlan id associated on this interface + maxDownlinkThroughput: + anyOf: + - type: integer + - type: string + description: MaxDownlinkThroughput defines the max downlink dataplane throughput + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + maxNFConnections: + description: MaxNFConnections defines the max NF(s) that can be connected to this NF/device + type: integer + maxSessions: + description: MaxSessions defines the max sessions of the control plane expressed in unit of 1000s type: integer - required: - - name + maxSubscribers: + description: MaxSubscribers defines the max subscribers expressed in unit of 1000s + type: integer + maxUplinkThroughput: + anyOf: + - type: integer + - type: string + description: MaxUplinkThroughput defines the max uplink dataplane throughput + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true type: object - type: array - networkInstances: - description: NetworkInstances defines the network instances associated with the NF deployment - items: - description: A networkInstance is a Layer 3 forwarding construct such as a virtual routing and forwarding (VRF) instance, - properties: - bgp: - description: BGP defines the BGP configuration associated with the network instance - properties: - autonomousSystem: - description: AutonomousSystem defines the AS number of the bgp process - type: integer - bgpNeighbors: - description: BGPNeigbors defines the configuration of the BGP neighbor - items: - properties: - address: - description: Address defines the IPv4 or IPv6 address of the BGP neighbor - type: string - name: - description: BGP interface name, MUST match the one use in InterfaceConfig - type: string - peerAS: - description: PeerAS defines the AS number of the bgp peer - type: integer - required: - - address - - peerAS - type: object - type: array - routerID: - description: RouterID defines the router ID of the bgp process - type: string - required: - - autonomousSystem - - bgpNeighbors - - routerID - type: object - dataNetworks: - description: DataNetworks defines the data networks assocated with the network instance - items: - description: A DataNetwork defines the Data Network name defined by 3GPP + configRefs: + description: configRef defines addiitonal configuration references the nf depends upon + items: + description: "ObjectReference contains enough information to let you inspect or modify the referred object. --- New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular restrictions like, \"must refer only to types A and B\" or \"UID not honored\" or \"name must be restricted\". Those cannot be well described when embedded. 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple and the version of the actual struct is irrelevant. 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. \n Instead of using this type, create a locally provided and used type that is well-focused on your reference. For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 ." + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + type: array + interfaces: + description: Interfaces defines the interfaces associated with the NF deployment + items: + description: InterfaceConfig defines the configuration of the interface + properties: + ipv4: + description: IPv4 defines the ipv4 configuration of the interface + properties: + address: + description: Address defines the IPv4 address and prefix length in CIDR notation [IP prefix, range IPv4 with host bits] + type: string + gateway: + description: Gateway defines the IPv4 address associated to the interface as a gateway + type: string + required: + - address + type: object + ipv6: + description: IPv6Config defines the ipv6 configuration of the interface properties: - name: - description: Name defines the name of the data network - maxLength: 253 - minLength: 1 + address: + description: Address defines the IPv6 address and prefix length in CIDR notation [IP prefix, range IPv6 with host bits] + type: string + gateway: + description: Gateway defines the IPv6 address associated to the interface as a gateway type: string - pool: - description: Pool defines the list of address pools associated with the data network + required: + - address + type: object + name: + description: Name defines the name of the interface + maxLength: 253 + minLength: 1 + type: string + vlanID: + description: VLANID defines the specific vlan id associated on this interface + type: integer + required: + - name + type: object + type: array + networkInstances: + description: NetworkInstances defines the network instances associated with the NF deployment + items: + description: A networkInstance is a Layer 3 forwarding construct such as a virtual routing and forwarding (VRF) instance, + properties: + bgp: + description: BGP defines the BGP configuration associated with the network instance + properties: + autonomousSystem: + description: AutonomousSystem defines the AS number of the bgp process + type: integer + bgpNeighbors: + description: BGPNeigbors defines the configuration of the BGP neighbor items: properties: - prefix: - description: Prefix defines the ip cidr in prefix notation. It is defines as a subnet - pattern: (([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/(([0-9])|([1-2][0-9])|(3[0-2]))|((:|[0-9a-fA-F]{0,4}):)([0-9a-fA-F]{0,4}:){0,5}((([0-9a-fA-F]{0,4}:)?(:|[0-9a-fA-F]{0,4}))|(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])))(/(([0-9])|([0-9]{2})|(1[0-1][0-9])|(12[0-8]))) + address: + description: Address defines the IPv4 or IPv6 address of the BGP neighbor type: string + name: + description: BGP interface name, MUST match the one use in InterfaceConfig + type: string + peerAS: + description: PeerAS defines the AS number of the bgp peer + type: integer required: - - prefix + - address + - peerAS type: object type: array - type: object - type: array - interfaces: - description: interfaces defines the interfaces associated with the network instance - items: - type: string - type: array - name: - description: Name defines the name of the network instance - maxLength: 253 - minLength: 1 - type: string - peers: - description: Peers defines the peer configuration associated with the network instance - items: - description: A PeerConfig defines the peer configuration - properties: - ipv4: - description: IPv4 defines the ipv4 configuration of the peer - properties: - address: - description: Address defines the IPv4 address and prefix length in CIDR notation [IP prefix, range IPv4 with host bits] - type: string - gateway: - description: Gateway defines the IPv4 address associated to the interface as a gateway - type: string - required: - - address - type: object - ipv6: - description: IPv6 defines the ipv6 configuration of the peer - properties: - address: - description: Address defines the IPv6 address and prefix length in CIDR notation [IP prefix, range IPv6 with host bits] - type: string - gateway: - description: Gateway defines the IPv6 address associated to the interface as a gateway - type: string - required: - - address - type: object - name: - description: Name defines the name of the data network - maxLength: 253 - minLength: 1 + routerID: + description: RouterID defines the router ID of the bgp process type: string + required: + - autonomousSystem + - bgpNeighbors + - routerID type: object - type: array - required: - - name - type: object - type: array - type: object - status: - properties: - conditions: - description: Conditions define the current state of the NF deployment - items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - observedGeneration: - description: The generation observed by the deployment controller. - format: int32 - type: integer - required: - - observedGeneration - type: object - type: object - served: true - storage: true - subresources: - status: {} + dataNetworks: + description: DataNetworks defines the data networks assocated with the network instance + items: + description: A DataNetwork defines the Data Network name defined by 3GPP + properties: + name: + description: Name defines the name of the data network + maxLength: 253 + minLength: 1 + type: string + pool: + description: Pool defines the list of address pools associated with the data network + items: + properties: + prefix: + description: Prefix defines the ip cidr in prefix notation. It is defines as a subnet + pattern: (([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/(([0-9])|([1-2][0-9])|(3[0-2]))|((:|[0-9a-fA-F]{0,4}):)([0-9a-fA-F]{0,4}:){0,5}((([0-9a-fA-F]{0,4}:)?(:|[0-9a-fA-F]{0,4}))|(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])))(/(([0-9])|([0-9]{2})|(1[0-1][0-9])|(12[0-8]))) + type: string + required: + - prefix + type: object + type: array + type: object + type: array + interfaces: + description: interfaces defines the interfaces associated with the network instance + items: + type: string + type: array + name: + description: Name defines the name of the network instance + maxLength: 253 + minLength: 1 + type: string + peers: + description: Peers defines the peer configuration associated with the network instance + items: + description: A PeerConfig defines the peer configuration + properties: + ipv4: + description: IPv4 defines the ipv4 configuration of the peer + properties: + address: + description: Address defines the IPv4 address and prefix length in CIDR notation [IP prefix, range IPv4 with host bits] + type: string + gateway: + description: Gateway defines the IPv4 address associated to the interface as a gateway + type: string + required: + - address + type: object + ipv6: + description: IPv6 defines the ipv6 configuration of the peer + properties: + address: + description: Address defines the IPv6 address and prefix length in CIDR notation [IP prefix, range IPv6 with host bits] + type: string + gateway: + description: Gateway defines the IPv6 address associated to the interface as a gateway + type: string + required: + - address + type: object + name: + description: Name defines the name of the data network + maxLength: 253 + minLength: 1 + type: string + type: object + type: array + required: + - name + type: object + type: array + type: object + status: + properties: + conditions: + description: Conditions define the current state of the NF deployment + items: + description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + observedGeneration: + description: The generation observed by the deployment controller. + format: int32 + type: integer + required: + - observedGeneration + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/workload.nephio.org_smfdeployments.yaml b/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/workload.nephio.org_smfdeployments.yaml index 084c144..8f0a71d 100644 --- a/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/workload.nephio.org_smfdeployments.yaml +++ b/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/workload.nephio.org_smfdeployments.yaml @@ -15,284 +15,284 @@ spec: singular: smfdeployment scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - capacity: - description: capacity defines the capacity characteristics of the NF deployment - properties: - maxDownlinkThroughput: - anyOf: - - type: integer - - type: string - description: MaxDownlinkThroughput defines the max downlink dataplane throughput - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - maxNFConnections: - description: MaxNFConnections defines the max NF(s) that can be connected to this NF/device - type: integer - maxSessions: - description: MaxSessions defines the max sessions of the control plane expressed in unit of 1000s - type: integer - maxSubscribers: - description: MaxSubscribers defines the max subscribers expressed in unit of 1000s - type: integer - maxUplinkThroughput: - anyOf: - - type: integer - - type: string - description: MaxUplinkThroughput defines the max uplink dataplane throughput - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - configRefs: - description: configRef defines addiitonal configuration references the nf depends upon - items: - description: "ObjectReference contains enough information to let you inspect or modify the referred object. --- New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular restrictions like, \"must refer only to types A and B\" or \"UID not honored\" or \"name must be restricted\". Those cannot be well described when embedded. 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple and the version of the actual struct is irrelevant. 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. \n Instead of using this type, create a locally provided and used type that is well-focused on your reference. For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 ." + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + capacity: + description: capacity defines the capacity characteristics of the NF deployment properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - type: array - interfaces: - description: Interfaces defines the interfaces associated with the NF deployment - items: - description: InterfaceConfig defines the configuration of the interface - properties: - ipv4: - description: IPv4 defines the ipv4 configuration of the interface - properties: - address: - description: Address defines the IPv4 address and prefix length in CIDR notation [IP prefix, range IPv4 with host bits] - type: string - gateway: - description: Gateway defines the IPv4 address associated to the interface as a gateway - type: string - required: - - address - type: object - ipv6: - description: IPv6Config defines the ipv6 configuration of the interface - properties: - address: - description: Address defines the IPv6 address and prefix length in CIDR notation [IP prefix, range IPv6 with host bits] - type: string - gateway: - description: Gateway defines the IPv6 address associated to the interface as a gateway - type: string - required: - - address - type: object - name: - description: Name defines the name of the interface - maxLength: 253 - minLength: 1 - type: string - vlanID: - description: VLANID defines the specific vlan id associated on this interface + maxDownlinkThroughput: + anyOf: + - type: integer + - type: string + description: MaxDownlinkThroughput defines the max downlink dataplane throughput + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + maxNFConnections: + description: MaxNFConnections defines the max NF(s) that can be connected to this NF/device + type: integer + maxSessions: + description: MaxSessions defines the max sessions of the control plane expressed in unit of 1000s type: integer - required: - - name + maxSubscribers: + description: MaxSubscribers defines the max subscribers expressed in unit of 1000s + type: integer + maxUplinkThroughput: + anyOf: + - type: integer + - type: string + description: MaxUplinkThroughput defines the max uplink dataplane throughput + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true type: object - type: array - networkInstances: - description: NetworkInstances defines the network instances associated with the NF deployment - items: - description: A networkInstance is a Layer 3 forwarding construct such as a virtual routing and forwarding (VRF) instance, - properties: - bgp: - description: BGP defines the BGP configuration associated with the network instance - properties: - autonomousSystem: - description: AutonomousSystem defines the AS number of the bgp process - type: integer - bgpNeighbors: - description: BGPNeigbors defines the configuration of the BGP neighbor - items: - properties: - address: - description: Address defines the IPv4 or IPv6 address of the BGP neighbor - type: string - name: - description: BGP interface name, MUST match the one use in InterfaceConfig - type: string - peerAS: - description: PeerAS defines the AS number of the bgp peer - type: integer - required: - - address - - peerAS - type: object - type: array - routerID: - description: RouterID defines the router ID of the bgp process - type: string - required: - - autonomousSystem - - bgpNeighbors - - routerID - type: object - dataNetworks: - description: DataNetworks defines the data networks assocated with the network instance - items: - description: A DataNetwork defines the Data Network name defined by 3GPP + configRefs: + description: configRef defines addiitonal configuration references the nf depends upon + items: + description: "ObjectReference contains enough information to let you inspect or modify the referred object. --- New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular restrictions like, \"must refer only to types A and B\" or \"UID not honored\" or \"name must be restricted\". Those cannot be well described when embedded. 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple and the version of the actual struct is irrelevant. 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. \n Instead of using this type, create a locally provided and used type that is well-focused on your reference. For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 ." + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + type: array + interfaces: + description: Interfaces defines the interfaces associated with the NF deployment + items: + description: InterfaceConfig defines the configuration of the interface + properties: + ipv4: + description: IPv4 defines the ipv4 configuration of the interface + properties: + address: + description: Address defines the IPv4 address and prefix length in CIDR notation [IP prefix, range IPv4 with host bits] + type: string + gateway: + description: Gateway defines the IPv4 address associated to the interface as a gateway + type: string + required: + - address + type: object + ipv6: + description: IPv6Config defines the ipv6 configuration of the interface properties: - name: - description: Name defines the name of the data network - maxLength: 253 - minLength: 1 + address: + description: Address defines the IPv6 address and prefix length in CIDR notation [IP prefix, range IPv6 with host bits] + type: string + gateway: + description: Gateway defines the IPv6 address associated to the interface as a gateway type: string - pool: - description: Pool defines the list of address pools associated with the data network + required: + - address + type: object + name: + description: Name defines the name of the interface + maxLength: 253 + minLength: 1 + type: string + vlanID: + description: VLANID defines the specific vlan id associated on this interface + type: integer + required: + - name + type: object + type: array + networkInstances: + description: NetworkInstances defines the network instances associated with the NF deployment + items: + description: A networkInstance is a Layer 3 forwarding construct such as a virtual routing and forwarding (VRF) instance, + properties: + bgp: + description: BGP defines the BGP configuration associated with the network instance + properties: + autonomousSystem: + description: AutonomousSystem defines the AS number of the bgp process + type: integer + bgpNeighbors: + description: BGPNeigbors defines the configuration of the BGP neighbor items: properties: - prefix: - description: Prefix defines the ip cidr in prefix notation. It is defines as a subnet - pattern: (([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/(([0-9])|([1-2][0-9])|(3[0-2]))|((:|[0-9a-fA-F]{0,4}):)([0-9a-fA-F]{0,4}:){0,5}((([0-9a-fA-F]{0,4}:)?(:|[0-9a-fA-F]{0,4}))|(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])))(/(([0-9])|([0-9]{2})|(1[0-1][0-9])|(12[0-8]))) + address: + description: Address defines the IPv4 or IPv6 address of the BGP neighbor type: string + name: + description: BGP interface name, MUST match the one use in InterfaceConfig + type: string + peerAS: + description: PeerAS defines the AS number of the bgp peer + type: integer required: - - prefix + - address + - peerAS type: object type: array - type: object - type: array - interfaces: - description: interfaces defines the interfaces associated with the network instance - items: - type: string - type: array - name: - description: Name defines the name of the network instance - maxLength: 253 - minLength: 1 - type: string - peers: - description: Peers defines the peer configuration associated with the network instance - items: - description: A PeerConfig defines the peer configuration - properties: - ipv4: - description: IPv4 defines the ipv4 configuration of the peer - properties: - address: - description: Address defines the IPv4 address and prefix length in CIDR notation [IP prefix, range IPv4 with host bits] - type: string - gateway: - description: Gateway defines the IPv4 address associated to the interface as a gateway - type: string - required: - - address - type: object - ipv6: - description: IPv6 defines the ipv6 configuration of the peer - properties: - address: - description: Address defines the IPv6 address and prefix length in CIDR notation [IP prefix, range IPv6 with host bits] - type: string - gateway: - description: Gateway defines the IPv6 address associated to the interface as a gateway - type: string - required: - - address - type: object - name: - description: Name defines the name of the data network - maxLength: 253 - minLength: 1 + routerID: + description: RouterID defines the router ID of the bgp process type: string + required: + - autonomousSystem + - bgpNeighbors + - routerID type: object - type: array - required: - - name - type: object - type: array - type: object - status: - properties: - conditions: - description: Conditions define the current state of the NF deployment - items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - observedGeneration: - description: The generation observed by the deployment controller. - format: int32 - type: integer - required: - - observedGeneration - type: object - type: object - served: true - storage: true - subresources: - status: {} + dataNetworks: + description: DataNetworks defines the data networks assocated with the network instance + items: + description: A DataNetwork defines the Data Network name defined by 3GPP + properties: + name: + description: Name defines the name of the data network + maxLength: 253 + minLength: 1 + type: string + pool: + description: Pool defines the list of address pools associated with the data network + items: + properties: + prefix: + description: Prefix defines the ip cidr in prefix notation. It is defines as a subnet + pattern: (([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/(([0-9])|([1-2][0-9])|(3[0-2]))|((:|[0-9a-fA-F]{0,4}):)([0-9a-fA-F]{0,4}:){0,5}((([0-9a-fA-F]{0,4}:)?(:|[0-9a-fA-F]{0,4}))|(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])))(/(([0-9])|([0-9]{2})|(1[0-1][0-9])|(12[0-8]))) + type: string + required: + - prefix + type: object + type: array + type: object + type: array + interfaces: + description: interfaces defines the interfaces associated with the network instance + items: + type: string + type: array + name: + description: Name defines the name of the network instance + maxLength: 253 + minLength: 1 + type: string + peers: + description: Peers defines the peer configuration associated with the network instance + items: + description: A PeerConfig defines the peer configuration + properties: + ipv4: + description: IPv4 defines the ipv4 configuration of the peer + properties: + address: + description: Address defines the IPv4 address and prefix length in CIDR notation [IP prefix, range IPv4 with host bits] + type: string + gateway: + description: Gateway defines the IPv4 address associated to the interface as a gateway + type: string + required: + - address + type: object + ipv6: + description: IPv6 defines the ipv6 configuration of the peer + properties: + address: + description: Address defines the IPv6 address and prefix length in CIDR notation [IP prefix, range IPv6 with host bits] + type: string + gateway: + description: Gateway defines the IPv6 address associated to the interface as a gateway + type: string + required: + - address + type: object + name: + description: Name defines the name of the data network + maxLength: 253 + minLength: 1 + type: string + type: object + type: array + required: + - name + type: object + type: array + type: object + status: + properties: + conditions: + description: Conditions define the current state of the NF deployment + items: + description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + observedGeneration: + description: The generation observed by the deployment controller. + format: int32 + type: integer + required: + - observedGeneration + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/workload.nephio.org_upfdeployments.yaml b/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/workload.nephio.org_upfdeployments.yaml index c2eb264..def9475 100644 --- a/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/workload.nephio.org_upfdeployments.yaml +++ b/distros/gcp/nephio-mgmt/nephio-controllers/crd/bases/workload.nephio.org_upfdeployments.yaml @@ -15,284 +15,284 @@ spec: singular: upfdeployment scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - capacity: - description: capacity defines the capacity characteristics of the NF deployment - properties: - maxDownlinkThroughput: - anyOf: - - type: integer - - type: string - description: MaxDownlinkThroughput defines the max downlink dataplane throughput - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - maxNFConnections: - description: MaxNFConnections defines the max NF(s) that can be connected to this NF/device - type: integer - maxSessions: - description: MaxSessions defines the max sessions of the control plane expressed in unit of 1000s - type: integer - maxSubscribers: - description: MaxSubscribers defines the max subscribers expressed in unit of 1000s - type: integer - maxUplinkThroughput: - anyOf: - - type: integer - - type: string - description: MaxUplinkThroughput defines the max uplink dataplane throughput - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - configRefs: - description: configRef defines addiitonal configuration references the nf depends upon - items: - description: "ObjectReference contains enough information to let you inspect or modify the referred object. --- New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular restrictions like, \"must refer only to types A and B\" or \"UID not honored\" or \"name must be restricted\". Those cannot be well described when embedded. 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple and the version of the actual struct is irrelevant. 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. \n Instead of using this type, create a locally provided and used type that is well-focused on your reference. For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 ." + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + capacity: + description: capacity defines the capacity characteristics of the NF deployment properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - type: array - interfaces: - description: Interfaces defines the interfaces associated with the NF deployment - items: - description: InterfaceConfig defines the configuration of the interface - properties: - ipv4: - description: IPv4 defines the ipv4 configuration of the interface - properties: - address: - description: Address defines the IPv4 address and prefix length in CIDR notation [IP prefix, range IPv4 with host bits] - type: string - gateway: - description: Gateway defines the IPv4 address associated to the interface as a gateway - type: string - required: - - address - type: object - ipv6: - description: IPv6Config defines the ipv6 configuration of the interface - properties: - address: - description: Address defines the IPv6 address and prefix length in CIDR notation [IP prefix, range IPv6 with host bits] - type: string - gateway: - description: Gateway defines the IPv6 address associated to the interface as a gateway - type: string - required: - - address - type: object - name: - description: Name defines the name of the interface - maxLength: 253 - minLength: 1 - type: string - vlanID: - description: VLANID defines the specific vlan id associated on this interface + maxDownlinkThroughput: + anyOf: + - type: integer + - type: string + description: MaxDownlinkThroughput defines the max downlink dataplane throughput + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + maxNFConnections: + description: MaxNFConnections defines the max NF(s) that can be connected to this NF/device + type: integer + maxSessions: + description: MaxSessions defines the max sessions of the control plane expressed in unit of 1000s type: integer - required: - - name + maxSubscribers: + description: MaxSubscribers defines the max subscribers expressed in unit of 1000s + type: integer + maxUplinkThroughput: + anyOf: + - type: integer + - type: string + description: MaxUplinkThroughput defines the max uplink dataplane throughput + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true type: object - type: array - networkInstances: - description: NetworkInstances defines the network instances associated with the NF deployment - items: - description: A networkInstance is a Layer 3 forwarding construct such as a virtual routing and forwarding (VRF) instance, - properties: - bgp: - description: BGP defines the BGP configuration associated with the network instance - properties: - autonomousSystem: - description: AutonomousSystem defines the AS number of the bgp process - type: integer - bgpNeighbors: - description: BGPNeigbors defines the configuration of the BGP neighbor - items: - properties: - address: - description: Address defines the IPv4 or IPv6 address of the BGP neighbor - type: string - name: - description: BGP interface name, MUST match the one use in InterfaceConfig - type: string - peerAS: - description: PeerAS defines the AS number of the bgp peer - type: integer - required: - - address - - peerAS - type: object - type: array - routerID: - description: RouterID defines the router ID of the bgp process - type: string - required: - - autonomousSystem - - bgpNeighbors - - routerID - type: object - dataNetworks: - description: DataNetworks defines the data networks assocated with the network instance - items: - description: A DataNetwork defines the Data Network name defined by 3GPP + configRefs: + description: configRef defines addiitonal configuration references the nf depends upon + items: + description: "ObjectReference contains enough information to let you inspect or modify the referred object. --- New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular restrictions like, \"must refer only to types A and B\" or \"UID not honored\" or \"name must be restricted\". Those cannot be well described when embedded. 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple and the version of the actual struct is irrelevant. 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. \n Instead of using this type, create a locally provided and used type that is well-focused on your reference. For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 ." + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + type: array + interfaces: + description: Interfaces defines the interfaces associated with the NF deployment + items: + description: InterfaceConfig defines the configuration of the interface + properties: + ipv4: + description: IPv4 defines the ipv4 configuration of the interface + properties: + address: + description: Address defines the IPv4 address and prefix length in CIDR notation [IP prefix, range IPv4 with host bits] + type: string + gateway: + description: Gateway defines the IPv4 address associated to the interface as a gateway + type: string + required: + - address + type: object + ipv6: + description: IPv6Config defines the ipv6 configuration of the interface properties: - name: - description: Name defines the name of the data network - maxLength: 253 - minLength: 1 + address: + description: Address defines the IPv6 address and prefix length in CIDR notation [IP prefix, range IPv6 with host bits] + type: string + gateway: + description: Gateway defines the IPv6 address associated to the interface as a gateway type: string - pool: - description: Pool defines the list of address pools associated with the data network + required: + - address + type: object + name: + description: Name defines the name of the interface + maxLength: 253 + minLength: 1 + type: string + vlanID: + description: VLANID defines the specific vlan id associated on this interface + type: integer + required: + - name + type: object + type: array + networkInstances: + description: NetworkInstances defines the network instances associated with the NF deployment + items: + description: A networkInstance is a Layer 3 forwarding construct such as a virtual routing and forwarding (VRF) instance, + properties: + bgp: + description: BGP defines the BGP configuration associated with the network instance + properties: + autonomousSystem: + description: AutonomousSystem defines the AS number of the bgp process + type: integer + bgpNeighbors: + description: BGPNeigbors defines the configuration of the BGP neighbor items: properties: - prefix: - description: Prefix defines the ip cidr in prefix notation. It is defines as a subnet - pattern: (([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/(([0-9])|([1-2][0-9])|(3[0-2]))|((:|[0-9a-fA-F]{0,4}):)([0-9a-fA-F]{0,4}:){0,5}((([0-9a-fA-F]{0,4}:)?(:|[0-9a-fA-F]{0,4}))|(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])))(/(([0-9])|([0-9]{2})|(1[0-1][0-9])|(12[0-8]))) + address: + description: Address defines the IPv4 or IPv6 address of the BGP neighbor type: string + name: + description: BGP interface name, MUST match the one use in InterfaceConfig + type: string + peerAS: + description: PeerAS defines the AS number of the bgp peer + type: integer required: - - prefix + - address + - peerAS type: object type: array - type: object - type: array - interfaces: - description: interfaces defines the interfaces associated with the network instance - items: - type: string - type: array - name: - description: Name defines the name of the network instance - maxLength: 253 - minLength: 1 - type: string - peers: - description: Peers defines the peer configuration associated with the network instance - items: - description: A PeerConfig defines the peer configuration - properties: - ipv4: - description: IPv4 defines the ipv4 configuration of the peer - properties: - address: - description: Address defines the IPv4 address and prefix length in CIDR notation [IP prefix, range IPv4 with host bits] - type: string - gateway: - description: Gateway defines the IPv4 address associated to the interface as a gateway - type: string - required: - - address - type: object - ipv6: - description: IPv6 defines the ipv6 configuration of the peer - properties: - address: - description: Address defines the IPv6 address and prefix length in CIDR notation [IP prefix, range IPv6 with host bits] - type: string - gateway: - description: Gateway defines the IPv6 address associated to the interface as a gateway - type: string - required: - - address - type: object - name: - description: Name defines the name of the data network - maxLength: 253 - minLength: 1 + routerID: + description: RouterID defines the router ID of the bgp process type: string + required: + - autonomousSystem + - bgpNeighbors + - routerID type: object - type: array - required: - - name - type: object - type: array - type: object - status: - properties: - conditions: - description: Conditions define the current state of the NF deployment - items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - observedGeneration: - description: The generation observed by the deployment controller. - format: int32 - type: integer - required: - - observedGeneration - type: object - type: object - served: true - storage: true - subresources: - status: {} + dataNetworks: + description: DataNetworks defines the data networks assocated with the network instance + items: + description: A DataNetwork defines the Data Network name defined by 3GPP + properties: + name: + description: Name defines the name of the data network + maxLength: 253 + minLength: 1 + type: string + pool: + description: Pool defines the list of address pools associated with the data network + items: + properties: + prefix: + description: Prefix defines the ip cidr in prefix notation. It is defines as a subnet + pattern: (([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/(([0-9])|([1-2][0-9])|(3[0-2]))|((:|[0-9a-fA-F]{0,4}):)([0-9a-fA-F]{0,4}:){0,5}((([0-9a-fA-F]{0,4}:)?(:|[0-9a-fA-F]{0,4}))|(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])))(/(([0-9])|([0-9]{2})|(1[0-1][0-9])|(12[0-8]))) + type: string + required: + - prefix + type: object + type: array + type: object + type: array + interfaces: + description: interfaces defines the interfaces associated with the network instance + items: + type: string + type: array + name: + description: Name defines the name of the network instance + maxLength: 253 + minLength: 1 + type: string + peers: + description: Peers defines the peer configuration associated with the network instance + items: + description: A PeerConfig defines the peer configuration + properties: + ipv4: + description: IPv4 defines the ipv4 configuration of the peer + properties: + address: + description: Address defines the IPv4 address and prefix length in CIDR notation [IP prefix, range IPv4 with host bits] + type: string + gateway: + description: Gateway defines the IPv4 address associated to the interface as a gateway + type: string + required: + - address + type: object + ipv6: + description: IPv6 defines the ipv6 configuration of the peer + properties: + address: + description: Address defines the IPv6 address and prefix length in CIDR notation [IP prefix, range IPv6 with host bits] + type: string + gateway: + description: Gateway defines the IPv6 address associated to the interface as a gateway + type: string + required: + - address + type: object + name: + description: Name defines the name of the data network + maxLength: 253 + minLength: 1 + type: string + type: object + type: array + required: + - name + type: object + type: array + type: object + status: + properties: + conditions: + description: Conditions define the current state of the NF deployment + items: + description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + observedGeneration: + description: The generation observed by the deployment controller. + format: int32 + type: integer + required: + - observedGeneration + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/distros/gcp/nephio-mgmt/nephio-webui/apply-replacements.yaml b/distros/gcp/nephio-mgmt/nephio-webui/apply-replacements.yaml index 83dc945..7dd0c8d 100644 --- a/distros/gcp/nephio-mgmt/nephio-webui/apply-replacements.yaml +++ b/distros/gcp/nephio-mgmt/nephio-webui/apply-replacements.yaml @@ -5,13 +5,13 @@ metadata: annotations: config.kubernetes.io/local-config: "true" replacements: -- source: - kind: GenConfigMap - name: gen-app-config - fieldPath: params.hostname - targets: - - select: - kind: Ingress - fieldPaths: - - spec.rules.0.host - - spec.tls.0.hosts.0 + - source: + kind: GenConfigMap + name: gen-app-config + fieldPath: params.hostname + targets: + - select: + kind: Ingress + fieldPaths: + - spec.rules.0.host + - spec.tls.0.hosts.0 diff --git a/distros/gcp/nephio-mgmt/nephio-webui/cluster-role-binding.yaml b/distros/gcp/nephio-mgmt/nephio-webui/cluster-role-binding.yaml index 4845e32..a26baf2 100644 --- a/distros/gcp/nephio-mgmt/nephio-webui/cluster-role-binding.yaml +++ b/distros/gcp/nephio-mgmt/nephio-webui/cluster-role-binding.yaml @@ -5,9 +5,9 @@ metadata: # kpt-merge: /nephio-webui annotations: internal.kpt.dev/upstream-identifier: rbac.authorization.k8s.io|ClusterRoleBinding|default|nephio-webui subjects: -- kind: ServiceAccount - name: nephio-webui-sa - namespace: nephio-webui + - kind: ServiceAccount + name: nephio-webui-sa + namespace: nephio-webui roleRef: kind: ClusterRole name: cluster-admin diff --git a/distros/gcp/nephio-mgmt/nephio-webui/deployment.yaml b/distros/gcp/nephio-mgmt/nephio-webui/deployment.yaml index b847d6c..b40d468 100644 --- a/distros/gcp/nephio-mgmt/nephio-webui/deployment.yaml +++ b/distros/gcp/nephio-mgmt/nephio-webui/deployment.yaml @@ -18,38 +18,38 @@ spec: serviceAccountName: nephio-webui-sa terminationGracePeriodSeconds: 10 containers: - - name: main - image: nephio/kpt-backstage-plugins:v1.0.1 - imagePullPolicy: IfNotPresent - args: - - --config - - /etc/config/app-config.nephio.yaml - ports: - - name: http - containerPort: 7007 - volumeMounts: - - name: config-volume - mountPath: /etc/config - readinessProbe: - httpGet: - path: / - port: 7007 - env: - - name: AUTH_PROVIDER - value: google - - name: AUTH_OIDC_TOKEN_PROVIDER - value: okta - - name: AUTH_GOOGLE_CLIENT_ID - valueFrom: - secretKeyRef: - key: client-id - name: nephio-google-oauth-client - - name: AUTH_GOOGLE_CLIENT_SECRET - valueFrom: - secretKeyRef: - key: client-secret - name: nephio-google-oauth-client + - name: main + image: nephio/kpt-backstage-plugins:v1.0.1 + imagePullPolicy: IfNotPresent + args: + - --config + - /etc/config/app-config.nephio.yaml + ports: + - name: http + containerPort: 7007 + volumeMounts: + - name: config-volume + mountPath: /etc/config + readinessProbe: + httpGet: + path: / + port: 7007 + env: + - name: AUTH_PROVIDER + value: google + - name: AUTH_OIDC_TOKEN_PROVIDER + value: okta + - name: AUTH_GOOGLE_CLIENT_ID + valueFrom: + secretKeyRef: + key: client-id + name: nephio-google-oauth-client + - name: AUTH_GOOGLE_CLIENT_SECRET + valueFrom: + secretKeyRef: + key: client-secret + name: nephio-google-oauth-client volumes: - - name: config-volume - configMap: - name: nephio-webui-config + - name: config-volume + configMap: + name: nephio-webui-config diff --git a/distros/gcp/nephio-mgmt/nephio-webui/gen-configmap.yaml b/distros/gcp/nephio-mgmt/nephio-webui/gen-configmap.yaml index a3af1d9..a4913e8 100644 --- a/distros/gcp/nephio-mgmt/nephio-webui/gen-configmap.yaml +++ b/distros/gcp/nephio-mgmt/nephio-webui/gen-configmap.yaml @@ -15,68 +15,68 @@ params: resourcesNamespace: default authProvider: google data: -- type: gotmpl - key: app-config.nephio.yaml - value: | - app: - baseUrl: {{.scheme}}://{{.hostname}}:{{.port}} + - type: gotmpl + key: app-config.nephio.yaml + value: | + app: + baseUrl: {{.scheme}}://{{.hostname}}:{{.port}} - # Backstage backend configuration - backend: - # Note that the baseUrl should be the URL that the browser and other clients - # should use when communicating with the backend, i.e. it needs to be - # reachable not just from within the backend host, but from all of your - # callers. When its value is "http://localhost:7007", it's strictly private - # and can't be reached by others. - baseUrl: {{.scheme}}://{{.hostname}}:{{.port}} + # Backstage backend configuration + backend: + # Note that the baseUrl should be the URL that the browser and other clients + # should use when communicating with the backend, i.e. it needs to be + # reachable not just from within the backend host, but from all of your + # callers. When its value is "http://localhost:7007", it's strictly private + # and can't be reached by others. + baseUrl: {{.scheme}}://{{.hostname}}:{{.port}} - # Port here should remain 7007, that is what is used in the Service. The port - # in the URLs is for client access. - listen: - port: 7007 + # Port here should remain 7007, that is what is used in the Service. The port + # in the URLs is for client access. + listen: + port: 7007 - # Content Security Policy - csp: - # Allows images to be pulled from GitHub and Nephio - img-src: ["'self'", 'data:', 'https://raw.githubusercontent.com'] - upgrade-insecure-requests: false + # Content Security Policy + csp: + # Allows images to be pulled from GitHub and Nephio + img-src: ["'self'", 'data:', 'https://raw.githubusercontent.com'] + upgrade-insecure-requests: false - auth: - # see https://backstage.io/docs/auth/ to learn about auth providers - providers: - google: - development: - clientId: ${AUTH_GOOGLE_CLIENT_ID} - clientSecret: ${AUTH_GOOGLE_CLIENT_SECRET} - okta: - development: - clientId: ${AUTH_OKTA_CLIENT_ID} - clientSecret: ${AUTH_OKTA_CLIENT_SECRET} - audience: ${AUTH_OKTA_AUDIENCE} - authServerId: ${AUTH_OKTA_AUTH_SERVER_ID} - idp: ${AUTH_OKTA_IDP} + auth: + # see https://backstage.io/docs/auth/ to learn about auth providers + providers: + google: + development: + clientId: ${AUTH_GOOGLE_CLIENT_ID} + clientSecret: ${AUTH_GOOGLE_CLIENT_SECRET} + okta: + development: + clientId: ${AUTH_OKTA_CLIENT_ID} + clientSecret: ${AUTH_OKTA_CLIENT_SECRET} + audience: ${AUTH_OKTA_AUDIENCE} + authServerId: ${AUTH_OKTA_AUTH_SERVER_ID} + idp: ${AUTH_OKTA_IDP} - # Config as Data Plugin configuration - configAsData: - # The namespace where Porch managed resources live. - resourcesNamespace: {{.resourcesNamespace}} + # Config as Data Plugin configuration + configAsData: + # The namespace where Porch managed resources live. + resourcesNamespace: {{.resourcesNamespace}} - # Do not use Config Sync - gitOpsDeliveryTool: none + # Do not use Config Sync + gitOpsDeliveryTool: none - # Management cluster configuration - clusterLocatorMethod: - authProvider: ${AUTH_PROVIDER} + # Management cluster configuration + clusterLocatorMethod: + authProvider: ${AUTH_PROVIDER} - # For authProvider: oidc - oidcTokenProvider: ${AUTH_OIDC_TOKEN_PROVIDER} + # For authProvider: oidc + oidcTokenProvider: ${AUTH_OIDC_TOKEN_PROVIDER} - # For authProvider: service-account - serviceAccountToken: ${AUTH_SERVICE_ACCOUNT_TOKEN} + # For authProvider: service-account + serviceAccountToken: ${AUTH_SERVICE_ACCOUNT_TOKEN} - # Nephio branding customizations - branding: - title: Nephio - header: - logoUrl: https://raw.githubusercontent.com/nephio-project/kpt-backstage-plugins/v1.0.1/packages/app/public/nephio_logo_colorwhite_horizontal.svg - backgroundImageUrl: https://raw.githubusercontent.com/nephio-project/kpt-backstage-plugins/v1.0.1/packages/app/public/nephio-background.png + # Nephio branding customizations + branding: + title: Nephio + header: + logoUrl: https://raw.githubusercontent.com/nephio-project/kpt-backstage-plugins/v1.0.1/packages/app/public/nephio_logo_colorwhite_horizontal.svg + backgroundImageUrl: https://raw.githubusercontent.com/nephio-project/kpt-backstage-plugins/v1.0.1/packages/app/public/nephio-background.png diff --git a/distros/gcp/nephio-mgmt/nephio-webui/ingress.yaml b/distros/gcp/nephio-mgmt/nephio-webui/ingress.yaml index 368a781..0ed0cd1 100644 --- a/distros/gcp/nephio-mgmt/nephio-webui/ingress.yaml +++ b/distros/gcp/nephio-mgmt/nephio-webui/ingress.yaml @@ -8,17 +8,17 @@ metadata: namespace: nephio-webui spec: rules: - - host: webui.nephio.example.com - http: - paths: - - pathType: Prefix - path: / - backend: - service: - name: nephio-webui - port: - number: 7007 + - host: webui.nephio.example.com + http: + paths: + - pathType: Prefix + path: / + backend: + service: + name: nephio-webui + port: + number: 7007 tls: - - hosts: - - webui.nephio.example.com - secretName: nephio-webui-cert # < cert-manager will store the created certificate in this secret. + - hosts: + - webui.nephio.example.com + secretName: nephio-webui-cert # < cert-manager will store the created certificate in this secret. diff --git a/distros/gcp/nephio-mgmt/network-config/app/controller/clusterrole-network.yaml b/distros/gcp/nephio-mgmt/network-config/app/controller/clusterrole-network.yaml index b1ab382..3cb6d76 100644 --- a/distros/gcp/nephio-mgmt/network-config/app/controller/clusterrole-network.yaml +++ b/distros/gcp/nephio-mgmt/network-config/app/controller/clusterrole-network.yaml @@ -13,27 +13,27 @@ metadata: # kpt-merge: /network-config-controller-network-role annotations: internal.kpt.dev/upstream-identifier: 'rbac.authorization.k8s.io|ClusterRole|default|network-config-controller-network-role' rules: -- apiGroups: - - config.nephio.org - resources: - - networks - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - config.nephio.org - resources: - - networks/status - verbs: - - get - - list - - watch - - update - - patch - - create - - delete + - apiGroups: + - config.nephio.org + resources: + - networks + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - config.nephio.org + resources: + - networks/status + verbs: + - get + - list + - watch + - update + - patch + - create + - delete diff --git a/distros/gcp/nephio-mgmt/network-config/app/controller/clusterrole-target.yaml b/distros/gcp/nephio-mgmt/network-config/app/controller/clusterrole-target.yaml index ead3550..117a8f6 100644 --- a/distros/gcp/nephio-mgmt/network-config/app/controller/clusterrole-target.yaml +++ b/distros/gcp/nephio-mgmt/network-config/app/controller/clusterrole-target.yaml @@ -13,35 +13,35 @@ metadata: # kpt-merge: /network-config-controller-target-role annotations: internal.kpt.dev/upstream-identifier: 'rbac.authorization.k8s.io|ClusterRole|default|network-config-controller-target-role' rules: -- apiGroups: - - '*' - resources: - - secrets - verbs: - - get - - list - - watch -- apiGroups: - - inv.nephio.org - resources: - - targets - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - inv.nephio.org - resources: - - targets/status - verbs: - - get - - list - - watch - - update - - patch - - create - - delete + - apiGroups: + - '*' + resources: + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - inv.nephio.org + resources: + - targets + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - inv.nephio.org + resources: + - targets/status + verbs: + - get + - list + - watch + - update + - patch + - create + - delete diff --git a/distros/gcp/nephio-mgmt/network-config/app/controller/clusterrolebinding-controller.yaml b/distros/gcp/nephio-mgmt/network-config/app/controller/clusterrolebinding-controller.yaml index 944644e..c9bacaa 100644 --- a/distros/gcp/nephio-mgmt/network-config/app/controller/clusterrolebinding-controller.yaml +++ b/distros/gcp/nephio-mgmt/network-config/app/controller/clusterrolebinding-controller.yaml @@ -17,6 +17,6 @@ roleRef: kind: ClusterRole name: network-config-controller-controller-role subjects: -- kind: ServiceAccount - name: network-config-controller - namespace: network-config + - kind: ServiceAccount + name: network-config-controller + namespace: network-config diff --git a/distros/gcp/nephio-mgmt/network-config/app/controller/clusterrolebinding-network.yaml b/distros/gcp/nephio-mgmt/network-config/app/controller/clusterrolebinding-network.yaml index 444faec..4cb46f3 100644 --- a/distros/gcp/nephio-mgmt/network-config/app/controller/clusterrolebinding-network.yaml +++ b/distros/gcp/nephio-mgmt/network-config/app/controller/clusterrolebinding-network.yaml @@ -17,6 +17,6 @@ roleRef: kind: ClusterRole name: network-config-controller-network-role subjects: -- kind: ServiceAccount - name: network-config-controller - namespace: network-config + - kind: ServiceAccount + name: network-config-controller + namespace: network-config diff --git a/distros/gcp/nephio-mgmt/network-config/app/controller/clusterrolebinding-target.yaml b/distros/gcp/nephio-mgmt/network-config/app/controller/clusterrolebinding-target.yaml index 89681f2..8795c2c 100644 --- a/distros/gcp/nephio-mgmt/network-config/app/controller/clusterrolebinding-target.yaml +++ b/distros/gcp/nephio-mgmt/network-config/app/controller/clusterrolebinding-target.yaml @@ -17,6 +17,6 @@ roleRef: kind: ClusterRole name: network-config-controller-target-role subjects: -- kind: ServiceAccount - name: network-config-controller - namespace: network-config + - kind: ServiceAccount + name: network-config-controller + namespace: network-config diff --git a/distros/gcp/nephio-mgmt/network-config/app/controller/deployment-controller.yaml b/distros/gcp/nephio-mgmt/network-config/app/controller/deployment-controller.yaml index 407a202..19cabac 100644 --- a/distros/gcp/nephio-mgmt/network-config/app/controller/deployment-controller.yaml +++ b/distros/gcp/nephio-mgmt/network-config/app/controller/deployment-controller.yaml @@ -27,78 +27,78 @@ spec: namespace: network-config spec: containers: - - args: - - --secure-listen-address=0.0.0.0:8443 - - --upstream=http://127.0.0.1:8080/ - - --logtostderr=true - - --v=10 - image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0 - name: kube-rbac-proxy - ports: - - containerPort: 8443 - name: https - resources: {} - - args: - - --health-probe-bind-address=:8081 - - --metrics-bind-address=127.0.0.1:8080 - - --leader-elect - command: - - /manager - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: POD_IP - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.podIP - - name: POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - - name: NODE_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: spec.nodeName - - name: NODE_IP - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.hostIP - - name: ENABLE_TARGETS - value: "true" - - name: ENABLE_NETWORKCONFIGS - value: "true" - image: docker.io/nephio/network-config-operator:v2.0.0 - livenessProbe: - httpGet: - path: /healthz - port: 8081 - initialDelaySeconds: 15 - periodSeconds: 20 - name: controller - readinessProbe: - httpGet: - path: /readyz - port: 8081 - initialDelaySeconds: 5 - periodSeconds: 10 - resources: - limits: - cpu: 500m - memory: 128Mi - requests: - cpu: 10m - memory: 64Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL + - args: + - --secure-listen-address=0.0.0.0:8443 + - --upstream=http://127.0.0.1:8080/ + - --logtostderr=true + - --v=10 + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0 + name: kube-rbac-proxy + ports: + - containerPort: 8443 + name: https + resources: {} + - args: + - --health-probe-bind-address=:8081 + - --metrics-bind-address=127.0.0.1:8080 + - --leader-elect + command: + - /manager + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + - name: NODE_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.hostIP + - name: ENABLE_TARGETS + value: "true" + - name: ENABLE_NETWORKCONFIGS + value: "true" + image: docker.io/nephio/network-config-operator:v2.0.0 + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: controller + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 10m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL serviceAccountName: network-config-controller status: {} diff --git a/distros/gcp/nephio-mgmt/network-config/app/controller/role-leader-election.yaml b/distros/gcp/nephio-mgmt/network-config/app/controller/role-leader-election.yaml index 53a9004..6ae0bf5 100644 --- a/distros/gcp/nephio-mgmt/network-config/app/controller/role-leader-election.yaml +++ b/distros/gcp/nephio-mgmt/network-config/app/controller/role-leader-election.yaml @@ -14,34 +14,34 @@ metadata: # kpt-merge: network-config/network-config-controller-leader-election- annotations: internal.kpt.dev/upstream-identifier: 'rbac.authorization.k8s.io|Role|network-config|network-config-controller-leader-election-role' rules: -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch diff --git a/distros/gcp/nephio-mgmt/network-config/app/controller/rolebinding-leader-election.yaml b/distros/gcp/nephio-mgmt/network-config/app/controller/rolebinding-leader-election.yaml index 6dbcbd6..51607f3 100644 --- a/distros/gcp/nephio-mgmt/network-config/app/controller/rolebinding-leader-election.yaml +++ b/distros/gcp/nephio-mgmt/network-config/app/controller/rolebinding-leader-election.yaml @@ -18,6 +18,6 @@ roleRef: kind: Role name: network-config-controller-leader-election-role subjects: -- kind: ServiceAccount - name: network-config-controller - namespace: network-config + - kind: ServiceAccount + name: network-config-controller + namespace: network-config diff --git a/distros/gcp/nephio-mgmt/porch/0-fleetmembershipbindings.yaml b/distros/gcp/nephio-mgmt/porch/0-fleetmembershipbindings.yaml index b38dc69..bd1ea94 100644 --- a/distros/gcp/nephio-mgmt/porch/0-fleetmembershipbindings.yaml +++ b/distros/gcp/nephio-mgmt/porch/0-fleetmembershipbindings.yaml @@ -12,7 +12,6 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -29,59 +28,55 @@ spec: singular: fleetmembershipbinding scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - data: - description: Data contains the discovered (synced) information - properties: - binding: - type: string - labels: - additionalProperties: + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + data: + description: Data contains the discovered (synced) information + properties: + binding: type: string - type: object - location: - type: string - membership: - type: string - name: - type: string - project: - type: string - scope: - type: string - scopeFullName: - type: string - scopeLocation: - type: string - scopeProject: - type: string - state: - properties: - code: + labels: + additionalProperties: type: string - type: object - required: - - membership - type: object - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - status: - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: object + location: + type: string + membership: + type: string + name: + type: string + project: + type: string + scope: + type: string + scopeFullName: + type: string + scopeLocation: + type: string + scopeProject: + type: string + state: + properties: + code: + type: string + type: object + required: + - membership + type: object + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + status: + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/distros/gcp/nephio-mgmt/porch/0-fleetmemberships.yaml b/distros/gcp/nephio-mgmt/porch/0-fleetmemberships.yaml index 2826f81..21e69fe 100644 --- a/distros/gcp/nephio-mgmt/porch/0-fleetmemberships.yaml +++ b/distros/gcp/nephio-mgmt/porch/0-fleetmemberships.yaml @@ -12,7 +12,6 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -29,49 +28,45 @@ spec: singular: fleetmembership scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - data: - description: Data contains the discovered (synced) information - properties: - description: - type: string - fullName: - type: string - labels: - additionalProperties: + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + data: + description: Data contains the discovered (synced) information + properties: + description: type: string - type: object - location: - type: string - membership: - type: string - project: - type: string - state: - properties: - code: + fullName: + type: string + labels: + additionalProperties: type: string - type: object - type: object - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - status: - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: object + location: + type: string + membership: + type: string + project: + type: string + state: + properties: + code: + type: string + type: object + type: object + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + status: + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/distros/gcp/nephio-mgmt/porch/0-fleetscopes.yaml b/distros/gcp/nephio-mgmt/porch/0-fleetscopes.yaml index 2b3357b..ca70e9e 100644 --- a/distros/gcp/nephio-mgmt/porch/0-fleetscopes.yaml +++ b/distros/gcp/nephio-mgmt/porch/0-fleetscopes.yaml @@ -12,7 +12,6 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -29,47 +28,43 @@ spec: singular: fleetscope scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - data: - description: Data contains the discovered (synced) information - properties: - fullName: - type: string - labels: - additionalProperties: + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + data: + description: Data contains the discovered (synced) information + properties: + fullName: type: string - type: object - location: - type: string - project: - type: string - scope: - type: string - state: - properties: - code: + labels: + additionalProperties: type: string - type: object - type: object - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - status: - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: object + location: + type: string + project: + type: string + scope: + type: string + state: + properties: + code: + type: string + type: object + type: object + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + status: + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/distros/gcp/nephio-mgmt/porch/0-fleetsyncs.yaml b/distros/gcp/nephio-mgmt/porch/0-fleetsyncs.yaml index 25491dc..7431d73 100644 --- a/distros/gcp/nephio-mgmt/porch/0-fleetsyncs.yaml +++ b/distros/gcp/nephio-mgmt/porch/0-fleetsyncs.yaml @@ -12,7 +12,6 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -29,106 +28,77 @@ spec: singular: fleetsync scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - projectIds: - items: - type: string - type: array - required: - - projectIds - type: object - status: - properties: - conditions: - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - required: - - conditions - type: object - type: object - served: true - storage: true - subresources: - status: {} + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + projectIds: + items: + type: string + type: array + required: + - projectIds + type: object + status: + properties: + conditions: + items: + description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/distros/gcp/nephio-mgmt/porch/0-packagerevs.yaml b/distros/gcp/nephio-mgmt/porch/0-packagerevs.yaml index b3d91f1..f2eeed7 100644 --- a/distros/gcp/nephio-mgmt/porch/0-packagerevs.yaml +++ b/distros/gcp/nephio-mgmt/porch/0-packagerevs.yaml @@ -14,27 +14,27 @@ spec: singular: packagerev scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: PackageRev - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: PackageRevSpec defines the desired state of PackageRev - type: object - status: - description: PackageRevStatus defines the observed state of PackageRev - type: object - type: object - served: true - storage: true - subresources: - status: {} + - name: v1alpha1 + schema: + openAPIV3Schema: + description: PackageRev + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: PackageRevSpec defines the desired state of PackageRev + type: object + status: + description: PackageRevStatus defines the observed state of PackageRev + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/distros/gcp/nephio-mgmt/porch/0-packagevariants.yaml b/distros/gcp/nephio-mgmt/porch/0-packagevariants.yaml index bb2ba37..6b8d22a 100644 --- a/distros/gcp/nephio-mgmt/porch/0-packagevariants.yaml +++ b/distros/gcp/nephio-mgmt/porch/0-packagevariants.yaml @@ -14,305 +14,305 @@ spec: singular: packagevariant scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: PackageVariant represents an upstream and downstream porch package pair. The upstream package should already exist. The PackageVariant controller is responsible for creating the downstream package revisions based on the spec. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: PackageVariantSpec defines the desired state of PackageVariant - properties: - adoptionPolicy: - type: string - annotations: - additionalProperties: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: PackageVariant represents an upstream and downstream porch package pair. The upstream package should already exist. The PackageVariant controller is responsible for creating the downstream package revisions based on the spec. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: PackageVariantSpec defines the desired state of PackageVariant + properties: + adoptionPolicy: type: string - type: object - deletionPolicy: - type: string - downstream: - properties: - package: + annotations: + additionalProperties: type: string - repo: - type: string - type: object - injectors: - items: - description: InjectionSelector specifies how to select in-cluster objects for resolving injection points. + type: object + deletionPolicy: + type: string + downstream: properties: - group: + package: type: string - kind: + repo: type: string - name: - type: string - version: - type: string - required: - - name type: object - type: array - labels: - additionalProperties: - type: string - type: object - packageContext: - description: PackageContext defines the data to be added or removed from the kptfile.kpt.dev ConfigMap during reconciliation. - properties: - data: - additionalProperties: - type: string + injectors: + items: + description: InjectionSelector specifies how to select in-cluster objects for resolving injection points. + properties: + group: + type: string + kind: + type: string + name: + type: string + version: + type: string + required: + - name type: object - removeKeys: - items: - type: string - type: array - type: object - pipeline: - description: Pipeline declares a pipeline of functions used to mutate or validate resources. - properties: - mutators: - description: Mutators defines a list of of KRM functions that mutate resources. - items: - description: Function specifies a KRM function. - properties: - configMap: - additionalProperties: + type: array + labels: + additionalProperties: + type: string + type: object + packageContext: + description: PackageContext defines the data to be added or removed from the kptfile.kpt.dev ConfigMap during reconciliation. + properties: + data: + additionalProperties: + type: string + type: object + removeKeys: + items: + type: string + type: array + type: object + pipeline: + description: Pipeline declares a pipeline of functions used to mutate or validate resources. + properties: + mutators: + description: Mutators defines a list of of KRM functions that mutate resources. + items: + description: Function specifies a KRM function. + properties: + configMap: + additionalProperties: + type: string + description: '`ConfigMap` is a convenient way to specify a function config of kind ConfigMap.' + type: object + configPath: + description: '`ConfigPath` specifies a slash-delimited relative path to a file in the current directory containing a KRM resource used as the function config. This resource is excluded when resolving ''sources'', and as a result cannot be operated on by the pipeline.' type: string - description: '`ConfigMap` is a convenient way to specify a function config of kind ConfigMap.' - type: object - configPath: - description: '`ConfigPath` specifies a slash-delimited relative path to a file in the current directory containing a KRM resource used as the function config. This resource is excluded when resolving ''sources'', and as a result cannot be operated on by the pipeline.' - type: string - exclude: - description: '`Exclude` are used to specify resources on which the function should NOT be executed. If not specified, all resources selected by `Selectors` are selected.' - items: - description: Selector specifies the selection criteria please update IsEmpty method if more properties are added - properties: - annotations: - additionalProperties: + exclude: + description: '`Exclude` are used to specify resources on which the function should NOT be executed. If not specified, all resources selected by `Selectors` are selected.' + items: + description: Selector specifies the selection criteria please update IsEmpty method if more properties are added + properties: + annotations: + additionalProperties: + type: string + description: Annotations on the target resources + type: object + apiVersion: + description: APIVersion of the target resources type: string - description: Annotations on the target resources - type: object - apiVersion: - description: APIVersion of the target resources - type: string - kind: - description: Kind of the target resources - type: string - labels: - additionalProperties: + kind: + description: Kind of the target resources type: string - description: Labels on the target resources - type: object - name: - description: Name of the target resources - type: string - namespace: - description: Namespace of the target resources - type: string - type: object - type: array - exec: - description: "Exec specifies the function binary executable. The executable can be fully qualified or it must exists in the $PATH e.g: \n exec: set-namespace exec: /usr/local/bin/my-custom-fn" - type: string - image: - description: "`Image` specifies the function container image. It can either be fully qualified, e.g.: \n image: gcr.io/kpt-fn/set-labels \n Optionally, kpt can be configured to use a image registry host-path that will be used to resolve the image path in case the image path is missing (Defaults to gcr.io/kpt-fn). e.g. The following resolves to gcr.io/kpt-fn/set-labels: \n image: set-labels" - type: string - name: - description: '`Name` is used to uniquely identify the function declaration this is primarily used for merging function declaration with upstream counterparts' - type: string - selectors: - description: '`Selectors` are used to specify resources on which the function should be executed if not specified, all resources are selected' - items: - description: Selector specifies the selection criteria please update IsEmpty method if more properties are added - properties: - annotations: - additionalProperties: + labels: + additionalProperties: + type: string + description: Labels on the target resources + type: object + name: + description: Name of the target resources type: string - description: Annotations on the target resources - type: object - apiVersion: - description: APIVersion of the target resources - type: string - kind: - description: Kind of the target resources - type: string - labels: - additionalProperties: + namespace: + description: Namespace of the target resources type: string - description: Labels on the target resources - type: object - name: - description: Name of the target resources - type: string - namespace: - description: Namespace of the target resources - type: string - type: object - type: array - type: object - type: array - validators: - description: Validators defines a list of KRM functions that validate resources. Validators are not permitted to mutate resources. - items: - description: Function specifies a KRM function. - properties: - configMap: - additionalProperties: + type: object + type: array + exec: + description: "Exec specifies the function binary executable. The executable can be fully qualified or it must exists in the $PATH e.g: \n exec: set-namespace exec: /usr/local/bin/my-custom-fn" type: string - description: '`ConfigMap` is a convenient way to specify a function config of kind ConfigMap.' - type: object - configPath: - description: '`ConfigPath` specifies a slash-delimited relative path to a file in the current directory containing a KRM resource used as the function config. This resource is excluded when resolving ''sources'', and as a result cannot be operated on by the pipeline.' - type: string - exclude: - description: '`Exclude` are used to specify resources on which the function should NOT be executed. If not specified, all resources selected by `Selectors` are selected.' - items: - description: Selector specifies the selection criteria please update IsEmpty method if more properties are added - properties: - annotations: - additionalProperties: + image: + description: "`Image` specifies the function container image. It can either be fully qualified, e.g.: \n image: gcr.io/kpt-fn/set-labels \n Optionally, kpt can be configured to use a image registry host-path that will be used to resolve the image path in case the image path is missing (Defaults to gcr.io/kpt-fn). e.g. The following resolves to gcr.io/kpt-fn/set-labels: \n image: set-labels" + type: string + name: + description: '`Name` is used to uniquely identify the function declaration this is primarily used for merging function declaration with upstream counterparts' + type: string + selectors: + description: '`Selectors` are used to specify resources on which the function should be executed if not specified, all resources are selected' + items: + description: Selector specifies the selection criteria please update IsEmpty method if more properties are added + properties: + annotations: + additionalProperties: + type: string + description: Annotations on the target resources + type: object + apiVersion: + description: APIVersion of the target resources type: string - description: Annotations on the target resources - type: object - apiVersion: - description: APIVersion of the target resources - type: string - kind: - description: Kind of the target resources - type: string - labels: - additionalProperties: + kind: + description: Kind of the target resources type: string - description: Labels on the target resources - type: object - name: - description: Name of the target resources - type: string - namespace: - description: Namespace of the target resources - type: string - type: object - type: array - exec: - description: "Exec specifies the function binary executable. The executable can be fully qualified or it must exists in the $PATH e.g: \n exec: set-namespace exec: /usr/local/bin/my-custom-fn" - type: string - image: - description: "`Image` specifies the function container image. It can either be fully qualified, e.g.: \n image: gcr.io/kpt-fn/set-labels \n Optionally, kpt can be configured to use a image registry host-path that will be used to resolve the image path in case the image path is missing (Defaults to gcr.io/kpt-fn). e.g. The following resolves to gcr.io/kpt-fn/set-labels: \n image: set-labels" - type: string - name: - description: '`Name` is used to uniquely identify the function declaration this is primarily used for merging function declaration with upstream counterparts' - type: string - selectors: - description: '`Selectors` are used to specify resources on which the function should be executed if not specified, all resources are selected' - items: - description: Selector specifies the selection criteria please update IsEmpty method if more properties are added - properties: - annotations: - additionalProperties: + labels: + additionalProperties: + type: string + description: Labels on the target resources + type: object + name: + description: Name of the target resources type: string - description: Annotations on the target resources - type: object - apiVersion: - description: APIVersion of the target resources - type: string - kind: - description: Kind of the target resources - type: string - labels: - additionalProperties: + namespace: + description: Namespace of the target resources type: string - description: Labels on the target resources - type: object - name: - description: Name of the target resources - type: string - namespace: - description: Namespace of the target resources - type: string + type: object + type: array + type: object + type: array + validators: + description: Validators defines a list of KRM functions that validate resources. Validators are not permitted to mutate resources. + items: + description: Function specifies a KRM function. + properties: + configMap: + additionalProperties: + type: string + description: '`ConfigMap` is a convenient way to specify a function config of kind ConfigMap.' type: object - type: array - type: object - type: array - type: object - upstream: - properties: - package: - type: string - repo: - type: string - revision: - type: string - type: object - type: object - status: - description: PackageVariantStatus defines the observed state of PackageVariant - properties: - conditions: - description: Conditions describes the reconciliation state of the object. - items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + configPath: + description: '`ConfigPath` specifies a slash-delimited relative path to a file in the current directory containing a KRM resource used as the function config. This resource is excluded when resolving ''sources'', and as a result cannot be operated on by the pipeline.' + type: string + exclude: + description: '`Exclude` are used to specify resources on which the function should NOT be executed. If not specified, all resources selected by `Selectors` are selected.' + items: + description: Selector specifies the selection criteria please update IsEmpty method if more properties are added + properties: + annotations: + additionalProperties: + type: string + description: Annotations on the target resources + type: object + apiVersion: + description: APIVersion of the target resources + type: string + kind: + description: Kind of the target resources + type: string + labels: + additionalProperties: + type: string + description: Labels on the target resources + type: object + name: + description: Name of the target resources + type: string + namespace: + description: Namespace of the target resources + type: string + type: object + type: array + exec: + description: "Exec specifies the function binary executable. The executable can be fully qualified or it must exists in the $PATH e.g: \n exec: set-namespace exec: /usr/local/bin/my-custom-fn" + type: string + image: + description: "`Image` specifies the function container image. It can either be fully qualified, e.g.: \n image: gcr.io/kpt-fn/set-labels \n Optionally, kpt can be configured to use a image registry host-path that will be used to resolve the image path in case the image path is missing (Defaults to gcr.io/kpt-fn). e.g. The following resolves to gcr.io/kpt-fn/set-labels: \n image: set-labels" + type: string + name: + description: '`Name` is used to uniquely identify the function declaration this is primarily used for merging function declaration with upstream counterparts' + type: string + selectors: + description: '`Selectors` are used to specify resources on which the function should be executed if not specified, all resources are selected' + items: + description: Selector specifies the selection criteria please update IsEmpty method if more properties are added + properties: + annotations: + additionalProperties: + type: string + description: Annotations on the target resources + type: object + apiVersion: + description: APIVersion of the target resources + type: string + kind: + description: Kind of the target resources + type: string + labels: + additionalProperties: + type: string + description: Labels on the target resources + type: object + name: + description: Name of the target resources + type: string + namespace: + description: Namespace of the target resources + type: string + type: object + type: array + type: object + type: array + type: object + upstream: properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + package: type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + repo: type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + revision: type: string - required: - - lastTransitionTime - - message - - reason - - status - - type type: object - type: array - downstreamTargets: - description: DownstreamTargets contains the downstream targets that the PackageVariant either created or adopted. - items: - properties: - name: - type: string - type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: object + status: + description: PackageVariantStatus defines the observed state of PackageVariant + properties: + conditions: + description: Conditions describes the reconciliation state of the object. + items: + description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + downstreamTargets: + description: DownstreamTargets contains the downstream targets that the PackageVariant either created or adopted. + items: + properties: + name: + type: string + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/distros/gcp/nephio-mgmt/porch/0-packagevariantsets.yaml b/distros/gcp/nephio-mgmt/porch/0-packagevariantsets.yaml index 9facc40..06e54b8 100644 --- a/distros/gcp/nephio-mgmt/porch/0-packagevariantsets.yaml +++ b/distros/gcp/nephio-mgmt/porch/0-packagevariantsets.yaml @@ -14,706 +14,706 @@ spec: singular: packagevariantset scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: PackageVariantSet represents an upstream package revision and a way to target specific downstream repositories where a variant of the upstream package should be created. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: PackageVariantSetSpec defines the desired state of PackageVariantSet - properties: - adoptionPolicy: - type: string - annotations: - additionalProperties: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: PackageVariantSet represents an upstream package revision and a way to target specific downstream repositories where a variant of the upstream package should be created. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: PackageVariantSetSpec defines the desired state of PackageVariantSet + properties: + adoptionPolicy: type: string - type: object - deletionPolicy: - type: string - labels: - additionalProperties: + annotations: + additionalProperties: + type: string + type: object + deletionPolicy: type: string - type: object - targets: - items: - properties: - objects: - description: 'option 3: a selector against a set of arbitrary objects' - properties: - repoName: - properties: - fromField: - type: string - value: - type: string - type: object - selectors: - items: + labels: + additionalProperties: + type: string + type: object + targets: + items: + properties: + objects: + description: 'option 3: a selector against a set of arbitrary objects' + properties: + repoName: properties: - annotations: - additionalProperties: - type: string - description: Annotations on the target resources - type: object - apiVersion: - description: APIVersion of the target resources + fromField: type: string - kind: - description: Kind of the target resources + value: type: string - labelSelector: - description: Labels on the target resources - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - items: + type: object + selectors: + items: + properties: + annotations: + additionalProperties: + type: string + description: Annotations on the target resources + type: object + apiVersion: + description: APIVersion of the target resources + type: string + kind: + description: Kind of the target resources + type: string + labelSelector: + description: Labels on the target resources + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string - type: array - required: - - key - - operator + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - name: - description: Name of the target resources + type: object + name: + description: Name of the target resources + type: string + namespace: + description: Namespace of the target resources + type: string + type: object + type: array + type: object + package: + description: 'option 1: an explicit repo/package name pair' + properties: + name: + type: string + repo: + type: string + type: object + packageName: + description: For options 2 and 3, PackageName specifies how to create the name of the package variant + properties: + baseName: + properties: + fromField: type: string - namespace: - description: Namespace of the target resources + value: type: string type: object - type: array - type: object + namePrefix: + properties: + fromField: + type: string + value: + type: string + type: object + nameSuffix: + properties: + fromField: + type: string + value: + type: string + type: object + type: object + repositories: + description: 'option 2: a label selector against a set of repositories' + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + type: object + type: array + upstream: + properties: package: - description: 'option 1: an explicit repo/package name pair' properties: name: type: string repo: type: string type: object - packageName: - description: For options 2 and 3, PackageName specifies how to create the name of the package variant - properties: - baseName: - properties: - fromField: - type: string - value: - type: string - type: object - namePrefix: - properties: - fromField: - type: string - value: - type: string - type: object - nameSuffix: - properties: - fromField: - type: string - value: - type: string - type: object - type: object - repositories: - description: 'option 2: a label selector against a set of repositories' - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object + ref: + type: string + revision: + type: string type: object - type: array - upstream: - properties: - package: + type: object + status: + description: PackageVariantSetStatus defines the observed state of PackageVariantSet + properties: + conditions: + description: Conditions describes the reconciliation state of the object. + items: + description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - name: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time type: string - repo: + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type type: object - ref: - type: string - revision: - type: string - type: object - type: object - status: - description: PackageVariantSetStatus defines the observed state of PackageVariantSet - properties: - conditions: - description: Conditions describes the reconciliation state of the object. - items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - type: object - type: object - served: false - storage: false - subresources: - status: {} - - name: v1alpha2 - schema: - openAPIV3Schema: - description: PackageVariantSet represents an upstream package revision and a way to target specific downstream repositories where a variant of the upstream package should be created. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: PackageVariantSetSpec defines the desired state of PackageVariantSet - properties: - targets: - items: - properties: - objectSelector: - description: 'option 3: a selector against a set of arbitrary objects' - properties: - apiVersion: - description: APIVersion of the target resources - type: string - kind: - description: Kind of the target resources - type: string - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - items: + type: array + type: object + type: object + served: false + storage: false + subresources: + status: {} + - name: v1alpha2 + schema: + openAPIV3Schema: + description: PackageVariantSet represents an upstream package revision and a way to target specific downstream repositories where a variant of the upstream package should be created. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: PackageVariantSetSpec defines the desired state of PackageVariantSet + properties: + targets: + items: + properties: + objectSelector: + description: 'option 3: a selector against a set of arbitrary objects' + properties: + apiVersion: + description: APIVersion of the target resources + type: string + kind: + description: Kind of the target resources + type: string + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. type: string - type: array - required: - - key - - operator + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object - type: array - matchLabels: - additionalProperties: + name: + description: Name of the target resource type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + repositories: + description: 'Exactly one of Repositories, RepositorySeletor, and ObjectSelector must be populated option 1: an explicit repositories and package names' + items: + properties: + name: + description: Name contains the name of the Repository resource, which must be in the same namespace as the PackageVariantSet resource. + type: string + packageNames: + description: PackageNames contains names to use for package instances in this repository; that is, the same upstream will be instantiated multiple times using these names. + items: + type: string + type: array + required: + - name type: object - name: - description: Name of the target resource - type: string - type: object - repositories: - description: 'Exactly one of Repositories, RepositorySeletor, and ObjectSelector must be populated option 1: an explicit repositories and package names' - items: + type: array + repositorySelector: + description: 'option 2: a label selector against a set of repositories' properties: - name: - description: Name contains the name of the Repository resource, which must be in the same namespace as the PackageVariantSet resource. - type: string - packageNames: - description: PackageNames contains names to use for package instances in this repository; that is, the same upstream will be instantiated multiple times using these names. + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - type: string + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - name + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object type: object - type: array - repositorySelector: - description: 'option 2: a label selector against a set of repositories' - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - items: + template: + description: Template specifies how to generate a PackageVariant from a target + properties: + adoptionPolicy: + description: AdoptionPolicy allows overriding the PackageVariant adoption policy + type: string + annotationExprs: + description: AnnotationsExprs allows specifying the spec.Annotations field of the generated PackageVariant using CEL to dynamically create the keys and values. Entries in this field take precedent over those with the same keys that are present in Annotations. + items: + description: MapExpr is used for various fields to calculate map entries. Only one of Key and KeyExpr may be specified; similarly only on of Value and ValueExpr may be specified. + properties: + key: type: string - type: array - required: - - key - - operator + keyExpr: + type: string + value: + type: string + valueExpr: + type: string + type: object + type: array + annotations: + additionalProperties: + type: string + description: Annotations allows specifying the spec.Annotations field of the generated PackageVariant type: object - type: array - matchLabels: - additionalProperties: + deletionPolicy: + description: DeletionPolicy allows overriding the PackageVariant deletion policy type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - template: - description: Template specifies how to generate a PackageVariant from a target - properties: - adoptionPolicy: - description: AdoptionPolicy allows overriding the PackageVariant adoption policy - type: string - annotationExprs: - description: AnnotationsExprs allows specifying the spec.Annotations field of the generated PackageVariant using CEL to dynamically create the keys and values. Entries in this field take precedent over those with the same keys that are present in Annotations. - items: - description: MapExpr is used for various fields to calculate map entries. Only one of Key and KeyExpr may be specified; similarly only on of Value and ValueExpr may be specified. + downstream: + description: Downstream allows overriding the default downstream package and repository name properties: - key: + package: type: string - keyExpr: + packageExpr: type: string - value: + repo: type: string - valueExpr: + repoExpr: type: string type: object - type: array - annotations: - additionalProperties: - type: string - description: Annotations allows specifying the spec.Annotations field of the generated PackageVariant - type: object - deletionPolicy: - description: DeletionPolicy allows overriding the PackageVariant deletion policy - type: string - downstream: - description: Downstream allows overriding the default downstream package and repository name - properties: - package: - type: string - packageExpr: - type: string - repo: - type: string - repoExpr: + injectors: + description: Injectors allows specifying the spec.Injectors field of the generated PackageVariant + items: + description: InjectionSelectorTemplate is used to calculate the injectors field of the resulting package variants. Exactly one of the Name and NameExpr fields must be specified. The other fields are optional. + properties: + group: + type: string + kind: + type: string + name: + type: string + nameExpr: + type: string + version: + type: string + type: object + type: array + labelExprs: + description: LabelsExprs allows specifying the spec.Labels field of the generated PackageVariant using CEL to dynamically create the keys and values. Entries in this field take precedent over those with the same keys that are present in Labels. + items: + description: MapExpr is used for various fields to calculate map entries. Only one of Key and KeyExpr may be specified; similarly only on of Value and ValueExpr may be specified. + properties: + key: + type: string + keyExpr: + type: string + value: + type: string + valueExpr: + type: string + type: object + type: array + labels: + additionalProperties: type: string - type: object - injectors: - description: Injectors allows specifying the spec.Injectors field of the generated PackageVariant - items: - description: InjectionSelectorTemplate is used to calculate the injectors field of the resulting package variants. Exactly one of the Name and NameExpr fields must be specified. The other fields are optional. - properties: - group: - type: string - kind: - type: string - name: - type: string - nameExpr: - type: string - version: - type: string + description: Labels allows specifying the spec.Labels field of the generated PackageVariant type: object - type: array - labelExprs: - description: LabelsExprs allows specifying the spec.Labels field of the generated PackageVariant using CEL to dynamically create the keys and values. Entries in this field take precedent over those with the same keys that are present in Labels. - items: - description: MapExpr is used for various fields to calculate map entries. Only one of Key and KeyExpr may be specified; similarly only on of Value and ValueExpr may be specified. + packageContext: + description: PackageContext allows specifying the spec.PackageContext field of the generated PackageVariant properties: - key: - type: string - keyExpr: - type: string - value: - type: string - valueExpr: - type: string - type: object - type: array - labels: - additionalProperties: - type: string - description: Labels allows specifying the spec.Labels field of the generated PackageVariant - type: object - packageContext: - description: PackageContext allows specifying the spec.PackageContext field of the generated PackageVariant - properties: - data: - additionalProperties: - type: string - type: object - dataExprs: - items: - description: MapExpr is used for various fields to calculate map entries. Only one of Key and KeyExpr may be specified; similarly only on of Value and ValueExpr may be specified. - properties: - key: - type: string - keyExpr: - type: string - value: - type: string - valueExpr: - type: string + data: + additionalProperties: + type: string type: object - type: array - removeKeyExprs: - items: - type: string - type: array - removeKeys: - items: - type: string - type: array - type: object - pipeline: - description: Pipeline allows specifying the spec.Pipeline field of the generated PackageVariant - properties: - mutators: - description: Mutators is used to caculate the pipeline.mutators field of the resulting package variants. - items: - description: FunctionTemplate is used in generating KRM function pipeline entries; that is, it is used to generate Kptfile Function objects. - properties: - configMap: - additionalProperties: + dataExprs: + items: + description: MapExpr is used for various fields to calculate map entries. Only one of Key and KeyExpr may be specified; similarly only on of Value and ValueExpr may be specified. + properties: + key: + type: string + keyExpr: + type: string + value: + type: string + valueExpr: type: string - description: '`ConfigMap` is a convenient way to specify a function config of kind ConfigMap.' - type: object - configMapExprs: - description: ConfigMapExprs allows use of CEL to dynamically create the keys and values in the function config ConfigMap. Entries in this field take precedent over those with the same keys that are present in ConfigMap. - items: - description: MapExpr is used for various fields to calculate map entries. Only one of Key and KeyExpr may be specified; similarly only on of Value and ValueExpr may be specified. - properties: - key: - type: string - keyExpr: - type: string - value: - type: string - valueExpr: - type: string + type: object + type: array + removeKeyExprs: + items: + type: string + type: array + removeKeys: + items: + type: string + type: array + type: object + pipeline: + description: Pipeline allows specifying the spec.Pipeline field of the generated PackageVariant + properties: + mutators: + description: Mutators is used to caculate the pipeline.mutators field of the resulting package variants. + items: + description: FunctionTemplate is used in generating KRM function pipeline entries; that is, it is used to generate Kptfile Function objects. + properties: + configMap: + additionalProperties: + type: string + description: '`ConfigMap` is a convenient way to specify a function config of kind ConfigMap.' type: object - type: array - configPath: - description: '`ConfigPath` specifies a slash-delimited relative path to a file in the current directory containing a KRM resource used as the function config. This resource is excluded when resolving ''sources'', and as a result cannot be operated on by the pipeline.' - type: string - exclude: - description: '`Exclude` are used to specify resources on which the function should NOT be executed. If not specified, all resources selected by `Selectors` are selected.' - items: - description: Selector specifies the selection criteria please update IsEmpty method if more properties are added - properties: - annotations: - additionalProperties: + configMapExprs: + description: ConfigMapExprs allows use of CEL to dynamically create the keys and values in the function config ConfigMap. Entries in this field take precedent over those with the same keys that are present in ConfigMap. + items: + description: MapExpr is used for various fields to calculate map entries. Only one of Key and KeyExpr may be specified; similarly only on of Value and ValueExpr may be specified. + properties: + key: type: string - description: Annotations on the target resources - type: object - apiVersion: - description: APIVersion of the target resources - type: string - kind: - description: Kind of the target resources - type: string - labels: - additionalProperties: + keyExpr: type: string - description: Labels on the target resources - type: object - name: - description: Name of the target resources - type: string - namespace: - description: Namespace of the target resources - type: string - type: object - type: array - exec: - description: "Exec specifies the function binary executable. The executable can be fully qualified or it must exists in the $PATH e.g: \n exec: set-namespace exec: /usr/local/bin/my-custom-fn" - type: string - image: - description: "`Image` specifies the function container image. It can either be fully qualified, e.g.: \n image: gcr.io/kpt-fn/set-labels \n Optionally, kpt can be configured to use a image registry host-path that will be used to resolve the image path in case the image path is missing (Defaults to gcr.io/kpt-fn). e.g. The following resolves to gcr.io/kpt-fn/set-labels: \n image: set-labels" - type: string - name: - description: '`Name` is used to uniquely identify the function declaration this is primarily used for merging function declaration with upstream counterparts' - type: string - selectors: - description: '`Selectors` are used to specify resources on which the function should be executed if not specified, all resources are selected' - items: - description: Selector specifies the selection criteria please update IsEmpty method if more properties are added - properties: - annotations: - additionalProperties: + value: type: string - description: Annotations on the target resources - type: object - apiVersion: - description: APIVersion of the target resources - type: string - kind: - description: Kind of the target resources - type: string - labels: - additionalProperties: + valueExpr: type: string - description: Labels on the target resources - type: object - name: - description: Name of the target resources - type: string - namespace: - description: Namespace of the target resources - type: string - type: object - type: array - type: object - type: array - validators: - description: Validators is used to caculate the pipeline.validators field of the resulting package variants. - items: - description: FunctionTemplate is used in generating KRM function pipeline entries; that is, it is used to generate Kptfile Function objects. - properties: - configMap: - additionalProperties: + type: object + type: array + configPath: + description: '`ConfigPath` specifies a slash-delimited relative path to a file in the current directory containing a KRM resource used as the function config. This resource is excluded when resolving ''sources'', and as a result cannot be operated on by the pipeline.' type: string - description: '`ConfigMap` is a convenient way to specify a function config of kind ConfigMap.' - type: object - configMapExprs: - description: ConfigMapExprs allows use of CEL to dynamically create the keys and values in the function config ConfigMap. Entries in this field take precedent over those with the same keys that are present in ConfigMap. - items: - description: MapExpr is used for various fields to calculate map entries. Only one of Key and KeyExpr may be specified; similarly only on of Value and ValueExpr may be specified. - properties: - key: - type: string - keyExpr: - type: string - value: - type: string - valueExpr: - type: string - type: object - type: array - configPath: - description: '`ConfigPath` specifies a slash-delimited relative path to a file in the current directory containing a KRM resource used as the function config. This resource is excluded when resolving ''sources'', and as a result cannot be operated on by the pipeline.' - type: string - exclude: - description: '`Exclude` are used to specify resources on which the function should NOT be executed. If not specified, all resources selected by `Selectors` are selected.' - items: - description: Selector specifies the selection criteria please update IsEmpty method if more properties are added - properties: - annotations: - additionalProperties: + exclude: + description: '`Exclude` are used to specify resources on which the function should NOT be executed. If not specified, all resources selected by `Selectors` are selected.' + items: + description: Selector specifies the selection criteria please update IsEmpty method if more properties are added + properties: + annotations: + additionalProperties: + type: string + description: Annotations on the target resources + type: object + apiVersion: + description: APIVersion of the target resources type: string - description: Annotations on the target resources - type: object - apiVersion: - description: APIVersion of the target resources - type: string - kind: - description: Kind of the target resources - type: string - labels: - additionalProperties: + kind: + description: Kind of the target resources type: string - description: Labels on the target resources - type: object - name: - description: Name of the target resources - type: string - namespace: - description: Namespace of the target resources - type: string - type: object - type: array - exec: - description: "Exec specifies the function binary executable. The executable can be fully qualified or it must exists in the $PATH e.g: \n exec: set-namespace exec: /usr/local/bin/my-custom-fn" - type: string - image: - description: "`Image` specifies the function container image. It can either be fully qualified, e.g.: \n image: gcr.io/kpt-fn/set-labels \n Optionally, kpt can be configured to use a image registry host-path that will be used to resolve the image path in case the image path is missing (Defaults to gcr.io/kpt-fn). e.g. The following resolves to gcr.io/kpt-fn/set-labels: \n image: set-labels" - type: string - name: - description: '`Name` is used to uniquely identify the function declaration this is primarily used for merging function declaration with upstream counterparts' - type: string - selectors: - description: '`Selectors` are used to specify resources on which the function should be executed if not specified, all resources are selected' - items: - description: Selector specifies the selection criteria please update IsEmpty method if more properties are added - properties: - annotations: - additionalProperties: + labels: + additionalProperties: + type: string + description: Labels on the target resources + type: object + name: + description: Name of the target resources + type: string + namespace: + description: Namespace of the target resources + type: string + type: object + type: array + exec: + description: "Exec specifies the function binary executable. The executable can be fully qualified or it must exists in the $PATH e.g: \n exec: set-namespace exec: /usr/local/bin/my-custom-fn" + type: string + image: + description: "`Image` specifies the function container image. It can either be fully qualified, e.g.: \n image: gcr.io/kpt-fn/set-labels \n Optionally, kpt can be configured to use a image registry host-path that will be used to resolve the image path in case the image path is missing (Defaults to gcr.io/kpt-fn). e.g. The following resolves to gcr.io/kpt-fn/set-labels: \n image: set-labels" + type: string + name: + description: '`Name` is used to uniquely identify the function declaration this is primarily used for merging function declaration with upstream counterparts' + type: string + selectors: + description: '`Selectors` are used to specify resources on which the function should be executed if not specified, all resources are selected' + items: + description: Selector specifies the selection criteria please update IsEmpty method if more properties are added + properties: + annotations: + additionalProperties: + type: string + description: Annotations on the target resources + type: object + apiVersion: + description: APIVersion of the target resources + type: string + kind: + description: Kind of the target resources + type: string + labels: + additionalProperties: + type: string + description: Labels on the target resources + type: object + name: + description: Name of the target resources type: string - description: Annotations on the target resources - type: object - apiVersion: - description: APIVersion of the target resources - type: string - kind: - description: Kind of the target resources - type: string - labels: - additionalProperties: + namespace: + description: Namespace of the target resources type: string - description: Labels on the target resources - type: object - name: - description: Name of the target resources - type: string - namespace: - description: Namespace of the target resources - type: string + type: object + type: array + type: object + type: array + validators: + description: Validators is used to caculate the pipeline.validators field of the resulting package variants. + items: + description: FunctionTemplate is used in generating KRM function pipeline entries; that is, it is used to generate Kptfile Function objects. + properties: + configMap: + additionalProperties: + type: string + description: '`ConfigMap` is a convenient way to specify a function config of kind ConfigMap.' type: object - type: array - type: object - type: array - type: object - type: object - type: object - type: array - upstream: - properties: - package: - type: string - repo: - type: string - revision: - type: string - type: object - type: object - status: - description: PackageVariantSetStatus defines the observed state of PackageVariantSet - properties: - conditions: - description: Conditions describes the reconciliation state of the object. - items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + configMapExprs: + description: ConfigMapExprs allows use of CEL to dynamically create the keys and values in the function config ConfigMap. Entries in this field take precedent over those with the same keys that are present in ConfigMap. + items: + description: MapExpr is used for various fields to calculate map entries. Only one of Key and KeyExpr may be specified; similarly only on of Value and ValueExpr may be specified. + properties: + key: + type: string + keyExpr: + type: string + value: + type: string + valueExpr: + type: string + type: object + type: array + configPath: + description: '`ConfigPath` specifies a slash-delimited relative path to a file in the current directory containing a KRM resource used as the function config. This resource is excluded when resolving ''sources'', and as a result cannot be operated on by the pipeline.' + type: string + exclude: + description: '`Exclude` are used to specify resources on which the function should NOT be executed. If not specified, all resources selected by `Selectors` are selected.' + items: + description: Selector specifies the selection criteria please update IsEmpty method if more properties are added + properties: + annotations: + additionalProperties: + type: string + description: Annotations on the target resources + type: object + apiVersion: + description: APIVersion of the target resources + type: string + kind: + description: Kind of the target resources + type: string + labels: + additionalProperties: + type: string + description: Labels on the target resources + type: object + name: + description: Name of the target resources + type: string + namespace: + description: Namespace of the target resources + type: string + type: object + type: array + exec: + description: "Exec specifies the function binary executable. The executable can be fully qualified or it must exists in the $PATH e.g: \n exec: set-namespace exec: /usr/local/bin/my-custom-fn" + type: string + image: + description: "`Image` specifies the function container image. It can either be fully qualified, e.g.: \n image: gcr.io/kpt-fn/set-labels \n Optionally, kpt can be configured to use a image registry host-path that will be used to resolve the image path in case the image path is missing (Defaults to gcr.io/kpt-fn). e.g. The following resolves to gcr.io/kpt-fn/set-labels: \n image: set-labels" + type: string + name: + description: '`Name` is used to uniquely identify the function declaration this is primarily used for merging function declaration with upstream counterparts' + type: string + selectors: + description: '`Selectors` are used to specify resources on which the function should be executed if not specified, all resources are selected' + items: + description: Selector specifies the selection criteria please update IsEmpty method if more properties are added + properties: + annotations: + additionalProperties: + type: string + description: Annotations on the target resources + type: object + apiVersion: + description: APIVersion of the target resources + type: string + kind: + description: Kind of the target resources + type: string + labels: + additionalProperties: + type: string + description: Labels on the target resources + type: object + name: + description: Name of the target resources + type: string + namespace: + description: Namespace of the target resources + type: string + type: object + type: array + type: object + type: array + type: object + type: object + type: object + type: array + upstream: properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + package: type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + repo: type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + revision: type: string - required: - - lastTransitionTime - - message - - reason - - status - - type type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: object + status: + description: PackageVariantSetStatus defines the observed state of PackageVariantSet + properties: + conditions: + description: Conditions describes the reconciliation state of the object. + items: + description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/distros/gcp/nephio-mgmt/porch/0-repositories.yaml b/distros/gcp/nephio-mgmt/porch/0-repositories.yaml index c42782a..9cd8f0c 100644 --- a/distros/gcp/nephio-mgmt/porch/0-repositories.yaml +++ b/distros/gcp/nephio-mgmt/porch/0-repositories.yaml @@ -14,253 +14,253 @@ spec: singular: repository scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.type - name: Type - type: string - - jsonPath: .spec.content - name: Content - type: string - - jsonPath: .spec.deployment - name: Deployment - type: boolean - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: Ready - type: string - - jsonPath: .spec['git','oci']['repo','registry'] - name: Address - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Repository - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: "RepositorySpec defines the desired state of Repository \n Notes: - deployment repository - in KRM API ConfigSync would be configured directly? (or via this API)" - properties: - content: - description: 'Content stored in the repository (i.e. Function, Package - the literal values correspond to the API resource names). TODO: support repository with mixed content?' - type: string - deployment: - description: The repository is a deployment repository; final packages in this repository are deployment ready. - type: boolean - description: - description: User-friendly description of the repository - type: string - git: - description: Git repository details. Required if `type` is `git`. Ignored if `type` is not `git`. - properties: - branch: - description: Name of the branch containing the packages. Finalized packages will be committed to this branch (if the repository allows write access). If unspecified, defaults to "main". - type: string - createBranch: - description: CreateBranch specifies if Porch should create the package branch if it doesn't exist. - type: boolean - directory: - description: Directory within the Git repository where the packages are stored. A subdirectory of this directory containing a Kptfile is considered a package. If unspecified, defaults to root directory. - type: string - repo: - description: 'Address of the Git repository, for example: `https://github.com/GoogleCloudPlatform/blueprints.git`' - type: string - secretRef: - description: Reference to secret containing authentication credentials. - properties: - name: - description: Name of the secret. The secret is expected to be located in the same namespace as the resource containing the reference. - type: string - required: - - name - type: object - required: - - repo - type: object - mutators: - description: '`Mutators` specifies list of functions to be added to the list of package''s mutators on changes to the packages in the repository to ensure the packages meet constraints enforced by the mutators associated with the repository. Based on the Kubernetest Admission Controllers (https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/). The functions will be evaluated in the order specified in the list.' - items: + - additionalPrinterColumns: + - jsonPath: .spec.type + name: Type + type: string + - jsonPath: .spec.content + name: Content + type: string + - jsonPath: .spec.deployment + name: Deployment + type: boolean + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - jsonPath: .spec['git','oci']['repo','registry'] + name: Address + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Repository + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: "RepositorySpec defines the desired state of Repository \n Notes: - deployment repository - in KRM API ConfigSync would be configured directly? (or via this API)" + properties: + content: + description: 'Content stored in the repository (i.e. Function, Package - the literal values correspond to the API resource names). TODO: support repository with mixed content?' + type: string + deployment: + description: The repository is a deployment repository; final packages in this repository are deployment ready. + type: boolean + description: + description: User-friendly description of the repository + type: string + git: + description: Git repository details. Required if `type` is `git`. Ignored if `type` is not `git`. properties: - configMap: - additionalProperties: - type: string - description: '`ConfigMap` specifies the function config (https://kpt.dev/reference/cli/fn/eval/).' - type: object - functionRef: - description: '`FunctionRef` specifies the function by reference to a Function resource. Mutually exclusive with `Image`.' + branch: + description: Name of the branch containing the packages. Finalized packages will be committed to this branch (if the repository allows write access). If unspecified, defaults to "main". + type: string + createBranch: + description: CreateBranch specifies if Porch should create the package branch if it doesn't exist. + type: boolean + directory: + description: Directory within the Git repository where the packages are stored. A subdirectory of this directory containing a Kptfile is considered a package. If unspecified, defaults to root directory. + type: string + repo: + description: 'Address of the Git repository, for example: `https://github.com/GoogleCloudPlatform/blueprints.git`' + type: string + secretRef: + description: Reference to secret containing authentication credentials. properties: name: - description: '`Name` is the name of the `Function` resource referenced. The resource is expected to be within the same namespace.' + description: Name of the secret. The secret is expected to be located in the same namespace as the resource containing the reference. type: string required: - - name + - name type: object - image: - description: '`Image` specifies the function image, such as `gcr.io/kpt-fn/gatekeeper:v0.2`. Use of `Image` is mutually exclusive with `FunctionRef`.' - type: string + required: + - repo type: object - type: array - oci: - description: OCI repository details. Required if `type` is `oci`. Ignored if `type` is not `oci`. - properties: - registry: - description: Registry is the address of the OCI registry - type: string - secretRef: - description: Reference to secret containing authentication credentials. - properties: - name: - description: Name of the secret. The secret is expected to be located in the same namespace as the resource containing the reference. - type: string - required: - - name - type: object - required: - - registry - type: object - type: - description: Type of the repository (i.e. git, OCI) - type: string - upstream: - description: Upstream is the default upstream repository for packages in this repository. Specifying it per repository allows simpler UX when creating packages. - properties: - git: - description: Git repository details. Required if `type` is `git`. Must be unspecified if `type` is not `git`. + mutators: + description: '`Mutators` specifies list of functions to be added to the list of package''s mutators on changes to the packages in the repository to ensure the packages meet constraints enforced by the mutators associated with the repository. Based on the Kubernetest Admission Controllers (https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/). The functions will be evaluated in the order specified in the list.' + items: properties: - branch: - description: Name of the branch containing the packages. Finalized packages will be committed to this branch (if the repository allows write access). If unspecified, defaults to "main". - type: string - createBranch: - description: CreateBranch specifies if Porch should create the package branch if it doesn't exist. - type: boolean - directory: - description: Directory within the Git repository where the packages are stored. A subdirectory of this directory containing a Kptfile is considered a package. If unspecified, defaults to root directory. - type: string - repo: - description: 'Address of the Git repository, for example: `https://github.com/GoogleCloudPlatform/blueprints.git`' - type: string - secretRef: - description: Reference to secret containing authentication credentials. - properties: - name: - description: Name of the secret. The secret is expected to be located in the same namespace as the resource containing the reference. - type: string - required: - - name + configMap: + additionalProperties: + type: string + description: '`ConfigMap` specifies the function config (https://kpt.dev/reference/cli/fn/eval/).' type: object - required: - - repo - type: object - oci: - description: OCI repository details. Required if `type` is `oci`. Must be unspecified if `type` is not `oci`. - properties: - registry: - description: Registry is the address of the OCI registry - type: string - secretRef: - description: Reference to secret containing authentication credentials. + functionRef: + description: '`FunctionRef` specifies the function by reference to a Function resource. Mutually exclusive with `Image`.' properties: name: - description: Name of the secret. The secret is expected to be located in the same namespace as the resource containing the reference. + description: '`Name` is the name of the `Function` resource referenced. The resource is expected to be within the same namespace.' type: string required: - - name + - name type: object - required: - - registry - type: object - repositoryRef: - description: RepositoryRef contains a reference to an existing Repository resource to be used as the default upstream repository. - properties: - name: - description: Name of the Repository resource referenced. + image: + description: '`Image` specifies the function image, such as `gcr.io/kpt-fn/gatekeeper:v0.2`. Use of `Image` is mutually exclusive with `FunctionRef`.' type: string - required: - - name type: object - type: - description: Type of the repository (i.e. git, OCI). If empty, repositoryRef will be used. - type: string - type: object - validators: - description: '`Validators` specifies list of functions to be added to the list of package''s validators on changes to the packages in the repository to ensure the packages meet constraints enforced by the validators associated with the repository. Based on the Kubernetest Admission Controllers (https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/). The functions will be evaluated in the order specified in the list.' - items: + type: array + oci: + description: OCI repository details. Required if `type` is `oci`. Ignored if `type` is not `oci`. properties: - configMap: - additionalProperties: - type: string - description: '`ConfigMap` specifies the function config (https://kpt.dev/reference/cli/fn/eval/).' - type: object - functionRef: - description: '`FunctionRef` specifies the function by reference to a Function resource. Mutually exclusive with `Image`.' + registry: + description: Registry is the address of the OCI registry + type: string + secretRef: + description: Reference to secret containing authentication credentials. properties: name: - description: '`Name` is the name of the `Function` resource referenced. The resource is expected to be within the same namespace.' + description: Name of the secret. The secret is expected to be located in the same namespace as the resource containing the reference. type: string required: - - name + - name type: object - image: - description: '`Image` specifies the function image, such as `gcr.io/kpt-fn/gatekeeper:v0.2`. Use of `Image` is mutually exclusive with `FunctionRef`.' - type: string + required: + - registry type: object - type: array - type: object - status: - description: RepositoryStatus defines the observed state of Repository - properties: - conditions: - description: Conditions describes the reconciliation state of the object. - items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + type: + description: Type of the repository (i.e. git, OCI) + type: string + upstream: + description: Upstream is the default upstream repository for packages in this repository. Specifying it per repository allows simpler UX when creating packages. properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string + git: + description: Git repository details. Required if `type` is `git`. Must be unspecified if `type` is not `git`. + properties: + branch: + description: Name of the branch containing the packages. Finalized packages will be committed to this branch (if the repository allows write access). If unspecified, defaults to "main". + type: string + createBranch: + description: CreateBranch specifies if Porch should create the package branch if it doesn't exist. + type: boolean + directory: + description: Directory within the Git repository where the packages are stored. A subdirectory of this directory containing a Kptfile is considered a package. If unspecified, defaults to root directory. + type: string + repo: + description: 'Address of the Git repository, for example: `https://github.com/GoogleCloudPlatform/blueprints.git`' + type: string + secretRef: + description: Reference to secret containing authentication credentials. + properties: + name: + description: Name of the secret. The secret is expected to be located in the same namespace as the resource containing the reference. + type: string + required: + - name + type: object + required: + - repo + type: object + oci: + description: OCI repository details. Required if `type` is `oci`. Must be unspecified if `type` is not `oci`. + properties: + registry: + description: Registry is the address of the OCI registry + type: string + secretRef: + description: Reference to secret containing authentication credentials. + properties: + name: + description: Name of the secret. The secret is expected to be located in the same namespace as the resource containing the reference. + type: string + required: + - name + type: object + required: + - registry + type: object + repositoryRef: + description: RepositoryRef contains a reference to an existing Repository resource to be used as the default upstream repository. + properties: + name: + description: Name of the Repository resource referenced. + type: string + required: + - name + type: object type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + description: Type of the repository (i.e. git, OCI). If empty, repositoryRef will be used. type: string - required: - - lastTransitionTime - - message - - reason - - status - - type type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} + validators: + description: '`Validators` specifies list of functions to be added to the list of package''s validators on changes to the packages in the repository to ensure the packages meet constraints enforced by the validators associated with the repository. Based on the Kubernetest Admission Controllers (https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/). The functions will be evaluated in the order specified in the list.' + items: + properties: + configMap: + additionalProperties: + type: string + description: '`ConfigMap` specifies the function config (https://kpt.dev/reference/cli/fn/eval/).' + type: object + functionRef: + description: '`FunctionRef` specifies the function by reference to a Function resource. Mutually exclusive with `Image`.' + properties: + name: + description: '`Name` is the name of the `Function` resource referenced. The resource is expected to be within the same namespace.' + type: string + required: + - name + type: object + image: + description: '`Image` specifies the function image, such as `gcr.io/kpt-fn/gatekeeper:v0.2`. Use of `Image` is mutually exclusive with `FunctionRef`.' + type: string + type: object + type: array + type: object + status: + description: RepositoryStatus defines the observed state of Repository + properties: + conditions: + description: Conditions describes the reconciliation state of the object. + items: + description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/distros/gcp/nephio-mgmt/porch/7-auth-reader.yaml b/distros/gcp/nephio-mgmt/porch/7-auth-reader.yaml index 8a93379..a3f1899 100644 --- a/distros/gcp/nephio-mgmt/porch/7-auth-reader.yaml +++ b/distros/gcp/nephio-mgmt/porch/7-auth-reader.yaml @@ -23,6 +23,6 @@ roleRef: kind: Role name: extension-apiserver-authentication-reader subjects: -- kind: ServiceAccount - name: porch-server - namespace: porch-system + - kind: ServiceAccount + name: porch-server + namespace: porch-system diff --git a/distros/gcp/nephio-mgmt/porch/8-auth-delegator.yaml b/distros/gcp/nephio-mgmt/porch/8-auth-delegator.yaml index 1581ed9..8d547db 100644 --- a/distros/gcp/nephio-mgmt/porch/8-auth-delegator.yaml +++ b/distros/gcp/nephio-mgmt/porch/8-auth-delegator.yaml @@ -22,6 +22,6 @@ roleRef: kind: ClusterRole name: system:auth-delegator subjects: -- kind: ServiceAccount - name: porch-server - namespace: porch-system + - kind: ServiceAccount + name: porch-server + namespace: porch-system diff --git a/distros/gcp/nephio-mgmt/porch/9-controllers.yaml b/distros/gcp/nephio-mgmt/porch/9-controllers.yaml index 9467db3..b71f38f 100644 --- a/distros/gcp/nephio-mgmt/porch/9-controllers.yaml +++ b/distros/gcp/nephio-mgmt/porch/9-controllers.yaml @@ -41,15 +41,15 @@ spec: spec: serviceAccountName: porch-controllers containers: - - name: porch-controllers - # Update to the image of your porch-controllers build. - image: gcr.io/kpt-dev/porch-controllers:v0.0.31 - # Note: only the existence of the variable matters for enabling the reconciler - # So, be sure to remove the var not just change the value to false - env: - - name: ENABLE_PACKAGEVARIANTSETS - value: "true" - - name: ENABLE_PACKAGEVARIANTS - value: "true" - - name: ENABLE_FLEETSYNCS - value: "true" + - name: porch-controllers + # Update to the image of your porch-controllers build. + image: gcr.io/kpt-dev/porch-controllers:v0.0.31 + # Note: only the existence of the variable matters for enabling the reconciler + # So, be sure to remove the var not just change the value to false + env: + - name: ENABLE_PACKAGEVARIANTSETS + value: "true" + - name: ENABLE_PACKAGEVARIANTS + value: "true" + - name: ENABLE_FLEETSYNCS + value: "true" diff --git a/distros/gcp/nephio-mgmt/porch/9-porch-controller-clusterrole.yaml b/distros/gcp/nephio-mgmt/porch/9-porch-controller-clusterrole.yaml index 32d4208..944b66e 100644 --- a/distros/gcp/nephio-mgmt/porch/9-porch-controller-clusterrole.yaml +++ b/distros/gcp/nephio-mgmt/porch/9-porch-controller-clusterrole.yaml @@ -5,22 +5,22 @@ metadata: # kpt-merge: /porch-controllers annotations: internal.kpt.dev/upstream-identifier: 'rbac.authorization.k8s.io|ClusterRole|default|porch-controllers' rules: -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - create - - delete - - get - - list - - patch - - update - - watch + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create + - delete + - get + - list + - patch + - update + - watch diff --git a/distros/gcp/nephio-mgmt/porch/9-porch-controller-fleetsyncs-clusterrole.yaml b/distros/gcp/nephio-mgmt/porch/9-porch-controller-fleetsyncs-clusterrole.yaml index 2f8d066..85e809a 100644 --- a/distros/gcp/nephio-mgmt/porch/9-porch-controller-fleetsyncs-clusterrole.yaml +++ b/distros/gcp/nephio-mgmt/porch/9-porch-controller-fleetsyncs-clusterrole.yaml @@ -12,69 +12,68 @@ # See the License for the specific language governing permissions and # limitations under the License. ---- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: creationTimestamp: null name: porch-controllers-fleetsyncs rules: -- apiGroups: - - config.porch.kpt.dev - resources: - - fleetmembershipbindings - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - config.porch.kpt.dev - resources: - - fleetmemberships - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - config.porch.kpt.dev - resources: - - fleetscopes - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - config.porch.kpt.dev - resources: - - fleetsyncs - verbs: - - get - - list - - watch - - update -- apiGroups: - - config.porch.kpt.dev - resources: - - fleetsyncs/finalizers - verbs: - - update -- apiGroups: - - config.porch.kpt.dev - resources: - - fleetsyncs/status - verbs: - - get - - patch - - update + - apiGroups: + - config.porch.kpt.dev + resources: + - fleetmembershipbindings + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - config.porch.kpt.dev + resources: + - fleetmemberships + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - config.porch.kpt.dev + resources: + - fleetscopes + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - config.porch.kpt.dev + resources: + - fleetsyncs + verbs: + - get + - list + - watch + - update + - apiGroups: + - config.porch.kpt.dev + resources: + - fleetsyncs/finalizers + verbs: + - update + - apiGroups: + - config.porch.kpt.dev + resources: + - fleetsyncs/status + verbs: + - get + - patch + - update diff --git a/distros/gcp/nephio-mgmt/porch/9-porch-controller-fleetsyncs-clusterrolebinding.yaml b/distros/gcp/nephio-mgmt/porch/9-porch-controller-fleetsyncs-clusterrolebinding.yaml index 1850fbe..c42c51d 100644 --- a/distros/gcp/nephio-mgmt/porch/9-porch-controller-fleetsyncs-clusterrolebinding.yaml +++ b/distros/gcp/nephio-mgmt/porch/9-porch-controller-fleetsyncs-clusterrolebinding.yaml @@ -21,6 +21,6 @@ roleRef: kind: ClusterRole name: porch-controllers-fleetsyncs subjects: -- kind: ServiceAccount - name: porch-controllers - namespace: porch-system \ No newline at end of file + - kind: ServiceAccount + name: porch-controllers + namespace: porch-system diff --git a/distros/gcp/nephio-mgmt/porch/9-porch-controller-packagevariants-clusterrole.yaml b/distros/gcp/nephio-mgmt/porch/9-porch-controller-packagevariants-clusterrole.yaml index ed97f3e..c04cb87 100644 --- a/distros/gcp/nephio-mgmt/porch/9-porch-controller-packagevariants-clusterrole.yaml +++ b/distros/gcp/nephio-mgmt/porch/9-porch-controller-packagevariants-clusterrole.yaml @@ -5,53 +5,53 @@ metadata: # kpt-merge: /porch-controllers-packagevariants annotations: internal.kpt.dev/upstream-identifier: 'rbac.authorization.k8s.io|ClusterRole|default|porch-controllers-packagevariants' rules: -- apiGroups: - - config.porch.kpt.dev - resources: - - packagevariants - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - config.porch.kpt.dev - resources: - - packagevariants/finalizers - verbs: - - update -- apiGroups: - - config.porch.kpt.dev - resources: - - packagevariants/status - verbs: - - get - - patch - - update -- apiGroups: - - porch.kpt.dev - resources: - - packagerevisionresources - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - porch.kpt.dev - resources: - - packagerevisions - verbs: - - create - - delete - - get - - list - - patch - - update - - watch + - apiGroups: + - config.porch.kpt.dev + resources: + - packagevariants + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - config.porch.kpt.dev + resources: + - packagevariants/finalizers + verbs: + - update + - apiGroups: + - config.porch.kpt.dev + resources: + - packagevariants/status + verbs: + - get + - patch + - update + - apiGroups: + - porch.kpt.dev + resources: + - packagerevisionresources + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - porch.kpt.dev + resources: + - packagerevisions + verbs: + - create + - delete + - get + - list + - patch + - update + - watch diff --git a/distros/gcp/nephio-mgmt/porch/9-porch-controller-packagevariants-clusterrolebinding.yaml b/distros/gcp/nephio-mgmt/porch/9-porch-controller-packagevariants-clusterrolebinding.yaml index 500cf56..106c323 100644 --- a/distros/gcp/nephio-mgmt/porch/9-porch-controller-packagevariants-clusterrolebinding.yaml +++ b/distros/gcp/nephio-mgmt/porch/9-porch-controller-packagevariants-clusterrolebinding.yaml @@ -22,6 +22,6 @@ roleRef: kind: ClusterRole name: porch-controllers-packagevariants subjects: -- kind: ServiceAccount - name: porch-controllers - namespace: porch-system + - kind: ServiceAccount + name: porch-controllers + namespace: porch-system diff --git a/distros/gcp/nephio-mgmt/porch/9-porch-controller-packagevariantsets-clusterrole.yaml b/distros/gcp/nephio-mgmt/porch/9-porch-controller-packagevariantsets-clusterrole.yaml index 3c862a2..6695a92 100644 --- a/distros/gcp/nephio-mgmt/porch/9-porch-controller-packagevariantsets-clusterrole.yaml +++ b/distros/gcp/nephio-mgmt/porch/9-porch-controller-packagevariantsets-clusterrole.yaml @@ -5,47 +5,47 @@ metadata: # kpt-merge: /porch-controllers-packagevariantsets annotations: internal.kpt.dev/upstream-identifier: 'rbac.authorization.k8s.io|ClusterRole|default|porch-controllers-packagevariantsets' rules: -- apiGroups: - - '*' - resources: - - '*' - verbs: - - list -- apiGroups: - - config.porch.kpt.dev - resources: - - packagevariants - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - config.porch.kpt.dev - resources: - - packagevariantsets - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - config.porch.kpt.dev - resources: - - packagevariantsets/finalizers - verbs: - - update -- apiGroups: - - config.porch.kpt.dev - resources: - - packagevariantsets/status - verbs: - - get - - patch - - update + - apiGroups: + - '*' + resources: + - '*' + verbs: + - list + - apiGroups: + - config.porch.kpt.dev + resources: + - packagevariants + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - config.porch.kpt.dev + resources: + - packagevariantsets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - config.porch.kpt.dev + resources: + - packagevariantsets/finalizers + verbs: + - update + - apiGroups: + - config.porch.kpt.dev + resources: + - packagevariantsets/status + verbs: + - get + - patch + - update diff --git a/distros/gcp/nephio-mgmt/porch/9-porch-controller-packagevariantsets-clusterrolebinding.yaml b/distros/gcp/nephio-mgmt/porch/9-porch-controller-packagevariantsets-clusterrolebinding.yaml index 1efe43e..e13b5ac 100644 --- a/distros/gcp/nephio-mgmt/porch/9-porch-controller-packagevariantsets-clusterrolebinding.yaml +++ b/distros/gcp/nephio-mgmt/porch/9-porch-controller-packagevariantsets-clusterrolebinding.yaml @@ -22,6 +22,6 @@ roleRef: kind: ClusterRole name: porch-controllers-packagevariantsets subjects: -- kind: ServiceAccount - name: porch-controllers - namespace: porch-system + - kind: ServiceAccount + name: porch-controllers + namespace: porch-system diff --git a/distros/gcp/nephio-mgmt/porch/apply-replacements.yaml b/distros/gcp/nephio-mgmt/porch/apply-replacements.yaml index 9b7d55e..ed185a7 100644 --- a/distros/gcp/nephio-mgmt/porch/apply-replacements.yaml +++ b/distros/gcp/nephio-mgmt/porch/apply-replacements.yaml @@ -6,33 +6,33 @@ metadata: # kpt-merge: /propagate-values config.kubernetes.io/local-config: "true" internal.kpt.dev/upstream-identifier: 'fn.kpt.dev|ApplyReplacements|default|propagate-values' replacements: -- source: - kind: ConfigMap - name: kptfile.kpt.dev - fieldPath: data.name - targets: - - select: + - source: kind: ConfigMap - name: setters - fieldPaths: - - data.name -- source: - kind: ConfigMap - name: gcp-context - fieldPath: data.project-id - targets: - - select: + name: kptfile.kpt.dev + fieldPath: data.name + targets: + - select: + kind: ConfigMap + name: setters + fieldPaths: + - data.name + - source: kind: ConfigMap - name: setters - fieldPaths: - - data.project-id -- source: - kind: ConfigMap - name: gcp-context - fieldPath: data.location - targets: - - select: + name: gcp-context + fieldPath: data.project-id + targets: + - select: + kind: ConfigMap + name: setters + fieldPaths: + - data.project-id + - source: kind: ConfigMap - name: setters - fieldPaths: - - data.location + name: gcp-context + fieldPath: data.location + targets: + - select: + kind: ConfigMap + name: setters + fieldPaths: + - data.location diff --git a/distros/gcp/nephio-mgmt/porch/fleetsync.yaml b/distros/gcp/nephio-mgmt/porch/fleetsync.yaml index 8de839d..57600cc 100644 --- a/distros/gcp/nephio-mgmt/porch/fleetsync.yaml +++ b/distros/gcp/nephio-mgmt/porch/fleetsync.yaml @@ -5,4 +5,4 @@ metadata: namespace: default spec: projectIds: - - example # kpt-set: ${project-id} + - example # kpt-set: ${project-id} diff --git a/distros/gcp/nephio-mgmt/resource-backend/app/controller/clusterrole-controller.yaml b/distros/gcp/nephio-mgmt/resource-backend/app/controller/clusterrole-controller.yaml index d0692f3..459b010 100644 --- a/distros/gcp/nephio-mgmt/resource-backend/app/controller/clusterrole-controller.yaml +++ b/distros/gcp/nephio-mgmt/resource-backend/app/controller/clusterrole-controller.yaml @@ -12,82 +12,82 @@ metadata: # kpt-merge: /resource-backend-controller-controller-role annotations: internal.kpt.dev/upstream-identifier: 'rbac.authorization.k8s.io|ClusterRole|default|resource-backend-controller-controller-role' rules: -- apiGroups: - - '*' - resources: - - events - - configmaps - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - inv.nephio.org - resources: - - endpoints - - endpoints/status - - links - - links/status - - nodes - - nodes/status - - targets - - targets/status - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - ipam.resource.nephio.org - resources: - - ipclaims - - ipclaims/status - - ipprefixes - - ipprefixes/status - - networkinstances - - networkinstances/status - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - topo.nephio.org - resources: - - rawtopologies - - rawtopologies/status - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - vlan.resource.nephio.org - resources: - - vlanclaims - - vlanclaims/status - - vlanindices - - vlanindices/status - - vlans - - vlans/status - verbs: - - get - - list - - watch - - update - - patch - - create - - delete + - apiGroups: + - '*' + resources: + - events + - configmaps + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - inv.nephio.org + resources: + - endpoints + - endpoints/status + - links + - links/status + - nodes + - nodes/status + - targets + - targets/status + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - ipam.resource.nephio.org + resources: + - ipclaims + - ipclaims/status + - ipprefixes + - ipprefixes/status + - networkinstances + - networkinstances/status + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - topo.nephio.org + resources: + - rawtopologies + - rawtopologies/status + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - vlan.resource.nephio.org + resources: + - vlanclaims + - vlanclaims/status + - vlanindices + - vlanindices/status + - vlans + - vlans/status + verbs: + - get + - list + - watch + - update + - patch + - create + - delete diff --git a/distros/gcp/nephio-mgmt/resource-backend/app/controller/clusterrolebinding-controller.yaml b/distros/gcp/nephio-mgmt/resource-backend/app/controller/clusterrolebinding-controller.yaml index 65624c1..ce883f3 100644 --- a/distros/gcp/nephio-mgmt/resource-backend/app/controller/clusterrolebinding-controller.yaml +++ b/distros/gcp/nephio-mgmt/resource-backend/app/controller/clusterrolebinding-controller.yaml @@ -16,6 +16,6 @@ roleRef: kind: ClusterRole name: resource-backend-controller-controller-role subjects: -- kind: ServiceAccount - name: resource-backend-controller - namespace: backend-system + - kind: ServiceAccount + name: resource-backend-controller + namespace: backend-system diff --git a/distros/gcp/nephio-mgmt/resource-backend/app/controller/deployment-controller.yaml b/distros/gcp/nephio-mgmt/resource-backend/app/controller/deployment-controller.yaml index b05d46c..189a071 100644 --- a/distros/gcp/nephio-mgmt/resource-backend/app/controller/deployment-controller.yaml +++ b/distros/gcp/nephio-mgmt/resource-backend/app/controller/deployment-controller.yaml @@ -27,90 +27,90 @@ spec: namespace: backend-system spec: containers: - - args: - - --secure-listen-address=0.0.0.0:8443 - - --upstream=http://127.0.0.1:8080/ - - --logtostderr=true - - --v=10 - image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0 - name: kube-rbac-proxy - ports: - - containerPort: 8443 - name: https - resources: {} - - args: - - --health-probe-bind-address=:8081 - - --metrics-bind-address=127.0.0.1:8080 - - --leader-elect - command: - - /manager - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: POD_IP - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.podIP - - name: POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - - name: NODE_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: spec.nodeName - - name: NODE_IP - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.hostIP - - name: RESOURCE_BACKEND - value: 127.0.0.1:9999 - - name: ENABLE_IPCLAIM - value: "true" - - name: ENABLE_NETWORKINSTANCE - value: "true" - - name: ENABLE_IPPREFIX - value: "true" - - name: ENABLE_VLANCLAIM - value: "true" - - name: ENABLE_VLANINDEX - value: "true" - - name: ENABLE_VLAN - value: "true" - - name: ENABLE_RAWTOPOLOGIES - value: "true" - image: docker.io/nephio/resource-backend-controller:v2.0.0 - livenessProbe: - httpGet: - path: /healthz - port: 8081 - initialDelaySeconds: 15 - periodSeconds: 20 - name: controller - readinessProbe: - httpGet: - path: /readyz - port: 8081 - initialDelaySeconds: 5 - periodSeconds: 10 - resources: - limits: - cpu: 500m - memory: 128Mi - requests: - cpu: 10m - memory: 64Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL + - args: + - --secure-listen-address=0.0.0.0:8443 + - --upstream=http://127.0.0.1:8080/ + - --logtostderr=true + - --v=10 + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0 + name: kube-rbac-proxy + ports: + - containerPort: 8443 + name: https + resources: {} + - args: + - --health-probe-bind-address=:8081 + - --metrics-bind-address=127.0.0.1:8080 + - --leader-elect + command: + - /manager + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + - name: NODE_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.hostIP + - name: RESOURCE_BACKEND + value: 127.0.0.1:9999 + - name: ENABLE_IPCLAIM + value: "true" + - name: ENABLE_NETWORKINSTANCE + value: "true" + - name: ENABLE_IPPREFIX + value: "true" + - name: ENABLE_VLANCLAIM + value: "true" + - name: ENABLE_VLANINDEX + value: "true" + - name: ENABLE_VLAN + value: "true" + - name: ENABLE_RAWTOPOLOGIES + value: "true" + image: docker.io/nephio/resource-backend-controller:v2.0.0 + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: controller + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 10m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL serviceAccountName: resource-backend-controller status: {} diff --git a/distros/gcp/nephio-mgmt/resource-backend/app/controller/grpc/service-grpc.yaml b/distros/gcp/nephio-mgmt/resource-backend/app/controller/grpc/service-grpc.yaml index a9e4fe9..d258443 100644 --- a/distros/gcp/nephio-mgmt/resource-backend/app/controller/grpc/service-grpc.yaml +++ b/distros/gcp/nephio-mgmt/resource-backend/app/controller/grpc/service-grpc.yaml @@ -15,9 +15,9 @@ metadata: # kpt-merge: backend-system/resource-backend-controller-grpc-svc internal.kpt.dev/upstream-identifier: '|Service|backend-system|resource-backend-controller-grpc-svc' spec: ports: - - name: grpc - port: 9999 - protocol: TCP - targetPort: 9999 + - name: grpc + port: 9999 + protocol: TCP + targetPort: 9999 selector: fn.kptgen.dev/grpc: resource-backend-controller diff --git a/distros/gcp/nephio-mgmt/resource-backend/app/controller/role-leader-election.yaml b/distros/gcp/nephio-mgmt/resource-backend/app/controller/role-leader-election.yaml index 75e7a6e..c6356cc 100644 --- a/distros/gcp/nephio-mgmt/resource-backend/app/controller/role-leader-election.yaml +++ b/distros/gcp/nephio-mgmt/resource-backend/app/controller/role-leader-election.yaml @@ -13,34 +13,34 @@ metadata: # kpt-merge: backend-system/resource-backend-controller-leader-electio annotations: internal.kpt.dev/upstream-identifier: 'rbac.authorization.k8s.io|Role|backend-system|resource-backend-controller-leader-election-role' rules: -- apiGroups: - - '*' - resources: - - configmaps - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - '*' - resources: - - events - verbs: - - create - - patch + - apiGroups: + - '*' + resources: + - configmaps + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - '*' + resources: + - events + verbs: + - create + - patch diff --git a/distros/gcp/nephio-mgmt/resource-backend/app/controller/rolebinding-leader-election.yaml b/distros/gcp/nephio-mgmt/resource-backend/app/controller/rolebinding-leader-election.yaml index 9d22e97..a3a8c0a 100644 --- a/distros/gcp/nephio-mgmt/resource-backend/app/controller/rolebinding-leader-election.yaml +++ b/distros/gcp/nephio-mgmt/resource-backend/app/controller/rolebinding-leader-election.yaml @@ -17,6 +17,6 @@ roleRef: kind: Role name: resource-backend-controller-leader-election-role subjects: -- kind: ServiceAccount - name: resource-backend-controller - namespace: backend-system + - kind: ServiceAccount + name: resource-backend-controller + namespace: backend-system diff --git a/distros/gcp/nephio-mgmt/resource-backend/crd/bases/inv.nephio.org_endpoints.yaml b/distros/gcp/nephio-mgmt/resource-backend/crd/bases/inv.nephio.org_endpoints.yaml index d600405..22d2b1f 100644 --- a/distros/gcp/nephio-mgmt/resource-backend/crd/bases/inv.nephio.org_endpoints.yaml +++ b/distros/gcp/nephio-mgmt/resource-backend/crd/bases/inv.nephio.org_endpoints.yaml @@ -9,135 +9,135 @@ spec: group: inv.nephio.org names: categories: - - nephio - - inv + - nephio + - inv kind: Endpoint listKind: EndpointList plural: endpoints singular: endpoint scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: READY - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Endpoint is the Schema for the vlan API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: EndpointSpec defines the desired state of Endpoint - properties: - interfaceName: - type: string - labels: - additionalProperties: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: READY + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Endpoint is the Schema for the vlan API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: EndpointSpec defines the desired state of Endpoint + properties: + interfaceName: type: string - description: Labels as user defined labels - type: object - lacpFallback: - description: LacpFallback defines if the link is part of a lag mutually exclusive with Lag parameter - type: boolean - multiHoming: - description: MultiHoming defines if the endpoint is multi-homed - type: boolean - multiHomingName: - description: MultiHomingName defines the name of the multi-homing - type: string - nodeName: - type: string - parametersRef: - description: ParametersRef points to the vendor or implementation specific params for the network. - properties: - apiVersion: - description: API version of the referent. + labels: + additionalProperties: type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - provider: - description: Provider specifies the provider implementing this network. - type: string - required: - - interfaceName - - nodeName - - provider - type: object - status: - description: EndpointStatus defines the observed state of Endpoint - properties: - conditions: - description: Conditions of the resource. - items: + description: Labels as user defined labels + type: object + lacpFallback: + description: LacpFallback defines if the link is part of a lag mutually exclusive with Lag parameter + type: boolean + multiHoming: + description: MultiHoming defines if the endpoint is multi-homed + type: boolean + multiHomingName: + description: MultiHomingName defines the name of the multi-homing + type: string + nodeName: + type: string + parametersRef: + description: ParametersRef points to the vendor or implementation specific params for the network. properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time + apiVersion: + description: API version of the referent. type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string - required: - - lastTransitionTime - - message - - reason - - status - - type type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} + x-kubernetes-map-type: atomic + provider: + description: Provider specifies the provider implementing this network. + type: string + required: + - interfaceName + - nodeName + - provider + type: object + status: + description: EndpointStatus defines the observed state of Endpoint + properties: + conditions: + description: Conditions of the resource. + items: + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/distros/gcp/nephio-mgmt/resource-backend/crd/bases/inv.nephio.org_links.yaml b/distros/gcp/nephio-mgmt/resource-backend/crd/bases/inv.nephio.org_links.yaml index 03fe013..e37e1ba 100644 --- a/distros/gcp/nephio-mgmt/resource-backend/crd/bases/inv.nephio.org_links.yaml +++ b/distros/gcp/nephio-mgmt/resource-backend/crd/bases/inv.nephio.org_links.yaml @@ -9,141 +9,141 @@ spec: group: inv.nephio.org names: categories: - - nephio - - inv + - nephio + - inv kind: Link listKind: LinkList plural: links singular: link scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: READY - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Link is the Schema for the vlan API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: LinkSpec defines the desired state of Link - properties: - endpoints: - description: Endpoints define the node + interface endpoints associated with this link - items: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: READY + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Link is the Schema for the vlan API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: LinkSpec defines the desired state of Link + properties: + endpoints: + description: Endpoints define the node + interface endpoints associated with this link + items: + properties: + interfaceName: + type: string + nodeName: + type: string + required: + - interfaceName + - nodeName + type: object + maxItems: 2 + minItems: 2 + type: array + labels: + additionalProperties: + type: string + description: Labels as user defined labels + type: object + lacp: + description: Lacp defines if the lag enabled LACP + type: boolean + lag: + description: lag defines if the link is a lag mutually exclusive with LagMember parameter + type: boolean + lagMember: + description: LagMember defines if the link is part of a lag mutually exclusive with Lag parameter + type: boolean + parametersRef: + description: ParametersRef points to the vendor or implementation specific params for the network. properties: - interfaceName: + apiVersion: + description: API version of the referent. type: string - nodeName: + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' type: string - required: - - interfaceName - - nodeName - type: object - maxItems: 2 - minItems: 2 - type: array - labels: - additionalProperties: - type: string - description: Labels as user defined labels - type: object - lacp: - description: Lacp defines if the lag enabled LACP - type: boolean - lag: - description: lag defines if the link is a lag mutually exclusive with LagMember parameter - type: boolean - lagMember: - description: LagMember defines if the link is part of a lag mutually exclusive with Lag parameter - type: boolean - parametersRef: - description: ParametersRef points to the vendor or implementation specific params for the network. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - required: - - endpoints - type: object - status: - description: LinkStatus defines the observed state of Link - properties: - conditions: - description: Conditions of the resource. - items: - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string - required: - - lastTransitionTime - - message - - reason - - status - - type type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} + x-kubernetes-map-type: atomic + required: + - endpoints + type: object + status: + description: LinkStatus defines the observed state of Link + properties: + conditions: + description: Conditions of the resource. + items: + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/distros/gcp/nephio-mgmt/resource-backend/crd/bases/inv.nephio.org_nodes.yaml b/distros/gcp/nephio-mgmt/resource-backend/crd/bases/inv.nephio.org_nodes.yaml index beaeb5b..827635c 100644 --- a/distros/gcp/nephio-mgmt/resource-backend/crd/bases/inv.nephio.org_nodes.yaml +++ b/distros/gcp/nephio-mgmt/resource-backend/crd/bases/inv.nephio.org_nodes.yaml @@ -9,130 +9,130 @@ spec: group: inv.nephio.org names: categories: - - nephio - - inv + - nephio + - inv kind: Node listKind: NodeList plural: nodes singular: node scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: READY - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Node is the Schema for the vlan API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: NodeSpec defines the desired state of Node - properties: - address: - type: string - labels: - additionalProperties: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: READY + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Node is the Schema for the vlan API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: NodeSpec defines the desired state of Node + properties: + address: type: string - description: Labels as user defined labels - type: object - location: - description: Location provider the location information where this resource is located - properties: - latitude: + labels: + additionalProperties: type: string - longitude: - type: string - type: object - parametersRef: - description: ParametersRef points to the vendor or implementation specific params for the network. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - provider: - description: Provider specifies the provider implementing this network. - type: string - required: - - provider - type: object - status: - description: NodeStatus defines the observed state of Node - properties: - conditions: - description: Conditions of the resource. - items: + description: Labels as user defined labels + type: object + location: + description: Location provider the location information where this resource is located + properties: + latitude: + type: string + longitude: + type: string + type: object + parametersRef: + description: ParametersRef points to the vendor or implementation specific params for the network. properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string - required: - - lastTransitionTime - - message - - reason - - status - - type type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} + x-kubernetes-map-type: atomic + provider: + description: Provider specifies the provider implementing this network. + type: string + required: + - provider + type: object + status: + description: NodeStatus defines the observed state of Node + properties: + conditions: + description: Conditions of the resource. + items: + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/distros/gcp/nephio-mgmt/resource-backend/crd/bases/inv.nephio.org_targets.yaml b/distros/gcp/nephio-mgmt/resource-backend/crd/bases/inv.nephio.org_targets.yaml index 32ca027..4663b33 100644 --- a/distros/gcp/nephio-mgmt/resource-backend/crd/bases/inv.nephio.org_targets.yaml +++ b/distros/gcp/nephio-mgmt/resource-backend/crd/bases/inv.nephio.org_targets.yaml @@ -9,141 +9,141 @@ spec: group: inv.nephio.org names: categories: - - nephio - - inv + - nephio + - inv kind: Target listKind: TargetList plural: targets singular: target scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: READY - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Target is the Schema for the vlan API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: TargetSpec defines the desired state of Target - properties: - address: - type: string - encoding: - enum: - - unknown - - JSON - - JSON_IETF - - bytes - - protobuf - - ASCII - type: string - insecure: - type: boolean - parametersRef: - description: ParametersRef points to the vendor or implementation specific params for the target. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - protocol: - enum: - - unknown - - gnmi - - netconf - type: string - provider: - description: Provider specifies the provider using this target. - type: string - secretName: - type: string - skipVerify: - type: boolean - tlsSecretName: - type: string - required: - - provider - - secretName - type: object - status: - description: TargetStatus defines the observed state of Target - properties: - conditions: - description: Conditions of the resource. - items: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: READY + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Target is the Schema for the vlan API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: TargetSpec defines the desired state of Target + properties: + address: + type: string + encoding: + enum: + - unknown + - JSON + - JSON_IETF + - bytes + - protobuf + - ASCII + type: string + insecure: + type: boolean + parametersRef: + description: ParametersRef points to the vendor or implementation specific params for the target. properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time + apiVersion: + description: API version of the referent. type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string - required: - - lastTransitionTime - - message - - reason - - status - - type type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} + x-kubernetes-map-type: atomic + protocol: + enum: + - unknown + - gnmi + - netconf + type: string + provider: + description: Provider specifies the provider using this target. + type: string + secretName: + type: string + skipVerify: + type: boolean + tlsSecretName: + type: string + required: + - provider + - secretName + type: object + status: + description: TargetStatus defines the observed state of Target + properties: + conditions: + description: Conditions of the resource. + items: + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/distros/gcp/nephio-mgmt/resource-backend/crd/bases/ipam.resource.nephio.org_ipclaims.yaml b/distros/gcp/nephio-mgmt/resource-backend/crd/bases/ipam.resource.nephio.org_ipclaims.yaml index 2f1540c..1c6491f 100644 --- a/distros/gcp/nephio-mgmt/resource-backend/crd/bases/ipam.resource.nephio.org_ipclaims.yaml +++ b/distros/gcp/nephio-mgmt/resource-backend/crd/bases/ipam.resource.nephio.org_ipclaims.yaml @@ -9,214 +9,214 @@ spec: group: ipam.resource.nephio.org names: categories: - - nephio - - resource + - nephio + - resource kind: IPClaim listKind: IPClaimList plural: ipclaims singular: ipclaim scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Synced')].status - name: SYNC - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: STATUS - type: string - - jsonPath: .spec.networkInstance.name - name: NETWORK-INSTANCE - type: string - - jsonPath: .spec.kind - name: KIND - type: string - - jsonPath: .spec.addressFamily - name: AF - type: string - - jsonPath: .spec.prefixLength - name: PREFIXLENGTH - type: string - - jsonPath: .spec.prefix - name: PREFIX-REQ - type: string - - jsonPath: .status.prefix - name: PREFIX-ALLOC - type: string - - jsonPath: .status.gateway - name: GATEWAY - type: string - - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: IPClaim is the Schema for the ipclaim API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: IPClaimSpec defines the desired state of IPClaim - properties: - addressFamily: - description: AddressFamily defines the address family for the IP claim - enum: - - ipv4 - - ipv6 - type: string - createPrefix: - description: CreatePrefix defines if this prefix must be created. Only used for non address prefixes e.g. non /32 ipv4 and non /128 ipv6 prefixes - type: boolean - index: - description: Index defines the index of the IP Claim, used to get a deterministic IP from a prefix If not present we claim a random prefix from a prefix - format: int32 - type: integer - kind: - default: network - description: Kind defines the kind of prefix for the IP Claim - network kind is used for physical, virtual nics on a device - loopback kind is used for loopback interfaces - pool kind is used for pools for dhcp/radius/bng/upf/etc - aggregate kind is used for claiming an aggregate prefix - enum: - - network - - loopback - - pool - - aggregate - type: string - labels: - additionalProperties: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Synced')].status + name: SYNC + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: STATUS + type: string + - jsonPath: .spec.networkInstance.name + name: NETWORK-INSTANCE + type: string + - jsonPath: .spec.kind + name: KIND + type: string + - jsonPath: .spec.addressFamily + name: AF + type: string + - jsonPath: .spec.prefixLength + name: PREFIXLENGTH + type: string + - jsonPath: .spec.prefix + name: PREFIX-REQ + type: string + - jsonPath: .status.prefix + name: PREFIX-ALLOC + type: string + - jsonPath: .status.gateway + name: GATEWAY + type: string + - jsonPath: .metadata.creationTimestamp + name: AGE + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: IPClaim is the Schema for the ipclaim API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: IPClaimSpec defines the desired state of IPClaim + properties: + addressFamily: + description: AddressFamily defines the address family for the IP claim + enum: + - ipv4 + - ipv6 type: string - description: Labels as user defined labels - type: object - networkInstance: - description: NetworkInstance defines the networkInstance context for the IP claim Name and optionally Namespace is used here - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + createPrefix: + description: CreatePrefix defines if this prefix must be created. Only used for non address prefixes e.g. non /32 ipv4 and non /128 ipv6 prefixes + type: boolean + index: + description: Index defines the index of the IP Claim, used to get a deterministic IP from a prefix If not present we claim a random prefix from a prefix + format: int32 + type: integer + kind: + default: network + description: Kind defines the kind of prefix for the IP Claim - network kind is used for physical, virtual nics on a device - loopback kind is used for loopback interfaces - pool kind is used for pools for dhcp/radius/bng/upf/etc - aggregate kind is used for claiming an aggregate prefix + enum: + - network + - loopback + - pool + - aggregate + type: string + labels: + additionalProperties: type: string - type: object - x-kubernetes-map-type: atomic - prefix: - description: Prefix defines the prefix for the IP claim Used for specific prefix claim or used as a hint for a dynamic prefix claim in case of restart - pattern: (([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/(([0-9])|([1-2][0-9])|(3[0-2]))|((:|[0-9a-fA-F]{0,4}):)([0-9a-fA-F]{0,4}:){0,5}((([0-9a-fA-F]{0,4}:)?(:|[0-9a-fA-F]{0,4}))|(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])))(/(([0-9])|([0-9]{2})|(1[0-1][0-9])|(12[0-8]))) - type: string - prefixLength: - description: PrefixLength defines the prefix length for the IP Claim If not present we use assume /32 for ipv4 and /128 for ipv6 - type: integer - selector: - description: Selector defines the selector criterias for the VLAN claim - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - required: - - kind - - networkInstance - type: object - status: - description: IPClaimStatus defines the observed state of IPClaim - properties: - conditions: - description: Conditions of the resource. - items: + description: Labels as user defined labels + type: object + networkInstance: + description: NetworkInstance defines the networkInstance context for the IP claim Name and optionally Namespace is used here properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time + apiVersion: + description: API version of the referent. type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + prefix: + description: Prefix defines the prefix for the IP claim Used for specific prefix claim or used as a hint for a dynamic prefix claim in case of restart + pattern: (([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/(([0-9])|([1-2][0-9])|(3[0-2]))|((:|[0-9a-fA-F]{0,4}):)([0-9a-fA-F]{0,4}:){0,5}((([0-9a-fA-F]{0,4}:)?(:|[0-9a-fA-F]{0,4}))|(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])))(/(([0-9])|([0-9]{2})|(1[0-1][0-9])|(12[0-8]))) + type: string + prefixLength: + description: PrefixLength defines the prefix length for the IP Claim If not present we use assume /32 for ipv4 and /128 for ipv6 + type: integer + selector: + description: Selector defines the selector criterias for the VLAN claim + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object type: object - type: array - expiryTime: - description: ExpiryTime defines when the claim expires - type: string - gateway: - description: Gateway defines the gateway IP for the claimed prefix Gateway is only relevant for prefix kind = network - type: string - prefix: - description: Prefix defines the prefix, claimed through the IPAM backend - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + x-kubernetes-map-type: atomic + required: + - kind + - networkInstance + type: object + status: + description: IPClaimStatus defines the observed state of IPClaim + properties: + conditions: + description: Conditions of the resource. + items: + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + expiryTime: + description: ExpiryTime defines when the claim expires + type: string + gateway: + description: Gateway defines the gateway IP for the claimed prefix Gateway is only relevant for prefix kind = network + type: string + prefix: + description: Prefix defines the prefix, claimed through the IPAM backend + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/distros/gcp/nephio-mgmt/resource-backend/crd/bases/ipam.resource.nephio.org_ipprefixes.yaml b/distros/gcp/nephio-mgmt/resource-backend/crd/bases/ipam.resource.nephio.org_ipprefixes.yaml index 9c9912d..c2ed402 100644 --- a/distros/gcp/nephio-mgmt/resource-backend/crd/bases/ipam.resource.nephio.org_ipprefixes.yaml +++ b/distros/gcp/nephio-mgmt/resource-backend/crd/bases/ipam.resource.nephio.org_ipprefixes.yaml @@ -9,156 +9,156 @@ spec: group: ipam.resource.nephio.org names: categories: - - nephio - - resource + - nephio + - resource kind: IPPrefix listKind: IPPrefixList plural: ipprefixes singular: ipprefix scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Synced')].status - name: SYNC - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: STATUS - type: string - - jsonPath: .spec.networkInstance.name - name: NETWORK-INSTANCE - type: string - - jsonPath: .spec.kind - name: KIND - type: string - - jsonPath: .spec.subnetName - name: SUBNET - type: string - - jsonPath: .spec.prefix - name: PREFIX-REQ - type: string - - jsonPath: .status.prefix - name: PREFIX-ALLOC - type: string - - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: IPPrefix is the Schema for the ipprefixes API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: IPPrefixSpec defines the desired state of IPPrefix - properties: - kind: - default: network - description: Kind defines the kind of prefix for the IP Claim - network kind is used for physical, virtual nics on a device - loopback kind is used for loopback interfaces - pool kind is used for pools for dhcp/radius/bng/upf/etc - aggregate kind is used for claiming an aggregate prefix - enum: - - network - - loopback - - pool - - aggregate - type: string - labels: - additionalProperties: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Synced')].status + name: SYNC + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: STATUS + type: string + - jsonPath: .spec.networkInstance.name + name: NETWORK-INSTANCE + type: string + - jsonPath: .spec.kind + name: KIND + type: string + - jsonPath: .spec.subnetName + name: SUBNET + type: string + - jsonPath: .spec.prefix + name: PREFIX-REQ + type: string + - jsonPath: .status.prefix + name: PREFIX-ALLOC + type: string + - jsonPath: .metadata.creationTimestamp + name: AGE + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: IPPrefix is the Schema for the ipprefixes API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: IPPrefixSpec defines the desired state of IPPrefix + properties: + kind: + default: network + description: Kind defines the kind of prefix for the IP Claim - network kind is used for physical, virtual nics on a device - loopback kind is used for loopback interfaces - pool kind is used for pools for dhcp/radius/bng/upf/etc - aggregate kind is used for claiming an aggregate prefix + enum: + - network + - loopback + - pool + - aggregate type: string - description: Labels as user defined labels - type: object - networkInstance: - description: NetworkInstance defines the networkInstance context for the IP prefix Name and optionally Namespace is used here - properties: - apiVersion: - description: API version of the referent. + labels: + additionalProperties: type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - prefix: - description: Prefix defines the ip cidr in prefix or address notation. - pattern: (([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/(([0-9])|([1-2][0-9])|(3[0-2]))|((:|[0-9a-fA-F]{0,4}):)([0-9a-fA-F]{0,4}:){0,5}((([0-9a-fA-F]{0,4}:)?(:|[0-9a-fA-F]{0,4}))|(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])))(/(([0-9])|([0-9]{2})|(1[0-1][0-9])|(12[0-8]))) - type: string - required: - - kind - - networkInstance - - prefix - type: object - status: - description: IPPrefixStatus defines the observed state of IPPrefix - properties: - conditions: - description: Conditions of the resource. - items: + description: Labels as user defined labels + type: object + networkInstance: + description: NetworkInstance defines the networkInstance context for the IP prefix Name and optionally Namespace is used here properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string - required: - - lastTransitionTime - - message - - reason - - status - - type type: object - type: array - prefix: - description: Prefix defines the prefix, claimed through the IPAM backend - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + x-kubernetes-map-type: atomic + prefix: + description: Prefix defines the ip cidr in prefix or address notation. + pattern: (([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/(([0-9])|([1-2][0-9])|(3[0-2]))|((:|[0-9a-fA-F]{0,4}):)([0-9a-fA-F]{0,4}:){0,5}((([0-9a-fA-F]{0,4}:)?(:|[0-9a-fA-F]{0,4}))|(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])))(/(([0-9])|([0-9]{2})|(1[0-1][0-9])|(12[0-8]))) + type: string + required: + - kind + - networkInstance + - prefix + type: object + status: + description: IPPrefixStatus defines the observed state of IPPrefix + properties: + conditions: + description: Conditions of the resource. + items: + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + prefix: + description: Prefix defines the prefix, claimed through the IPAM backend + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/distros/gcp/nephio-mgmt/resource-backend/crd/bases/ipam.resource.nephio.org_networkinstances.yaml b/distros/gcp/nephio-mgmt/resource-backend/crd/bases/ipam.resource.nephio.org_networkinstances.yaml index efa793c..81aced7 100644 --- a/distros/gcp/nephio-mgmt/resource-backend/crd/bases/ipam.resource.nephio.org_networkinstances.yaml +++ b/distros/gcp/nephio-mgmt/resource-backend/crd/bases/ipam.resource.nephio.org_networkinstances.yaml @@ -9,144 +9,144 @@ spec: group: ipam.resource.nephio.org names: categories: - - nephio - - resource + - nephio + - resource kind: NetworkInstance listKind: NetworkInstanceList plural: networkinstances singular: networkinstance scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Synced')].status - name: SYNC - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: STATUS - type: string - - jsonPath: .metadata.name - name: NETWORK-INSTANCE - type: string - - jsonPath: .spec.prefixes[0].prefix - name: PREFIX0 - type: string - - jsonPath: .spec.prefixes[1].prefix - name: PREFIX1 - type: string - - jsonPath: .spec.prefixes[2].prefix - name: PREFIX2 - type: string - - jsonPath: .spec.prefixes[3].prefix - name: PREFIX3 - type: string - - jsonPath: .spec.prefixes[4].prefix - name: PREFIX4 - type: string - - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: NetworkInstance is the Schema for the networkinstances API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: NetworkInstanceSpec defines the desired state of NetworkInstance - properties: - prefixes: - description: Prefixes define the aggregate prefixes for the network instance A Network instance needs at least 1 prefix to be defined to become operational - items: - properties: - labels: - additionalProperties: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Synced')].status + name: SYNC + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: STATUS + type: string + - jsonPath: .metadata.name + name: NETWORK-INSTANCE + type: string + - jsonPath: .spec.prefixes[0].prefix + name: PREFIX0 + type: string + - jsonPath: .spec.prefixes[1].prefix + name: PREFIX1 + type: string + - jsonPath: .spec.prefixes[2].prefix + name: PREFIX2 + type: string + - jsonPath: .spec.prefixes[3].prefix + name: PREFIX3 + type: string + - jsonPath: .spec.prefixes[4].prefix + name: PREFIX4 + type: string + - jsonPath: .metadata.creationTimestamp + name: AGE + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: NetworkInstance is the Schema for the networkinstances API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: NetworkInstanceSpec defines the desired state of NetworkInstance + properties: + prefixes: + description: Prefixes define the aggregate prefixes for the network instance A Network instance needs at least 1 prefix to be defined to become operational + items: + properties: + labels: + additionalProperties: + type: string + description: Labels as user defined labels + type: object + prefix: + description: Prefix defines the ip cidr in prefix notation. + pattern: (([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/(([0-9])|([1-2][0-9])|(3[0-2]))|((:|[0-9a-fA-F]{0,4}):)([0-9a-fA-F]{0,4}:){0,5}((([0-9a-fA-F]{0,4}:)?(:|[0-9a-fA-F]{0,4}))|(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])))(/(([0-9])|([0-9]{2})|(1[0-1][0-9])|(12[0-8]))) type: string - description: Labels as user defined labels - type: object - prefix: - description: Prefix defines the ip cidr in prefix notation. - pattern: (([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/(([0-9])|([1-2][0-9])|(3[0-2]))|((:|[0-9a-fA-F]{0,4}):)([0-9a-fA-F]{0,4}:){0,5}((([0-9a-fA-F]{0,4}:)?(:|[0-9a-fA-F]{0,4}))|(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])))(/(([0-9])|([0-9]{2})|(1[0-1][0-9])|(12[0-8]))) - type: string - required: - - prefix - type: object - type: array - required: - - prefixes - type: object - status: - description: NetworkInstanceStatus defines the observed state of NetworkInstance - properties: - conditions: - description: Conditions of the resource. - items: - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - prefixes: - description: Prefixes defines the prefixes, claimed through the IPAM backend - items: - properties: - labels: - additionalProperties: + required: + - prefix + type: object + type: array + required: + - prefixes + type: object + status: + description: NetworkInstanceStatus defines the observed state of NetworkInstance + properties: + conditions: + description: Conditions of the resource. + items: + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time type: string - description: Labels as user defined labels - type: object - prefix: - description: Prefix defines the ip cidr in prefix notation. - pattern: (([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/(([0-9])|([1-2][0-9])|(3[0-2]))|((:|[0-9a-fA-F]{0,4}):)([0-9a-fA-F]{0,4}:){0,5}((([0-9a-fA-F]{0,4}:)?(:|[0-9a-fA-F]{0,4}))|(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])))(/(([0-9])|([0-9]{2})|(1[0-1][0-9])|(12[0-8]))) - type: string - required: - - prefix - type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + prefixes: + description: Prefixes defines the prefixes, claimed through the IPAM backend + items: + properties: + labels: + additionalProperties: + type: string + description: Labels as user defined labels + type: object + prefix: + description: Prefix defines the ip cidr in prefix notation. + pattern: (([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/(([0-9])|([1-2][0-9])|(3[0-2]))|((:|[0-9a-fA-F]{0,4}):)([0-9a-fA-F]{0,4}:){0,5}((([0-9a-fA-F]{0,4}:)?(:|[0-9a-fA-F]{0,4}))|(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])))(/(([0-9])|([0-9]{2})|(1[0-1][0-9])|(12[0-8]))) + type: string + required: + - prefix + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/distros/gcp/nephio-mgmt/resource-backend/crd/bases/topo.nephio.org_rawtopologies.yaml b/distros/gcp/nephio-mgmt/resource-backend/crd/bases/topo.nephio.org_rawtopologies.yaml index 375429b..d4b17b8 100644 --- a/distros/gcp/nephio-mgmt/resource-backend/crd/bases/topo.nephio.org_rawtopologies.yaml +++ b/distros/gcp/nephio-mgmt/resource-backend/crd/bases/topo.nephio.org_rawtopologies.yaml @@ -9,225 +9,225 @@ spec: group: topo.nephio.org names: categories: - - nephio - - inv + - nephio + - inv kind: RawTopology listKind: RawTopologyList plural: rawtopologies singular: rawtopology scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: READY - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: RawTopology is the Schema for the vlan API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: RawTopologySpec defines the desired state of RawTopology - properties: - labels: - additionalProperties: - type: string - description: Labels as user defined labels - type: object - links: - items: - properties: - endpoints: - items: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: READY + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: RawTopology is the Schema for the vlan API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: RawTopologySpec defines the desired state of RawTopology + properties: + labels: + additionalProperties: + type: string + description: Labels as user defined labels + type: object + links: + items: + properties: + endpoints: + items: + properties: + interfaceName: + type: string + labels: + additionalProperties: + type: string + description: Labels as user defined labels + type: object + lacpFallback: + description: LacpFallback defines if the link is part of a lag mutually exclusive with Lag parameter + type: boolean + multiHoming: + description: MultiHoming defines if the endpoint is multi-homed + type: boolean + multiHomingName: + description: MultiHomingName defines the name of the multi-homing + type: string + nodeName: + type: string + required: + - interfaceName + - nodeName + type: object + type: array + labels: + additionalProperties: + type: string + description: Labels as user defined labels + type: object + lacp: + description: Lacp defines if the lag enabled LACP + type: boolean + lag: + description: lag defines if the link is a lag mutually exclusive with LagMember parameter + type: boolean + lagMember: + description: LagMember defines if the link is part of a lag mutually exclusive with Lag parameter + type: boolean + parametersRef: + description: ParametersRef points to the vendor or implementation specific params for the network. properties: - interfaceName: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string - labels: - additionalProperties: - type: string - description: Labels as user defined labels - type: object - lacpFallback: - description: LacpFallback defines if the link is part of a lag mutually exclusive with Lag parameter - type: boolean - multiHoming: - description: MultiHoming defines if the endpoint is multi-homed - type: boolean - multiHomingName: - description: MultiHomingName defines the name of the multi-homing - type: string - nodeName: - type: string - required: - - interfaceName - - nodeName type: object - type: array - labels: - additionalProperties: - type: string - description: Labels as user defined labels - type: object - lacp: - description: Lacp defines if the lag enabled LACP - type: boolean - lag: - description: lag defines if the link is a lag mutually exclusive with LagMember parameter - type: boolean - lagMember: - description: LagMember defines if the link is part of a lag mutually exclusive with Lag parameter - type: boolean - parametersRef: - description: ParametersRef points to the vendor or implementation specific params for the network. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - required: - - endpoints - type: object - type: array - location: - description: Location provider the location information where this resource is located - properties: - latitude: - type: string - longitude: - type: string - type: object - nodes: - additionalProperties: + x-kubernetes-map-type: atomic + required: + - endpoints + type: object + type: array + location: + description: Location provider the location information where this resource is located properties: - address: + latitude: type: string - labels: - additionalProperties: - type: string - description: Labels as user defined labels - type: object - location: - description: Location provider the location information where this resource is located - properties: - latitude: - type: string - longitude: - type: string - type: object - parametersRef: - description: ParametersRef points to the vendor or implementation specific params for the network. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - provider: - description: Provider specifies the provider implementing this network. + longitude: type: string - required: - - provider type: object - description: Defaults *NodeProperties `json:"defaults,omitempty" yaml:"defaults,omitempty"` Kinds map[string]NodeProperties `json:"kinds,omitempty" yaml:"kinds,omitempty"` - type: object - required: - - links - - nodes - type: object - status: - description: RawTopologyStatus defines the observed state of RawTopology - properties: - conditions: - description: Conditions of the resource. - items: - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + nodes: + additionalProperties: + properties: + address: + type: string + labels: + additionalProperties: + type: string + description: Labels as user defined labels + type: object + location: + description: Location provider the location information where this resource is located + properties: + latitude: + type: string + longitude: + type: string + type: object + parametersRef: + description: ParametersRef points to the vendor or implementation specific params for the network. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + provider: + description: Provider specifies the provider implementing this network. + type: string + required: + - provider + type: object + description: Defaults *NodeProperties `json:"defaults,omitempty" yaml:"defaults,omitempty"` Kinds map[string]NodeProperties `json:"kinds,omitempty" yaml:"kinds,omitempty"` type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} + required: + - links + - nodes + type: object + status: + description: RawTopologyStatus defines the observed state of RawTopology + properties: + conditions: + description: Conditions of the resource. + items: + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/distros/gcp/nephio-mgmt/resource-backend/crd/bases/vlan.resource.nephio.org_vlanclaims.yaml b/distros/gcp/nephio-mgmt/resource-backend/crd/bases/vlan.resource.nephio.org_vlanclaims.yaml index c2d477b..7e433e3 100644 --- a/distros/gcp/nephio-mgmt/resource-backend/crd/bases/vlan.resource.nephio.org_vlanclaims.yaml +++ b/distros/gcp/nephio-mgmt/resource-backend/crd/bases/vlan.resource.nephio.org_vlanclaims.yaml @@ -9,175 +9,175 @@ spec: group: vlan.resource.nephio.org names: categories: - - nephio - - resource + - nephio + - resource kind: VLANClaim listKind: VLANClaimList plural: vlanclaims singular: vlanclaim scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Synced')].status - name: SYNC - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: STATUS - type: string - - jsonPath: .spec.vlanID - name: VLAN-REQ - type: string - - jsonPath: .status.vlanID - name: VLAN-ALLOC - type: string - - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: VLANClaim is the Schema for the vlan claim API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: VLANClaimSpec defines the desired state of VLANClaim - properties: - labels: - additionalProperties: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Synced')].status + name: SYNC + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: STATUS + type: string + - jsonPath: .spec.vlanID + name: VLAN-REQ + type: string + - jsonPath: .status.vlanID + name: VLAN-ALLOC + type: string + - jsonPath: .metadata.creationTimestamp + name: AGE + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: VLANClaim is the Schema for the vlan claim API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: VLANClaimSpec defines the desired state of VLANClaim + properties: + labels: + additionalProperties: + type: string + description: Labels as user defined labels + type: object + range: + description: VLANRange defines the vlan range for the VLAN claim type: string - description: Labels as user defined labels - type: object - range: - description: VLANRange defines the vlan range for the VLAN claim - type: string - selector: - description: Selector defines the selector criterias for the VLAN claim - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - items: + selector: + description: Selector defines the selector criterias for the VLAN claim + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. type: string - type: array - required: - - key - - operator + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - vlanDatabase: - description: VLANIndex defines the vlan index for the VLAN Claim - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - vlanID: - description: VLANID defines the vlan for the VLAN claim - type: integer - required: - - vlanDatabase - type: object - status: - description: VLANClaimStatus defines the observed state of VLANClaim - properties: - conditions: - description: Conditions of the resource. - items: + type: object + x-kubernetes-map-type: atomic + vlanDatabase: + description: VLANIndex defines the vlan index for the VLAN Claim properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string - required: - - lastTransitionTime - - message - - reason - - status - - type type: object - type: array - expiryTime: - description: ExpiryTime indicated when the claim expires - type: string - vlanID: - description: VLANID defines the vlan ID, claimed through the VLAN backend - type: integer - vlanRange: - description: VLANRange defines the vlan range, claimed through the VLAN backend - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + x-kubernetes-map-type: atomic + vlanID: + description: VLANID defines the vlan for the VLAN claim + type: integer + required: + - vlanDatabase + type: object + status: + description: VLANClaimStatus defines the observed state of VLANClaim + properties: + conditions: + description: Conditions of the resource. + items: + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + expiryTime: + description: ExpiryTime indicated when the claim expires + type: string + vlanID: + description: VLANID defines the vlan ID, claimed through the VLAN backend + type: integer + vlanRange: + description: VLANRange defines the vlan range, claimed through the VLAN backend + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/distros/gcp/nephio-mgmt/resource-backend/crd/bases/vlan.resource.nephio.org_vlanindices.yaml b/distros/gcp/nephio-mgmt/resource-backend/crd/bases/vlan.resource.nephio.org_vlanindices.yaml index 4995b54..c6ae8d8 100644 --- a/distros/gcp/nephio-mgmt/resource-backend/crd/bases/vlan.resource.nephio.org_vlanindices.yaml +++ b/distros/gcp/nephio-mgmt/resource-backend/crd/bases/vlan.resource.nephio.org_vlanindices.yaml @@ -9,95 +9,95 @@ spec: group: vlan.resource.nephio.org names: categories: - - nephio - - resource + - nephio + - resource kind: VLANIndex listKind: VLANIndexList plural: vlanindices singular: vlanindex scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Synced')].status - name: SYNC - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: STATUS - type: string - - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: VLANIndex is the Schema for the vlan database API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: VLANIndexSpec defines the desired state of VLANDatabase - properties: - labels: - additionalProperties: - type: string - description: Labels as user defined labels - type: object - type: object - status: - description: VLANIndexStatus defines the observed state of VLANDatabase - properties: - conditions: - description: Conditions of the resource. - items: - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Synced')].status + name: SYNC + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: STATUS + type: string + - jsonPath: .metadata.creationTimestamp + name: AGE + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: VLANIndex is the Schema for the vlan database API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: VLANIndexSpec defines the desired state of VLANDatabase + properties: + labels: + additionalProperties: + type: string + description: Labels as user defined labels type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: object + status: + description: VLANIndexStatus defines the observed state of VLANDatabase + properties: + conditions: + description: Conditions of the resource. + items: + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/distros/gcp/nephio-mgmt/resource-backend/crd/bases/vlan.resource.nephio.org_vlans.yaml b/distros/gcp/nephio-mgmt/resource-backend/crd/bases/vlan.resource.nephio.org_vlans.yaml index d6f5969..e903179 100644 --- a/distros/gcp/nephio-mgmt/resource-backend/crd/bases/vlan.resource.nephio.org_vlans.yaml +++ b/distros/gcp/nephio-mgmt/resource-backend/crd/bases/vlan.resource.nephio.org_vlans.yaml @@ -9,141 +9,141 @@ spec: group: vlan.resource.nephio.org names: categories: - - nephio - - resource + - nephio + - resource kind: VLAN listKind: VLANList plural: vlans singular: vlan scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Synced')].status - name: SYNC - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: STATUS - type: string - - jsonPath: .spec.vlanID - name: VLAN-REQ - type: string - - jsonPath: .status.vlanID - name: VLAN-ALLOC - type: string - - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: VLAN is the Schema for the vlan API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: VLANSpec defines the desired state of VLAN - properties: - labels: - additionalProperties: - type: string - description: Labels as user defined labels - type: object - range: - description: VLANRange defines a range of vlans - type: string - vlanDatabase: - description: VLANIndex defines the vlan index for the VLAN claim - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Synced')].status + name: SYNC + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: STATUS + type: string + - jsonPath: .spec.vlanID + name: VLAN-REQ + type: string + - jsonPath: .status.vlanID + name: VLAN-ALLOC + type: string + - jsonPath: .metadata.creationTimestamp + name: AGE + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: VLAN is the Schema for the vlan API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: VLANSpec defines the desired state of VLAN + properties: + labels: + additionalProperties: type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - vlanID: - description: VLANID defines the VLAN ID - type: integer - required: - - vlanDatabase - type: object - status: - description: VLANStatus defines the observed state of VLAN - properties: - conditions: - description: Conditions of the resource. - items: + description: Labels as user defined labels + type: object + range: + description: VLANRange defines a range of vlans + type: string + vlanDatabase: + description: VLANIndex defines the vlan index for the VLAN claim properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time + apiVersion: + description: API version of the referent. type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string - required: - - lastTransitionTime - - message - - reason - - status - - type type: object - type: array - vlanID: - description: VLANID defines the vlan ID, claimed through the VLAN backend - type: integer - vlanRange: - description: VLANRange defines the vlan range, claimed through the VLAN backend - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + x-kubernetes-map-type: atomic + vlanID: + description: VLANID defines the VLAN ID + type: integer + required: + - vlanDatabase + type: object + status: + description: VLANStatus defines the observed state of VLAN + properties: + conditions: + description: Conditions of the resource. + items: + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + vlanID: + description: VLANID defines the vlan ID, claimed through the VLAN backend + type: integer + vlanRange: + description: VLANRange defines the vlan range, claimed through the VLAN backend + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/distros/sandbox/cert-manager/cert-manager.yaml b/distros/sandbox/cert-manager/cert-manager.yaml index 88c6fee..dce8570 100644 --- a/distros/sandbox/cert-manager/cert-manager.yaml +++ b/distros/sandbox/cert-manager/cert-manager.yaml @@ -4952,8 +4952,8 @@ rules: - apiGroups: ["networking.k8s.io"] resources: ["ingresses"] verbs: ["get", "list", "watch", "create", "delete", "update"] - - apiGroups: [ "gateway.networking.k8s.io" ] - resources: [ "httproutes" ] + - apiGroups: ["gateway.networking.k8s.io"] + resources: ["httproutes"] verbs: ["get", "list", "watch", "create", "delete", "update"] # We require the ability to specify a custom hostname when we are creating # new ingress resources. @@ -5133,9 +5133,9 @@ metadata: app.kubernetes.io/component: "webhook" app.kubernetes.io/version: "v1.14.3" rules: -- apiGroups: ["authorization.k8s.io"] - resources: ["subjectaccessreviews"] - verbs: ["create"] + - apiGroups: ["authorization.k8s.io"] + resources: ["subjectaccessreviews"] + verbs: ["create"] --- # Source: cert-manager/templates/cainjector-rbac.yaml apiVersion: rbac.authorization.k8s.io/v1 @@ -5333,10 +5333,10 @@ roleRef: kind: ClusterRole name: cert-manager-webhook:subjectaccessreviews subjects: -- apiGroup: "" - kind: ServiceAccount - name: cert-manager-webhook - namespace: cert-manager + - apiGroup: "" + kind: ServiceAccount + name: cert-manager-webhook + namespace: cert-manager --- # Source: cert-manager/templates/cainjector-rbac.yaml # leader election rules @@ -5399,15 +5399,15 @@ metadata: app.kubernetes.io/component: "webhook" app.kubernetes.io/version: "v1.14.3" rules: -- apiGroups: [""] - resources: ["secrets"] - resourceNames: - - 'cert-manager-webhook-ca' - verbs: ["get", "list", "watch", "update"] -# It's not possible to grant CREATE permission on a single resourceName. -- apiGroups: [""] - resources: ["secrets"] - verbs: ["create"] + - apiGroups: [""] + resources: ["secrets"] + resourceNames: + - 'cert-manager-webhook-ca' + verbs: ["get", "list", "watch", "update"] + # It's not possible to grant CREATE permission on a single resourceName. + - apiGroups: [""] + resources: ["secrets"] + verbs: ["create"] --- # Source: cert-manager/templates/cainjector-rbac.yaml # grant cert-manager permission to manage the leaderelection configmap in the @@ -5473,10 +5473,10 @@ roleRef: kind: Role name: cert-manager-webhook:dynamic-serving subjects: -- apiGroup: "" - kind: ServiceAccount - name: cert-manager-webhook - namespace: cert-manager + - apiGroup: "" + kind: ServiceAccount + name: cert-manager-webhook + namespace: cert-manager --- # Source: cert-manager/templates/service.yaml apiVersion: v1 @@ -5493,10 +5493,10 @@ metadata: spec: type: ClusterIP ports: - - protocol: TCP - port: 9402 - name: tcp-prometheus-servicemonitor - targetPort: 9402 + - protocol: TCP + port: 9402 + name: tcp-prometheus-servicemonitor + targetPort: 9402 selector: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager @@ -5517,10 +5517,10 @@ metadata: spec: type: ClusterIP ports: - - name: https - port: 443 - protocol: TCP - targetPort: "https" + - name: https + port: 443 + protocol: TCP + targetPort: "https" selector: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager @@ -5565,18 +5565,18 @@ spec: image: "quay.io/jetstack/cert-manager-cainjector:v1.14.3" imagePullPolicy: IfNotPresent args: - - --v=2 - - --leader-election-namespace=kube-system + - --v=2 + - --leader-election-namespace=kube-system env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace securityContext: allowPrivilegeEscalation: false capabilities: drop: - - ALL + - ALL readOnlyRootFilesystem: true nodeSelector: kubernetes.io/os: linux @@ -5624,29 +5624,29 @@ spec: image: "quay.io/jetstack/cert-manager-controller:v1.14.3" imagePullPolicy: IfNotPresent args: - - --v=2 - - --cluster-resource-namespace=$(POD_NAMESPACE) - - --leader-election-namespace=kube-system - - --acme-http01-solver-image=quay.io/jetstack/cert-manager-acmesolver:v1.14.3 - - --max-concurrent-challenges=60 + - --v=2 + - --cluster-resource-namespace=$(POD_NAMESPACE) + - --leader-election-namespace=kube-system + - --acme-http01-solver-image=quay.io/jetstack/cert-manager-acmesolver:v1.14.3 + - --max-concurrent-challenges=60 ports: - - containerPort: 9402 - name: http-metrics - protocol: TCP - - containerPort: 9403 - name: http-healthz - protocol: TCP + - containerPort: 9402 + name: http-metrics + protocol: TCP + - containerPort: 9403 + name: http-healthz + protocol: TCP securityContext: allowPrivilegeEscalation: false capabilities: drop: - - ALL + - ALL readOnlyRootFilesystem: true env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace # LivenessProbe settings are based on those used for the Kubernetes # controller-manager. See: # https://github.com/kubernetes/kubernetes/blob/806b30170c61a38fedd54cc9ede4cd6275a1ad3b/cmd/kubeadm/app/util/staticpod/utils.go#L241-L245 @@ -5702,21 +5702,21 @@ spec: image: "quay.io/jetstack/cert-manager-webhook:v1.14.3" imagePullPolicy: IfNotPresent args: - - --v=2 - - --secure-port=10250 - - --dynamic-serving-ca-secret-namespace=$(POD_NAMESPACE) - - --dynamic-serving-ca-secret-name=cert-manager-webhook-ca - - --dynamic-serving-dns-names=cert-manager-webhook - - --dynamic-serving-dns-names=cert-manager-webhook.$(POD_NAMESPACE) - - --dynamic-serving-dns-names=cert-manager-webhook.$(POD_NAMESPACE).svc - + - --v=2 + - --secure-port=10250 + - --dynamic-serving-ca-secret-namespace=$(POD_NAMESPACE) + - --dynamic-serving-ca-secret-name=cert-manager-webhook-ca + - --dynamic-serving-dns-names=cert-manager-webhook + - --dynamic-serving-dns-names=cert-manager-webhook.$(POD_NAMESPACE) + - --dynamic-serving-dns-names=cert-manager-webhook.$(POD_NAMESPACE).svc + ports: - - name: https - protocol: TCP - containerPort: 10250 - - name: healthcheck - protocol: TCP - containerPort: 6080 + - name: https + protocol: TCP + containerPort: 10250 + - name: healthcheck + protocol: TCP + containerPort: 6080 livenessProbe: httpGet: path: /livez @@ -5741,13 +5741,13 @@ spec: allowPrivilegeEscalation: false capabilities: drop: - - ALL + - ALL readOnlyRootFilesystem: true env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace nodeSelector: kubernetes.io/os: linux --- @@ -5807,10 +5807,10 @@ webhooks: - name: webhook.cert-manager.io namespaceSelector: matchExpressions: - - key: cert-manager.io/disable-validation - operator: NotIn - values: - - "true" + - key: cert-manager.io/disable-validation + operator: NotIn + values: + - "true" rules: - apiGroups: - "cert-manager.io" diff --git a/distros/sandbox/gitea/secret-postgresql.yaml b/distros/sandbox/gitea/secret-postgresql.yaml index 498c1fe..a092030 100644 --- a/distros/sandbox/gitea/secret-postgresql.yaml +++ b/distros/sandbox/gitea/secret-postgresql.yaml @@ -1,12 +1,12 @@ - apiVersion: v1 - kind: Secret - metadata: - name: gitea-postgresql - namespace: gitea - labels: - app.kubernetes.io/name: postgresql - app.kubernetes.io/instance: gitea - type: Opaque - data: - postgres-password: c2VjcmV0 - password: c2VjcmV0 \ No newline at end of file +apiVersion: v1 +kind: Secret +metadata: + name: gitea-postgresql + namespace: gitea + labels: + app.kubernetes.io/name: postgresql + app.kubernetes.io/instance: gitea +type: Opaque +data: + postgres-password: c2VjcmV0 + password: c2VjcmV0 diff --git a/distros/sandbox/gitea/service-gitea.yaml b/distros/sandbox/gitea/service-gitea.yaml index beb4818..a2011ee 100644 --- a/distros/sandbox/gitea/service-gitea.yaml +++ b/distros/sandbox/gitea/service-gitea.yaml @@ -12,13 +12,13 @@ metadata: spec: type: LoadBalancer ports: - - name: ssh - port: 22 - targetPort: 22 - protocol: TCP - - name: http - port: 3000 - targetPort: 3000 + - name: ssh + port: 22 + targetPort: 22 + protocol: TCP + - name: http + port: 3000 + targetPort: 3000 selector: app.kubernetes.io/name: gitea app.kubernetes.io/instance: gitea diff --git a/distros/sandbox/metallb-sandbox-config/ipaddresspool.yaml b/distros/sandbox/metallb-sandbox-config/ipaddresspool.yaml index 1b633b0..bc7e3bc 100644 --- a/distros/sandbox/metallb-sandbox-config/ipaddresspool.yaml +++ b/distros/sandbox/metallb-sandbox-config/ipaddresspool.yaml @@ -5,4 +5,4 @@ metadata: namespace: metallb-system spec: addresses: - - 172.18.0.0/20 + - 172.18.0.0/20 diff --git a/distros/sandbox/metallb/metallb-native.yaml b/distros/sandbox/metallb/metallb-native.yaml index 5cb6391..a2c63e3 100644 --- a/distros/sandbox/metallb/metallb-native.yaml +++ b/distros/sandbox/metallb/metallb-native.yaml @@ -24,8 +24,8 @@ spec: namespace: metallb-system path: /convert conversionReviewVersions: - - v1alpha1 - - v1beta1 + - v1alpha1 + - v1beta1 group: metallb.io names: kind: AddressPool @@ -34,184 +34,152 @@ spec: singular: addresspool scope: Namespaced versions: - - deprecated: true - deprecationWarning: metallb.io v1alpha1 AddressPool is deprecated - name: v1alpha1 - schema: - openAPIV3Schema: - description: AddressPool is the Schema for the addresspools API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: AddressPoolSpec defines the desired state of AddressPool. - properties: - addresses: - description: A list of IP address ranges over which MetalLB has authority. - You can list multiple ranges in a single pool, they will all share - the same settings. Each range can be either a CIDR prefix, or an - explicit start-end range of IPs. - items: + - deprecated: true + deprecationWarning: metallb.io v1alpha1 AddressPool is deprecated + name: v1alpha1 + schema: + openAPIV3Schema: + description: AddressPool is the Schema for the addresspools API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: AddressPoolSpec defines the desired state of AddressPool. + properties: + addresses: + description: A list of IP address ranges over which MetalLB has authority. You can list multiple ranges in a single pool, they will all share the same settings. Each range can be either a CIDR prefix, or an explicit start-end range of IPs. + items: + type: string + type: array + autoAssign: + default: true + description: AutoAssign flag used to prevent MetallB from automatic allocation for a pool. + type: boolean + bgpAdvertisements: + description: When an IP is allocated from this pool, how should it be translated into BGP announcements? + items: + properties: + aggregationLength: + default: 32 + description: The aggregation-length advertisement option lets you “roll up” the /32s into a larger prefix. + format: int32 + minimum: 1 + type: integer + aggregationLengthV6: + default: 128 + description: Optional, defaults to 128 (i.e. no aggregation) if not specified. + format: int32 + type: integer + communities: + description: BGP communities + items: + type: string + type: array + localPref: + description: BGP LOCAL_PREF attribute which is used by BGP best path algorithm, Path with higher localpref is preferred over one with lower localpref. + format: int32 + type: integer + type: object + type: array + protocol: + description: Protocol can be used to select how the announcement is done. + enum: + - layer2 + - bgp type: string - type: array - autoAssign: - default: true - description: AutoAssign flag used to prevent MetallB from automatic - allocation for a pool. - type: boolean - bgpAdvertisements: - description: When an IP is allocated from this pool, how should it - be translated into BGP announcements? - items: - properties: - aggregationLength: - default: 32 - description: The aggregation-length advertisement option lets - you “roll up” the /32s into a larger prefix. - format: int32 - minimum: 1 - type: integer - aggregationLengthV6: - default: 128 - description: Optional, defaults to 128 (i.e. no aggregation) - if not specified. - format: int32 - type: integer - communities: - description: BGP communities - items: - type: string - type: array - localPref: - description: BGP LOCAL_PREF attribute which is used by BGP best - path algorithm, Path with higher localpref is preferred over - one with lower localpref. - format: int32 - type: integer - type: object - type: array - protocol: - description: Protocol can be used to select how the announcement is - done. - enum: - - layer2 - - bgp - type: string - required: - - addresses - - protocol - type: object - status: - description: AddressPoolStatus defines the observed state of AddressPool. - type: object - required: - - spec - type: object - served: true - storage: false - subresources: - status: {} - - deprecated: true - deprecationWarning: metallb.io v1beta1 AddressPool is deprecated, consider using - IPAddressPool - name: v1beta1 - schema: - openAPIV3Schema: - description: AddressPool represents a pool of IP addresses that can be allocated - to LoadBalancer services. AddressPool is deprecated and being replaced by - IPAddressPool. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: AddressPoolSpec defines the desired state of AddressPool. - properties: - addresses: - description: A list of IP address ranges over which MetalLB has authority. - You can list multiple ranges in a single pool, they will all share - the same settings. Each range can be either a CIDR prefix, or an - explicit start-end range of IPs. - items: + required: + - addresses + - protocol + type: object + status: + description: AddressPoolStatus defines the observed state of AddressPool. + type: object + required: + - spec + type: object + served: true + storage: false + subresources: + status: {} + - deprecated: true + deprecationWarning: metallb.io v1beta1 AddressPool is deprecated, consider using IPAddressPool + name: v1beta1 + schema: + openAPIV3Schema: + description: AddressPool represents a pool of IP addresses that can be allocated to LoadBalancer services. AddressPool is deprecated and being replaced by IPAddressPool. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: AddressPoolSpec defines the desired state of AddressPool. + properties: + addresses: + description: A list of IP address ranges over which MetalLB has authority. You can list multiple ranges in a single pool, they will all share the same settings. Each range can be either a CIDR prefix, or an explicit start-end range of IPs. + items: + type: string + type: array + autoAssign: + default: true + description: AutoAssign flag used to prevent MetallB from automatic allocation for a pool. + type: boolean + bgpAdvertisements: + description: Drives how an IP allocated from this pool should translated into BGP announcements. + items: + properties: + aggregationLength: + default: 32 + description: The aggregation-length advertisement option lets you “roll up” the /32s into a larger prefix. + format: int32 + minimum: 1 + type: integer + aggregationLengthV6: + default: 128 + description: Optional, defaults to 128 (i.e. no aggregation) if not specified. + format: int32 + type: integer + communities: + description: BGP communities to be associated with the given advertisement. + items: + type: string + type: array + localPref: + description: BGP LOCAL_PREF attribute which is used by BGP best path algorithm, Path with higher localpref is preferred over one with lower localpref. + format: int32 + type: integer + type: object + type: array + protocol: + description: Protocol can be used to select how the announcement is done. + enum: + - layer2 + - bgp type: string - type: array - autoAssign: - default: true - description: AutoAssign flag used to prevent MetallB from automatic - allocation for a pool. - type: boolean - bgpAdvertisements: - description: Drives how an IP allocated from this pool should translated - into BGP announcements. - items: - properties: - aggregationLength: - default: 32 - description: The aggregation-length advertisement option lets - you “roll up” the /32s into a larger prefix. - format: int32 - minimum: 1 - type: integer - aggregationLengthV6: - default: 128 - description: Optional, defaults to 128 (i.e. no aggregation) - if not specified. - format: int32 - type: integer - communities: - description: BGP communities to be associated with the given - advertisement. - items: - type: string - type: array - localPref: - description: BGP LOCAL_PREF attribute which is used by BGP best - path algorithm, Path with higher localpref is preferred over - one with lower localpref. - format: int32 - type: integer - type: object - type: array - protocol: - description: Protocol can be used to select how the announcement is - done. - enum: - - layer2 - - bgp - type: string - required: - - addresses - - protocol - type: object - status: - description: AddressPoolStatus defines the observed state of AddressPool. - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} + required: + - addresses + - protocol + type: object + status: + description: AddressPoolStatus defines the observed state of AddressPool. + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition @@ -229,96 +197,80 @@ spec: singular: bfdprofile scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.passiveMode - name: Passive Mode - type: boolean - - jsonPath: .spec.transmitInterval - name: Transmit Interval - type: integer - - jsonPath: .spec.receiveInterval - name: Receive Interval - type: integer - - jsonPath: .spec.detectMultiplier - name: Multiplier - type: integer - name: v1beta1 - schema: - openAPIV3Schema: - description: BFDProfile represents the settings of the bfd session that can - be optionally associated with a BGP session. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: BFDProfileSpec defines the desired state of BFDProfile. - properties: - detectMultiplier: - description: Configures the detection multiplier to determine packet - loss. The remote transmission interval will be multiplied by this - value to determine the connection loss detection timer. - format: int32 - maximum: 255 - minimum: 2 - type: integer - echoInterval: - description: Configures the minimal echo receive transmission interval - that this system is capable of handling in milliseconds. Defaults - to 50ms - format: int32 - maximum: 60000 - minimum: 10 - type: integer - echoMode: - description: Enables or disables the echo transmission mode. This - mode is disabled by default, and not supported on multi hops setups. - type: boolean - minimumTtl: - description: 'For multi hop sessions only: configure the minimum expected - TTL for an incoming BFD control packet.' - format: int32 - maximum: 254 - minimum: 1 - type: integer - passiveMode: - description: 'Mark session as passive: a passive session will not - attempt to start the connection and will wait for control packets - from peer before it begins replying.' - type: boolean - receiveInterval: - description: The minimum interval that this system is capable of receiving - control packets in milliseconds. Defaults to 300ms. - format: int32 - maximum: 60000 - minimum: 10 - type: integer - transmitInterval: - description: The minimum transmission interval (less jitter) that - this system wants to use to send BFD control packets in milliseconds. - Defaults to 300ms - format: int32 - maximum: 60000 - minimum: 10 - type: integer - type: object - status: - description: BFDProfileStatus defines the observed state of BFDProfile. - type: object - type: object - served: true - storage: true - subresources: - status: {} + - additionalPrinterColumns: + - jsonPath: .spec.passiveMode + name: Passive Mode + type: boolean + - jsonPath: .spec.transmitInterval + name: Transmit Interval + type: integer + - jsonPath: .spec.receiveInterval + name: Receive Interval + type: integer + - jsonPath: .spec.detectMultiplier + name: Multiplier + type: integer + name: v1beta1 + schema: + openAPIV3Schema: + description: BFDProfile represents the settings of the bfd session that can be optionally associated with a BGP session. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: BFDProfileSpec defines the desired state of BFDProfile. + properties: + detectMultiplier: + description: Configures the detection multiplier to determine packet loss. The remote transmission interval will be multiplied by this value to determine the connection loss detection timer. + format: int32 + maximum: 255 + minimum: 2 + type: integer + echoInterval: + description: Configures the minimal echo receive transmission interval that this system is capable of handling in milliseconds. Defaults to 50ms + format: int32 + maximum: 60000 + minimum: 10 + type: integer + echoMode: + description: Enables or disables the echo transmission mode. This mode is disabled by default, and not supported on multi hops setups. + type: boolean + minimumTtl: + description: 'For multi hop sessions only: configure the minimum expected TTL for an incoming BFD control packet.' + format: int32 + maximum: 254 + minimum: 1 + type: integer + passiveMode: + description: 'Mark session as passive: a passive session will not attempt to start the connection and will wait for control packets from peer before it begins replying.' + type: boolean + receiveInterval: + description: The minimum interval that this system is capable of receiving control packets in milliseconds. Defaults to 300ms. + format: int32 + maximum: 60000 + minimum: 10 + type: integer + transmitInterval: + description: The minimum transmission interval (less jitter) that this system wants to use to send BFD control packets in milliseconds. Defaults to 300ms + format: int32 + maximum: 60000 + minimum: 10 + type: integer + type: object + status: + description: BFDProfileStatus defines the observed state of BFDProfile. + type: object + type: object + served: true + storage: true + subresources: + status: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition @@ -336,197 +288,143 @@ spec: singular: bgpadvertisement scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.ipAddressPools - name: IPAddressPools - type: string - - jsonPath: .spec.ipAddressPoolSelectors - name: IPAddressPool Selectors - type: string - - jsonPath: .spec.peers - name: Peers - type: string - - jsonPath: .spec.nodeSelectors - name: Node Selectors - priority: 10 - type: string - name: v1beta1 - schema: - openAPIV3Schema: - description: BGPAdvertisement allows to advertise the IPs coming from the - selected IPAddressPools via BGP, setting the parameters of the BGP Advertisement. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: BGPAdvertisementSpec defines the desired state of BGPAdvertisement. - properties: - aggregationLength: - default: 32 - description: The aggregation-length advertisement option lets you - “roll up” the /32s into a larger prefix. Defaults to 32. Works for - IPv4 addresses. - format: int32 - minimum: 1 - type: integer - aggregationLengthV6: - default: 128 - description: The aggregation-length advertisement option lets you - “roll up” the /128s into a larger prefix. Defaults to 128. Works - for IPv6 addresses. - format: int32 - type: integer - communities: - description: The BGP communities to be associated with the announcement. - Each item can be a community of the form 1234:1234 or the name of - an alias defined in the Community CRD. - items: - type: string - type: array - ipAddressPoolSelectors: - description: A selector for the IPAddressPools which would get advertised - via this advertisement. If no IPAddressPool is selected by this - or by the list, the advertisement is applied to all the IPAddressPools. - items: - description: A label selector is a label query over a set of resources. - The result of matchLabels and matchExpressions are ANDed. An empty - label selector matches all objects. A null label selector matches - no objects. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the - key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a - strategic merge patch. - items: + - additionalPrinterColumns: + - jsonPath: .spec.ipAddressPools + name: IPAddressPools + type: string + - jsonPath: .spec.ipAddressPoolSelectors + name: IPAddressPool Selectors + type: string + - jsonPath: .spec.peers + name: Peers + type: string + - jsonPath: .spec.nodeSelectors + name: Node Selectors + priority: 10 + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: BGPAdvertisement allows to advertise the IPs coming from the selected IPAddressPools via BGP, setting the parameters of the BGP Advertisement. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: BGPAdvertisementSpec defines the desired state of BGPAdvertisement. + properties: + aggregationLength: + default: 32 + description: The aggregation-length advertisement option lets you “roll up” the /32s into a larger prefix. Defaults to 32. Works for IPv4 addresses. + format: int32 + minimum: 1 + type: integer + aggregationLengthV6: + default: 128 + description: The aggregation-length advertisement option lets you “roll up” the /128s into a larger prefix. Defaults to 128. Works for IPv6 addresses. + format: int32 + type: integer + communities: + description: The BGP communities to be associated with the announcement. Each item can be a community of the form 1234:1234 or the name of an alias defined in the Community CRD. + items: + type: string + type: array + ipAddressPoolSelectors: + description: A selector for the IPAddressPools which would get advertised via this advertisement. If no IPAddressPool is selected by this or by the list, the advertisement is applied to all the IPAddressPools. + items: + description: A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. type: string - type: array - required: - - key - - operator + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - type: array - ipAddressPools: - description: The list of IPAddressPools to advertise via this advertisement, - selected by name. - items: - type: string - type: array - localPref: - description: The BGP LOCAL_PREF attribute which is used by BGP best - path algorithm, Path with higher localpref is preferred over one - with lower localpref. - format: int32 - type: integer - nodeSelectors: - description: NodeSelectors allows to limit the nodes to announce as - next hops for the LoadBalancer IP. When empty, all the nodes having are - announced as next hops. - items: - description: A label selector is a label query over a set of resources. - The result of matchLabels and matchExpressions are ANDed. An empty - label selector matches all objects. A null label selector matches - no objects. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the - key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a - strategic merge patch. - items: + type: object + x-kubernetes-map-type: atomic + type: array + ipAddressPools: + description: The list of IPAddressPools to advertise via this advertisement, selected by name. + items: + type: string + type: array + localPref: + description: The BGP LOCAL_PREF attribute which is used by BGP best path algorithm, Path with higher localpref is preferred over one with lower localpref. + format: int32 + type: integer + nodeSelectors: + description: NodeSelectors allows to limit the nodes to announce as next hops for the LoadBalancer IP. When empty, all the nodes having are announced as next hops. + items: + description: A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. type: string - type: array - required: - - key - - operator + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - type: array - peers: - description: Peers limits the bgppeer to advertise the ips of the - selected pools to. When empty, the loadbalancer IP is announced - to all the BGPPeers configured. - items: - type: string - type: array - type: object - status: - description: BGPAdvertisementStatus defines the observed state of BGPAdvertisement. - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: object + x-kubernetes-map-type: atomic + type: array + peers: + description: Peers limits the bgppeer to advertise the ips of the selected pools to. When empty, the loadbalancer IP is announced to all the BGPPeers configured. + items: + type: string + type: array + type: object + status: + description: BGPAdvertisementStatus defines the observed state of BGPAdvertisement. + type: object + type: object + served: true + storage: true + subresources: + status: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition @@ -545,8 +443,8 @@ spec: namespace: metallb-system path: /convert conversionReviewVersions: - - v1beta1 - - v1beta2 + - v1beta1 + - v1beta2 group: metallb.io names: kind: BGPPeer @@ -555,286 +453,248 @@ spec: singular: bgppeer scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.peerAddress - name: Address - type: string - - jsonPath: .spec.peerASN - name: ASN - type: string - - jsonPath: .spec.bfdProfile - name: BFD Profile - type: string - - jsonPath: .spec.ebgpMultiHop - name: Multi Hops - type: string - name: v1beta1 - schema: - openAPIV3Schema: - description: BGPPeer is the Schema for the peers API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: BGPPeerSpec defines the desired state of Peer. - properties: - bfdProfile: - type: string - ebgpMultiHop: - description: EBGP peer is multi-hops away - type: boolean - holdTime: - description: Requested BGP hold time, per RFC4271. - type: string - keepaliveTime: - description: Requested BGP keepalive time, per RFC4271. - type: string - myASN: - description: AS number to use for the local end of the session. - format: int32 - maximum: 4294967295 - minimum: 0 - type: integer - nodeSelectors: - description: Only connect to this peer on nodes that match one of - these selectors. - items: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: + - additionalPrinterColumns: + - jsonPath: .spec.peerAddress + name: Address + type: string + - jsonPath: .spec.peerASN + name: ASN + type: string + - jsonPath: .spec.bfdProfile + name: BFD Profile + type: string + - jsonPath: .spec.ebgpMultiHop + name: Multi Hops + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: BGPPeer is the Schema for the peers API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: BGPPeerSpec defines the desired state of Peer. + properties: + bfdProfile: + type: string + ebgpMultiHop: + description: EBGP peer is multi-hops away + type: boolean + holdTime: + description: Requested BGP hold time, per RFC4271. + type: string + keepaliveTime: + description: Requested BGP keepalive time, per RFC4271. + type: string + myASN: + description: AS number to use for the local end of the session. + format: int32 + maximum: 4294967295 + minimum: 0 + type: integer + nodeSelectors: + description: Only connect to this peer on nodes that match one of these selectors. + items: + properties: + matchExpressions: + items: + properties: + key: type: string - minItems: 1 - type: array - required: - - key - - operator - - values + operator: + type: string + values: + items: + type: string + minItems: 1 + type: array + required: + - key + - operator + - values + type: object + type: array + matchLabels: + additionalProperties: + type: string type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - type: array - password: - description: Authentication password for routers enforcing TCP MD5 - authenticated sessions - type: string - peerASN: - description: AS number to expect from the remote end of the session. - format: int32 - maximum: 4294967295 - minimum: 0 - type: integer - peerAddress: - description: Address to dial when establishing the session. - type: string - peerPort: - description: Port to dial when establishing the session. - maximum: 16384 - minimum: 0 - type: integer - routerID: - description: BGP router ID to advertise to the peer - type: string - sourceAddress: - description: Source address to use when establishing the session. - type: string - required: - - myASN - - peerASN - - peerAddress - type: object - status: - description: BGPPeerStatus defines the observed state of Peer. - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.peerAddress - name: Address - type: string - - jsonPath: .spec.peerASN - name: ASN - type: string - - jsonPath: .spec.bfdProfile - name: BFD Profile - type: string - - jsonPath: .spec.ebgpMultiHop - name: Multi Hops - type: string - name: v1beta2 - schema: - openAPIV3Schema: - description: BGPPeer is the Schema for the peers API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: BGPPeerSpec defines the desired state of Peer. - properties: - bfdProfile: - description: The name of the BFD Profile to be used for the BFD session - associated to the BGP session. If not set, the BFD session won't - be set up. - type: string - ebgpMultiHop: - description: To set if the BGPPeer is multi-hops away. Needed for - FRR mode only. - type: boolean - holdTime: - description: Requested BGP hold time, per RFC4271. - type: string - keepaliveTime: - description: Requested BGP keepalive time, per RFC4271. - type: string - myASN: - description: AS number to use for the local end of the session. - format: int32 - maximum: 4294967295 - minimum: 0 - type: integer - nodeSelectors: - description: Only connect to this peer on nodes that match one of - these selectors. - items: - description: A label selector is a label query over a set of resources. - The result of matchLabels and matchExpressions are ANDed. An empty - label selector matches all objects. A null label selector matches - no objects. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the - key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a - strategic merge patch. - items: + type: object + type: array + password: + description: Authentication password for routers enforcing TCP MD5 authenticated sessions + type: string + peerASN: + description: AS number to expect from the remote end of the session. + format: int32 + maximum: 4294967295 + minimum: 0 + type: integer + peerAddress: + description: Address to dial when establishing the session. + type: string + peerPort: + description: Port to dial when establishing the session. + maximum: 16384 + minimum: 0 + type: integer + routerID: + description: BGP router ID to advertise to the peer + type: string + sourceAddress: + description: Source address to use when establishing the session. + type: string + required: + - myASN + - peerASN + - peerAddress + type: object + status: + description: BGPPeerStatus defines the observed state of Peer. + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .spec.peerAddress + name: Address + type: string + - jsonPath: .spec.peerASN + name: ASN + type: string + - jsonPath: .spec.bfdProfile + name: BFD Profile + type: string + - jsonPath: .spec.ebgpMultiHop + name: Multi Hops + type: string + name: v1beta2 + schema: + openAPIV3Schema: + description: BGPPeer is the Schema for the peers API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: BGPPeerSpec defines the desired state of Peer. + properties: + bfdProfile: + description: The name of the BFD Profile to be used for the BFD session associated to the BGP session. If not set, the BFD session won't be set up. + type: string + ebgpMultiHop: + description: To set if the BGPPeer is multi-hops away. Needed for FRR mode only. + type: boolean + holdTime: + description: Requested BGP hold time, per RFC4271. + type: string + keepaliveTime: + description: Requested BGP keepalive time, per RFC4271. + type: string + myASN: + description: AS number to use for the local end of the session. + format: int32 + maximum: 4294967295 + minimum: 0 + type: integer + nodeSelectors: + description: Only connect to this peer on nodes that match one of these selectors. + items: + description: A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. type: string - type: array - required: - - key - - operator + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. - type: object + type: object + x-kubernetes-map-type: atomic + type: array + password: + description: Authentication password for routers enforcing TCP MD5 authenticated sessions + type: string + passwordSecret: + description: passwordSecret is name of the authentication secret for BGP Peer. the secret must be of type "kubernetes.io/basic-auth", and created in the same namespace as the MetalLB deployment. The password is stored in the secret as the key "password". + properties: + name: + description: name is unique within a namespace to reference a secret resource. + type: string + namespace: + description: namespace defines the space within which the secret name must be unique. + type: string type: object x-kubernetes-map-type: atomic - type: array - password: - description: Authentication password for routers enforcing TCP MD5 - authenticated sessions - type: string - passwordSecret: - description: passwordSecret is name of the authentication secret for - BGP Peer. the secret must be of type "kubernetes.io/basic-auth", - and created in the same namespace as the MetalLB deployment. The - password is stored in the secret as the key "password". - properties: - name: - description: name is unique within a namespace to reference a - secret resource. - type: string - namespace: - description: namespace defines the space within which the secret - name must be unique. - type: string - type: object - x-kubernetes-map-type: atomic - peerASN: - description: AS number to expect from the remote end of the session. - format: int32 - maximum: 4294967295 - minimum: 0 - type: integer - peerAddress: - description: Address to dial when establishing the session. - type: string - peerPort: - default: 179 - description: Port to dial when establishing the session. - maximum: 16384 - minimum: 0 - type: integer - routerID: - description: BGP router ID to advertise to the peer - type: string - sourceAddress: - description: Source address to use when establishing the session. - type: string - vrf: - description: To set if we want to peer with the BGPPeer using an interface - belonging to a host vrf - type: string - required: - - myASN - - peerASN - - peerAddress - type: object - status: - description: BGPPeerStatus defines the observed state of Peer. - type: object - type: object - served: true - storage: true - subresources: - status: {} + peerASN: + description: AS number to expect from the remote end of the session. + format: int32 + maximum: 4294967295 + minimum: 0 + type: integer + peerAddress: + description: Address to dial when establishing the session. + type: string + peerPort: + default: 179 + description: Port to dial when establishing the session. + maximum: 16384 + minimum: 0 + type: integer + routerID: + description: BGP router ID to advertise to the peer + type: string + sourceAddress: + description: Source address to use when establishing the session. + type: string + vrf: + description: To set if we want to peer with the BGPPeer using an interface belonging to a host vrf + type: string + required: + - myASN + - peerASN + - peerAddress + type: object + status: + description: BGPPeerStatus defines the observed state of Peer. + type: object + type: object + served: true + storage: true + subresources: + status: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition @@ -852,48 +712,42 @@ spec: singular: community scope: Namespaced versions: - - name: v1beta1 - schema: - openAPIV3Schema: - description: Community is a collection of aliases for communities. Users can - define named aliases to be used in the BGPPeer CRD. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: CommunitySpec defines the desired state of Community. - properties: - communities: - items: - properties: - name: - description: The name of the alias for the community. - type: string - value: - description: The BGP community value corresponding to the given - name. - type: string - type: object - type: array - type: object - status: - description: CommunityStatus defines the observed state of Community. - type: object - type: object - served: true - storage: true - subresources: - status: {} + - name: v1beta1 + schema: + openAPIV3Schema: + description: Community is a collection of aliases for communities. Users can define named aliases to be used in the BGPPeer CRD. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: CommunitySpec defines the desired state of Community. + properties: + communities: + items: + properties: + name: + description: The name of the alias for the community. + type: string + value: + description: The BGP community value corresponding to the given name. + type: string + type: object + type: array + type: object + status: + description: CommunityStatus defines the observed state of Community. + type: object + type: object + served: true + storage: true + subresources: + status: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition @@ -911,194 +765,138 @@ spec: singular: ipaddresspool scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.autoAssign - name: Auto Assign - type: boolean - - jsonPath: .spec.avoidBuggyIPs - name: Avoid Buggy IPs - type: boolean - - jsonPath: .spec.addresses - name: Addresses - type: string - name: v1beta1 - schema: - openAPIV3Schema: - description: IPAddressPool represents a pool of IP addresses that can be allocated - to LoadBalancer services. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: IPAddressPoolSpec defines the desired state of IPAddressPool. - properties: - addresses: - description: A list of IP address ranges over which MetalLB has authority. - You can list multiple ranges in a single pool, they will all share - the same settings. Each range can be either a CIDR prefix, or an - explicit start-end range of IPs. - items: - type: string - type: array - autoAssign: - default: true - description: AutoAssign flag used to prevent MetallB from automatic - allocation for a pool. - type: boolean - avoidBuggyIPs: - default: false - description: AvoidBuggyIPs prevents addresses ending with .0 and .255 - to be used by a pool. - type: boolean - serviceAllocation: - description: AllocateTo makes ip pool allocation to specific namespace - and/or service. The controller will use the pool with lowest value - of priority in case of multiple matches. A pool with no priority - set will be used only if the pools with priority can't be used. - If multiple matching IPAddressPools are available it will check - for the availability of IPs sorting the matching IPAddressPools - by priority, starting from the highest to the lowest. If multiple - IPAddressPools have the same priority, choice will be random. - properties: - namespaceSelectors: - description: NamespaceSelectors list of label selectors to select - namespace(s) for ip pool, an alternative to using namespace - list. - items: - description: A label selector is a label query over a set of - resources. The result of matchLabels and matchExpressions - are ANDed. An empty label selector matches all objects. A - null label selector matches no objects. - properties: - matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector - that contains values, a key, and an operator that relates - the key and values. - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, NotIn, - Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. - If the operator is In or NotIn, the values array - must be non-empty. If the operator is Exists or - DoesNotExist, the values array must be empty. This - array is replaced during a strategic merge patch. - items: + - additionalPrinterColumns: + - jsonPath: .spec.autoAssign + name: Auto Assign + type: boolean + - jsonPath: .spec.avoidBuggyIPs + name: Avoid Buggy IPs + type: boolean + - jsonPath: .spec.addresses + name: Addresses + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: IPAddressPool represents a pool of IP addresses that can be allocated to LoadBalancer services. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: IPAddressPoolSpec defines the desired state of IPAddressPool. + properties: + addresses: + description: A list of IP address ranges over which MetalLB has authority. You can list multiple ranges in a single pool, they will all share the same settings. Each range can be either a CIDR prefix, or an explicit start-end range of IPs. + items: + type: string + type: array + autoAssign: + default: true + description: AutoAssign flag used to prevent MetallB from automatic allocation for a pool. + type: boolean + avoidBuggyIPs: + default: false + description: AvoidBuggyIPs prevents addresses ending with .0 and .255 to be used by a pool. + type: boolean + serviceAllocation: + description: AllocateTo makes ip pool allocation to specific namespace and/or service. The controller will use the pool with lowest value of priority in case of multiple matches. A pool with no priority set will be used only if the pools with priority can't be used. If multiple matching IPAddressPools are available it will check for the availability of IPs sorting the matching IPAddressPools by priority, starting from the highest to the lowest. If multiple IPAddressPools have the same priority, choice will be random. + properties: + namespaceSelectors: + description: NamespaceSelectors list of label selectors to select namespace(s) for ip pool, an alternative to using namespace list. + items: + description: A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. type: string - type: array - required: - - key - - operator + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is - "key", the operator is "In", and the values array contains - only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - type: array - namespaces: - description: Namespaces list of namespace(s) on which ip pool - can be attached. - items: - type: string - type: array - priority: - description: Priority priority given for ip pool while ip allocation - on a service. - type: integer - serviceSelectors: - description: ServiceSelectors list of label selector to select - service(s) for which ip pool can be used for ip allocation. - items: - description: A label selector is a label query over a set of - resources. The result of matchLabels and matchExpressions - are ANDed. An empty label selector matches all objects. A - null label selector matches no objects. - properties: - matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector - that contains values, a key, and an operator that relates - the key and values. - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, NotIn, - Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. - If the operator is In or NotIn, the values array - must be non-empty. If the operator is Exists or - DoesNotExist, the values array must be empty. This - array is replaced during a strategic merge patch. - items: + type: object + x-kubernetes-map-type: atomic + type: array + namespaces: + description: Namespaces list of namespace(s) on which ip pool can be attached. + items: + type: string + type: array + priority: + description: Priority priority given for ip pool while ip allocation on a service. + type: integer + serviceSelectors: + description: ServiceSelectors list of label selector to select service(s) for which ip pool can be used for ip allocation. + items: + description: A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. type: string - type: array - required: - - key - - operator + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is - "key", the operator is "In", and the values array contains - only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - type: array - type: object - required: - - addresses - type: object - status: - description: IPAddressPoolStatus defines the observed state of IPAddressPool. - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} + type: object + x-kubernetes-map-type: atomic + type: array + type: object + required: + - addresses + type: object + status: + description: IPAddressPoolStatus defines the observed state of IPAddressPool. + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition @@ -1116,169 +914,123 @@ spec: singular: l2advertisement scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.ipAddressPools - name: IPAddressPools - type: string - - jsonPath: .spec.ipAddressPoolSelectors - name: IPAddressPool Selectors - type: string - - jsonPath: .spec.interfaces - name: Interfaces - type: string - - jsonPath: .spec.nodeSelectors - name: Node Selectors - priority: 10 - type: string - name: v1beta1 - schema: - openAPIV3Schema: - description: L2Advertisement allows to advertise the LoadBalancer IPs provided - by the selected pools via L2. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: L2AdvertisementSpec defines the desired state of L2Advertisement. - properties: - interfaces: - description: A list of interfaces to announce from. The LB IP will - be announced only from these interfaces. If the field is not set, - we advertise from all the interfaces on the host. - items: - type: string - type: array - ipAddressPoolSelectors: - description: A selector for the IPAddressPools which would get advertised - via this advertisement. If no IPAddressPool is selected by this - or by the list, the advertisement is applied to all the IPAddressPools. - items: - description: A label selector is a label query over a set of resources. - The result of matchLabels and matchExpressions are ANDed. An empty - label selector matches all objects. A null label selector matches - no objects. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the - key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a - strategic merge patch. - items: + - additionalPrinterColumns: + - jsonPath: .spec.ipAddressPools + name: IPAddressPools + type: string + - jsonPath: .spec.ipAddressPoolSelectors + name: IPAddressPool Selectors + type: string + - jsonPath: .spec.interfaces + name: Interfaces + type: string + - jsonPath: .spec.nodeSelectors + name: Node Selectors + priority: 10 + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: L2Advertisement allows to advertise the LoadBalancer IPs provided by the selected pools via L2. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: L2AdvertisementSpec defines the desired state of L2Advertisement. + properties: + interfaces: + description: A list of interfaces to announce from. The LB IP will be announced only from these interfaces. If the field is not set, we advertise from all the interfaces on the host. + items: + type: string + type: array + ipAddressPoolSelectors: + description: A selector for the IPAddressPools which would get advertised via this advertisement. If no IPAddressPool is selected by this or by the list, the advertisement is applied to all the IPAddressPools. + items: + description: A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. type: string - type: array - required: - - key - - operator + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - type: array - ipAddressPools: - description: The list of IPAddressPools to advertise via this advertisement, - selected by name. - items: - type: string - type: array - nodeSelectors: - description: NodeSelectors allows to limit the nodes to announce as - next hops for the LoadBalancer IP. When empty, all the nodes having are - announced as next hops. - items: - description: A label selector is a label query over a set of resources. - The result of matchLabels and matchExpressions are ANDed. An empty - label selector matches all objects. A null label selector matches - no objects. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the - key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a - strategic merge patch. - items: + type: object + x-kubernetes-map-type: atomic + type: array + ipAddressPools: + description: The list of IPAddressPools to advertise via this advertisement, selected by name. + items: + type: string + type: array + nodeSelectors: + description: NodeSelectors allows to limit the nodes to announce as next hops for the LoadBalancer IP. When empty, all the nodes having are announced as next hops. + items: + description: A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. type: string - type: array - required: - - key - - operator + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - type: array - type: object - status: - description: L2AdvertisementStatus defines the observed state of L2Advertisement. - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: object + x-kubernetes-map-type: atomic + type: array + type: object + status: + description: L2AdvertisementStatus defines the observed state of L2Advertisement. + type: object + type: object + served: true + storage: true + subresources: + status: {} --- apiVersion: v1 kind: ServiceAccount @@ -1304,89 +1056,89 @@ metadata: name: controller namespace: metallb-system rules: -- apiGroups: - - "" - resources: - - secrets - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - "" - resourceNames: - - memberlist - resources: - - secrets - verbs: - - list -- apiGroups: - - apps - resourceNames: - - controller - resources: - - deployments - verbs: - - get -- apiGroups: - - metallb.io - resources: - - bgppeers - verbs: - - get - - list -- apiGroups: - - metallb.io - resources: - - addresspools - verbs: - - get - - list - - watch -- apiGroups: - - metallb.io - resources: - - bfdprofiles - verbs: - - get - - list - - watch -- apiGroups: - - metallb.io - resources: - - ipaddresspools - verbs: - - get - - list - - watch -- apiGroups: - - metallb.io - resources: - - bgpadvertisements - verbs: - - get - - list - - watch -- apiGroups: - - metallb.io - resources: - - l2advertisements - verbs: - - get - - list - - watch -- apiGroups: - - metallb.io - resources: - - communities - verbs: - - get - - list - - watch + - apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resourceNames: + - memberlist + resources: + - secrets + verbs: + - list + - apiGroups: + - apps + resourceNames: + - controller + resources: + - deployments + verbs: + - get + - apiGroups: + - metallb.io + resources: + - bgppeers + verbs: + - get + - list + - apiGroups: + - metallb.io + resources: + - addresspools + verbs: + - get + - list + - watch + - apiGroups: + - metallb.io + resources: + - bfdprofiles + verbs: + - get + - list + - watch + - apiGroups: + - metallb.io + resources: + - ipaddresspools + verbs: + - get + - list + - watch + - apiGroups: + - metallb.io + resources: + - bgpadvertisements + verbs: + - get + - list + - watch + - apiGroups: + - metallb.io + resources: + - l2advertisements + verbs: + - get + - list + - watch + - apiGroups: + - metallb.io + resources: + - communities + verbs: + - get + - list + - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role @@ -1396,76 +1148,76 @@ metadata: name: pod-lister namespace: metallb-system rules: -- apiGroups: - - "" - resources: - - pods - verbs: - - list -- apiGroups: - - "" - resources: - - secrets - verbs: - - get - - list - - watch -- apiGroups: - - metallb.io - resources: - - addresspools - verbs: - - get - - list - - watch -- apiGroups: - - metallb.io - resources: - - bfdprofiles - verbs: - - get - - list - - watch -- apiGroups: - - metallb.io - resources: - - bgppeers - verbs: - - get - - list - - watch -- apiGroups: - - metallb.io - resources: - - l2advertisements - verbs: - - get - - list - - watch -- apiGroups: - - metallb.io - resources: - - bgpadvertisements - verbs: - - get - - list - - watch -- apiGroups: - - metallb.io - resources: - - ipaddresspools - verbs: - - get - - list - - watch -- apiGroups: - - metallb.io - resources: - - communities - verbs: - - get - - list - - watch + - apiGroups: + - "" + resources: + - pods + verbs: + - list + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - metallb.io + resources: + - addresspools + verbs: + - get + - list + - watch + - apiGroups: + - metallb.io + resources: + - bfdprofiles + verbs: + - get + - list + - watch + - apiGroups: + - metallb.io + resources: + - bgppeers + verbs: + - get + - list + - watch + - apiGroups: + - metallb.io + resources: + - l2advertisements + verbs: + - get + - list + - watch + - apiGroups: + - metallb.io + resources: + - bgpadvertisements + verbs: + - get + - list + - watch + - apiGroups: + - metallb.io + resources: + - ipaddresspools + verbs: + - get + - list + - watch + - apiGroups: + - metallb.io + resources: + - communities + verbs: + - get + - list + - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -1474,86 +1226,86 @@ metadata: app: metallb name: metallb-system:controller rules: -- apiGroups: - - "" - resources: - - services - - namespaces - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - - services/status - verbs: - - update -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch -- apiGroups: - - policy - resourceNames: - - controller - resources: - - podsecuritypolicies - verbs: - - use -- apiGroups: - - admissionregistration.k8s.io - resourceNames: - - metallb-webhook-configuration - resources: - - validatingwebhookconfigurations - - mutatingwebhookconfigurations - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - admissionregistration.k8s.io - resources: - - validatingwebhookconfigurations - - mutatingwebhookconfigurations - verbs: - - list - - watch -- apiGroups: - - apiextensions.k8s.io - resourceNames: - - addresspools.metallb.io - - bfdprofiles.metallb.io - - bgpadvertisements.metallb.io - - bgppeers.metallb.io - - ipaddresspools.metallb.io - - l2advertisements.metallb.io - - communities.metallb.io - resources: - - customresourcedefinitions - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - apiextensions.k8s.io - resources: - - customresourcedefinitions - verbs: - - list - - watch + - apiGroups: + - "" + resources: + - services + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - services/status + verbs: + - update + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + - apiGroups: + - policy + resourceNames: + - controller + resources: + - podsecuritypolicies + verbs: + - use + - apiGroups: + - admissionregistration.k8s.io + resourceNames: + - metallb-webhook-configuration + resources: + - validatingwebhookconfigurations + - mutatingwebhookconfigurations + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - admissionregistration.k8s.io + resources: + - validatingwebhookconfigurations + - mutatingwebhookconfigurations + verbs: + - list + - watch + - apiGroups: + - apiextensions.k8s.io + resourceNames: + - addresspools.metallb.io + - bfdprofiles.metallb.io + - bgpadvertisements.metallb.io + - bgppeers.metallb.io + - ipaddresspools.metallb.io + - l2advertisements.metallb.io + - communities.metallb.io + resources: + - customresourcedefinitions + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - list + - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -1562,40 +1314,40 @@ metadata: app: metallb name: metallb-system:speaker rules: -- apiGroups: - - "" - resources: - - services - - endpoints - - nodes - - namespaces - verbs: - - get - - list - - watch -- apiGroups: - - discovery.k8s.io - resources: - - endpointslices - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch -- apiGroups: - - policy - resourceNames: - - speaker - resources: - - podsecuritypolicies - verbs: - - use + - apiGroups: + - "" + resources: + - services + - endpoints + - nodes + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - discovery.k8s.io + resources: + - endpointslices + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + - apiGroups: + - policy + resourceNames: + - speaker + resources: + - podsecuritypolicies + verbs: + - use --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding @@ -1609,9 +1361,9 @@ roleRef: kind: Role name: controller subjects: -- kind: ServiceAccount - name: controller - namespace: metallb-system + - kind: ServiceAccount + name: controller + namespace: metallb-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding @@ -1625,9 +1377,9 @@ roleRef: kind: Role name: pod-lister subjects: -- kind: ServiceAccount - name: speaker - namespace: metallb-system + - kind: ServiceAccount + name: speaker + namespace: metallb-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding @@ -1640,9 +1392,9 @@ roleRef: kind: ClusterRole name: metallb-system:controller subjects: -- kind: ServiceAccount - name: controller - namespace: metallb-system + - kind: ServiceAccount + name: controller + namespace: metallb-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding @@ -1655,9 +1407,9 @@ roleRef: kind: ClusterRole name: metallb-system:speaker subjects: -- kind: ServiceAccount - name: speaker - namespace: metallb-system + - kind: ServiceAccount + name: speaker + namespace: metallb-system --- apiVersion: v1 kind: Secret @@ -1672,8 +1424,8 @@ metadata: namespace: metallb-system spec: ports: - - port: 443 - targetPort: 9443 + - port: 443 + targetPort: 9443 selector: component: controller --- @@ -1701,50 +1453,50 @@ spec: component: controller spec: containers: - - args: - - --port=7472 - - --log-level=info - env: - - name: METALLB_ML_SECRET_NAME - value: memberlist - - name: METALLB_DEPLOYMENT - value: controller - image: quay.io/metallb/controller:v0.13.9 - livenessProbe: - failureThreshold: 3 - httpGet: - path: /metrics - port: monitoring - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: controller - ports: - - containerPort: 7472 - name: monitoring - - containerPort: 9443 - name: webhook-server - protocol: TCP - readinessProbe: - failureThreshold: 3 - httpGet: - path: /metrics - port: monitoring - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - all - readOnlyRootFilesystem: true - volumeMounts: - - mountPath: /tmp/k8s-webhook-server/serving-certs - name: cert - readOnly: true + - args: + - --port=7472 + - --log-level=info + env: + - name: METALLB_ML_SECRET_NAME + value: memberlist + - name: METALLB_DEPLOYMENT + value: controller + image: quay.io/metallb/controller:v0.13.9 + livenessProbe: + failureThreshold: 3 + httpGet: + path: /metrics + port: monitoring + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: controller + ports: + - containerPort: 7472 + name: monitoring + - containerPort: 9443 + name: webhook-server + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /metrics + port: monitoring + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - all + readOnlyRootFilesystem: true + volumeMounts: + - mountPath: /tmp/k8s-webhook-server/serving-certs + name: cert + readOnly: true nodeSelector: kubernetes.io/os: linux securityContext: @@ -1754,10 +1506,10 @@ spec: serviceAccountName: controller terminationGracePeriodSeconds: 0 volumes: - - name: cert - secret: - defaultMode: 420 - secretName: webhook-server-cert + - name: cert + secret: + defaultMode: 420 + secretName: webhook-server-cert --- apiVersion: apps/v1 kind: DaemonSet @@ -1782,83 +1534,83 @@ spec: component: speaker spec: containers: - - args: - - --port=7472 - - --log-level=info - env: - - name: METALLB_NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - - name: METALLB_HOST - valueFrom: - fieldRef: - fieldPath: status.hostIP - - name: METALLB_ML_BIND_ADDR - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: METALLB_ML_LABELS - value: app=metallb,component=speaker - - name: METALLB_ML_SECRET_KEY_PATH - value: /etc/ml_secret_key - image: quay.io/metallb/speaker:v0.13.9 - livenessProbe: - failureThreshold: 3 - httpGet: - path: /metrics - port: monitoring - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - name: speaker - ports: - - containerPort: 7472 - name: monitoring - - containerPort: 7946 - name: memberlist-tcp - - containerPort: 7946 - name: memberlist-udp - protocol: UDP - readinessProbe: - failureThreshold: 3 - httpGet: - path: /metrics - port: monitoring - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - securityContext: - allowPrivilegeEscalation: false - capabilities: - add: - - NET_RAW - drop: - - ALL - readOnlyRootFilesystem: true - volumeMounts: - - mountPath: /etc/ml_secret_key - name: memberlist - readOnly: true + - args: + - --port=7472 + - --log-level=info + env: + - name: METALLB_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: METALLB_HOST + valueFrom: + fieldRef: + fieldPath: status.hostIP + - name: METALLB_ML_BIND_ADDR + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: METALLB_ML_LABELS + value: app=metallb,component=speaker + - name: METALLB_ML_SECRET_KEY_PATH + value: /etc/ml_secret_key + image: quay.io/metallb/speaker:v0.13.9 + livenessProbe: + failureThreshold: 3 + httpGet: + path: /metrics + port: monitoring + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: speaker + ports: + - containerPort: 7472 + name: monitoring + - containerPort: 7946 + name: memberlist-tcp + - containerPort: 7946 + name: memberlist-udp + protocol: UDP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /metrics + port: monitoring + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - NET_RAW + drop: + - ALL + readOnlyRootFilesystem: true + volumeMounts: + - mountPath: /etc/ml_secret_key + name: memberlist + readOnly: true hostNetwork: true nodeSelector: kubernetes.io/os: linux serviceAccountName: speaker terminationGracePeriodSeconds: 2 tolerations: - - effect: NoSchedule - key: node-role.kubernetes.io/master - operator: Exists - - effect: NoSchedule - key: node-role.kubernetes.io/control-plane - operator: Exists + - effect: NoSchedule + key: node-role.kubernetes.io/master + operator: Exists + - effect: NoSchedule + key: node-role.kubernetes.io/control-plane + operator: Exists volumes: - - name: memberlist - secret: - defaultMode: 420 - secretName: memberlist + - name: memberlist + secret: + defaultMode: 420 + secretName: memberlist --- apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration @@ -1866,143 +1618,143 @@ metadata: creationTimestamp: null name: metallb-webhook-configuration webhooks: -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: metallb-system - path: /validate-metallb-io-v1beta2-bgppeer - failurePolicy: Fail - name: bgppeersvalidationwebhook.metallb.io - rules: - - apiGroups: - - metallb.io - apiVersions: - - v1beta2 - operations: - - CREATE - - UPDATE - resources: - - bgppeers - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: metallb-system - path: /validate-metallb-io-v1beta1-addresspool - failurePolicy: Fail - name: addresspoolvalidationwebhook.metallb.io - rules: - - apiGroups: - - metallb.io - apiVersions: - - v1beta1 - operations: - - CREATE - - UPDATE - resources: - - addresspools - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: metallb-system - path: /validate-metallb-io-v1beta1-bfdprofile - failurePolicy: Fail - name: bfdprofilevalidationwebhook.metallb.io - rules: - - apiGroups: - - metallb.io - apiVersions: - - v1beta1 - operations: - - CREATE - - DELETE - resources: - - bfdprofiles - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: metallb-system - path: /validate-metallb-io-v1beta1-bgpadvertisement - failurePolicy: Fail - name: bgpadvertisementvalidationwebhook.metallb.io - rules: - - apiGroups: - - metallb.io - apiVersions: - - v1beta1 - operations: - - CREATE - - UPDATE - resources: - - bgpadvertisements - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: metallb-system - path: /validate-metallb-io-v1beta1-community - failurePolicy: Fail - name: communityvalidationwebhook.metallb.io - rules: - - apiGroups: - - metallb.io - apiVersions: - - v1beta1 - operations: - - CREATE - - UPDATE - resources: - - communities - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: metallb-system - path: /validate-metallb-io-v1beta1-ipaddresspool - failurePolicy: Fail - name: ipaddresspoolvalidationwebhook.metallb.io - rules: - - apiGroups: - - metallb.io - apiVersions: - - v1beta1 - operations: - - CREATE - - UPDATE - resources: - - ipaddresspools - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: webhook-service - namespace: metallb-system - path: /validate-metallb-io-v1beta1-l2advertisement - failurePolicy: Fail - name: l2advertisementvalidationwebhook.metallb.io - rules: - - apiGroups: - - metallb.io - apiVersions: - - v1beta1 - operations: - - CREATE - - UPDATE - resources: - - l2advertisements - sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: metallb-system + path: /validate-metallb-io-v1beta2-bgppeer + failurePolicy: Fail + name: bgppeersvalidationwebhook.metallb.io + rules: + - apiGroups: + - metallb.io + apiVersions: + - v1beta2 + operations: + - CREATE + - UPDATE + resources: + - bgppeers + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: metallb-system + path: /validate-metallb-io-v1beta1-addresspool + failurePolicy: Fail + name: addresspoolvalidationwebhook.metallb.io + rules: + - apiGroups: + - metallb.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - addresspools + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: metallb-system + path: /validate-metallb-io-v1beta1-bfdprofile + failurePolicy: Fail + name: bfdprofilevalidationwebhook.metallb.io + rules: + - apiGroups: + - metallb.io + apiVersions: + - v1beta1 + operations: + - CREATE + - DELETE + resources: + - bfdprofiles + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: metallb-system + path: /validate-metallb-io-v1beta1-bgpadvertisement + failurePolicy: Fail + name: bgpadvertisementvalidationwebhook.metallb.io + rules: + - apiGroups: + - metallb.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - bgpadvertisements + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: metallb-system + path: /validate-metallb-io-v1beta1-community + failurePolicy: Fail + name: communityvalidationwebhook.metallb.io + rules: + - apiGroups: + - metallb.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - communities + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: metallb-system + path: /validate-metallb-io-v1beta1-ipaddresspool + failurePolicy: Fail + name: ipaddresspoolvalidationwebhook.metallb.io + rules: + - apiGroups: + - metallb.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - ipaddresspools + sideEffects: None + - admissionReviewVersions: + - v1 + clientConfig: + service: + name: webhook-service + namespace: metallb-system + path: /validate-metallb-io-v1beta1-l2advertisement + failurePolicy: Fail + name: l2advertisementvalidationwebhook.metallb.io + rules: + - apiGroups: + - metallb.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - l2advertisements + sideEffects: None diff --git a/distros/sandbox/network/vpc-cu-e1.yaml b/distros/sandbox/network/vpc-cu-e1.yaml index 1b3a39a..57a2d2c 100644 --- a/distros/sandbox/network/vpc-cu-e1.yaml +++ b/distros/sandbox/network/vpc-cu-e1.yaml @@ -5,22 +5,22 @@ metadata: spec: topology: nephio routingTables: - - name: vpc-cu-e1 - prefixes: - - prefix: 172:4::/32 - labels: - nephio.org/network-name: e1 - - prefix: 172.4.0.0/16 - labels: - nephio.org/network-name: e1 - interfaces: - - kind: bridgedomain - bridgeDomainName: vpc-cu-e1 - bridgeDomains: - - name: vpc-cu-e1 - interfaces: - - kind: interface - selector: - matchExpressions: - - {key: nephio.org/cluster-name, operator: Exists} - attachmentType: vlan + - name: vpc-cu-e1 + prefixes: + - prefix: 172:4::/32 + labels: + nephio.org/network-name: e1 + - prefix: 172.4.0.0/16 + labels: + nephio.org/network-name: e1 + interfaces: + - kind: bridgedomain + bridgeDomainName: vpc-cu-e1 + bridgeDomains: + - name: vpc-cu-e1 + interfaces: + - kind: interface + selector: + matchExpressions: + - {key: nephio.org/cluster-name, operator: Exists} + attachmentType: vlan diff --git a/distros/sandbox/network/vpc-cudu-f1.yaml b/distros/sandbox/network/vpc-cudu-f1.yaml index d9df99d..aa69084 100644 --- a/distros/sandbox/network/vpc-cudu-f1.yaml +++ b/distros/sandbox/network/vpc-cudu-f1.yaml @@ -5,22 +5,22 @@ metadata: spec: topology: nephio routingTables: - - name: vpc-cudu-f1 - prefixes: - - prefix: 172:5::/32 - labels: - nephio.org/network-name: f1 - - prefix: 172.5.0.0/16 - labels: - nephio.org/network-name: f1 - interfaces: - - kind: bridgedomain - bridgeDomainName: vpc-cudu-f1 - bridgeDomains: - - name: vpc-cudu-f1 - interfaces: - - kind: interface - selector: - matchExpressions: - - {key: nephio.org/cluster-name, operator: Exists} - attachmentType: vlan + - name: vpc-cudu-f1 + prefixes: + - prefix: 172:5::/32 + labels: + nephio.org/network-name: f1 + - prefix: 172.5.0.0/16 + labels: + nephio.org/network-name: f1 + interfaces: + - kind: bridgedomain + bridgeDomainName: vpc-cudu-f1 + bridgeDomains: + - name: vpc-cudu-f1 + interfaces: + - kind: interface + selector: + matchExpressions: + - {key: nephio.org/cluster-name, operator: Exists} + attachmentType: vlan diff --git a/distros/sandbox/network/vpc-internal.yaml b/distros/sandbox/network/vpc-internal.yaml index 8871a11..c27c1ae 100644 --- a/distros/sandbox/network/vpc-internal.yaml +++ b/distros/sandbox/network/vpc-internal.yaml @@ -5,18 +5,18 @@ metadata: spec: topology: nephio routingTables: - - name: vpc-internal - prefixes: - - prefix: 172:1::/32 - - prefix: 172.1.0.0/16 - interfaces: - - kind: bridgedomain - bridgeDomainName: vpc-internal - bridgeDomains: - - name: vpc-internal - interfaces: - - kind: interface - selector: - matchExpressions: - - {key: nephio.org/cluster-name, operator: Exists} - attachmentType: vlan + - name: vpc-internal + prefixes: + - prefix: 172:1::/32 + - prefix: 172.1.0.0/16 + interfaces: + - kind: bridgedomain + bridgeDomainName: vpc-internal + bridgeDomains: + - name: vpc-internal + interfaces: + - kind: interface + selector: + matchExpressions: + - {key: nephio.org/cluster-name, operator: Exists} + attachmentType: vlan diff --git a/distros/sandbox/network/vpc-internet.yaml b/distros/sandbox/network/vpc-internet.yaml index 30550d2..1306e31 100644 --- a/distros/sandbox/network/vpc-internet.yaml +++ b/distros/sandbox/network/vpc-internet.yaml @@ -5,24 +5,24 @@ metadata: spec: topology: nephio routingTables: - - name: vpc-internet - prefixes: - - prefix: 172::/32 - - prefix: 172.0.0.0/16 - - prefix: 1000::/32 - labels: - nephio.org/prefix-kind: pool - - prefix: 10.0.0.0/8 - labels: - nephio.org/prefix-kind: pool - interfaces: - - kind: bridgedomain - bridgeDomainName: vpc-internet - bridgeDomains: - - name: vpc-internet - interfaces: - - kind: interface - selector: - matchExpressions: - - {key: nephio.org/cluster-name, operator: Exists} - attachmentType: vlan + - name: vpc-internet + prefixes: + - prefix: 172::/32 + - prefix: 172.0.0.0/16 + - prefix: 1000::/32 + labels: + nephio.org/prefix-kind: pool + - prefix: 10.0.0.0/8 + labels: + nephio.org/prefix-kind: pool + interfaces: + - kind: bridgedomain + bridgeDomainName: vpc-internet + bridgeDomains: + - name: vpc-internet + interfaces: + - kind: interface + selector: + matchExpressions: + - {key: nephio.org/cluster-name, operator: Exists} + attachmentType: vlan diff --git a/distros/sandbox/network/vpc-ran.yaml b/distros/sandbox/network/vpc-ran.yaml index a9005db..26c8bd8 100644 --- a/distros/sandbox/network/vpc-ran.yaml +++ b/distros/sandbox/network/vpc-ran.yaml @@ -5,28 +5,28 @@ metadata: spec: topology: nephio routingTables: - - name: vpc-ran - prefixes: - - prefix: 172:2::/32 - labels: - nephio.org/network-name: n2 - - prefix: 172.2.0.0/16 - labels: - nephio.org/network-name: n2 - - prefix: 172:3::/32 - labels: - nephio.org/network-name: n3 - - prefix: 172.3.0.0/16 - labels: - nephio.org/network-name: n3 - interfaces: - - kind: bridgedomain - bridgeDomainName: vpc-ran - bridgeDomains: - - name: vpc-ran - interfaces: - - kind: interface - selector: - matchExpressions: - - {key: nephio.org/cluster-name, operator: Exists} - attachmentType: vlan + - name: vpc-ran + prefixes: + - prefix: 172:2::/32 + labels: + nephio.org/network-name: n2 + - prefix: 172.2.0.0/16 + labels: + nephio.org/network-name: n2 + - prefix: 172:3::/32 + labels: + nephio.org/network-name: n3 + - prefix: 172.3.0.0/16 + labels: + nephio.org/network-name: n3 + interfaces: + - kind: bridgedomain + bridgeDomainName: vpc-ran + bridgeDomains: + - name: vpc-ran + interfaces: + - kind: interface + selector: + matchExpressions: + - {key: nephio.org/cluster-name, operator: Exists} + attachmentType: vlan diff --git a/infra/capi/cluster-capi-infrastructure-docker/cluster-api-infrastructure-docker.yaml b/infra/capi/cluster-capi-infrastructure-docker/cluster-api-infrastructure-docker.yaml index 7ba8539..8baabff 100644 --- a/infra/capi/cluster-capi-infrastructure-docker/cluster-api-infrastructure-docker.yaml +++ b/infra/capi/cluster-capi-infrastructure-docker/cluster-api-infrastructure-docker.yaml @@ -34,501 +34,370 @@ spec: namespace: capd-system path: /convert conversionReviewVersions: - - v1 - - v1beta1 + - v1 + - v1beta1 group: infrastructure.cluster.x-k8s.io names: categories: - - cluster-api + - cluster-api kind: DockerCluster listKind: DockerClusterList plural: dockerclusters singular: dockercluster scope: Namespaced versions: - - deprecated: true - name: v1alpha3 - schema: - openAPIV3Schema: - description: "DockerCluster is the Schema for the dockerclusters API. \n Deprecated: - This type will be removed in one of the next releases." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: DockerClusterSpec defines the desired state of DockerCluster. - properties: - controlPlaneEndpoint: - description: ControlPlaneEndpoint represents the endpoint used to - communicate with the control plane. - properties: - host: - description: Host is the hostname on which the API server is serving. - type: string - port: - description: Port is the port on which the API server is serving. - type: integer - required: - - host - - port - type: object - failureDomains: - additionalProperties: - description: FailureDomainSpec is the Schema for Cluster API failure - domains. It allows controllers to understand how many failure - domains a cluster can optionally span across. - properties: - attributes: - additionalProperties: - type: string - description: Attributes is a free form map of attributes an - infrastructure provider might use or require. - type: object - controlPlane: - description: ControlPlane determines if this failure domain - is suitable for use by control plane machines. - type: boolean - type: object - description: FailureDomains are not usulaly defined on the spec. The - docker provider is special since failure domains don't mean anything - in a local docker environment. Instead, the docker cluster controller - will simply copy these into the Status and allow the Cluster API - controllers to do what they will with the defined failure domains. - type: object - type: object - status: - description: DockerClusterStatus defines the observed state of DockerCluster. - properties: - conditions: - description: Conditions defines current service state of the DockerCluster. - items: - description: Condition defines an observation of a Cluster API resource - operational state. + - deprecated: true + name: v1alpha3 + schema: + openAPIV3Schema: + description: "DockerCluster is the Schema for the dockerclusters API. \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DockerClusterSpec defines the desired state of DockerCluster. + properties: + controlPlaneEndpoint: + description: ControlPlaneEndpoint represents the endpoint used to communicate with the control plane. properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. - type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + host: + description: Host is the hostname on which the API server is serving. type: string + port: + description: Port is the port on which the API server is serving. + type: integer required: - - status - - type + - host + - port type: object - type: array - failureDomains: - additionalProperties: - description: FailureDomainSpec is the Schema for Cluster API failure - domains. It allows controllers to understand how many failure - domains a cluster can optionally span across. - properties: - attributes: - additionalProperties: - type: string - description: Attributes is a free form map of attributes an - infrastructure provider might use or require. - type: object - controlPlane: - description: ControlPlane determines if this failure domain - is suitable for use by control plane machines. - type: boolean + failureDomains: + additionalProperties: + description: FailureDomainSpec is the Schema for Cluster API failure domains. It allows controllers to understand how many failure domains a cluster can optionally span across. + properties: + attributes: + additionalProperties: + type: string + description: Attributes is a free form map of attributes an infrastructure provider might use or require. + type: object + controlPlane: + description: ControlPlane determines if this failure domain is suitable for use by control plane machines. + type: boolean + type: object + description: FailureDomains are not usulaly defined on the spec. The docker provider is special since failure domains don't mean anything in a local docker environment. Instead, the docker cluster controller will simply copy these into the Status and allow the Cluster API controllers to do what they will with the defined failure domains. type: object - description: FailureDomains don't mean much in CAPD since it's all - local, but we can see how the rest of cluster API will use this - if we populate it. - type: object - ready: - description: Ready denotes that the docker cluster (infrastructure) - is ready. - type: boolean - required: - - ready - type: object - type: object - served: false - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - description: Time duration since creation of DockerCluster - jsonPath: .metadata.creationTimestamp - name: Age - type: date - deprecated: true - name: v1alpha4 - schema: - openAPIV3Schema: - description: "DockerCluster is the Schema for the dockerclusters API. \n Deprecated: - This type will be removed in one of the next releases." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: DockerClusterSpec defines the desired state of DockerCluster. - properties: - controlPlaneEndpoint: - description: ControlPlaneEndpoint represents the endpoint used to - communicate with the control plane. - properties: - host: - description: Host is the hostname on which the API server is serving. - type: string - port: - description: Port is the port on which the API server is serving. - type: integer - required: - - host - - port - type: object - failureDomains: - additionalProperties: - description: FailureDomainSpec is the Schema for Cluster API failure - domains. It allows controllers to understand how many failure - domains a cluster can optionally span across. - properties: - attributes: - additionalProperties: + type: object + status: + description: DockerClusterStatus defines the observed state of DockerCluster. + properties: + conditions: + description: Conditions defines current service state of the DockerCluster. + items: + description: Condition defines an observation of a Cluster API resource operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time type: string - description: Attributes is a free form map of attributes an - infrastructure provider might use or require. - type: object - controlPlane: - description: ControlPlane determines if this failure domain - is suitable for use by control plane machines. - type: boolean + message: + description: A human readable message indicating details about the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. + type: string + severity: + description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + type: string + required: + - status + - type + type: object + type: array + failureDomains: + additionalProperties: + description: FailureDomainSpec is the Schema for Cluster API failure domains. It allows controllers to understand how many failure domains a cluster can optionally span across. + properties: + attributes: + additionalProperties: + type: string + description: Attributes is a free form map of attributes an infrastructure provider might use or require. + type: object + controlPlane: + description: ControlPlane determines if this failure domain is suitable for use by control plane machines. + type: boolean + type: object + description: FailureDomains don't mean much in CAPD since it's all local, but we can see how the rest of cluster API will use this if we populate it. type: object - description: FailureDomains are not usulaly defined on the spec. The - docker provider is special since failure domains don't mean anything - in a local docker environment. Instead, the docker cluster controller - will simply copy these into the Status and allow the Cluster API - controllers to do what they will with the defined failure domains. - type: object - loadBalancer: - description: LoadBalancer allows defining configurations for the cluster - load balancer. - properties: - imageRepository: - description: ImageRepository sets the container registry to pull - the haproxy image from. if not set, "kindest" will be used instead. - type: string - imageTag: - description: ImageTag allows to specify a tag for the haproxy - image. if not set, "v20210715-a6da3463" will be used instead. - type: string - type: object - type: object - status: - description: DockerClusterStatus defines the observed state of DockerCluster. - properties: - conditions: - description: Conditions defines current service state of the DockerCluster. - items: - description: Condition defines an observation of a Cluster API resource - operational state. + ready: + description: Ready denotes that the docker cluster (infrastructure) is ready. + type: boolean + required: + - ready + type: object + type: object + served: false + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Time duration since creation of DockerCluster + jsonPath: .metadata.creationTimestamp + name: Age + type: date + deprecated: true + name: v1alpha4 + schema: + openAPIV3Schema: + description: "DockerCluster is the Schema for the dockerclusters API. \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DockerClusterSpec defines the desired state of DockerCluster. + properties: + controlPlaneEndpoint: + description: ControlPlaneEndpoint represents the endpoint used to communicate with the control plane. properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. - type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + host: + description: Host is the hostname on which the API server is serving. type: string + port: + description: Port is the port on which the API server is serving. + type: integer required: - - status - - type + - host + - port type: object - type: array - failureDomains: - additionalProperties: - description: FailureDomainSpec is the Schema for Cluster API failure - domains. It allows controllers to understand how many failure - domains a cluster can optionally span across. - properties: - attributes: - additionalProperties: - type: string - description: Attributes is a free form map of attributes an - infrastructure provider might use or require. - type: object - controlPlane: - description: ControlPlane determines if this failure domain - is suitable for use by control plane machines. - type: boolean + failureDomains: + additionalProperties: + description: FailureDomainSpec is the Schema for Cluster API failure domains. It allows controllers to understand how many failure domains a cluster can optionally span across. + properties: + attributes: + additionalProperties: + type: string + description: Attributes is a free form map of attributes an infrastructure provider might use or require. + type: object + controlPlane: + description: ControlPlane determines if this failure domain is suitable for use by control plane machines. + type: boolean + type: object + description: FailureDomains are not usulaly defined on the spec. The docker provider is special since failure domains don't mean anything in a local docker environment. Instead, the docker cluster controller will simply copy these into the Status and allow the Cluster API controllers to do what they will with the defined failure domains. type: object - description: FailureDomains don't mean much in CAPD since it's all - local, but we can see how the rest of cluster API will use this - if we populate it. - type: object - ready: - description: Ready denotes that the docker cluster (infrastructure) - is ready. - type: boolean - required: - - ready - type: object - type: object - served: false - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - description: Cluster - jsonPath: .metadata.labels['cluster\.x-k8s\.io/cluster-name'] - name: Cluster - type: string - - description: Time duration since creation of DockerCluster - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: DockerCluster is the Schema for the dockerclusters API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: DockerClusterSpec defines the desired state of DockerCluster. - properties: - controlPlaneEndpoint: - description: ControlPlaneEndpoint represents the endpoint used to - communicate with the control plane. - properties: - host: - description: Host is the hostname on which the API server is serving. - type: string - port: - description: Port is the port on which the API server is serving. - Defaults to 6443 if not set. - type: integer - required: - - host - - port - type: object - failureDomains: - additionalProperties: - description: FailureDomainSpec is the Schema for Cluster API failure - domains. It allows controllers to understand how many failure - domains a cluster can optionally span across. + loadBalancer: + description: LoadBalancer allows defining configurations for the cluster load balancer. properties: - attributes: - additionalProperties: - type: string - description: Attributes is a free form map of attributes an - infrastructure provider might use or require. - type: object - controlPlane: - description: ControlPlane determines if this failure domain - is suitable for use by control plane machines. - type: boolean + imageRepository: + description: ImageRepository sets the container registry to pull the haproxy image from. if not set, "kindest" will be used instead. + type: string + imageTag: + description: ImageTag allows to specify a tag for the haproxy image. if not set, "v20210715-a6da3463" will be used instead. + type: string type: object - description: FailureDomains are usually not defined in the spec. The - docker provider is special since failure domains don't mean anything - in a local docker environment. Instead, the docker cluster controller - will simply copy these into the Status and allow the Cluster API - controllers to do what they will with the defined failure domains. - type: object - loadBalancer: - description: LoadBalancer allows defining configurations for the cluster - load balancer. - properties: - customHAProxyConfigTemplateRef: - description: 'CustomHAProxyConfigTemplateRef allows you to replace - the default HAProxy config file. This field is a reference to - a config map that contains the configuration template. The key - of the config map should be equal to ''value''. The content - of the config map will be processed and will replace the default - HAProxy config file. Please use it with caution, as there are - no checks to ensure the validity of the configuration. This - template will support the following variables that will be passed - by the controller: $IPv6 (bool) indicates if the cluster is - IPv6, $FrontendControlPlanePort (string) indicates the frontend - control plane port, $BackendControlPlanePort (string) indicates - the backend control plane port, $BackendServers (map[string]string) - indicates the backend server where the key is the server name - and the value is the address. This map is dynamic and is updated - every time a new control plane node is added or removed. The - template will also support the JoinHostPort function to join - the host and port of the backend server.' + type: object + status: + description: DockerClusterStatus defines the observed state of DockerCluster. + properties: + conditions: + description: Conditions defines current service state of the DockerCluster. + items: + description: Condition defines an observation of a Cluster API resource operational state. properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + lastTransitionTime: + description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. type: string + severity: + description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + type: string + required: + - status + - type type: object - x-kubernetes-map-type: atomic - imageRepository: - description: ImageRepository sets the container registry to pull - the haproxy image from. if not set, "kindest" will be used instead. - type: string - imageTag: - description: ImageTag allows to specify a tag for the haproxy - image. if not set, "v20210715-a6da3463" will be used instead. - type: string - type: object - type: object - status: - description: DockerClusterStatus defines the observed state of DockerCluster. - properties: - conditions: - description: Conditions defines current service state of the DockerCluster. - items: - description: Condition defines an observation of a Cluster API resource - operational state. + type: array + failureDomains: + additionalProperties: + description: FailureDomainSpec is the Schema for Cluster API failure domains. It allows controllers to understand how many failure domains a cluster can optionally span across. + properties: + attributes: + additionalProperties: + type: string + description: Attributes is a free form map of attributes an infrastructure provider might use or require. + type: object + controlPlane: + description: ControlPlane determines if this failure domain is suitable for use by control plane machines. + type: boolean + type: object + description: FailureDomains don't mean much in CAPD since it's all local, but we can see how the rest of cluster API will use this if we populate it. + type: object + ready: + description: Ready denotes that the docker cluster (infrastructure) is ready. + type: boolean + required: + - ready + type: object + type: object + served: false + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Cluster + jsonPath: .metadata.labels['cluster\.x-k8s\.io/cluster-name'] + name: Cluster + type: string + - description: Time duration since creation of DockerCluster + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: DockerCluster is the Schema for the dockerclusters API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DockerClusterSpec defines the desired state of DockerCluster. + properties: + controlPlaneEndpoint: + description: ControlPlaneEndpoint represents the endpoint used to communicate with the control plane. properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. - type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + host: + description: Host is the hostname on which the API server is serving. type: string + port: + description: Port is the port on which the API server is serving. Defaults to 6443 if not set. + type: integer required: - - lastTransitionTime - - status - - type + - host + - port + type: object + failureDomains: + additionalProperties: + description: FailureDomainSpec is the Schema for Cluster API failure domains. It allows controllers to understand how many failure domains a cluster can optionally span across. + properties: + attributes: + additionalProperties: + type: string + description: Attributes is a free form map of attributes an infrastructure provider might use or require. + type: object + controlPlane: + description: ControlPlane determines if this failure domain is suitable for use by control plane machines. + type: boolean + type: object + description: FailureDomains are usually not defined in the spec. The docker provider is special since failure domains don't mean anything in a local docker environment. Instead, the docker cluster controller will simply copy these into the Status and allow the Cluster API controllers to do what they will with the defined failure domains. type: object - type: array - failureDomains: - additionalProperties: - description: FailureDomainSpec is the Schema for Cluster API failure - domains. It allows controllers to understand how many failure - domains a cluster can optionally span across. + loadBalancer: + description: LoadBalancer allows defining configurations for the cluster load balancer. properties: - attributes: - additionalProperties: - type: string - description: Attributes is a free form map of attributes an - infrastructure provider might use or require. + customHAProxyConfigTemplateRef: + description: 'CustomHAProxyConfigTemplateRef allows you to replace the default HAProxy config file. This field is a reference to a config map that contains the configuration template. The key of the config map should be equal to ''value''. The content of the config map will be processed and will replace the default HAProxy config file. Please use it with caution, as there are no checks to ensure the validity of the configuration. This template will support the following variables that will be passed by the controller: $IPv6 (bool) indicates if the cluster is IPv6, $FrontendControlPlanePort (string) indicates the frontend control plane port, $BackendControlPlanePort (string) indicates the backend control plane port, $BackendServers (map[string]string) indicates the backend server where the key is the server name and the value is the address. This map is dynamic and is updated every time a new control plane node is added or removed. The template will also support the JoinHostPort function to join the host and port of the backend server.' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' + type: string type: object - controlPlane: - description: ControlPlane determines if this failure domain - is suitable for use by control plane machines. - type: boolean + x-kubernetes-map-type: atomic + imageRepository: + description: ImageRepository sets the container registry to pull the haproxy image from. if not set, "kindest" will be used instead. + type: string + imageTag: + description: ImageTag allows to specify a tag for the haproxy image. if not set, "v20210715-a6da3463" will be used instead. + type: string + type: object + type: object + status: + description: DockerClusterStatus defines the observed state of DockerCluster. + properties: + conditions: + description: Conditions defines current service state of the DockerCluster. + items: + description: Condition defines an observation of a Cluster API resource operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. + type: string + severity: + description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + failureDomains: + additionalProperties: + description: FailureDomainSpec is the Schema for Cluster API failure domains. It allows controllers to understand how many failure domains a cluster can optionally span across. + properties: + attributes: + additionalProperties: + type: string + description: Attributes is a free form map of attributes an infrastructure provider might use or require. + type: object + controlPlane: + description: ControlPlane determines if this failure domain is suitable for use by control plane machines. + type: boolean + type: object + description: FailureDomains don't mean much in CAPD since it's all local, but we can see how the rest of cluster API will use this if we populate it. type: object - description: FailureDomains don't mean much in CAPD since it's all - local, but we can see how the rest of cluster API will use this - if we populate it. - type: object - ready: - description: Ready denotes that the docker cluster (infrastructure) - is ready. - type: boolean - type: object - type: object - served: true - storage: true - subresources: - status: {} + ready: + description: Ready denotes that the docker cluster (infrastructure) is ready. + type: boolean + type: object + type: object + served: true + storage: true + subresources: + status: {} status: acceptedNames: kind: "" @@ -560,268 +429,193 @@ spec: namespace: capd-system path: /convert conversionReviewVersions: - - v1 - - v1beta1 + - v1 + - v1beta1 group: infrastructure.cluster.x-k8s.io names: categories: - - cluster-api + - cluster-api kind: DockerClusterTemplate listKind: DockerClusterTemplateList plural: dockerclustertemplates singular: dockerclustertemplate scope: Namespaced versions: - - additionalPrinterColumns: - - description: Time duration since creation of DockerClusterTemplate - jsonPath: .metadata.creationTimestamp - name: Age - type: date - deprecated: true - name: v1alpha4 - schema: - openAPIV3Schema: - description: "DockerClusterTemplate is the Schema for the dockerclustertemplates - API. \n Deprecated: This type will be removed in one of the next releases." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: DockerClusterTemplateSpec defines the desired state of DockerClusterTemplate. - properties: - template: - description: DockerClusterTemplateResource describes the data needed - to create a DockerCluster from a template. - properties: - spec: - description: DockerClusterSpec defines the desired state of DockerCluster. - properties: - controlPlaneEndpoint: - description: ControlPlaneEndpoint represents the endpoint - used to communicate with the control plane. - properties: - host: - description: Host is the hostname on which the API server - is serving. - type: string - port: - description: Port is the port on which the API server - is serving. - type: integer - required: - - host - - port - type: object - failureDomains: - additionalProperties: - description: FailureDomainSpec is the Schema for Cluster - API failure domains. It allows controllers to understand - how many failure domains a cluster can optionally span - across. + - additionalPrinterColumns: + - description: Time duration since creation of DockerClusterTemplate + jsonPath: .metadata.creationTimestamp + name: Age + type: date + deprecated: true + name: v1alpha4 + schema: + openAPIV3Schema: + description: "DockerClusterTemplate is the Schema for the dockerclustertemplates API. \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DockerClusterTemplateSpec defines the desired state of DockerClusterTemplate. + properties: + template: + description: DockerClusterTemplateResource describes the data needed to create a DockerCluster from a template. + properties: + spec: + description: DockerClusterSpec defines the desired state of DockerCluster. + properties: + controlPlaneEndpoint: + description: ControlPlaneEndpoint represents the endpoint used to communicate with the control plane. properties: - attributes: - additionalProperties: - type: string - description: Attributes is a free form map of attributes - an infrastructure provider might use or require. - type: object - controlPlane: - description: ControlPlane determines if this failure - domain is suitable for use by control plane machines. - type: boolean + host: + description: Host is the hostname on which the API server is serving. + type: string + port: + description: Port is the port on which the API server is serving. + type: integer + required: + - host + - port type: object - description: FailureDomains are not usulaly defined on the - spec. The docker provider is special since failure domains - don't mean anything in a local docker environment. Instead, - the docker cluster controller will simply copy these into - the Status and allow the Cluster API controllers to do what - they will with the defined failure domains. - type: object - loadBalancer: - description: LoadBalancer allows defining configurations for - the cluster load balancer. - properties: - imageRepository: - description: ImageRepository sets the container registry - to pull the haproxy image from. if not set, "kindest" - will be used instead. - type: string - imageTag: - description: ImageTag allows to specify a tag for the - haproxy image. if not set, "v20210715-a6da3463" will - be used instead. + failureDomains: + additionalProperties: + description: FailureDomainSpec is the Schema for Cluster API failure domains. It allows controllers to understand how many failure domains a cluster can optionally span across. + properties: + attributes: + additionalProperties: + type: string + description: Attributes is a free form map of attributes an infrastructure provider might use or require. + type: object + controlPlane: + description: ControlPlane determines if this failure domain is suitable for use by control plane machines. + type: boolean + type: object + description: FailureDomains are not usulaly defined on the spec. The docker provider is special since failure domains don't mean anything in a local docker environment. Instead, the docker cluster controller will simply copy these into the Status and allow the Cluster API controllers to do what they will with the defined failure domains. + type: object + loadBalancer: + description: LoadBalancer allows defining configurations for the cluster load balancer. + properties: + imageRepository: + description: ImageRepository sets the container registry to pull the haproxy image from. if not set, "kindest" will be used instead. + type: string + imageTag: + description: ImageTag allows to specify a tag for the haproxy image. if not set, "v20210715-a6da3463" will be used instead. + type: string + type: object + type: object + required: + - spec + type: object + required: + - template + type: object + type: object + served: false + storage: false + subresources: {} + - additionalPrinterColumns: + - description: Time duration since creation of DockerClusterTemplate + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: DockerClusterTemplate is the Schema for the dockerclustertemplates API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DockerClusterTemplateSpec defines the desired state of DockerClusterTemplate. + properties: + template: + description: DockerClusterTemplateResource describes the data needed to create a DockerCluster from a template. + properties: + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + properties: + annotations: + additionalProperties: type: string - type: object - type: object - required: - - spec - type: object - required: - - template - type: object - type: object - served: false - storage: false - subresources: {} - - additionalPrinterColumns: - - description: Time duration since creation of DockerClusterTemplate - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: DockerClusterTemplate is the Schema for the dockerclustertemplates - API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: DockerClusterTemplateSpec defines the desired state of DockerClusterTemplate. - properties: - template: - description: DockerClusterTemplateResource describes the data needed - to create a DockerCluster from a template. - properties: - metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' - properties: - annotations: - additionalProperties: - type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - http://kubernetes.io/docs/user-guide/annotations' - type: object - labels: - additionalProperties: - type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. May - match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' - type: object - type: object - spec: - description: DockerClusterSpec defines the desired state of DockerCluster. - properties: - controlPlaneEndpoint: - description: ControlPlaneEndpoint represents the endpoint - used to communicate with the control plane. - properties: - host: - description: Host is the hostname on which the API server - is serving. + description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: type: string - port: - description: Port is the port on which the API server - is serving. Defaults to 6443 if not set. - type: integer - required: - - host - - port - type: object - failureDomains: - additionalProperties: - description: FailureDomainSpec is the Schema for Cluster - API failure domains. It allows controllers to understand - how many failure domains a cluster can optionally span - across. + description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: DockerClusterSpec defines the desired state of DockerCluster. + properties: + controlPlaneEndpoint: + description: ControlPlaneEndpoint represents the endpoint used to communicate with the control plane. properties: - attributes: - additionalProperties: - type: string - description: Attributes is a free form map of attributes - an infrastructure provider might use or require. - type: object - controlPlane: - description: ControlPlane determines if this failure - domain is suitable for use by control plane machines. - type: boolean + host: + description: Host is the hostname on which the API server is serving. + type: string + port: + description: Port is the port on which the API server is serving. Defaults to 6443 if not set. + type: integer + required: + - host + - port type: object - description: FailureDomains are usually not defined in the - spec. The docker provider is special since failure domains - don't mean anything in a local docker environment. Instead, - the docker cluster controller will simply copy these into - the Status and allow the Cluster API controllers to do what - they will with the defined failure domains. - type: object - loadBalancer: - description: LoadBalancer allows defining configurations for - the cluster load balancer. - properties: - customHAProxyConfigTemplateRef: - description: 'CustomHAProxyConfigTemplateRef allows you - to replace the default HAProxy config file. This field - is a reference to a config map that contains the configuration - template. The key of the config map should be equal - to ''value''. The content of the config map will be - processed and will replace the default HAProxy config - file. Please use it with caution, as there are no checks - to ensure the validity of the configuration. This template - will support the following variables that will be passed - by the controller: $IPv6 (bool) indicates if the cluster - is IPv6, $FrontendControlPlanePort (string) indicates - the frontend control plane port, $BackendControlPlanePort - (string) indicates the backend control plane port, $BackendServers - (map[string]string) indicates the backend server where - the key is the server name and the value is the address. - This map is dynamic and is updated every time a new - control plane node is added or removed. The template - will also support the JoinHostPort function to join - the host and port of the backend server.' + failureDomains: + additionalProperties: + description: FailureDomainSpec is the Schema for Cluster API failure domains. It allows controllers to understand how many failure domains a cluster can optionally span across. properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string + attributes: + additionalProperties: + type: string + description: Attributes is a free form map of attributes an infrastructure provider might use or require. + type: object + controlPlane: + description: ControlPlane determines if this failure domain is suitable for use by control plane machines. + type: boolean type: object - x-kubernetes-map-type: atomic - imageRepository: - description: ImageRepository sets the container registry - to pull the haproxy image from. if not set, "kindest" - will be used instead. - type: string - imageTag: - description: ImageTag allows to specify a tag for the - haproxy image. if not set, "v20210715-a6da3463" will - be used instead. - type: string - type: object - type: object - required: - - spec - type: object - required: - - template - type: object - type: object - served: true - storage: true - subresources: {} + description: FailureDomains are usually not defined in the spec. The docker provider is special since failure domains don't mean anything in a local docker environment. Instead, the docker cluster controller will simply copy these into the Status and allow the Cluster API controllers to do what they will with the defined failure domains. + type: object + loadBalancer: + description: LoadBalancer allows defining configurations for the cluster load balancer. + properties: + customHAProxyConfigTemplateRef: + description: 'CustomHAProxyConfigTemplateRef allows you to replace the default HAProxy config file. This field is a reference to a config map that contains the configuration template. The key of the config map should be equal to ''value''. The content of the config map will be processed and will replace the default HAProxy config file. Please use it with caution, as there are no checks to ensure the validity of the configuration. This template will support the following variables that will be passed by the controller: $IPv6 (bool) indicates if the cluster is IPv6, $FrontendControlPlanePort (string) indicates the frontend control plane port, $BackendControlPlanePort (string) indicates the backend control plane port, $BackendServers (map[string]string) indicates the backend server where the key is the server name and the value is the address. This map is dynamic and is updated every time a new control plane node is added or removed. The template will also support the JoinHostPort function to join the host and port of the backend server.' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + imageRepository: + description: ImageRepository sets the container registry to pull the haproxy image from. if not set, "kindest" will be used instead. + type: string + imageTag: + description: ImageTag allows to specify a tag for the haproxy image. if not set, "v20210715-a6da3463" will be used instead. + type: string + type: object + type: object + required: + - spec + type: object + required: + - template + type: object + type: object + served: true + storage: true + subresources: {} status: acceptedNames: kind: "" @@ -853,736 +647,454 @@ spec: namespace: capd-system path: /convert conversionReviewVersions: - - v1 - - v1beta1 + - v1 + - v1beta1 group: infrastructure.cluster.x-k8s.io names: categories: - - cluster-api + - cluster-api kind: DockerMachinePool listKind: DockerMachinePoolList plural: dockermachinepools singular: dockermachinepool scope: Namespaced versions: - - deprecated: true - name: v1alpha3 - schema: - openAPIV3Schema: - description: "DockerMachinePool is the Schema for the dockermachinepools API. - \n Deprecated: This type will be removed in one of the next releases." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: DockerMachinePoolSpec defines the desired state of DockerMachinePool. - properties: - providerID: - description: ProviderID is the identification ID of the Machine Pool - type: string - providerIDList: - description: ProviderIDList is the list of identification IDs of machine - instances managed by this Machine Pool - items: + - deprecated: true + name: v1alpha3 + schema: + openAPIV3Schema: + description: "DockerMachinePool is the Schema for the dockermachinepools API. \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DockerMachinePoolSpec defines the desired state of DockerMachinePool. + properties: + providerID: + description: ProviderID is the identification ID of the Machine Pool type: string - type: array - template: - description: Template contains the details used to build a replica - machine within the Machine Pool - properties: - customImage: - description: CustomImage allows customizing the container image - that is used for running the machine + providerIDList: + description: ProviderIDList is the list of identification IDs of machine instances managed by this Machine Pool + items: type: string - extraMounts: - description: ExtraMounts describes additional mount points for - the node container These may be used to bind a hostPath - items: - description: Mount specifies a host volume to mount into a container. - This is a simplified version of kind v1alpha4.Mount types. - properties: - containerPath: - description: Path of the mount within the container. - type: string - hostPath: - description: Path of the mount on the host. If the hostPath - doesn't exist, then runtimes should report error. If the - hostpath is a symbolic link, runtimes should follow the - symlink and mount the real destination to container. - type: string - readOnly: - description: If set, the mount is read-only. - type: boolean - type: object - type: array - preLoadImages: - description: PreLoadImages allows to pre-load images in a newly - created machine. This can be used to speed up tests by avoiding - e.g. to download CNI images on all the containers. - items: - type: string - type: array - type: object - type: object - status: - description: DockerMachinePoolStatus defines the observed state of DockerMachinePool. - properties: - conditions: - description: Conditions defines current service state of the DockerMachinePool. - items: - description: Condition defines an observation of a Cluster API resource - operational state. + type: array + template: + description: Template contains the details used to build a replica machine within the Machine Pool properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. - type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + customImage: + description: CustomImage allows customizing the container image that is used for running the machine type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. - type: string - required: - - status - - type - type: object - type: array - instances: - description: Instances contains the status for each instance in the - pool - items: - description: DockerMachinePoolInstanceStatus contains status information - about a DockerMachinePool. - properties: - addresses: - description: Addresses contains the associated addresses for - the docker machine. + extraMounts: + description: ExtraMounts describes additional mount points for the node container These may be used to bind a hostPath items: - description: MachineAddress contains information for the node's - address. + description: Mount specifies a host volume to mount into a container. This is a simplified version of kind v1alpha4.Mount types. properties: - address: - description: The machine address. + containerPath: + description: Path of the mount within the container. type: string - type: - description: Machine address type, one of Hostname, ExternalIP - or InternalIP. + hostPath: + description: Path of the mount on the host. If the hostPath doesn't exist, then runtimes should report error. If the hostpath is a symbolic link, runtimes should follow the symlink and mount the real destination to container. type: string - required: - - address - - type + readOnly: + description: If set, the mount is read-only. + type: boolean type: object type: array - bootstrapped: - description: Bootstrapped is true when the kubeadm bootstrapping - has been run against this machine - type: boolean - instanceName: - description: InstanceName is the identification of the Machine - Instance within the Machine Pool - type: string - providerID: - description: ProviderID is the provider identification of the - Machine Pool Instance - type: string - ready: - description: Ready denotes that the machine (docker container) - is ready - type: boolean - version: - description: Version defines the Kubernetes version for the - Machine Instance - type: string + preLoadImages: + description: PreLoadImages allows to pre-load images in a newly created machine. This can be used to speed up tests by avoiding e.g. to download CNI images on all the containers. + items: + type: string + type: array type: object - type: array - observedGeneration: - description: The generation observed by the deployment controller. - format: int64 - type: integer - ready: - description: Ready denotes that the machine pool is ready - type: boolean - replicas: - description: Replicas is the most recently observed number of replicas. - format: int32 - type: integer - type: object - type: object - served: false - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - description: Time duration since creation of DockerMachinePool - jsonPath: .metadata.creationTimestamp - name: Age - type: date - deprecated: true - name: v1alpha4 - schema: - openAPIV3Schema: - description: "DockerMachinePool is the Schema for the dockermachinepools API. - \n Deprecated: This type will be removed in one of the next releases." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: DockerMachinePoolSpec defines the desired state of DockerMachinePool. - properties: - providerID: - description: ProviderID is the identification ID of the Machine Pool - type: string - providerIDList: - description: ProviderIDList is the list of identification IDs of machine - instances managed by this Machine Pool - items: + type: object + status: + description: DockerMachinePoolStatus defines the observed state of DockerMachinePool. + properties: + conditions: + description: Conditions defines current service state of the DockerMachinePool. + items: + description: Condition defines an observation of a Cluster API resource operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. + type: string + severity: + description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + type: string + required: + - status + - type + type: object + type: array + instances: + description: Instances contains the status for each instance in the pool + items: + description: DockerMachinePoolInstanceStatus contains status information about a DockerMachinePool. + properties: + addresses: + description: Addresses contains the associated addresses for the docker machine. + items: + description: MachineAddress contains information for the node's address. + properties: + address: + description: The machine address. + type: string + type: + description: Machine address type, one of Hostname, ExternalIP or InternalIP. + type: string + required: + - address + - type + type: object + type: array + bootstrapped: + description: Bootstrapped is true when the kubeadm bootstrapping has been run against this machine + type: boolean + instanceName: + description: InstanceName is the identification of the Machine Instance within the Machine Pool + type: string + providerID: + description: ProviderID is the provider identification of the Machine Pool Instance + type: string + ready: + description: Ready denotes that the machine (docker container) is ready + type: boolean + version: + description: Version defines the Kubernetes version for the Machine Instance + type: string + type: object + type: array + observedGeneration: + description: The generation observed by the deployment controller. + format: int64 + type: integer + ready: + description: Ready denotes that the machine pool is ready + type: boolean + replicas: + description: Replicas is the most recently observed number of replicas. + format: int32 + type: integer + type: object + type: object + served: false + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Time duration since creation of DockerMachinePool + jsonPath: .metadata.creationTimestamp + name: Age + type: date + deprecated: true + name: v1alpha4 + schema: + openAPIV3Schema: + description: "DockerMachinePool is the Schema for the dockermachinepools API. \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DockerMachinePoolSpec defines the desired state of DockerMachinePool. + properties: + providerID: + description: ProviderID is the identification ID of the Machine Pool type: string - type: array - template: - description: Template contains the details used to build a replica - machine within the Machine Pool - properties: - customImage: - description: CustomImage allows customizing the container image - that is used for running the machine + providerIDList: + description: ProviderIDList is the list of identification IDs of machine instances managed by this Machine Pool + items: type: string - extraMounts: - description: ExtraMounts describes additional mount points for - the node container These may be used to bind a hostPath - items: - description: Mount specifies a host volume to mount into a container. - This is a simplified version of kind v1alpha4.Mount types. - properties: - containerPath: - description: Path of the mount within the container. - type: string - hostPath: - description: Path of the mount on the host. If the hostPath - doesn't exist, then runtimes should report error. If the - hostpath is a symbolic link, runtimes should follow the - symlink and mount the real destination to container. - type: string - readOnly: - description: If set, the mount is read-only. - type: boolean - type: object - type: array - preLoadImages: - description: PreLoadImages allows to pre-load images in a newly - created machine. This can be used to speed up tests by avoiding - e.g. to download CNI images on all the containers. - items: - type: string - type: array - type: object - type: object - status: - description: DockerMachinePoolStatus defines the observed state of DockerMachinePool. - properties: - conditions: - description: Conditions defines current service state of the DockerMachinePool. - items: - description: Condition defines an observation of a Cluster API resource - operational state. + type: array + template: + description: Template contains the details used to build a replica machine within the Machine Pool properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time + customImage: + description: CustomImage allows customizing the container image that is used for running the machine type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. - type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. - type: string - required: - - status - - type - type: object - type: array - instances: - description: Instances contains the status for each instance in the - pool - items: - description: DockerMachinePoolInstanceStatus contains status information - about a DockerMachinePool. - properties: - addresses: - description: Addresses contains the associated addresses for - the docker machine. + extraMounts: + description: ExtraMounts describes additional mount points for the node container These may be used to bind a hostPath items: - description: MachineAddress contains information for the node's - address. + description: Mount specifies a host volume to mount into a container. This is a simplified version of kind v1alpha4.Mount types. properties: - address: - description: The machine address. + containerPath: + description: Path of the mount within the container. type: string - type: - description: Machine address type, one of Hostname, ExternalIP - or InternalIP. + hostPath: + description: Path of the mount on the host. If the hostPath doesn't exist, then runtimes should report error. If the hostpath is a symbolic link, runtimes should follow the symlink and mount the real destination to container. type: string - required: - - address - - type + readOnly: + description: If set, the mount is read-only. + type: boolean type: object type: array - bootstrapped: - description: Bootstrapped is true when the kubeadm bootstrapping - has been run against this machine - type: boolean - instanceName: - description: InstanceName is the identification of the Machine - Instance within the Machine Pool - type: string - providerID: - description: ProviderID is the provider identification of the - Machine Pool Instance - type: string - ready: - description: Ready denotes that the machine (docker container) - is ready - type: boolean - version: - description: Version defines the Kubernetes version for the - Machine Instance - type: string + preLoadImages: + description: PreLoadImages allows to pre-load images in a newly created machine. This can be used to speed up tests by avoiding e.g. to download CNI images on all the containers. + items: + type: string + type: array type: object - type: array - observedGeneration: - description: The generation observed by the deployment controller. - format: int64 - type: integer - ready: - description: Ready denotes that the machine pool is ready - type: boolean - replicas: - description: Replicas is the most recently observed number of replicas. - format: int32 - type: integer - type: object - type: object - served: false - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - description: Time duration since creation of DockerMachinePool - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: DockerMachinePool is the Schema for the dockermachinepools API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: DockerMachinePoolSpec defines the desired state of DockerMachinePool. - properties: - providerID: - description: ProviderID is the identification ID of the Machine Pool - type: string - providerIDList: - description: ProviderIDList is the list of identification IDs of machine - instances managed by this Machine Pool - items: + type: object + status: + description: DockerMachinePoolStatus defines the observed state of DockerMachinePool. + properties: + conditions: + description: Conditions defines current service state of the DockerMachinePool. + items: + description: Condition defines an observation of a Cluster API resource operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. + type: string + severity: + description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + type: string + required: + - status + - type + type: object + type: array + instances: + description: Instances contains the status for each instance in the pool + items: + description: DockerMachinePoolInstanceStatus contains status information about a DockerMachinePool. + properties: + addresses: + description: Addresses contains the associated addresses for the docker machine. + items: + description: MachineAddress contains information for the node's address. + properties: + address: + description: The machine address. + type: string + type: + description: Machine address type, one of Hostname, ExternalIP or InternalIP. + type: string + required: + - address + - type + type: object + type: array + bootstrapped: + description: Bootstrapped is true when the kubeadm bootstrapping has been run against this machine + type: boolean + instanceName: + description: InstanceName is the identification of the Machine Instance within the Machine Pool + type: string + providerID: + description: ProviderID is the provider identification of the Machine Pool Instance + type: string + ready: + description: Ready denotes that the machine (docker container) is ready + type: boolean + version: + description: Version defines the Kubernetes version for the Machine Instance + type: string + type: object + type: array + observedGeneration: + description: The generation observed by the deployment controller. + format: int64 + type: integer + ready: + description: Ready denotes that the machine pool is ready + type: boolean + replicas: + description: Replicas is the most recently observed number of replicas. + format: int32 + type: integer + type: object + type: object + served: false + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Time duration since creation of DockerMachinePool + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: DockerMachinePool is the Schema for the dockermachinepools API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DockerMachinePoolSpec defines the desired state of DockerMachinePool. + properties: + providerID: + description: ProviderID is the identification ID of the Machine Pool type: string - type: array - template: - description: Template contains the details used to build a replica - machine within the Machine Pool - properties: - customImage: - description: CustomImage allows customizing the container image - that is used for running the machine + providerIDList: + description: ProviderIDList is the list of identification IDs of machine instances managed by this Machine Pool + items: type: string - extraMounts: - description: ExtraMounts describes additional mount points for - the node container These may be used to bind a hostPath - items: - description: Mount specifies a host volume to mount into a container. - This is a simplified version of kind v1alpha4.Mount types. - properties: - containerPath: - description: Path of the mount within the container. - type: string - hostPath: - description: Path of the mount on the host. If the hostPath - doesn't exist, then runtimes should report error. If the - hostpath is a symbolic link, runtimes should follow the - symlink and mount the real destination to container. - type: string - readOnly: - description: If set, the mount is read-only. - type: boolean - type: object - type: array - preLoadImages: - description: PreLoadImages allows to pre-load images in a newly - created machine. This can be used to speed up tests by avoiding - e.g. to download CNI images on all the containers. - items: - type: string - type: array - type: object - type: object - status: - description: DockerMachinePoolStatus defines the observed state of DockerMachinePool. - properties: - conditions: - description: Conditions defines current service state of the DockerMachinePool. - items: - description: Condition defines an observation of a Cluster API resource - operational state. + type: array + template: + description: Template contains the details used to build a replica machine within the Machine Pool properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. - type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + customImage: + description: CustomImage allows customizing the container image that is used for running the machine type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. - type: string - required: - - lastTransitionTime - - status - - type - type: object - type: array - infrastructureMachineKind: - description: InfrastructureMachineKind is the kind of the infrastructure - resources behind MachinePool Machines. - type: string - instances: - description: Instances contains the status for each instance in the - pool - items: - description: DockerMachinePoolInstanceStatus contains status information - about a DockerMachinePool. - properties: - addresses: - description: Addresses contains the associated addresses for - the docker machine. + extraMounts: + description: ExtraMounts describes additional mount points for the node container These may be used to bind a hostPath items: - description: MachineAddress contains information for the node's - address. + description: Mount specifies a host volume to mount into a container. This is a simplified version of kind v1alpha4.Mount types. properties: - address: - description: The machine address. + containerPath: + description: Path of the mount within the container. type: string - type: - description: Machine address type, one of Hostname, ExternalIP, - InternalIP, ExternalDNS or InternalDNS. + hostPath: + description: Path of the mount on the host. If the hostPath doesn't exist, then runtimes should report error. If the hostpath is a symbolic link, runtimes should follow the symlink and mount the real destination to container. type: string - required: - - address - - type + readOnly: + description: If set, the mount is read-only. + type: boolean type: object type: array - bootstrapped: - description: "Bootstrapped is true when the kubeadm bootstrapping - has been run against this machine \n Deprecated: This field - will be removed in the next apiVersion. When removing also - remove from staticcheck exclude-rules for SA1019 in golangci.yml" - type: boolean - instanceName: - description: InstanceName is the identification of the Machine - Instance within the Machine Pool - type: string - providerID: - description: ProviderID is the provider identification of the - Machine Pool Instance - type: string - ready: - description: Ready denotes that the machine (docker container) - is ready - type: boolean - version: - description: Version defines the Kubernetes version for the - Machine Instance - type: string + preLoadImages: + description: PreLoadImages allows to pre-load images in a newly created machine. This can be used to speed up tests by avoiding e.g. to download CNI images on all the containers. + items: + type: string + type: array type: object - type: array - observedGeneration: - description: The generation observed by the deployment controller. - format: int64 - type: integer - ready: - description: Ready denotes that the machine pool is ready - type: boolean - replicas: - description: Replicas is the most recently observed number of replicas. - format: int32 - type: integer - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - cert-manager.io/inject-ca-from: capd-system/capd-serving-cert - controller-gen.kubebuilder.io/version: v0.13.0 - creationTimestamp: null - labels: - cluster.x-k8s.io/provider: infrastructure-docker - cluster.x-k8s.io/v1alpha4: v1alpha4 - cluster.x-k8s.io/v1beta1: v1beta1 - clusterctl.cluster.x-k8s.io: "" - name: dockermachinepooltemplates.infrastructure.cluster.x-k8s.io -spec: - conversion: - strategy: Webhook - webhook: - clientConfig: - caBundle: Cg== - service: - name: capd-webhook-service - namespace: capd-system - path: /convert - conversionReviewVersions: - - v1 - - v1beta1 - group: infrastructure.cluster.x-k8s.io - names: - categories: - - cluster-api - kind: DockerMachinePoolTemplate - listKind: DockerMachinePoolTemplateList - plural: dockermachinepooltemplates - singular: dockermachinepooltemplate - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: Time duration since creation of DockerMachinePoolTemplate - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: DockerMachinePoolTemplate is the Schema for the dockermachinepooltemplates - API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: DockerMachinePoolTemplateSpec defines the desired state of - DockerMachinePoolTemplate. - properties: - template: - description: DockerMachinePoolTemplateResource describes the data - needed to create a DockerMachine from a template. - properties: - metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + type: object + status: + description: DockerMachinePoolStatus defines the observed state of DockerMachinePool. + properties: + conditions: + description: Conditions defines current service state of the DockerMachinePool. + items: + description: Condition defines an observation of a Cluster API resource operational state. properties: - annotations: - additionalProperties: - type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - http://kubernetes.io/docs/user-guide/annotations' - type: object - labels: - additionalProperties: - type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. May - match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' - type: object + lastTransitionTime: + description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. + type: string + severity: + description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + type: string + required: + - lastTransitionTime + - status + - type type: object - spec: - description: DockerMachinePoolSpec defines the desired state of - DockerMachinePool. + type: array + infrastructureMachineKind: + description: InfrastructureMachineKind is the kind of the infrastructure resources behind MachinePool Machines. + type: string + instances: + description: Instances contains the status for each instance in the pool + items: + description: DockerMachinePoolInstanceStatus contains status information about a DockerMachinePool. properties: - providerID: - description: ProviderID is the identification ID of the Machine - Pool - type: string - providerIDList: - description: ProviderIDList is the list of identification - IDs of machine instances managed by this Machine Pool + addresses: + description: Addresses contains the associated addresses for the docker machine. items: - type: string - type: array - template: - description: Template contains the details used to build a - replica machine within the Machine Pool - properties: - customImage: - description: CustomImage allows customizing the container - image that is used for running the machine - type: string - extraMounts: - description: ExtraMounts describes additional mount points - for the node container These may be used to bind a hostPath - items: - description: Mount specifies a host volume to mount - into a container. This is a simplified version of - kind v1alpha4.Mount types. - properties: - containerPath: - description: Path of the mount within the container. - type: string - hostPath: - description: Path of the mount on the host. If the - hostPath doesn't exist, then runtimes should report - error. If the hostpath is a symbolic link, runtimes - should follow the symlink and mount the real destination - to container. - type: string - readOnly: - description: If set, the mount is read-only. - type: boolean - type: object - type: array - preLoadImages: - description: PreLoadImages allows to pre-load images in - a newly created machine. This can be used to speed up - tests by avoiding e.g. to download CNI images on all - the containers. - items: + description: MachineAddress contains information for the node's address. + properties: + address: + description: The machine address. type: string - type: array - type: object + type: + description: Machine address type, one of Hostname, ExternalIP, InternalIP, ExternalDNS or InternalDNS. + type: string + required: + - address + - type + type: object + type: array + bootstrapped: + description: "Bootstrapped is true when the kubeadm bootstrapping has been run against this machine \n Deprecated: This field will be removed in the next apiVersion. When removing also remove from staticcheck exclude-rules for SA1019 in golangci.yml" + type: boolean + instanceName: + description: InstanceName is the identification of the Machine Instance within the Machine Pool + type: string + providerID: + description: ProviderID is the provider identification of the Machine Pool Instance + type: string + ready: + description: Ready denotes that the machine (docker container) is ready + type: boolean + version: + description: Version defines the Kubernetes version for the Machine Instance + type: string type: object - required: - - spec - type: object - required: - - template - type: object - type: object - served: true - storage: true - subresources: {} + type: array + observedGeneration: + description: The generation observed by the deployment controller. + format: int64 + type: integer + ready: + description: Ready denotes that the machine pool is ready + type: boolean + replicas: + description: Replicas is the most recently observed number of replicas. + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} status: acceptedNames: kind: "" @@ -1602,7 +1114,7 @@ metadata: cluster.x-k8s.io/v1alpha4: v1alpha4 cluster.x-k8s.io/v1beta1: v1beta1 clusterctl.cluster.x-k8s.io: "" - name: dockermachines.infrastructure.cluster.x-k8s.io + name: dockermachinepooltemplates.infrastructure.cluster.x-k8s.io spec: conversion: strategy: Webhook @@ -1614,474 +1126,106 @@ spec: namespace: capd-system path: /convert conversionReviewVersions: - - v1 - - v1beta1 + - v1 + - v1beta1 group: infrastructure.cluster.x-k8s.io names: categories: - - cluster-api - kind: DockerMachine - listKind: DockerMachineList - plural: dockermachines - singular: dockermachine + - cluster-api + kind: DockerMachinePoolTemplate + listKind: DockerMachinePoolTemplateList + plural: dockermachinepooltemplates + singular: dockermachinepooltemplate scope: Namespaced - versions: - - deprecated: true - name: v1alpha3 - schema: - openAPIV3Schema: - description: "DockerMachine is the Schema for the dockermachines API. \n Deprecated: - This type will be removed in one of the next releases." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: DockerMachineSpec defines the desired state of DockerMachine. - properties: - bootstrapped: - description: Bootstrapped is true when the kubeadm bootstrapping has - been run against this machine - type: boolean - customImage: - description: CustomImage allows customizing the container image that - is used for running the machine - type: string - extraMounts: - description: ExtraMounts describes additional mount points for the - node container These may be used to bind a hostPath - items: - description: Mount specifies a host volume to mount into a container. - This is a simplified version of kind v1alpha4.Mount types. - properties: - containerPath: - description: Path of the mount within the container. - type: string - hostPath: - description: Path of the mount on the host. If the hostPath - doesn't exist, then runtimes should report error. If the hostpath - is a symbolic link, runtimes should follow the symlink and - mount the real destination to container. - type: string - readOnly: - description: If set, the mount is read-only. - type: boolean - type: object - type: array - preLoadImages: - description: PreLoadImages allows to pre-load images in a newly created - machine. This can be used to speed up tests by avoiding e.g. to - download CNI images on all the containers. - items: - type: string - type: array - providerID: - description: ProviderID will be the container name in ProviderID format - (docker:////) - type: string - type: object - status: - description: DockerMachineStatus defines the observed state of DockerMachine. - properties: - addresses: - description: Addresses contains the associated addresses for the docker - machine. - items: - description: MachineAddress contains information for the node's - address. - properties: - address: - description: The machine address. - type: string - type: - description: Machine address type, one of Hostname, ExternalIP - or InternalIP. - type: string - required: - - address - - type - type: object - type: array - conditions: - description: Conditions defines current service state of the DockerMachine. - items: - description: Condition defines an observation of a Cluster API resource - operational state. - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. - type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. - type: string - required: - - status - - type - type: object - type: array - loadBalancerConfigured: - description: LoadBalancerConfigured denotes that the machine has been - added to the load balancer - type: boolean - ready: - description: Ready denotes that the machine (docker container) is - ready - type: boolean - type: object - type: object - served: false - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - description: Time duration since creation of DockerMachine - jsonPath: .metadata.creationTimestamp - name: Age - type: date - deprecated: true - name: v1alpha4 - schema: - openAPIV3Schema: - description: "DockerMachine is the Schema for the dockermachines API. \n Deprecated: - This type will be removed in one of the next releases." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: DockerMachineSpec defines the desired state of DockerMachine. - properties: - bootstrapped: - description: Bootstrapped is true when the kubeadm bootstrapping has - been run against this machine - type: boolean - customImage: - description: CustomImage allows customizing the container image that - is used for running the machine - type: string - extraMounts: - description: ExtraMounts describes additional mount points for the - node container These may be used to bind a hostPath - items: - description: Mount specifies a host volume to mount into a container. - This is a simplified version of kind v1alpha4.Mount types. - properties: - containerPath: - description: Path of the mount within the container. - type: string - hostPath: - description: Path of the mount on the host. If the hostPath - doesn't exist, then runtimes should report error. If the hostpath - is a symbolic link, runtimes should follow the symlink and - mount the real destination to container. - type: string - readOnly: - description: If set, the mount is read-only. - type: boolean - type: object - type: array - preLoadImages: - description: PreLoadImages allows to pre-load images in a newly created - machine. This can be used to speed up tests by avoiding e.g. to - download CNI images on all the containers. - items: - type: string - type: array - providerID: - description: ProviderID will be the container name in ProviderID format - (docker:////) - type: string - type: object - status: - description: DockerMachineStatus defines the observed state of DockerMachine. - properties: - addresses: - description: Addresses contains the associated addresses for the docker - machine. - items: - description: MachineAddress contains information for the node's - address. - properties: - address: - description: The machine address. - type: string - type: - description: Machine address type, one of Hostname, ExternalIP - or InternalIP. - type: string - required: - - address - - type - type: object - type: array - conditions: - description: Conditions defines current service state of the DockerMachine. - items: - description: Condition defines an observation of a Cluster API resource - operational state. - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. - type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. - type: string - required: - - status - - type - type: object - type: array - loadBalancerConfigured: - description: LoadBalancerConfigured denotes that the machine has been - added to the load balancer - type: boolean - ready: - description: Ready denotes that the machine (docker container) is - ready - type: boolean - type: object - type: object - served: false - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - description: Cluster - jsonPath: .metadata.labels['cluster\.x-k8s\.io/cluster-name'] - name: Cluster - type: string - - description: Machine object which owns with this DockerMachine - jsonPath: .metadata.ownerReferences[?(@.kind=="Machine")].name - name: Machine - type: string - - description: Provider ID - jsonPath: .spec.providerID - name: ProviderID - type: string - - description: Machine ready status - jsonPath: .status.ready - name: Ready - type: string - - description: Time duration since creation of DockerMachine - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: DockerMachine is the Schema for the dockermachines API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: DockerMachineSpec defines the desired state of DockerMachine. - properties: - bootstrapped: - description: "Bootstrapped is true when the kubeadm bootstrapping - has been run against this machine \n Deprecated: This field will - be removed in the next apiVersion. When removing also remove from - staticcheck exclude-rules for SA1019 in golangci.yml." - type: boolean - customImage: - description: CustomImage allows customizing the container image that - is used for running the machine - type: string - extraMounts: - description: ExtraMounts describes additional mount points for the - node container These may be used to bind a hostPath - items: - description: Mount specifies a host volume to mount into a container. - This is a simplified version of kind v1alpha4.Mount types. - properties: - containerPath: - description: Path of the mount within the container. - type: string - hostPath: - description: Path of the mount on the host. If the hostPath - doesn't exist, then runtimes should report error. If the hostpath - is a symbolic link, runtimes should follow the symlink and - mount the real destination to container. - type: string - readOnly: - description: If set, the mount is read-only. - type: boolean - type: object - type: array - preLoadImages: - description: PreLoadImages allows to pre-load images in a newly created - machine. This can be used to speed up tests by avoiding e.g. to - download CNI images on all the containers. - items: - type: string - type: array - providerID: - description: ProviderID will be the container name in ProviderID format - (docker:////) - type: string - type: object - status: - description: DockerMachineStatus defines the observed state of DockerMachine. - properties: - addresses: - description: Addresses contains the associated addresses for the docker - machine. - items: - description: MachineAddress contains information for the node's - address. - properties: - address: - description: The machine address. - type: string - type: - description: Machine address type, one of Hostname, ExternalIP, - InternalIP, ExternalDNS or InternalDNS. - type: string - required: - - address - - type - type: object - type: array - conditions: - description: Conditions defines current service state of the DockerMachine. - items: - description: Condition defines an observation of a Cluster API resource - operational state. + versions: + - additionalPrinterColumns: + - description: Time duration since creation of DockerMachinePoolTemplate + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: DockerMachinePoolTemplate is the Schema for the dockermachinepooltemplates API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DockerMachinePoolTemplateSpec defines the desired state of DockerMachinePoolTemplate. + properties: + template: + description: DockerMachinePoolTemplateResource describes the data needed to create a DockerMachine from a template. properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. - type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. - type: string + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: DockerMachinePoolSpec defines the desired state of DockerMachinePool. + properties: + providerID: + description: ProviderID is the identification ID of the Machine Pool + type: string + providerIDList: + description: ProviderIDList is the list of identification IDs of machine instances managed by this Machine Pool + items: + type: string + type: array + template: + description: Template contains the details used to build a replica machine within the Machine Pool + properties: + customImage: + description: CustomImage allows customizing the container image that is used for running the machine + type: string + extraMounts: + description: ExtraMounts describes additional mount points for the node container These may be used to bind a hostPath + items: + description: Mount specifies a host volume to mount into a container. This is a simplified version of kind v1alpha4.Mount types. + properties: + containerPath: + description: Path of the mount within the container. + type: string + hostPath: + description: Path of the mount on the host. If the hostPath doesn't exist, then runtimes should report error. If the hostpath is a symbolic link, runtimes should follow the symlink and mount the real destination to container. + type: string + readOnly: + description: If set, the mount is read-only. + type: boolean + type: object + type: array + preLoadImages: + description: PreLoadImages allows to pre-load images in a newly created machine. This can be used to speed up tests by avoiding e.g. to download CNI images on all the containers. + items: + type: string + type: array + type: object + type: object required: - - lastTransitionTime - - status - - type + - spec type: object - type: array - loadBalancerConfigured: - description: LoadBalancerConfigured denotes that the machine has been - added to the load balancer - type: boolean - ready: - description: Ready denotes that the machine (docker container) is - ready - type: boolean - type: object - type: object - served: true - storage: true - subresources: - status: {} + required: + - template + type: object + type: object + served: true + storage: true + subresources: {} status: acceptedNames: kind: "" @@ -2101,7 +1245,7 @@ metadata: cluster.x-k8s.io/v1alpha4: v1alpha4 cluster.x-k8s.io/v1beta1: v1beta1 clusterctl.cluster.x-k8s.io: "" - name: dockermachinetemplates.infrastructure.cluster.x-k8s.io + name: dockermachines.infrastructure.cluster.x-k8s.io spec: conversion: strategy: Webhook @@ -2113,298 +1257,625 @@ spec: namespace: capd-system path: /convert conversionReviewVersions: - - v1 - - v1beta1 + - v1 + - v1beta1 group: infrastructure.cluster.x-k8s.io names: categories: - - cluster-api - kind: DockerMachineTemplate - listKind: DockerMachineTemplateList - plural: dockermachinetemplates - singular: dockermachinetemplate + - cluster-api + kind: DockerMachine + listKind: DockerMachineList + plural: dockermachines + singular: dockermachine scope: Namespaced versions: - - deprecated: true - name: v1alpha3 - schema: - openAPIV3Schema: - description: "DockerMachineTemplate is the Schema for the dockermachinetemplates - API. \n Deprecated: This type will be removed in one of the next releases." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: DockerMachineTemplateSpec defines the desired state of DockerMachineTemplate. - properties: - template: - description: DockerMachineTemplateResource describes the data needed - to create a DockerMachine from a template. - properties: - spec: - description: Spec is the specification of the desired behavior - of the machine. + - deprecated: true + name: v1alpha3 + schema: + openAPIV3Schema: + description: "DockerMachine is the Schema for the dockermachines API. \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DockerMachineSpec defines the desired state of DockerMachine. + properties: + bootstrapped: + description: Bootstrapped is true when the kubeadm bootstrapping has been run against this machine + type: boolean + customImage: + description: CustomImage allows customizing the container image that is used for running the machine + type: string + extraMounts: + description: ExtraMounts describes additional mount points for the node container These may be used to bind a hostPath + items: + description: Mount specifies a host volume to mount into a container. This is a simplified version of kind v1alpha4.Mount types. properties: - bootstrapped: - description: Bootstrapped is true when the kubeadm bootstrapping - has been run against this machine + containerPath: + description: Path of the mount within the container. + type: string + hostPath: + description: Path of the mount on the host. If the hostPath doesn't exist, then runtimes should report error. If the hostpath is a symbolic link, runtimes should follow the symlink and mount the real destination to container. + type: string + readOnly: + description: If set, the mount is read-only. type: boolean - customImage: - description: CustomImage allows customizing the container - image that is used for running the machine + type: object + type: array + preLoadImages: + description: PreLoadImages allows to pre-load images in a newly created machine. This can be used to speed up tests by avoiding e.g. to download CNI images on all the containers. + items: + type: string + type: array + providerID: + description: ProviderID will be the container name in ProviderID format (docker:////) + type: string + type: object + status: + description: DockerMachineStatus defines the observed state of DockerMachine. + properties: + addresses: + description: Addresses contains the associated addresses for the docker machine. + items: + description: MachineAddress contains information for the node's address. + properties: + address: + description: The machine address. type: string - extraMounts: - description: ExtraMounts describes additional mount points - for the node container These may be used to bind a hostPath - items: - description: Mount specifies a host volume to mount into - a container. This is a simplified version of kind v1alpha4.Mount - types. - properties: - containerPath: - description: Path of the mount within the container. - type: string - hostPath: - description: Path of the mount on the host. If the hostPath - doesn't exist, then runtimes should report error. - If the hostpath is a symbolic link, runtimes should - follow the symlink and mount the real destination - to container. - type: string - readOnly: - description: If set, the mount is read-only. - type: boolean - type: object - type: array - preLoadImages: - description: PreLoadImages allows to pre-load images in a - newly created machine. This can be used to speed up tests - by avoiding e.g. to download CNI images on all the containers. - items: - type: string - type: array - providerID: - description: ProviderID will be the container name in ProviderID - format (docker:////) + type: + description: Machine address type, one of Hostname, ExternalIP or InternalIP. type: string + required: + - address + - type type: object - required: - - spec - type: object - required: - - template - type: object - type: object - served: false - storage: false - - additionalPrinterColumns: - - description: Time duration since creation of DockerMachineTemplate - jsonPath: .metadata.creationTimestamp - name: Age - type: date - deprecated: true - name: v1alpha4 - schema: - openAPIV3Schema: - description: "DockerMachineTemplate is the Schema for the dockermachinetemplates - API. \n Deprecated: This type will be removed in one of the next releases." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: DockerMachineTemplateSpec defines the desired state of DockerMachineTemplate. - properties: - template: - description: DockerMachineTemplateResource describes the data needed - to create a DockerMachine from a template. - properties: - spec: - description: Spec is the specification of the desired behavior - of the machine. + type: array + conditions: + description: Conditions defines current service state of the DockerMachine. + items: + description: Condition defines an observation of a Cluster API resource operational state. properties: - bootstrapped: - description: Bootstrapped is true when the kubeadm bootstrapping - has been run against this machine + lastTransitionTime: + description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. + type: string + severity: + description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + type: string + required: + - status + - type + type: object + type: array + loadBalancerConfigured: + description: LoadBalancerConfigured denotes that the machine has been added to the load balancer + type: boolean + ready: + description: Ready denotes that the machine (docker container) is ready + type: boolean + type: object + type: object + served: false + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Time duration since creation of DockerMachine + jsonPath: .metadata.creationTimestamp + name: Age + type: date + deprecated: true + name: v1alpha4 + schema: + openAPIV3Schema: + description: "DockerMachine is the Schema for the dockermachines API. \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DockerMachineSpec defines the desired state of DockerMachine. + properties: + bootstrapped: + description: Bootstrapped is true when the kubeadm bootstrapping has been run against this machine + type: boolean + customImage: + description: CustomImage allows customizing the container image that is used for running the machine + type: string + extraMounts: + description: ExtraMounts describes additional mount points for the node container These may be used to bind a hostPath + items: + description: Mount specifies a host volume to mount into a container. This is a simplified version of kind v1alpha4.Mount types. + properties: + containerPath: + description: Path of the mount within the container. + type: string + hostPath: + description: Path of the mount on the host. If the hostPath doesn't exist, then runtimes should report error. If the hostpath is a symbolic link, runtimes should follow the symlink and mount the real destination to container. + type: string + readOnly: + description: If set, the mount is read-only. type: boolean - customImage: - description: CustomImage allows customizing the container - image that is used for running the machine + type: object + type: array + preLoadImages: + description: PreLoadImages allows to pre-load images in a newly created machine. This can be used to speed up tests by avoiding e.g. to download CNI images on all the containers. + items: + type: string + type: array + providerID: + description: ProviderID will be the container name in ProviderID format (docker:////) + type: string + type: object + status: + description: DockerMachineStatus defines the observed state of DockerMachine. + properties: + addresses: + description: Addresses contains the associated addresses for the docker machine. + items: + description: MachineAddress contains information for the node's address. + properties: + address: + description: The machine address. type: string - extraMounts: - description: ExtraMounts describes additional mount points - for the node container These may be used to bind a hostPath - items: - description: Mount specifies a host volume to mount into - a container. This is a simplified version of kind v1alpha4.Mount - types. - properties: - containerPath: - description: Path of the mount within the container. - type: string - hostPath: - description: Path of the mount on the host. If the hostPath - doesn't exist, then runtimes should report error. - If the hostpath is a symbolic link, runtimes should - follow the symlink and mount the real destination - to container. - type: string - readOnly: - description: If set, the mount is read-only. - type: boolean - type: object - type: array - preLoadImages: - description: PreLoadImages allows to pre-load images in a - newly created machine. This can be used to speed up tests - by avoiding e.g. to download CNI images on all the containers. - items: - type: string - type: array - providerID: - description: ProviderID will be the container name in ProviderID - format (docker:////) + type: + description: Machine address type, one of Hostname, ExternalIP or InternalIP. type: string + required: + - address + - type type: object - required: - - spec - type: object - required: - - template - type: object - type: object - served: false - storage: false - subresources: {} - - additionalPrinterColumns: - - description: Time duration since creation of DockerMachineTemplate - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: DockerMachineTemplate is the Schema for the dockermachinetemplates - API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: DockerMachineTemplateSpec defines the desired state of DockerMachineTemplate. - properties: - template: - description: DockerMachineTemplateResource describes the data needed - to create a DockerMachine from a template. - properties: - metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + type: array + conditions: + description: Conditions defines current service state of the DockerMachine. + items: + description: Condition defines an observation of a Cluster API resource operational state. properties: - annotations: - additionalProperties: - type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - http://kubernetes.io/docs/user-guide/annotations' - type: object - labels: - additionalProperties: - type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. May - match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' - type: object + lastTransitionTime: + description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. + type: string + severity: + description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + type: string + required: + - status + - type type: object - spec: - description: Spec is the specification of the desired behavior - of the machine. + type: array + loadBalancerConfigured: + description: LoadBalancerConfigured denotes that the machine has been added to the load balancer + type: boolean + ready: + description: Ready denotes that the machine (docker container) is ready + type: boolean + type: object + type: object + served: false + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Cluster + jsonPath: .metadata.labels['cluster\.x-k8s\.io/cluster-name'] + name: Cluster + type: string + - description: Machine object which owns with this DockerMachine + jsonPath: .metadata.ownerReferences[?(@.kind=="Machine")].name + name: Machine + type: string + - description: Provider ID + jsonPath: .spec.providerID + name: ProviderID + type: string + - description: Machine ready status + jsonPath: .status.ready + name: Ready + type: string + - description: Time duration since creation of DockerMachine + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: DockerMachine is the Schema for the dockermachines API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DockerMachineSpec defines the desired state of DockerMachine. + properties: + bootstrapped: + description: "Bootstrapped is true when the kubeadm bootstrapping has been run against this machine \n Deprecated: This field will be removed in the next apiVersion. When removing also remove from staticcheck exclude-rules for SA1019 in golangci.yml." + type: boolean + customImage: + description: CustomImage allows customizing the container image that is used for running the machine + type: string + extraMounts: + description: ExtraMounts describes additional mount points for the node container These may be used to bind a hostPath + items: + description: Mount specifies a host volume to mount into a container. This is a simplified version of kind v1alpha4.Mount types. properties: - bootstrapped: - description: "Bootstrapped is true when the kubeadm bootstrapping - has been run against this machine \n Deprecated: This field - will be removed in the next apiVersion. When removing also - remove from staticcheck exclude-rules for SA1019 in golangci.yml." + containerPath: + description: Path of the mount within the container. + type: string + hostPath: + description: Path of the mount on the host. If the hostPath doesn't exist, then runtimes should report error. If the hostpath is a symbolic link, runtimes should follow the symlink and mount the real destination to container. + type: string + readOnly: + description: If set, the mount is read-only. type: boolean - customImage: - description: CustomImage allows customizing the container - image that is used for running the machine + type: object + type: array + preLoadImages: + description: PreLoadImages allows to pre-load images in a newly created machine. This can be used to speed up tests by avoiding e.g. to download CNI images on all the containers. + items: + type: string + type: array + providerID: + description: ProviderID will be the container name in ProviderID format (docker:////) + type: string + type: object + status: + description: DockerMachineStatus defines the observed state of DockerMachine. + properties: + addresses: + description: Addresses contains the associated addresses for the docker machine. + items: + description: MachineAddress contains information for the node's address. + properties: + address: + description: The machine address. type: string - extraMounts: - description: ExtraMounts describes additional mount points - for the node container These may be used to bind a hostPath - items: - description: Mount specifies a host volume to mount into - a container. This is a simplified version of kind v1alpha4.Mount - types. - properties: - containerPath: - description: Path of the mount within the container. - type: string - hostPath: - description: Path of the mount on the host. If the hostPath - doesn't exist, then runtimes should report error. - If the hostpath is a symbolic link, runtimes should - follow the symlink and mount the real destination - to container. - type: string - readOnly: - description: If set, the mount is read-only. - type: boolean - type: object - type: array - preLoadImages: - description: PreLoadImages allows to pre-load images in a - newly created machine. This can be used to speed up tests - by avoiding e.g. to download CNI images on all the containers. - items: - type: string - type: array - providerID: - description: ProviderID will be the container name in ProviderID - format (docker:////) + type: + description: Machine address type, one of Hostname, ExternalIP, InternalIP, ExternalDNS or InternalDNS. + type: string + required: + - address + - type + type: object + type: array + conditions: + description: Conditions defines current service state of the DockerMachine. + items: + description: Condition defines an observation of a Cluster API resource operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. type: string + severity: + description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + type: string + required: + - lastTransitionTime + - status + - type type: object - required: - - spec - type: object - required: - - template - type: object - type: object - served: true - storage: true - subresources: {} + type: array + loadBalancerConfigured: + description: LoadBalancerConfigured denotes that the machine has been added to the load balancer + type: boolean + ready: + description: Ready denotes that the machine (docker container) is ready + type: boolean + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: capd-system/capd-serving-cert + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: infrastructure-docker + cluster.x-k8s.io/v1alpha4: v1alpha4 + cluster.x-k8s.io/v1beta1: v1beta1 + clusterctl.cluster.x-k8s.io: "" + name: dockermachinetemplates.infrastructure.cluster.x-k8s.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + caBundle: Cg== + service: + name: capd-webhook-service + namespace: capd-system + path: /convert + conversionReviewVersions: + - v1 + - v1beta1 + group: infrastructure.cluster.x-k8s.io + names: + categories: + - cluster-api + kind: DockerMachineTemplate + listKind: DockerMachineTemplateList + plural: dockermachinetemplates + singular: dockermachinetemplate + scope: Namespaced + versions: + - deprecated: true + name: v1alpha3 + schema: + openAPIV3Schema: + description: "DockerMachineTemplate is the Schema for the dockermachinetemplates API. \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DockerMachineTemplateSpec defines the desired state of DockerMachineTemplate. + properties: + template: + description: DockerMachineTemplateResource describes the data needed to create a DockerMachine from a template. + properties: + spec: + description: Spec is the specification of the desired behavior of the machine. + properties: + bootstrapped: + description: Bootstrapped is true when the kubeadm bootstrapping has been run against this machine + type: boolean + customImage: + description: CustomImage allows customizing the container image that is used for running the machine + type: string + extraMounts: + description: ExtraMounts describes additional mount points for the node container These may be used to bind a hostPath + items: + description: Mount specifies a host volume to mount into a container. This is a simplified version of kind v1alpha4.Mount types. + properties: + containerPath: + description: Path of the mount within the container. + type: string + hostPath: + description: Path of the mount on the host. If the hostPath doesn't exist, then runtimes should report error. If the hostpath is a symbolic link, runtimes should follow the symlink and mount the real destination to container. + type: string + readOnly: + description: If set, the mount is read-only. + type: boolean + type: object + type: array + preLoadImages: + description: PreLoadImages allows to pre-load images in a newly created machine. This can be used to speed up tests by avoiding e.g. to download CNI images on all the containers. + items: + type: string + type: array + providerID: + description: ProviderID will be the container name in ProviderID format (docker:////) + type: string + type: object + required: + - spec + type: object + required: + - template + type: object + type: object + served: false + storage: false + - additionalPrinterColumns: + - description: Time duration since creation of DockerMachineTemplate + jsonPath: .metadata.creationTimestamp + name: Age + type: date + deprecated: true + name: v1alpha4 + schema: + openAPIV3Schema: + description: "DockerMachineTemplate is the Schema for the dockermachinetemplates API. \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DockerMachineTemplateSpec defines the desired state of DockerMachineTemplate. + properties: + template: + description: DockerMachineTemplateResource describes the data needed to create a DockerMachine from a template. + properties: + spec: + description: Spec is the specification of the desired behavior of the machine. + properties: + bootstrapped: + description: Bootstrapped is true when the kubeadm bootstrapping has been run against this machine + type: boolean + customImage: + description: CustomImage allows customizing the container image that is used for running the machine + type: string + extraMounts: + description: ExtraMounts describes additional mount points for the node container These may be used to bind a hostPath + items: + description: Mount specifies a host volume to mount into a container. This is a simplified version of kind v1alpha4.Mount types. + properties: + containerPath: + description: Path of the mount within the container. + type: string + hostPath: + description: Path of the mount on the host. If the hostPath doesn't exist, then runtimes should report error. If the hostpath is a symbolic link, runtimes should follow the symlink and mount the real destination to container. + type: string + readOnly: + description: If set, the mount is read-only. + type: boolean + type: object + type: array + preLoadImages: + description: PreLoadImages allows to pre-load images in a newly created machine. This can be used to speed up tests by avoiding e.g. to download CNI images on all the containers. + items: + type: string + type: array + providerID: + description: ProviderID will be the container name in ProviderID format (docker:////) + type: string + type: object + required: + - spec + type: object + required: + - template + type: object + type: object + served: false + storage: false + subresources: {} + - additionalPrinterColumns: + - description: Time duration since creation of DockerMachineTemplate + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: DockerMachineTemplate is the Schema for the dockermachinetemplates API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DockerMachineTemplateSpec defines the desired state of DockerMachineTemplate. + properties: + template: + description: DockerMachineTemplateResource describes the data needed to create a DockerMachine from a template. + properties: + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: Spec is the specification of the desired behavior of the machine. + properties: + bootstrapped: + description: "Bootstrapped is true when the kubeadm bootstrapping has been run against this machine \n Deprecated: This field will be removed in the next apiVersion. When removing also remove from staticcheck exclude-rules for SA1019 in golangci.yml." + type: boolean + customImage: + description: CustomImage allows customizing the container image that is used for running the machine + type: string + extraMounts: + description: ExtraMounts describes additional mount points for the node container These may be used to bind a hostPath + items: + description: Mount specifies a host volume to mount into a container. This is a simplified version of kind v1alpha4.Mount types. + properties: + containerPath: + description: Path of the mount within the container. + type: string + hostPath: + description: Path of the mount on the host. If the hostPath doesn't exist, then runtimes should report error. If the hostpath is a symbolic link, runtimes should follow the symlink and mount the real destination to container. + type: string + readOnly: + description: If set, the mount is read-only. + type: boolean + type: object + type: array + preLoadImages: + description: PreLoadImages allows to pre-load images in a newly created machine. This can be used to speed up tests by avoiding e.g. to download CNI images on all the containers. + items: + type: string + type: array + providerID: + description: ProviderID will be the container name in ProviderID format (docker:////) + type: string + type: object + required: + - spec + type: object + required: + - template + type: object + type: object + served: true + storage: true + subresources: {} status: acceptedNames: kind: "" @@ -2430,24 +1901,24 @@ metadata: name: capd-leader-election-role namespace: capd-system rules: -- apiGroups: - - "" - resources: - - events - verbs: - - create -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -2457,125 +1928,125 @@ metadata: clusterctl.cluster.x-k8s.io: "" name: capd-manager-role rules: -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - - secrets - verbs: - - get - - list - - watch -- apiGroups: - - authentication.k8s.io - resources: - - tokenreviews - verbs: - - create -- apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create -- apiGroups: - - cluster.x-k8s.io - resources: - - clusters - - machines - - machinesets - verbs: - - get - - list - - watch -- apiGroups: - - cluster.x-k8s.io - resources: - - machinepools - - machinepools/status - verbs: - - get - - list - - watch -- apiGroups: - - cluster.x-k8s.io - resources: - - machines - verbs: - - delete - - get - - list - - watch -- apiGroups: - - infrastructure.cluster.x-k8s.io - resources: - - dockerclusters - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - infrastructure.cluster.x-k8s.io - resources: - - dockerclusters/finalizers - - dockerclusters/status - verbs: - - get - - patch - - update -- apiGroups: - - infrastructure.cluster.x-k8s.io - resources: - - dockermachinepools - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - infrastructure.cluster.x-k8s.io - resources: - - dockermachinepools/finalizers - - dockermachinepools/status - verbs: - - get - - patch - - update -- apiGroups: - - infrastructure.cluster.x-k8s.io - resources: - - dockermachines - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - infrastructure.cluster.x-k8s.io - resources: - - dockermachines/finalizers - - dockermachines/status - verbs: - - get - - patch - - update + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create + - apiGroups: + - cluster.x-k8s.io + resources: + - clusters + - machines + - machinesets + verbs: + - get + - list + - watch + - apiGroups: + - cluster.x-k8s.io + resources: + - machinepools + - machinepools/status + verbs: + - get + - list + - watch + - apiGroups: + - cluster.x-k8s.io + resources: + - machines + verbs: + - delete + - get + - list + - watch + - apiGroups: + - infrastructure.cluster.x-k8s.io + resources: + - dockerclusters + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - infrastructure.cluster.x-k8s.io + resources: + - dockerclusters/finalizers + - dockerclusters/status + verbs: + - get + - patch + - update + - apiGroups: + - infrastructure.cluster.x-k8s.io + resources: + - dockermachinepools + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - infrastructure.cluster.x-k8s.io + resources: + - dockermachinepools/finalizers + - dockermachinepools/status + verbs: + - get + - patch + - update + - apiGroups: + - infrastructure.cluster.x-k8s.io + resources: + - dockermachines + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - infrastructure.cluster.x-k8s.io + resources: + - dockermachines/finalizers + - dockermachines/status + verbs: + - get + - patch + - update --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding @@ -2591,9 +2062,9 @@ roleRef: kind: Role name: capd-leader-election-role subjects: -- kind: ServiceAccount - name: capd-manager - namespace: capd-system + - kind: ServiceAccount + name: capd-manager + namespace: capd-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding @@ -2608,9 +2079,9 @@ roleRef: kind: ClusterRole name: capd-manager-role subjects: -- kind: ServiceAccount - name: capd-manager - namespace: capd-system + - kind: ServiceAccount + name: capd-manager + namespace: capd-system --- apiVersion: v1 kind: Service @@ -2622,8 +2093,8 @@ metadata: namespace: capd-system spec: ports: - - port: 443 - targetPort: webhook-server + - port: 443 + targetPort: webhook-server selector: cluster.x-k8s.io/provider: infrastructure-docker --- @@ -2652,69 +2123,69 @@ spec: control-plane: controller-manager spec: containers: - - args: - - --leader-elect - - --diagnostics-address=:8443 - - --insecure-diagnostics=false - - --feature-gates=MachinePool=false,ClusterTopology=true - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_UID - valueFrom: - fieldRef: - fieldPath: metadata.uid - - name: DOCKER_HOST - image: gcr.io/k8s-staging-cluster-api/capd-manager:v1.6.2 - imagePullPolicy: IfNotPresent - livenessProbe: - httpGet: - path: /healthz - port: healthz - name: manager - ports: - - containerPort: 9443 - name: webhook-server - protocol: TCP - - containerPort: 9440 - name: healthz - protocol: TCP - - containerPort: 8443 - name: metrics - protocol: TCP - readinessProbe: - httpGet: - path: /readyz - port: healthz - resources: {} - securityContext: - privileged: true - volumeMounts: - - mountPath: /tmp/k8s-webhook-server/serving-certs - name: cert - readOnly: true - - mountPath: /var/run/docker.sock - name: dockersock + - args: + - --leader-elect + - --diagnostics-address=:8443 + - --insecure-diagnostics=false + - --feature-gates=MachinePool=false,ClusterTopology=true + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_UID + valueFrom: + fieldRef: + fieldPath: metadata.uid + - name: DOCKER_HOST + image: gcr.io/k8s-staging-cluster-api/capd-manager:v1.6.2 + imagePullPolicy: IfNotPresent + livenessProbe: + httpGet: + path: /healthz + port: healthz + name: manager + ports: + - containerPort: 9443 + name: webhook-server + protocol: TCP + - containerPort: 9440 + name: healthz + protocol: TCP + - containerPort: 8443 + name: metrics + protocol: TCP + readinessProbe: + httpGet: + path: /readyz + port: healthz + resources: {} + securityContext: + privileged: true + volumeMounts: + - mountPath: /tmp/k8s-webhook-server/serving-certs + name: cert + readOnly: true + - mountPath: /var/run/docker.sock + name: dockersock serviceAccountName: capd-manager terminationGracePeriodSeconds: 10 tolerations: - - effect: NoSchedule - key: node-role.kubernetes.io/master - - effect: NoSchedule - key: node-role.kubernetes.io/control-plane + - effect: NoSchedule + key: node-role.kubernetes.io/master + - effect: NoSchedule + key: node-role.kubernetes.io/control-plane volumes: - - name: cert - secret: - secretName: capd-webhook-service-cert - - hostPath: - path: /var/run/docker.sock - name: dockersock + - name: cert + secret: + secretName: capd-webhook-service-cert + - hostPath: + path: /var/run/docker.sock + name: dockersock status: {} --- apiVersion: cert-manager.io/v1 @@ -2727,15 +2198,15 @@ metadata: namespace: capd-system spec: dnsNames: - - capd-webhook-service.capd-system.svc - - capd-webhook-service.capd-system.svc.cluster.local + - capd-webhook-service.capd-system.svc + - capd-webhook-service.capd-system.svc.cluster.local issuerRef: kind: Issuer name: capd-selfsigned-issuer secretName: capd-webhook-service-cert subject: organizations: - - k8s-sig-cluster-lifecycle + - k8s-sig-cluster-lifecycle --- apiVersion: cert-manager.io/v1 kind: Issuer @@ -2759,50 +2230,50 @@ metadata: clusterctl.cluster.x-k8s.io: "" name: capd-mutating-webhook-configuration webhooks: -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: capd-webhook-service - namespace: capd-system - path: /mutate-infrastructure-cluster-x-k8s-io-v1beta1-dockercluster - failurePolicy: Fail - matchPolicy: Equivalent - name: default.dockercluster.infrastructure.cluster.x-k8s.io - rules: - - apiGroups: - - infrastructure.cluster.x-k8s.io - apiVersions: - - v1beta1 - operations: - - CREATE - - UPDATE - resources: - - dockerclusters - sideEffects: None -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: capd-webhook-service - namespace: capd-system - path: /mutate-infrastructure-cluster-x-k8s-io-v1beta1-dockerclustertemplate - failurePolicy: Fail - matchPolicy: Equivalent - name: default.dockerclustertemplate.infrastructure.cluster.x-k8s.io - rules: - - apiGroups: - - infrastructure.cluster.x-k8s.io - apiVersions: - - v1beta1 - operations: - - CREATE - - UPDATE - resources: - - dockerclustertemplates - sideEffects: None + - admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capd-webhook-service + namespace: capd-system + path: /mutate-infrastructure-cluster-x-k8s-io-v1beta1-dockercluster + failurePolicy: Fail + matchPolicy: Equivalent + name: default.dockercluster.infrastructure.cluster.x-k8s.io + rules: + - apiGroups: + - infrastructure.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - dockerclusters + sideEffects: None + - admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capd-webhook-service + namespace: capd-system + path: /mutate-infrastructure-cluster-x-k8s-io-v1beta1-dockerclustertemplate + failurePolicy: Fail + matchPolicy: Equivalent + name: default.dockerclustertemplate.infrastructure.cluster.x-k8s.io + rules: + - apiGroups: + - infrastructure.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - dockerclustertemplates + sideEffects: None --- apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration @@ -2815,69 +2286,69 @@ metadata: clusterctl.cluster.x-k8s.io: "" name: capd-validating-webhook-configuration webhooks: -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: capd-webhook-service - namespace: capd-system - path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-dockercluster - failurePolicy: Fail - matchPolicy: Equivalent - name: validation.dockercluster.infrastructure.cluster.x-k8s.io - rules: - - apiGroups: - - infrastructure.cluster.x-k8s.io - apiVersions: - - v1beta1 - operations: - - CREATE - - UPDATE - resources: - - dockerclusters - sideEffects: None -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: capd-webhook-service - namespace: capd-system - path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-dockerclustertemplate - failurePolicy: Fail - matchPolicy: Equivalent - name: validation.dockerclustertemplate.infrastructure.cluster.x-k8s.io - rules: - - apiGroups: - - infrastructure.cluster.x-k8s.io - apiVersions: - - v1beta1 - operations: - - CREATE - - UPDATE - resources: - - dockerclustertemplates - sideEffects: None -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: capd-webhook-service - namespace: capd-system - path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-dockermachinetemplate - failurePolicy: Fail - matchPolicy: Equivalent - name: validation.dockermachinetemplate.infrastructure.cluster.x-k8s.io - rules: - - apiGroups: - - infrastructure.cluster.x-k8s.io - apiVersions: - - v1beta1 - operations: - - CREATE - - UPDATE - resources: - - dockermachinetemplates - sideEffects: None + - admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capd-webhook-service + namespace: capd-system + path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-dockercluster + failurePolicy: Fail + matchPolicy: Equivalent + name: validation.dockercluster.infrastructure.cluster.x-k8s.io + rules: + - apiGroups: + - infrastructure.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - dockerclusters + sideEffects: None + - admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capd-webhook-service + namespace: capd-system + path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-dockerclustertemplate + failurePolicy: Fail + matchPolicy: Equivalent + name: validation.dockerclustertemplate.infrastructure.cluster.x-k8s.io + rules: + - apiGroups: + - infrastructure.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - dockerclustertemplates + sideEffects: None + - admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capd-webhook-service + namespace: capd-system + path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-dockermachinetemplate + failurePolicy: Fail + matchPolicy: Equivalent + name: validation.dockermachinetemplate.infrastructure.cluster.x-k8s.io + rules: + - apiGroups: + - infrastructure.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - dockermachinetemplates + sideEffects: None diff --git a/infra/capi/cluster-capi-kind-docker-templates/cluster_class.yaml b/infra/capi/cluster-capi-kind-docker-templates/cluster_class.yaml index 0f95e05..de281f9 100644 --- a/infra/capi/cluster-capi-kind-docker-templates/cluster_class.yaml +++ b/infra/capi/cluster-capi-kind-docker-templates/cluster_class.yaml @@ -20,223 +20,217 @@ spec: kind: DockerClusterTemplate name: docker-cluster patches: - - definitions: - - jsonPatches: - - op: add - path: /spec/template/spec/kubeadmConfigSpec/clusterConfiguration/imageRepository - valueFrom: - variable: imageRepository - selector: - apiVersion: controlplane.cluster.x-k8s.io/v1beta1 - kind: KubeadmControlPlaneTemplate - matchResources: - controlPlane: true - description: Sets the imageRepository used for the KubeadmControlPlane. - enabledIf: '{{ ne .imageRepository "" }}' - name: imageRepository - - definitions: - - jsonPatches: - - op: add - path: /spec/template/spec/kubeadmConfigSpec/initConfiguration/nodeRegistration/kubeletExtraArgs/cgroup-driver - value: cgroupfs - - op: add - path: /spec/template/spec/kubeadmConfigSpec/joinConfiguration/nodeRegistration/kubeletExtraArgs/cgroup-driver - value: cgroupfs - selector: - apiVersion: controlplane.cluster.x-k8s.io/v1beta1 - kind: KubeadmControlPlaneTemplate - matchResources: - controlPlane: true - description: | - Sets the cgroupDriver to cgroupfs if a Kubernetes version < v1.24 is referenced. - This is required because kind and the node images do not support the default - systemd cgroupDriver for kubernetes < v1.24. - enabledIf: '{{ semverCompare "<= v1.23" .builtin.controlPlane.version }}' - name: cgroupDriver-controlPlane - - definitions: - - jsonPatches: - - op: add - path: /spec/template/spec/joinConfiguration/nodeRegistration/kubeletExtraArgs/cgroup-driver - value: cgroupfs - selector: - apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 - kind: KubeadmConfigTemplate - matchResources: - machineDeploymentClass: - names: - - docker-default-worker - description: | - Sets the cgroupDriver to cgroupfs if a Kubernetes version < v1.24 is referenced. - This is required because kind and the node images do not support the default - systemd cgroupDriver for kubernetes < v1.24. - enabledIf: '{{ semverCompare "<= v1.23" .builtin.machineDeployment.version }}' - name: cgroupDriver-machineDeployment - - definitions: - - jsonPatches: - - op: add - path: /spec/template/spec/kubeadmConfigSpec/clusterConfiguration/etcd - valueFrom: - template: | - local: - imageTag: {{ .etcdImageTag }} - selector: - apiVersion: controlplane.cluster.x-k8s.io/v1beta1 - kind: KubeadmControlPlaneTemplate - matchResources: - controlPlane: true - description: Sets tag to use for the etcd image in the KubeadmControlPlane. - name: etcdImageTag - - definitions: - - jsonPatches: - - op: add - path: /spec/template/spec/kubeadmConfigSpec/clusterConfiguration/dns - valueFrom: - template: | - imageTag: {{ .coreDNSImageTag }} - selector: - apiVersion: controlplane.cluster.x-k8s.io/v1beta1 - kind: KubeadmControlPlaneTemplate - matchResources: - controlPlane: true - description: Sets tag to use for the etcd image in the KubeadmControlPlane. - name: coreDNSImageTag - - definitions: - - jsonPatches: - - op: add - path: /spec/template/spec/customImage - valueFrom: - template: | - kindest/node:{{ .builtin.machineDeployment.version | replace "+" "_" }} - selector: - apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 - kind: DockerMachineTemplate - matchResources: - machineDeploymentClass: - names: - - docker-default-worker - - jsonPatches: - - op: add - path: /spec/template/spec/customImage - valueFrom: - template: | - kindest/node:{{ .builtin.controlPlane.version | replace "+" "_" }} - selector: - apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 - kind: DockerMachineTemplate - matchResources: - controlPlane: true - description: Sets the container image that is used for running dockerMachines - for the controlPlane and docker-default-worker machineDeployments. - name: customImage - - definitions: - - jsonPatches: - - op: add - path: /spec/template/spec/kubeadmConfigSpec/clusterConfiguration/apiServer/extraArgs - value: - admission-control-config-file: /etc/kubernetes/kube-apiserver-admission-pss.yaml - - op: add - path: /spec/template/spec/kubeadmConfigSpec/clusterConfiguration/apiServer/extraVolumes - value: - - hostPath: /etc/kubernetes/kube-apiserver-admission-pss.yaml - mountPath: /etc/kubernetes/kube-apiserver-admission-pss.yaml - name: admission-pss - pathType: File - readOnly: true - - op: add - path: /spec/template/spec/kubeadmConfigSpec/files - valueFrom: - template: | - - content: | - apiVersion: apiserver.config.k8s.io/v1 - kind: AdmissionConfiguration - plugins: - - name: PodSecurity - configuration: - apiVersion: pod-security.admission.config.k8s.io/v1{{ if semverCompare "< v1.25" .builtin.controlPlane.version }}beta1{{ end }} - kind: PodSecurityConfiguration - defaults: - enforce: "{{ .podSecurityStandard.enforce }}" - enforce-version: "latest" - audit: "{{ .podSecurityStandard.audit }}" - audit-version: "latest" - warn: "{{ .podSecurityStandard.warn }}" - warn-version: "latest" - exemptions: - usernames: [] - runtimeClasses: [] - namespaces: [kube-system] - path: /etc/kubernetes/kube-apiserver-admission-pss.yaml - selector: - apiVersion: controlplane.cluster.x-k8s.io/v1beta1 - kind: KubeadmControlPlaneTemplate - matchResources: - controlPlane: true - description: Adds an admission configuration for PodSecurity to the kube-apiserver. - enabledIf: '{{ .podSecurityStandard.enabled }}' - name: podSecurityStandard - variables: - - name: imageRepository - required: true - schema: - openAPIV3Schema: - default: "" - description: imageRepository sets the container registry to pull images from. - If empty, nothing will be set and the from of kubeadm will be used. - example: registry.k8s.io - type: string - - name: etcdImageTag - required: true - schema: - openAPIV3Schema: - default: "" - description: etcdImageTag sets the tag for the etcd image. - example: 3.5.3-0 - type: string - - name: coreDNSImageTag - required: true - schema: - openAPIV3Schema: - default: "" - description: coreDNSImageTag sets the tag for the coreDNS image. - example: v1.8.5 - type: string - - name: podSecurityStandard - required: false - schema: - openAPIV3Schema: - properties: - audit: - default: restricted - description: audit sets the level for the audit PodSecurityConfiguration - mode. One of privileged, baseline, restricted. - type: string - enabled: - default: true - description: enabled enables the patches to enable Pod Security Standard - via AdmissionConfiguration. - type: boolean - enforce: - default: baseline - description: enforce sets the level for the enforce PodSecurityConfiguration - mode. One of privileged, baseline, restricted. - type: string - warn: - default: restricted - description: warn sets the level for the warn PodSecurityConfiguration - mode. One of privileged, baseline, restricted. - type: string - type: object - workers: - machineDeployments: - - class: docker-default-worker - template: - bootstrap: - ref: + - definitions: + - jsonPatches: + - op: add + path: /spec/template/spec/kubeadmConfigSpec/clusterConfiguration/imageRepository + valueFrom: + variable: imageRepository + selector: + apiVersion: controlplane.cluster.x-k8s.io/v1beta1 + kind: KubeadmControlPlaneTemplate + matchResources: + controlPlane: true + description: Sets the imageRepository used for the KubeadmControlPlane. + enabledIf: '{{ ne .imageRepository "" }}' + name: imageRepository + - definitions: + - jsonPatches: + - op: add + path: /spec/template/spec/kubeadmConfigSpec/initConfiguration/nodeRegistration/kubeletExtraArgs/cgroup-driver + value: cgroupfs + - op: add + path: /spec/template/spec/kubeadmConfigSpec/joinConfiguration/nodeRegistration/kubeletExtraArgs/cgroup-driver + value: cgroupfs + selector: + apiVersion: controlplane.cluster.x-k8s.io/v1beta1 + kind: KubeadmControlPlaneTemplate + matchResources: + controlPlane: true + description: | + Sets the cgroupDriver to cgroupfs if a Kubernetes version < v1.24 is referenced. + This is required because kind and the node images do not support the default + systemd cgroupDriver for kubernetes < v1.24. + enabledIf: '{{ semverCompare "<= v1.23" .builtin.controlPlane.version }}' + name: cgroupDriver-controlPlane + - definitions: + - jsonPatches: + - op: add + path: /spec/template/spec/joinConfiguration/nodeRegistration/kubeletExtraArgs/cgroup-driver + value: cgroupfs + selector: apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 kind: KubeadmConfigTemplate - name: docker-default-worker-bootstraptemplate - infrastructure: - ref: + matchResources: + machineDeploymentClass: + names: + - docker-default-worker + description: | + Sets the cgroupDriver to cgroupfs if a Kubernetes version < v1.24 is referenced. + This is required because kind and the node images do not support the default + systemd cgroupDriver for kubernetes < v1.24. + enabledIf: '{{ semverCompare "<= v1.23" .builtin.machineDeployment.version }}' + name: cgroupDriver-machineDeployment + - definitions: + - jsonPatches: + - op: add + path: /spec/template/spec/kubeadmConfigSpec/clusterConfiguration/etcd + valueFrom: + template: | + local: + imageTag: {{ .etcdImageTag }} + selector: + apiVersion: controlplane.cluster.x-k8s.io/v1beta1 + kind: KubeadmControlPlaneTemplate + matchResources: + controlPlane: true + description: Sets tag to use for the etcd image in the KubeadmControlPlane. + name: etcdImageTag + - definitions: + - jsonPatches: + - op: add + path: /spec/template/spec/kubeadmConfigSpec/clusterConfiguration/dns + valueFrom: + template: | + imageTag: {{ .coreDNSImageTag }} + selector: + apiVersion: controlplane.cluster.x-k8s.io/v1beta1 + kind: KubeadmControlPlaneTemplate + matchResources: + controlPlane: true + description: Sets tag to use for the etcd image in the KubeadmControlPlane. + name: coreDNSImageTag + - definitions: + - jsonPatches: + - op: add + path: /spec/template/spec/customImage + valueFrom: + template: | + kindest/node:{{ .builtin.machineDeployment.version | replace "+" "_" }} + selector: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 + kind: DockerMachineTemplate + matchResources: + machineDeploymentClass: + names: + - docker-default-worker + - jsonPatches: + - op: add + path: /spec/template/spec/customImage + valueFrom: + template: | + kindest/node:{{ .builtin.controlPlane.version | replace "+" "_" }} + selector: apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 kind: DockerMachineTemplate - name: docker-default-worker-machinetemplate + matchResources: + controlPlane: true + description: Sets the container image that is used for running dockerMachines for the controlPlane and docker-default-worker machineDeployments. + name: customImage + - definitions: + - jsonPatches: + - op: add + path: /spec/template/spec/kubeadmConfigSpec/clusterConfiguration/apiServer/extraArgs + value: + admission-control-config-file: /etc/kubernetes/kube-apiserver-admission-pss.yaml + - op: add + path: /spec/template/spec/kubeadmConfigSpec/clusterConfiguration/apiServer/extraVolumes + value: + - hostPath: /etc/kubernetes/kube-apiserver-admission-pss.yaml + mountPath: /etc/kubernetes/kube-apiserver-admission-pss.yaml + name: admission-pss + pathType: File + readOnly: true + - op: add + path: /spec/template/spec/kubeadmConfigSpec/files + valueFrom: + template: | + - content: | + apiVersion: apiserver.config.k8s.io/v1 + kind: AdmissionConfiguration + plugins: + - name: PodSecurity + configuration: + apiVersion: pod-security.admission.config.k8s.io/v1{{ if semverCompare "< v1.25" .builtin.controlPlane.version }}beta1{{ end }} + kind: PodSecurityConfiguration + defaults: + enforce: "{{ .podSecurityStandard.enforce }}" + enforce-version: "latest" + audit: "{{ .podSecurityStandard.audit }}" + audit-version: "latest" + warn: "{{ .podSecurityStandard.warn }}" + warn-version: "latest" + exemptions: + usernames: [] + runtimeClasses: [] + namespaces: [kube-system] + path: /etc/kubernetes/kube-apiserver-admission-pss.yaml + selector: + apiVersion: controlplane.cluster.x-k8s.io/v1beta1 + kind: KubeadmControlPlaneTemplate + matchResources: + controlPlane: true + description: Adds an admission configuration for PodSecurity to the kube-apiserver. + enabledIf: '{{ .podSecurityStandard.enabled }}' + name: podSecurityStandard + variables: + - name: imageRepository + required: true + schema: + openAPIV3Schema: + default: "" + description: imageRepository sets the container registry to pull images from. If empty, nothing will be set and the from of kubeadm will be used. + example: registry.k8s.io + type: string + - name: etcdImageTag + required: true + schema: + openAPIV3Schema: + default: "" + description: etcdImageTag sets the tag for the etcd image. + example: 3.5.3-0 + type: string + - name: coreDNSImageTag + required: true + schema: + openAPIV3Schema: + default: "" + description: coreDNSImageTag sets the tag for the coreDNS image. + example: v1.8.5 + type: string + - name: podSecurityStandard + required: false + schema: + openAPIV3Schema: + properties: + audit: + default: restricted + description: audit sets the level for the audit PodSecurityConfiguration mode. One of privileged, baseline, restricted. + type: string + enabled: + default: true + description: enabled enables the patches to enable Pod Security Standard via AdmissionConfiguration. + type: boolean + enforce: + default: baseline + description: enforce sets the level for the enforce PodSecurityConfiguration mode. One of privileged, baseline, restricted. + type: string + warn: + default: restricted + description: warn sets the level for the warn PodSecurityConfiguration mode. One of privileged, baseline, restricted. + type: string + type: object + workers: + machineDeployments: + - class: docker-default-worker + template: + bootstrap: + ref: + apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 + kind: KubeadmConfigTemplate + name: docker-default-worker-bootstraptemplate + infrastructure: + ref: + apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 + kind: DockerMachineTemplate + name: docker-default-worker-machinetemplate diff --git a/infra/capi/cluster-capi-kind-docker-templates/docker_machine_template_control_plane.yaml b/infra/capi/cluster-capi-kind-docker-templates/docker_machine_template_control_plane.yaml index 339b2ab..a8cd3dd 100644 --- a/infra/capi/cluster-capi-kind-docker-templates/docker_machine_template_control_plane.yaml +++ b/infra/capi/cluster-capi-kind-docker-templates/docker_machine_template_control_plane.yaml @@ -7,7 +7,7 @@ spec: template: spec: extraMounts: - - containerPath: /var/run/docker.sock - hostPath: /var/run/docker.sock - - containerPath: /opt/cni/bin - hostPath: /opt/cni/bin + - containerPath: /var/run/docker.sock + hostPath: /var/run/docker.sock + - containerPath: /opt/cni/bin + hostPath: /opt/cni/bin diff --git a/infra/capi/cluster-capi-kind-docker-templates/docker_machine_template_worker.yaml b/infra/capi/cluster-capi-kind-docker-templates/docker_machine_template_worker.yaml index 13cb94e..2656888 100644 --- a/infra/capi/cluster-capi-kind-docker-templates/docker_machine_template_worker.yaml +++ b/infra/capi/cluster-capi-kind-docker-templates/docker_machine_template_worker.yaml @@ -7,7 +7,7 @@ spec: template: spec: extraMounts: - - containerPath: /var/run/docker.sock - hostPath: /var/run/docker.sock - - containerPath: /opt/cni/bin - hostPath: /opt/cni/bin + - containerPath: /var/run/docker.sock + hostPath: /var/run/docker.sock + - containerPath: /opt/cni/bin + hostPath: /opt/cni/bin diff --git a/infra/capi/cluster-capi-kind-docker-templates/kubeadm_controlplane_template.yaml b/infra/capi/cluster-capi-kind-docker-templates/kubeadm_controlplane_template.yaml index 09bade5..091ee54 100644 --- a/infra/capi/cluster-capi-kind-docker-templates/kubeadm_controlplane_template.yaml +++ b/infra/capi/cluster-capi-kind-docker-templates/kubeadm_controlplane_template.yaml @@ -10,10 +10,10 @@ spec: clusterConfiguration: apiServer: certSANs: - - localhost - - 127.0.0.1 - - 0.0.0.0 - - host.docker.internal + - localhost + - 127.0.0.1 + - 0.0.0.0 + - host.docker.internal controllerManager: extraArgs: enable-hostpath-provisioner: "true" diff --git a/infra/capi/cluster-capi-kind/apply-replacements.yaml b/infra/capi/cluster-capi-kind/apply-replacements.yaml index 476fe83..378b29f 100644 --- a/infra/capi/cluster-capi-kind/apply-replacements.yaml +++ b/infra/capi/cluster-capi-kind/apply-replacements.yaml @@ -5,12 +5,12 @@ metadata: annotations: config.kubernetes.io/local-config: "true" replacements: -- source: - kind: WorkloadCluster - name: workload-cluster - fieldPath: spec.clusterName - targets: - - select: - kind: Cluster - fieldPaths: - - metadata.name + - source: + kind: WorkloadCluster + name: workload-cluster + fieldPath: spec.clusterName + targets: + - select: + kind: Cluster + fieldPaths: + - metadata.name diff --git a/infra/capi/cluster-capi-kind/cluster.yaml b/infra/capi/cluster-capi-kind/cluster.yaml index 23f0da3..021c604 100644 --- a/infra/capi/cluster-capi-kind/cluster.yaml +++ b/infra/capi/cluster-capi-kind/cluster.yaml @@ -7,32 +7,32 @@ spec: clusterNetwork: pods: cidrBlocks: - - 192.168.0.0/16 + - 192.168.0.0/16 serviceDomain: cluster.local services: cidrBlocks: - - 10.128.0.0/12 + - 10.128.0.0/12 topology: class: docker controlPlane: metadata: {} replicas: 1 variables: - - name: imageRepository - value: "" - - name: etcdImageTag - value: "" - - name: coreDNSImageTag - value: "" - - name: podSecurityStandard - value: - audit: restricted - enabled: true - enforce: baseline - warn: restricted + - name: imageRepository + value: "" + - name: etcdImageTag + value: "" + - name: coreDNSImageTag + value: "" + - name: podSecurityStandard + value: + audit: restricted + enabled: true + enforce: baseline + warn: restricted version: v1.26.3 workers: machineDeployments: - - class: docker-default-worker - name: md-0 - replicas: 1 + - class: docker-default-worker + name: md-0 + replicas: 1 diff --git a/infra/capi/cluster-capi/cluster-api-bootstrap.yaml b/infra/capi/cluster-capi/cluster-api-bootstrap.yaml index df30fef..ada4e61 100644 --- a/infra/capi/cluster-capi/cluster-api-bootstrap.yaml +++ b/infra/capi/cluster-capi/cluster-api-bootstrap.yaml @@ -31,3118 +31,2190 @@ spec: namespace: capi-kubeadm-bootstrap-system path: /convert conversionReviewVersions: - - v1 - - v1beta1 + - v1 + - v1beta1 group: bootstrap.cluster.x-k8s.io names: categories: - - cluster-api + - cluster-api kind: KubeadmConfig listKind: KubeadmConfigList plural: kubeadmconfigs singular: kubeadmconfig scope: Namespaced versions: - - deprecated: true - name: v1alpha3 - schema: - openAPIV3Schema: - description: "KubeadmConfig is the Schema for the kubeadmconfigs API. \n Deprecated: - This type will be removed in one of the next releases." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KubeadmConfigSpec defines the desired state of KubeadmConfig. - Either ClusterConfiguration and InitConfiguration should be defined - or the JoinConfiguration should be defined. - properties: - clusterConfiguration: - description: ClusterConfiguration along with InitConfiguration are - the configurations necessary for the init command - properties: - apiServer: - description: APIServer contains extra settings for the API server - control plane component - properties: - certSANs: - description: CertSANs sets extra Subject Alternative Names - for the API Server signing cert. - items: + - deprecated: true + name: v1alpha3 + schema: + openAPIV3Schema: + description: "KubeadmConfig is the Schema for the kubeadmconfigs API. \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KubeadmConfigSpec defines the desired state of KubeadmConfig. Either ClusterConfiguration and InitConfiguration should be defined or the JoinConfiguration should be defined. + properties: + clusterConfiguration: + description: ClusterConfiguration along with InitConfiguration are the configurations necessary for the init command + properties: + apiServer: + description: APIServer contains extra settings for the API server control plane component + properties: + certSANs: + description: CertSANs sets extra Subject Alternative Names for the API Server signing cert. + items: + type: string + type: array + extraArgs: + additionalProperties: + type: string + description: 'ExtraArgs is an extra set of flags to pass to the control plane component. TODO: This is temporary and ideally we would like to switch all components to use ComponentConfig + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. + items: + description: HostPathMount contains elements describing volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host that will be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the pod where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + timeoutForControlPlane: + description: TimeoutForControlPlane controls the timeout that we use for API server to appear type: string - type: array - extraArgs: - additionalProperties: + type: object + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + certificatesDir: + description: 'CertificatesDir specifies where to store or look for all required certificates. NB: if not provided, this will default to `/etc/kubernetes/pki`' + type: string + clusterName: + description: The cluster name + type: string + controlPlaneEndpoint: + description: 'ControlPlaneEndpoint sets a stable IP address or DNS name for the control plane; it can be a valid IP address or a RFC-1123 DNS subdomain, both with optional TCP port. In case the ControlPlaneEndpoint is not specified, the AdvertiseAddress + BindPort are used; in case the ControlPlaneEndpoint is specified but without a TCP port, the BindPort is used. Possible usages are: e.g. In a cluster with more than one control plane instances, this field should be assigned the address of the external load balancer in front of the control plane instances. e.g. in environments with enforced node recycling, the ControlPlaneEndpoint could be used for assigning a stable DNS to the control plane. NB: This value defaults to the first value in the Cluster object status.apiEndpoints array.' + type: string + controllerManager: + description: ControllerManager contains extra settings for the controller manager control plane component + properties: + extraArgs: + additionalProperties: + type: string + description: 'ExtraArgs is an extra set of flags to pass to the control plane component. TODO: This is temporary and ideally we would like to switch all components to use ComponentConfig + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. + items: + description: HostPathMount contains elements describing volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host that will be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the pod where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + type: object + dns: + description: DNS defines the options for the DNS add-on installed in the cluster. + properties: + imageRepository: + description: ImageRepository sets the container registry to pull images from. if not set, the ImageRepository defined in ClusterConfiguration will be used instead. type: string - description: 'ExtraArgs is an extra set of flags to pass to - the control plane component. TODO: This is temporary and - ideally we would like to switch all components to use ComponentConfig - + ConfigMaps.' - type: object - extraVolumes: - description: ExtraVolumes is an extra set of host volumes, - mounted to the control plane component. - items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. + imageTag: + description: ImageTag allows to specify a tag for the image. In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. + type: string + type: + description: Type defines the DNS add-on to be used + type: string + type: object + etcd: + description: 'Etcd holds configuration for etcd. NB: This value defaults to a Local (stacked) etcd' + properties: + external: + description: External describes how to connect to an external etcd cluster Local and External are mutually exclusive properties: - hostPath: - description: HostPath is the path in the host that will - be mounted inside the pod. + caFile: + description: CAFile is an SSL Certificate Authority file used to secure etcd communication. Required if using a TLS connection. type: string - mountPath: - description: MountPath is the path inside the pod where - hostPath will be mounted. + certFile: + description: CertFile is an SSL certification file used to secure etcd communication. Required if using a TLS connection. type: string - name: - description: Name of the volume inside the pod template. - type: string - pathType: - description: PathType is the type of the HostPath. + endpoints: + description: Endpoints of etcd members. Required for ExternalEtcd. + items: + type: string + type: array + keyFile: + description: KeyFile is an SSL key file used to secure etcd communication. Required if using a TLS connection. type: string - readOnly: - description: ReadOnly controls write access to the volume - type: boolean required: - - hostPath - - mountPath - - name + - caFile + - certFile + - endpoints + - keyFile type: object - type: array - timeoutForControlPlane: - description: TimeoutForControlPlane controls the timeout that - we use for API server to appear - type: string - type: object - apiVersion: - description: 'APIVersion defines the versioned schema of this - representation of an object. Servers should convert recognized - schemas to the latest internal value, and may reject unrecognized - values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - certificatesDir: - description: 'CertificatesDir specifies where to store or look - for all required certificates. NB: if not provided, this will - default to `/etc/kubernetes/pki`' - type: string - clusterName: - description: The cluster name - type: string - controlPlaneEndpoint: - description: 'ControlPlaneEndpoint sets a stable IP address or - DNS name for the control plane; it can be a valid IP address - or a RFC-1123 DNS subdomain, both with optional TCP port. In - case the ControlPlaneEndpoint is not specified, the AdvertiseAddress - + BindPort are used; in case the ControlPlaneEndpoint is specified - but without a TCP port, the BindPort is used. Possible usages - are: e.g. In a cluster with more than one control plane instances, - this field should be assigned the address of the external load - balancer in front of the control plane instances. e.g. in environments - with enforced node recycling, the ControlPlaneEndpoint could - be used for assigning a stable DNS to the control plane. NB: - This value defaults to the first value in the Cluster object - status.apiEndpoints array.' - type: string - controllerManager: - description: ControllerManager contains extra settings for the - controller manager control plane component - properties: - extraArgs: - additionalProperties: - type: string - description: 'ExtraArgs is an extra set of flags to pass to - the control plane component. TODO: This is temporary and - ideally we would like to switch all components to use ComponentConfig - + ConfigMaps.' - type: object - extraVolumes: - description: ExtraVolumes is an extra set of host volumes, - mounted to the control plane component. - items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. + local: + description: Local provides configuration knobs for configuring the local etcd instance Local and External are mutually exclusive properties: - hostPath: - description: HostPath is the path in the host that will - be mounted inside the pod. + dataDir: + description: DataDir is the directory etcd will place its data. Defaults to "/var/lib/etcd". type: string - mountPath: - description: MountPath is the path inside the pod where - hostPath will be mounted. - type: string - name: - description: Name of the volume inside the pod template. + extraArgs: + additionalProperties: + type: string + description: ExtraArgs are extra arguments provided to the etcd binary when run inside a static pod. + type: object + imageRepository: + description: ImageRepository sets the container registry to pull images from. if not set, the ImageRepository defined in ClusterConfiguration will be used instead. type: string - pathType: - description: PathType is the type of the HostPath. + imageTag: + description: ImageTag allows to specify a tag for the image. In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. type: string - readOnly: - description: ReadOnly controls write access to the volume - type: boolean - required: - - hostPath - - mountPath - - name + peerCertSANs: + description: PeerCertSANs sets extra Subject Alternative Names for the etcd peer signing cert. + items: + type: string + type: array + serverCertSANs: + description: ServerCertSANs sets extra Subject Alternative Names for the etcd server signing cert. + items: + type: string + type: array type: object - type: array - type: object - dns: - description: DNS defines the options for the DNS add-on installed - in the cluster. - properties: - imageRepository: - description: ImageRepository sets the container registry to - pull images from. if not set, the ImageRepository defined - in ClusterConfiguration will be used instead. - type: string - imageTag: - description: ImageTag allows to specify a tag for the image. - In case this value is set, kubeadm does not change automatically - the version of the above components during upgrades. - type: string - type: - description: Type defines the DNS add-on to be used - type: string - type: object - etcd: - description: 'Etcd holds configuration for etcd. NB: This value - defaults to a Local (stacked) etcd' - properties: - external: - description: External describes how to connect to an external - etcd cluster Local and External are mutually exclusive - properties: - caFile: - description: CAFile is an SSL Certificate Authority file - used to secure etcd communication. Required if using - a TLS connection. + type: object + featureGates: + additionalProperties: + type: boolean + description: FeatureGates enabled by the user. + type: object + imageRepository: + description: ImageRepository sets the container registry to pull images from. If empty, `k8s.gcr.io` will be used by default; in case of kubernetes version is a CI build (kubernetes version starts with `ci/` or `ci-cross/`) `gcr.io/k8s-staging-ci-images` will be used as a default for control plane components and for kube-proxy, while `k8s.gcr.io` will be used for all the other images. + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + kubernetesVersion: + description: 'KubernetesVersion is the target version of the control plane. NB: This value defaults to the Machine object spec.version' + type: string + networking: + description: 'Networking holds configuration for the networking topology of the cluster. NB: This value defaults to the Cluster object spec.clusterNetwork.' + properties: + dnsDomain: + description: DNSDomain is the dns domain used by k8s services. Defaults to "cluster.local". + type: string + podSubnet: + description: PodSubnet is the subnet used by pods. If unset, the API server will not allocate CIDR ranges for every node. Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.services.cidrBlocks if that is set + type: string + serviceSubnet: + description: ServiceSubnet is the subnet used by k8s services. Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.pods.cidrBlocks, or to "10.96.0.0/12" if that's unset. + type: string + type: object + scheduler: + description: Scheduler contains extra settings for the scheduler control plane component + properties: + extraArgs: + additionalProperties: type: string - certFile: - description: CertFile is an SSL certification file used - to secure etcd communication. Required if using a TLS - connection. + description: 'ExtraArgs is an extra set of flags to pass to the control plane component. TODO: This is temporary and ideally we would like to switch all components to use ComponentConfig + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. + items: + description: HostPathMount contains elements describing volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host that will be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the pod where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + type: object + useHyperKubeImage: + description: UseHyperKubeImage controls if hyperkube should be used for Kubernetes components instead of their respective separate images + type: boolean + type: object + diskSetup: + description: DiskSetup specifies options for the creation of partition tables and file systems on devices. + properties: + filesystems: + description: Filesystems specifies the list of file systems to setup. + items: + description: Filesystem defines the file systems to be created. + properties: + device: + description: Device specifies the device name type: string - endpoints: - description: Endpoints of etcd members. Required for ExternalEtcd. + extraOpts: + description: ExtraOpts defined extra options to add to the command for creating the file system. items: type: string type: array - keyFile: - description: KeyFile is an SSL key file used to secure - etcd communication. Required if using a TLS connection. + filesystem: + description: Filesystem specifies the file system type. + type: string + label: + description: Label specifies the file system label to be used. If set to None, no label is used. + type: string + overwrite: + description: Overwrite defines whether or not to overwrite any existing filesystem. If true, any pre-existing file system will be destroyed. Use with Caution. + type: boolean + partition: + description: 'Partition specifies the partition to use. The valid options are: "auto|any", "auto", "any", "none", and , where NUM is the actual partition number.' + type: string + replaceFS: + description: 'ReplaceFS is a special directive, used for Microsoft Azure that instructs cloud-init to replace a file system of . NOTE: unless you define a label, this requires the use of the ''any'' partition directive.' type: string required: - - caFile - - certFile - - endpoints - - keyFile + - device + - filesystem + - label type: object - local: - description: Local provides configuration knobs for configuring - the local etcd instance Local and External are mutually - exclusive + type: array + partitions: + description: Partitions specifies the list of the partitions to setup. + items: + description: Partition defines how to create and layout a partition. properties: - dataDir: - description: DataDir is the directory etcd will place - its data. Defaults to "/var/lib/etcd". + device: + description: Device is the name of the device. type: string - extraArgs: - additionalProperties: - type: string - description: ExtraArgs are extra arguments provided to - the etcd binary when run inside a static pod. + layout: + description: Layout specifies the device layout. If it is true, a single partition will be created for the entire device. When layout is false, it means don't partition or ignore existing partitioning. + type: boolean + overwrite: + description: Overwrite describes whether to skip checks and create the partition if a partition or filesystem is found on the device. Use with caution. Default is 'false'. + type: boolean + tableType: + description: 'TableType specifies the tupe of partition table. The following are supported: ''mbr'': default and setups a MS-DOS partition table ''gpt'': setups a GPT partition table' + type: string + required: + - device + - layout + type: object + type: array + type: object + files: + description: Files specifies extra files to be passed to user_data upon creation. + items: + description: File defines the input for generating write_files in cloud-init. + properties: + content: + description: Content is the actual content of the file. + type: string + contentFrom: + description: ContentFrom is a referenced source of content to populate the file. + properties: + secret: + description: Secret represents a secret that should populate this file. + properties: + key: + description: Key is the key in the secret's data map for this value. + type: string + name: + description: Name of the secret in the KubeadmBootstrapConfig's namespace to use. + type: string + required: + - key + - name type: object - imageRepository: - description: ImageRepository sets the container registry - to pull images from. if not set, the ImageRepository - defined in ClusterConfiguration will be used instead. + required: + - secret + type: object + encoding: + description: Encoding specifies the encoding of the file contents. + enum: + - base64 + - gzip + - gzip+base64 + type: string + owner: + description: Owner specifies the ownership of the file, e.g. "root:root". + type: string + path: + description: Path specifies the full path on disk where to store the file. + type: string + permissions: + description: Permissions specifies the permissions to assign to the file, e.g. "0640". + type: string + required: + - path + type: object + type: array + format: + description: Format specifies the output format of the bootstrap data + enum: + - cloud-config + type: string + initConfiguration: + description: InitConfiguration along with ClusterConfiguration are the configurations necessary for the init command + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + bootstrapTokens: + description: BootstrapTokens is respected at `kubeadm init` time and describes a set of Bootstrap Tokens to create. This information IS NOT uploaded to the kubeadm cluster configmap, partly because of its sensitive nature + items: + description: BootstrapToken describes one bootstrap token, stored as a Secret in the cluster. + properties: + description: + description: Description sets a human-friendly message why this token exists and what it's used for, so other administrators can know its purpose. type: string - imageTag: - description: ImageTag allows to specify a tag for the - image. In case this value is set, kubeadm does not change - automatically the version of the above components during - upgrades. + expires: + description: Expires specifies the timestamp when this token expires. Defaults to being set dynamically at runtime based on the TTL. Expires and TTL are mutually exclusive. + format: date-time type: string - peerCertSANs: - description: PeerCertSANs sets extra Subject Alternative - Names for the etcd peer signing cert. + groups: + description: Groups specifies the extra groups that this token will authenticate as when/if used for authentication items: type: string type: array - serverCertSANs: - description: ServerCertSANs sets extra Subject Alternative - Names for the etcd server signing cert. + token: + description: Token is used for establishing bidirectional trust between nodes and control-planes. Used for joining nodes in the cluster. + type: string + ttl: + description: TTL defines the time to live for this token. Defaults to 24h. Expires and TTL are mutually exclusive. + type: string + usages: + description: Usages describes the ways in which this token can be used. Can by default be used for establishing bidirectional trust, but that can be changed here. items: type: string type: array + required: + - token type: object - type: object - featureGates: - additionalProperties: - type: boolean - description: FeatureGates enabled by the user. - type: object - imageRepository: - description: ImageRepository sets the container registry to pull - images from. If empty, `k8s.gcr.io` will be used by default; - in case of kubernetes version is a CI build (kubernetes version - starts with `ci/` or `ci-cross/`) `gcr.io/k8s-staging-ci-images` - will be used as a default for control plane components and for - kube-proxy, while `k8s.gcr.io` will be used for all the other - images. - type: string - kind: - description: 'Kind is a string value representing the REST resource - this object represents. Servers may infer this from the endpoint - the client submits requests to. Cannot be updated. In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - kubernetesVersion: - description: 'KubernetesVersion is the target version of the control - plane. NB: This value defaults to the Machine object spec.version' - type: string - networking: - description: 'Networking holds configuration for the networking - topology of the cluster. NB: This value defaults to the Cluster - object spec.clusterNetwork.' - properties: - dnsDomain: - description: DNSDomain is the dns domain used by k8s services. - Defaults to "cluster.local". - type: string - podSubnet: - description: PodSubnet is the subnet used by pods. If unset, - the API server will not allocate CIDR ranges for every node. - Defaults to a comma-delimited string of the Cluster object's - spec.clusterNetwork.services.cidrBlocks if that is set - type: string - serviceSubnet: - description: ServiceSubnet is the subnet used by k8s services. - Defaults to a comma-delimited string of the Cluster object's - spec.clusterNetwork.pods.cidrBlocks, or to "10.96.0.0/12" - if that's unset. - type: string - type: object - scheduler: - description: Scheduler contains extra settings for the scheduler - control plane component - properties: - extraArgs: - additionalProperties: - type: string - description: 'ExtraArgs is an extra set of flags to pass to - the control plane component. TODO: This is temporary and - ideally we would like to switch all components to use ComponentConfig - + ConfigMaps.' - type: object - extraVolumes: - description: ExtraVolumes is an extra set of host volumes, - mounted to the control plane component. - items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. - properties: - hostPath: - description: HostPath is the path in the host that will - be mounted inside the pod. - type: string - mountPath: - description: MountPath is the path inside the pod where - hostPath will be mounted. - type: string - name: - description: Name of the volume inside the pod template. - type: string - pathType: - description: PathType is the type of the HostPath. - type: string - readOnly: - description: ReadOnly controls write access to the volume - type: boolean - required: - - hostPath - - mountPath - - name - type: object - type: array - type: object - useHyperKubeImage: - description: UseHyperKubeImage controls if hyperkube should be - used for Kubernetes components instead of their respective separate - images - type: boolean - type: object - diskSetup: - description: DiskSetup specifies options for the creation of partition - tables and file systems on devices. - properties: - filesystems: - description: Filesystems specifies the list of file systems to - setup. - items: - description: Filesystem defines the file systems to be created. + type: array + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + localAPIEndpoint: + description: LocalAPIEndpoint represents the endpoint of the API server instance that's deployed on this control plane node In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint in the sense that ControlPlaneEndpoint is the global endpoint for the cluster, which then loadbalances the requests to each individual API server. This configuration object lets you customize what IP/DNS name and port the local API server advertises it's accessible on. By default, kubeadm tries to auto-detect the IP of the default interface and use that, but in case that process fails you may set the desired value here. properties: - device: - description: Device specifies the device name - type: string - extraOpts: - description: ExtraOpts defined extra options to add to the - command for creating the file system. - items: - type: string - type: array - filesystem: - description: Filesystem specifies the file system type. - type: string - label: - description: Label specifies the file system label to be - used. If set to None, no label is used. - type: string - overwrite: - description: Overwrite defines whether or not to overwrite - any existing filesystem. If true, any pre-existing file - system will be destroyed. Use with Caution. - type: boolean - partition: - description: 'Partition specifies the partition to use. - The valid options are: "auto|any", "auto", "any", "none", - and , where NUM is the actual partition number.' - type: string - replaceFS: - description: 'ReplaceFS is a special directive, used for - Microsoft Azure that instructs cloud-init to replace a - file system of . NOTE: unless you define a label, - this requires the use of the ''any'' partition directive.' + advertiseAddress: + description: AdvertiseAddress sets the IP address for the API server to advertise. type: string + bindPort: + description: BindPort sets the secure port for the API Server to bind to. Defaults to 6443. + format: int32 + type: integer required: - - device - - filesystem - - label + - advertiseAddress + - bindPort type: object - type: array - partitions: - description: Partitions specifies the list of the partitions to - setup. - items: - description: Partition defines how to create and layout a partition. + nodeRegistration: + description: NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. When used in the context of control plane nodes, NodeRegistration should remain consistent across both InitConfiguration and JoinConfiguration properties: - device: - description: Device is the name of the device. + criSocket: + description: CRISocket is used to retrieve container runtime info. This information will be annotated to the Node API object, for later re-use type: string - layout: - description: Layout specifies the device layout. If it is - true, a single partition will be created for the entire - device. When layout is false, it means don't partition - or ignore existing partitioning. - type: boolean - overwrite: - description: Overwrite describes whether to skip checks - and create the partition if a partition or filesystem - is found on the device. Use with caution. Default is 'false'. - type: boolean - tableType: - description: 'TableType specifies the tupe of partition - table. The following are supported: ''mbr'': default and - setups a MS-DOS partition table ''gpt'': setups a GPT - partition table' + kubeletExtraArgs: + additionalProperties: + type: string + description: KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. + type: object + name: + description: Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. This field is also used in the CommonName field of the kubelet's client certificate to the API server. Defaults to the hostname of the node if not provided. type: string - required: - - device - - layout + taints: + description: 'Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. If you don''t want to taint your control-plane node, set this field to an empty slice, i.e. `taints: {}` in the YAML file. This field is solely used for Node registration.' + items: + description: The node this Taint is attached to has the "effect" on any pod that does not tolerate the Taint. + properties: + effect: + description: Required. The effect of the taint on pods that do not tolerate the taint. Valid effects are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Required. The taint key to be applied to a node. + type: string + timeAdded: + description: TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints. + format: date-time + type: string + value: + description: The taint value corresponding to the taint key. + type: string + required: + - effect + - key + type: object + type: array type: object - type: array - type: object - files: - description: Files specifies extra files to be passed to user_data - upon creation. - items: - description: File defines the input for generating write_files in - cloud-init. + type: object + joinConfiguration: + description: JoinConfiguration is the kubeadm configuration for the join command properties: - content: - description: Content is the actual content of the file. + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + caCertPath: + description: 'CACertPath is the path to the SSL certificate authority used to secure comunications between node and control-plane. Defaults to "/etc/kubernetes/pki/ca.crt". TODO: revisit when there is defaulting from k/k' type: string - contentFrom: - description: ContentFrom is a referenced source of content to - populate the file. + controlPlane: + description: ControlPlane defines the additional control plane instance to be deployed on the joining node. If nil, no additional control plane instance will be deployed. + properties: + localAPIEndpoint: + description: LocalAPIEndpoint represents the endpoint of the API server instance to be deployed on this node. + properties: + advertiseAddress: + description: AdvertiseAddress sets the IP address for the API server to advertise. + type: string + bindPort: + description: BindPort sets the secure port for the API Server to bind to. Defaults to 6443. + format: int32 + type: integer + required: + - advertiseAddress + - bindPort + type: object + type: object + discovery: + description: 'Discovery specifies the options for the kubelet to use during the TLS Bootstrap process TODO: revisit when there is defaulting from k/k' properties: - secret: - description: Secret represents a secret that should populate - this file. + bootstrapToken: + description: BootstrapToken is used to set the options for bootstrap token based discovery BootstrapToken and File are mutually exclusive properties: - key: - description: Key is the key in the secret's data map - for this value. + apiServerEndpoint: + description: APIServerEndpoint is an IP or domain name to the API server from which info will be fetched. type: string - name: - description: Name of the secret in the KubeadmBootstrapConfig's - namespace to use. + caCertHashes: + description: 'CACertHashes specifies a set of public key pins to verify when token-based discovery is used. The root CA found during discovery must match one of these values. Specifying an empty set disables root CA pinning, which can be unsafe. Each hash is specified as ":", where the only currently supported type is "sha256". This is a hex-encoded SHA-256 hash of the Subject Public Key Info (SPKI) object in DER-encoded ASN.1. These hashes can be calculated using, for example, OpenSSL: openssl x509 -pubkey -in ca.crt openssl rsa -pubin -outform der 2>&/dev/null | openssl dgst -sha256 -hex' + items: + type: string + type: array + token: + description: Token is a token used to validate cluster information fetched from the control-plane. type: string + unsafeSkipCAVerification: + description: UnsafeSkipCAVerification allows token-based discovery without CA verification via CACertHashes. This can weaken the security of kubeadm since other nodes can impersonate the control-plane. + type: boolean required: - - key - - name + - token + - unsafeSkipCAVerification type: object - required: - - secret + file: + description: File is used to specify a file or URL to a kubeconfig file from which to load cluster information BootstrapToken and File are mutually exclusive + properties: + kubeConfigPath: + description: KubeConfigPath is used to specify the actual file path or URL to the kubeconfig file from which to load cluster information + type: string + required: + - kubeConfigPath + type: object + timeout: + description: Timeout modifies the discovery timeout + type: string + tlsBootstrapToken: + description: 'TLSBootstrapToken is a token used for TLS bootstrapping. If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, but can be overridden. If .File is set, this field **must be set** in case the KubeConfigFile does not contain any other authentication information TODO: revisit when there is defaulting from k/k' + type: string type: object - encoding: - description: Encoding specifies the encoding of the file contents. - enum: - - base64 - - gzip - - gzip+base64 - type: string - owner: - description: Owner specifies the ownership of the file, e.g. - "root:root". + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - path: - description: Path specifies the full path on disk where to store - the file. - type: string - permissions: - description: Permissions specifies the permissions to assign - to the file, e.g. "0640". - type: string - required: - - path - type: object - type: array - format: - description: Format specifies the output format of the bootstrap data - enum: - - cloud-config - type: string - initConfiguration: - description: InitConfiguration along with ClusterConfiguration are - the configurations necessary for the init command - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this - representation of an object. Servers should convert recognized - schemas to the latest internal value, and may reject unrecognized - values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - bootstrapTokens: - description: BootstrapTokens is respected at `kubeadm init` time - and describes a set of Bootstrap Tokens to create. This information - IS NOT uploaded to the kubeadm cluster configmap, partly because - of its sensitive nature - items: - description: BootstrapToken describes one bootstrap token, stored - as a Secret in the cluster. + nodeRegistration: + description: NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. When used in the context of control plane nodes, NodeRegistration should remain consistent across both InitConfiguration and JoinConfiguration properties: - description: - description: Description sets a human-friendly message why - this token exists and what it's used for, so other administrators - can know its purpose. - type: string - expires: - description: Expires specifies the timestamp when this token - expires. Defaults to being set dynamically at runtime - based on the TTL. Expires and TTL are mutually exclusive. - format: date-time + criSocket: + description: CRISocket is used to retrieve container runtime info. This information will be annotated to the Node API object, for later re-use type: string - groups: - description: Groups specifies the extra groups that this - token will authenticate as when/if used for authentication - items: + kubeletExtraArgs: + additionalProperties: type: string - type: array - token: - description: Token is used for establishing bidirectional - trust between nodes and control-planes. Used for joining - nodes in the cluster. - type: string - ttl: - description: TTL defines the time to live for this token. - Defaults to 24h. Expires and TTL are mutually exclusive. + description: KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. + type: object + name: + description: Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. This field is also used in the CommonName field of the kubelet's client certificate to the API server. Defaults to the hostname of the node if not provided. type: string - usages: - description: Usages describes the ways in which this token - can be used. Can by default be used for establishing bidirectional - trust, but that can be changed here. + taints: + description: 'Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. If you don''t want to taint your control-plane node, set this field to an empty slice, i.e. `taints: {}` in the YAML file. This field is solely used for Node registration.' items: - type: string + description: The node this Taint is attached to has the "effect" on any pod that does not tolerate the Taint. + properties: + effect: + description: Required. The effect of the taint on pods that do not tolerate the taint. Valid effects are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Required. The taint key to be applied to a node. + type: string + timeAdded: + description: TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints. + format: date-time + type: string + value: + description: The taint value corresponding to the taint key. + type: string + required: + - effect + - key + type: object type: array - required: - - token type: object - type: array - kind: - description: 'Kind is a string value representing the REST resource - this object represents. Servers may infer this from the endpoint - the client submits requests to. Cannot be updated. In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: object + mounts: + description: Mounts specifies a list of mount points to be setup. + items: + description: MountPoints defines input for generated mounts in cloud-init. + items: + type: string + type: array + type: array + ntp: + description: NTP specifies NTP configuration + properties: + enabled: + description: Enabled specifies whether NTP should be enabled + type: boolean + servers: + description: Servers specifies which NTP servers to use + items: + type: string + type: array + type: object + postKubeadmCommands: + description: PostKubeadmCommands specifies extra commands to run after kubeadm runs + items: + type: string + type: array + preKubeadmCommands: + description: PreKubeadmCommands specifies extra commands to run before kubeadm runs + items: type: string - localAPIEndpoint: - description: LocalAPIEndpoint represents the endpoint of the API - server instance that's deployed on this control plane node In - HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint - in the sense that ControlPlaneEndpoint is the global endpoint - for the cluster, which then loadbalances the requests to each - individual API server. This configuration object lets you customize - what IP/DNS name and port the local API server advertises it's - accessible on. By default, kubeadm tries to auto-detect the - IP of the default interface and use that, but in case that process - fails you may set the desired value here. + type: array + useExperimentalRetryJoin: + description: "UseExperimentalRetryJoin replaces a basic kubeadm command with a shell script with retries for joins. \n This is meant to be an experimental temporary workaround on some environments where joins fail due to timing (and other issues). The long term goal is to add retries to kubeadm proper and use that functionality. \n This will add about 40KB to userdata \n For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055." + type: boolean + users: + description: Users specifies extra users to add + items: + description: User defines the input for a generated user in cloud-init. properties: - advertiseAddress: - description: AdvertiseAddress sets the IP address for the - API server to advertise. + gecos: + description: Gecos specifies the gecos to use for the user type: string - bindPort: - description: BindPort sets the secure port for the API Server - to bind to. Defaults to 6443. - format: int32 - type: integer - required: - - advertiseAddress - - bindPort - type: object - nodeRegistration: - description: NodeRegistration holds fields that relate to registering - the new control-plane node to the cluster. When used in the - context of control plane nodes, NodeRegistration should remain - consistent across both InitConfiguration and JoinConfiguration - properties: - criSocket: - description: CRISocket is used to retrieve container runtime - info. This information will be annotated to the Node API - object, for later re-use + groups: + description: Groups specifies the additional groups for the user type: string - kubeletExtraArgs: - additionalProperties: - type: string - description: KubeletExtraArgs passes through extra arguments - to the kubelet. The arguments here are passed to the kubelet - command line via the environment file kubeadm writes at - runtime for the kubelet to source. This overrides the generic - base-level configuration in the kubelet-config-1.X ConfigMap - Flags have higher priority when parsing. These values are - local and specific to the node kubeadm is executing on. - type: object + homeDir: + description: HomeDir specifies the home directory to use for the user + type: string + inactive: + description: Inactive specifies whether to mark the user as inactive + type: boolean + lockPassword: + description: LockPassword specifies if password login should be disabled + type: boolean name: - description: Name is the `.Metadata.Name` field of the Node - API object that will be created in this `kubeadm init` or - `kubeadm join` operation. This field is also used in the - CommonName field of the kubelet's client certificate to - the API server. Defaults to the hostname of the node if - not provided. + description: Name specifies the user name + type: string + passwd: + description: Passwd specifies a hashed password for the user + type: string + primaryGroup: + description: PrimaryGroup specifies the primary group for the user type: string - taints: - description: 'Taints specifies the taints the Node API object - should be registered with. If this field is unset, i.e. - nil, in the `kubeadm init` process it will be defaulted - to []v1.Taint{''node-role.kubernetes.io/master=""''}. If - you don''t want to taint your control-plane node, set this - field to an empty slice, i.e. `taints: {}` in the YAML file. - This field is solely used for Node registration.' + shell: + description: Shell specifies the user's shell + type: string + sshAuthorizedKeys: + description: SSHAuthorizedKeys specifies a list of ssh authorized keys for the user items: - description: The node this Taint is attached to has the - "effect" on any pod that does not tolerate the Taint. - properties: - effect: - description: Required. The effect of the taint on pods - that do not tolerate the taint. Valid effects are - NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: Required. The taint key to be applied to - a node. - type: string - timeAdded: - description: TimeAdded represents the time at which - the taint was added. It is only written for NoExecute - taints. - format: date-time - type: string - value: - description: The taint value corresponding to the taint - key. - type: string - required: - - effect - - key - type: object + type: string type: array + sudo: + description: Sudo specifies a sudo role for the user + type: string + required: + - name type: object - type: object - joinConfiguration: - description: JoinConfiguration is the kubeadm configuration for the - join command - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this - representation of an object. Servers should convert recognized - schemas to the latest internal value, and may reject unrecognized - values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - caCertPath: - description: 'CACertPath is the path to the SSL certificate authority - used to secure comunications between node and control-plane. - Defaults to "/etc/kubernetes/pki/ca.crt". TODO: revisit when - there is defaulting from k/k' - type: string - controlPlane: - description: ControlPlane defines the additional control plane - instance to be deployed on the joining node. If nil, no additional - control plane instance will be deployed. - properties: - localAPIEndpoint: - description: LocalAPIEndpoint represents the endpoint of the - API server instance to be deployed on this node. - properties: - advertiseAddress: - description: AdvertiseAddress sets the IP address for - the API server to advertise. - type: string - bindPort: - description: BindPort sets the secure port for the API - Server to bind to. Defaults to 6443. - format: int32 - type: integer - required: - - advertiseAddress - - bindPort - type: object - type: object - discovery: - description: 'Discovery specifies the options for the kubelet - to use during the TLS Bootstrap process TODO: revisit when there - is defaulting from k/k' + type: array + verbosity: + description: Verbosity is the number for the kubeadm log level verbosity. It overrides the `--v` flag in kubeadm commands. + format: int32 + type: integer + type: object + status: + description: KubeadmConfigStatus defines the observed state of KubeadmConfig. + properties: + bootstrapData: + description: "BootstrapData will be a cloud-init script for now. \n Deprecated: Switch to DataSecretName." + format: byte + type: string + conditions: + description: Conditions defines current service state of the KubeadmConfig. + items: + description: Condition defines an observation of a Cluster API resource operational state. properties: - bootstrapToken: - description: BootstrapToken is used to set the options for - bootstrap token based discovery BootstrapToken and File - are mutually exclusive - properties: - apiServerEndpoint: - description: APIServerEndpoint is an IP or domain name - to the API server from which info will be fetched. - type: string - caCertHashes: - description: 'CACertHashes specifies a set of public key - pins to verify when token-based discovery is used. The - root CA found during discovery must match one of these - values. Specifying an empty set disables root CA pinning, - which can be unsafe. Each hash is specified as ":", - where the only currently supported type is "sha256". - This is a hex-encoded SHA-256 hash of the Subject Public - Key Info (SPKI) object in DER-encoded ASN.1. These hashes - can be calculated using, for example, OpenSSL: openssl - x509 -pubkey -in ca.crt openssl rsa -pubin -outform - der 2>&/dev/null | openssl dgst -sha256 -hex' - items: - type: string - type: array - token: - description: Token is a token used to validate cluster - information fetched from the control-plane. - type: string - unsafeSkipCAVerification: - description: UnsafeSkipCAVerification allows token-based - discovery without CA verification via CACertHashes. - This can weaken the security of kubeadm since other - nodes can impersonate the control-plane. - type: boolean - required: - - token - - unsafeSkipCAVerification - type: object - file: - description: File is used to specify a file or URL to a kubeconfig - file from which to load cluster information BootstrapToken - and File are mutually exclusive - properties: - kubeConfigPath: - description: KubeConfigPath is used to specify the actual - file path or URL to the kubeconfig file from which to - load cluster information - type: string - required: - - kubeConfigPath - type: object - timeout: - description: Timeout modifies the discovery timeout + lastTransitionTime: + description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time type: string - tlsBootstrapToken: - description: 'TLSBootstrapToken is a token used for TLS bootstrapping. - If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, - but can be overridden. If .File is set, this field **must - be set** in case the KubeConfigFile does not contain any - other authentication information TODO: revisit when there - is defaulting from k/k' + message: + description: A human readable message indicating details about the transition. This field may be empty. type: string - type: object - kind: - description: 'Kind is a string value representing the REST resource - this object represents. Servers may infer this from the endpoint - the client submits requests to. Cannot be updated. In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - nodeRegistration: - description: NodeRegistration holds fields that relate to registering - the new control-plane node to the cluster. When used in the - context of control plane nodes, NodeRegistration should remain - consistent across both InitConfiguration and JoinConfiguration - properties: - criSocket: - description: CRISocket is used to retrieve container runtime - info. This information will be annotated to the Node API - object, for later re-use + reason: + description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. type: string - kubeletExtraArgs: - additionalProperties: - type: string - description: KubeletExtraArgs passes through extra arguments - to the kubelet. The arguments here are passed to the kubelet - command line via the environment file kubeadm writes at - runtime for the kubelet to source. This overrides the generic - base-level configuration in the kubelet-config-1.X ConfigMap - Flags have higher priority when parsing. These values are - local and specific to the node kubeadm is executing on. - type: object - name: - description: Name is the `.Metadata.Name` field of the Node - API object that will be created in this `kubeadm init` or - `kubeadm join` operation. This field is also used in the - CommonName field of the kubelet's client certificate to - the API server. Defaults to the hostname of the node if - not provided. + severity: + description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. type: string - taints: - description: 'Taints specifies the taints the Node API object - should be registered with. If this field is unset, i.e. - nil, in the `kubeadm init` process it will be defaulted - to []v1.Taint{''node-role.kubernetes.io/master=""''}. If - you don''t want to taint your control-plane node, set this - field to an empty slice, i.e. `taints: {}` in the YAML file. - This field is solely used for Node registration.' - items: - description: The node this Taint is attached to has the - "effect" on any pod that does not tolerate the Taint. - properties: - effect: - description: Required. The effect of the taint on pods - that do not tolerate the taint. Valid effects are - NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: Required. The taint key to be applied to - a node. - type: string - timeAdded: - description: TimeAdded represents the time at which - the taint was added. It is only written for NoExecute - taints. - format: date-time - type: string - value: - description: The taint value corresponding to the taint - key. - type: string - required: - - effect - - key - type: object - type: array + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + type: string + required: + - status + - type type: object - type: object - mounts: - description: Mounts specifies a list of mount points to be setup. - items: - description: MountPoints defines input for generated mounts in cloud-init. - items: - type: string type: array - type: array - ntp: - description: NTP specifies NTP configuration - properties: - enabled: - description: Enabled specifies whether NTP should be enabled - type: boolean - servers: - description: Servers specifies which NTP servers to use - items: - type: string - type: array - type: object - postKubeadmCommands: - description: PostKubeadmCommands specifies extra commands to run after - kubeadm runs - items: + dataSecretName: + description: DataSecretName is the name of the secret that stores the bootstrap data script. type: string - type: array - preKubeadmCommands: - description: PreKubeadmCommands specifies extra commands to run before - kubeadm runs - items: + failureMessage: + description: FailureMessage will be set on non-retryable errors type: string - type: array - useExperimentalRetryJoin: - description: "UseExperimentalRetryJoin replaces a basic kubeadm command - with a shell script with retries for joins. \n This is meant to - be an experimental temporary workaround on some environments where - joins fail due to timing (and other issues). The long term goal - is to add retries to kubeadm proper and use that functionality. - \n This will add about 40KB to userdata \n For more information, - refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055." - type: boolean - users: - description: Users specifies extra users to add - items: - description: User defines the input for a generated user in cloud-init. - properties: - gecos: - description: Gecos specifies the gecos to use for the user - type: string - groups: - description: Groups specifies the additional groups for the - user - type: string - homeDir: - description: HomeDir specifies the home directory to use for - the user - type: string - inactive: - description: Inactive specifies whether to mark the user as - inactive - type: boolean - lockPassword: - description: LockPassword specifies if password login should - be disabled - type: boolean - name: - description: Name specifies the user name - type: string - passwd: - description: Passwd specifies a hashed password for the user - type: string - primaryGroup: - description: PrimaryGroup specifies the primary group for the - user - type: string - shell: - description: Shell specifies the user's shell - type: string - sshAuthorizedKeys: - description: SSHAuthorizedKeys specifies a list of ssh authorized - keys for the user - items: - type: string - type: array - sudo: - description: Sudo specifies a sudo role for the user - type: string - required: - - name - type: object - type: array - verbosity: - description: Verbosity is the number for the kubeadm log level verbosity. - It overrides the `--v` flag in kubeadm commands. - format: int32 - type: integer - type: object - status: - description: KubeadmConfigStatus defines the observed state of KubeadmConfig. - properties: - bootstrapData: - description: "BootstrapData will be a cloud-init script for now. \n - Deprecated: Switch to DataSecretName." - format: byte - type: string - conditions: - description: Conditions defines current service state of the KubeadmConfig. - items: - description: Condition defines an observation of a Cluster API resource - operational state. + failureReason: + description: FailureReason will be set on non-retryable errors + type: string + observedGeneration: + description: ObservedGeneration is the latest generation observed by the controller. + format: int64 + type: integer + ready: + description: Ready indicates the BootstrapData field is ready to be consumed + type: boolean + type: object + type: object + served: false + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Time duration since creation of KubeadmConfig + jsonPath: .metadata.creationTimestamp + name: Age + type: date + deprecated: true + name: v1alpha4 + schema: + openAPIV3Schema: + description: "KubeadmConfig is the Schema for the kubeadmconfigs API. \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KubeadmConfigSpec defines the desired state of KubeadmConfig. Either ClusterConfiguration and InitConfiguration should be defined or the JoinConfiguration should be defined. + properties: + clusterConfiguration: + description: ClusterConfiguration along with InitConfiguration are the configurations necessary for the init command properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + apiServer: + description: APIServer contains extra settings for the API server control plane component + properties: + certSANs: + description: CertSANs sets extra Subject Alternative Names for the API Server signing cert. + items: + type: string + type: array + extraArgs: + additionalProperties: + type: string + description: 'ExtraArgs is an extra set of flags to pass to the control plane component. TODO: This is temporary and ideally we would like to switch all components to use ComponentConfig + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. + items: + description: HostPathMount contains elements describing volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host that will be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the pod where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + timeoutForControlPlane: + description: TimeoutForControlPlane controls the timeout that we use for API server to appear + type: string + type: object + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + certificatesDir: + description: 'CertificatesDir specifies where to store or look for all required certificates. NB: if not provided, this will default to `/etc/kubernetes/pki`' type: string - status: - description: Status of the condition, one of True, False, Unknown. + clusterName: + description: The cluster name type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + controlPlaneEndpoint: + description: 'ControlPlaneEndpoint sets a stable IP address or DNS name for the control plane; it can be a valid IP address or a RFC-1123 DNS subdomain, both with optional TCP port. In case the ControlPlaneEndpoint is not specified, the AdvertiseAddress + BindPort are used; in case the ControlPlaneEndpoint is specified but without a TCP port, the BindPort is used. Possible usages are: e.g. In a cluster with more than one control plane instances, this field should be assigned the address of the external load balancer in front of the control plane instances. e.g. in environments with enforced node recycling, the ControlPlaneEndpoint could be used for assigning a stable DNS to the control plane. NB: This value defaults to the first value in the Cluster object status.apiEndpoints array.' type: string - required: - - status - - type - type: object - type: array - dataSecretName: - description: DataSecretName is the name of the secret that stores - the bootstrap data script. - type: string - failureMessage: - description: FailureMessage will be set on non-retryable errors - type: string - failureReason: - description: FailureReason will be set on non-retryable errors - type: string - observedGeneration: - description: ObservedGeneration is the latest generation observed - by the controller. - format: int64 - type: integer - ready: - description: Ready indicates the BootstrapData field is ready to be - consumed - type: boolean - type: object - type: object - served: false - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - description: Time duration since creation of KubeadmConfig - jsonPath: .metadata.creationTimestamp - name: Age - type: date - deprecated: true - name: v1alpha4 - schema: - openAPIV3Schema: - description: "KubeadmConfig is the Schema for the kubeadmconfigs API. \n Deprecated: - This type will be removed in one of the next releases." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KubeadmConfigSpec defines the desired state of KubeadmConfig. - Either ClusterConfiguration and InitConfiguration should be defined - or the JoinConfiguration should be defined. - properties: - clusterConfiguration: - description: ClusterConfiguration along with InitConfiguration are - the configurations necessary for the init command - properties: - apiServer: - description: APIServer contains extra settings for the API server - control plane component - properties: - certSANs: - description: CertSANs sets extra Subject Alternative Names - for the API Server signing cert. - items: + controllerManager: + description: ControllerManager contains extra settings for the controller manager control plane component + properties: + extraArgs: + additionalProperties: + type: string + description: 'ExtraArgs is an extra set of flags to pass to the control plane component. TODO: This is temporary and ideally we would like to switch all components to use ComponentConfig + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. + items: + description: HostPathMount contains elements describing volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host that will be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the pod where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + type: object + dns: + description: DNS defines the options for the DNS add-on installed in the cluster. + properties: + imageRepository: + description: ImageRepository sets the container registry to pull images from. if not set, the ImageRepository defined in ClusterConfiguration will be used instead. type: string - type: array - extraArgs: - additionalProperties: + imageTag: + description: ImageTag allows to specify a tag for the image. In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. type: string - description: 'ExtraArgs is an extra set of flags to pass to - the control plane component. TODO: This is temporary and - ideally we would like to switch all components to use ComponentConfig - + ConfigMaps.' - type: object - extraVolumes: - description: ExtraVolumes is an extra set of host volumes, - mounted to the control plane component. - items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. + type: object + etcd: + description: 'Etcd holds configuration for etcd. NB: This value defaults to a Local (stacked) etcd' + properties: + external: + description: External describes how to connect to an external etcd cluster Local and External are mutually exclusive properties: - hostPath: - description: HostPath is the path in the host that will - be mounted inside the pod. - type: string - mountPath: - description: MountPath is the path inside the pod where - hostPath will be mounted. + caFile: + description: CAFile is an SSL Certificate Authority file used to secure etcd communication. Required if using a TLS connection. type: string - name: - description: Name of the volume inside the pod template. + certFile: + description: CertFile is an SSL certification file used to secure etcd communication. Required if using a TLS connection. type: string - pathType: - description: PathType is the type of the HostPath. + endpoints: + description: Endpoints of etcd members. Required for ExternalEtcd. + items: + type: string + type: array + keyFile: + description: KeyFile is an SSL key file used to secure etcd communication. Required if using a TLS connection. type: string - readOnly: - description: ReadOnly controls write access to the volume - type: boolean required: - - hostPath - - mountPath - - name + - caFile + - certFile + - endpoints + - keyFile type: object - type: array - timeoutForControlPlane: - description: TimeoutForControlPlane controls the timeout that - we use for API server to appear - type: string - type: object - apiVersion: - description: 'APIVersion defines the versioned schema of this - representation of an object. Servers should convert recognized - schemas to the latest internal value, and may reject unrecognized - values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - certificatesDir: - description: 'CertificatesDir specifies where to store or look - for all required certificates. NB: if not provided, this will - default to `/etc/kubernetes/pki`' - type: string - clusterName: - description: The cluster name - type: string - controlPlaneEndpoint: - description: 'ControlPlaneEndpoint sets a stable IP address or - DNS name for the control plane; it can be a valid IP address - or a RFC-1123 DNS subdomain, both with optional TCP port. In - case the ControlPlaneEndpoint is not specified, the AdvertiseAddress - + BindPort are used; in case the ControlPlaneEndpoint is specified - but without a TCP port, the BindPort is used. Possible usages - are: e.g. In a cluster with more than one control plane instances, - this field should be assigned the address of the external load - balancer in front of the control plane instances. e.g. in environments - with enforced node recycling, the ControlPlaneEndpoint could - be used for assigning a stable DNS to the control plane. NB: - This value defaults to the first value in the Cluster object - status.apiEndpoints array.' - type: string - controllerManager: - description: ControllerManager contains extra settings for the - controller manager control plane component - properties: - extraArgs: - additionalProperties: - type: string - description: 'ExtraArgs is an extra set of flags to pass to - the control plane component. TODO: This is temporary and - ideally we would like to switch all components to use ComponentConfig - + ConfigMaps.' - type: object - extraVolumes: - description: ExtraVolumes is an extra set of host volumes, - mounted to the control plane component. - items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. + local: + description: Local provides configuration knobs for configuring the local etcd instance Local and External are mutually exclusive properties: - hostPath: - description: HostPath is the path in the host that will - be mounted inside the pod. - type: string - mountPath: - description: MountPath is the path inside the pod where - hostPath will be mounted. + dataDir: + description: DataDir is the directory etcd will place its data. Defaults to "/var/lib/etcd". type: string - name: - description: Name of the volume inside the pod template. + extraArgs: + additionalProperties: + type: string + description: ExtraArgs are extra arguments provided to the etcd binary when run inside a static pod. + type: object + imageRepository: + description: ImageRepository sets the container registry to pull images from. if not set, the ImageRepository defined in ClusterConfiguration will be used instead. type: string - pathType: - description: PathType is the type of the HostPath. + imageTag: + description: ImageTag allows to specify a tag for the image. In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. type: string - readOnly: - description: ReadOnly controls write access to the volume - type: boolean - required: - - hostPath - - mountPath - - name + peerCertSANs: + description: PeerCertSANs sets extra Subject Alternative Names for the etcd peer signing cert. + items: + type: string + type: array + serverCertSANs: + description: ServerCertSANs sets extra Subject Alternative Names for the etcd server signing cert. + items: + type: string + type: array type: object - type: array - type: object - dns: - description: DNS defines the options for the DNS add-on installed - in the cluster. - properties: - imageRepository: - description: ImageRepository sets the container registry to - pull images from. if not set, the ImageRepository defined - in ClusterConfiguration will be used instead. - type: string - imageTag: - description: ImageTag allows to specify a tag for the image. - In case this value is set, kubeadm does not change automatically - the version of the above components during upgrades. - type: string - type: object - etcd: - description: 'Etcd holds configuration for etcd. NB: This value - defaults to a Local (stacked) etcd' - properties: - external: - description: External describes how to connect to an external - etcd cluster Local and External are mutually exclusive - properties: - caFile: - description: CAFile is an SSL Certificate Authority file - used to secure etcd communication. Required if using - a TLS connection. + type: object + featureGates: + additionalProperties: + type: boolean + description: FeatureGates enabled by the user. + type: object + imageRepository: + description: ImageRepository sets the container registry to pull images from. If empty, `registry.k8s.io` will be used by default; in case of kubernetes version is a CI build (kubernetes version starts with `ci/` or `ci-cross/`) `gcr.io/k8s-staging-ci-images` will be used as a default for control plane components and for kube-proxy, while `registry.k8s.io` will be used for all the other images. + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + kubernetesVersion: + description: 'KubernetesVersion is the target version of the control plane. NB: This value defaults to the Machine object spec.version' + type: string + networking: + description: 'Networking holds configuration for the networking topology of the cluster. NB: This value defaults to the Cluster object spec.clusterNetwork.' + properties: + dnsDomain: + description: DNSDomain is the dns domain used by k8s services. Defaults to "cluster.local". + type: string + podSubnet: + description: PodSubnet is the subnet used by pods. If unset, the API server will not allocate CIDR ranges for every node. Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.services.cidrBlocks if that is set + type: string + serviceSubnet: + description: ServiceSubnet is the subnet used by k8s services. Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.pods.cidrBlocks, or to "10.96.0.0/12" if that's unset. + type: string + type: object + scheduler: + description: Scheduler contains extra settings for the scheduler control plane component + properties: + extraArgs: + additionalProperties: type: string - certFile: - description: CertFile is an SSL certification file used - to secure etcd communication. Required if using a TLS - connection. + description: 'ExtraArgs is an extra set of flags to pass to the control plane component. TODO: This is temporary and ideally we would like to switch all components to use ComponentConfig + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. + items: + description: HostPathMount contains elements describing volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host that will be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the pod where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + type: object + type: object + diskSetup: + description: DiskSetup specifies options for the creation of partition tables and file systems on devices. + properties: + filesystems: + description: Filesystems specifies the list of file systems to setup. + items: + description: Filesystem defines the file systems to be created. + properties: + device: + description: Device specifies the device name type: string - endpoints: - description: Endpoints of etcd members. Required for ExternalEtcd. + extraOpts: + description: ExtraOpts defined extra options to add to the command for creating the file system. items: type: string type: array - keyFile: - description: KeyFile is an SSL key file used to secure - etcd communication. Required if using a TLS connection. + filesystem: + description: Filesystem specifies the file system type. + type: string + label: + description: Label specifies the file system label to be used. If set to None, no label is used. + type: string + overwrite: + description: Overwrite defines whether or not to overwrite any existing filesystem. If true, any pre-existing file system will be destroyed. Use with Caution. + type: boolean + partition: + description: 'Partition specifies the partition to use. The valid options are: "auto|any", "auto", "any", "none", and , where NUM is the actual partition number.' + type: string + replaceFS: + description: 'ReplaceFS is a special directive, used for Microsoft Azure that instructs cloud-init to replace a file system of . NOTE: unless you define a label, this requires the use of the ''any'' partition directive.' type: string required: - - caFile - - certFile - - endpoints - - keyFile + - device + - filesystem + - label type: object - local: - description: Local provides configuration knobs for configuring - the local etcd instance Local and External are mutually - exclusive + type: array + partitions: + description: Partitions specifies the list of the partitions to setup. + items: + description: Partition defines how to create and layout a partition. properties: - dataDir: - description: DataDir is the directory etcd will place - its data. Defaults to "/var/lib/etcd". + device: + description: Device is the name of the device. type: string - extraArgs: - additionalProperties: - type: string - description: ExtraArgs are extra arguments provided to - the etcd binary when run inside a static pod. + layout: + description: Layout specifies the device layout. If it is true, a single partition will be created for the entire device. When layout is false, it means don't partition or ignore existing partitioning. + type: boolean + overwrite: + description: Overwrite describes whether to skip checks and create the partition if a partition or filesystem is found on the device. Use with caution. Default is 'false'. + type: boolean + tableType: + description: 'TableType specifies the tupe of partition table. The following are supported: ''mbr'': default and setups a MS-DOS partition table ''gpt'': setups a GPT partition table' + type: string + required: + - device + - layout + type: object + type: array + type: object + files: + description: Files specifies extra files to be passed to user_data upon creation. + items: + description: File defines the input for generating write_files in cloud-init. + properties: + content: + description: Content is the actual content of the file. + type: string + contentFrom: + description: ContentFrom is a referenced source of content to populate the file. + properties: + secret: + description: Secret represents a secret that should populate this file. + properties: + key: + description: Key is the key in the secret's data map for this value. + type: string + name: + description: Name of the secret in the KubeadmBootstrapConfig's namespace to use. + type: string + required: + - key + - name type: object - imageRepository: - description: ImageRepository sets the container registry - to pull images from. if not set, the ImageRepository - defined in ClusterConfiguration will be used instead. + required: + - secret + type: object + encoding: + description: Encoding specifies the encoding of the file contents. + enum: + - base64 + - gzip + - gzip+base64 + type: string + owner: + description: Owner specifies the ownership of the file, e.g. "root:root". + type: string + path: + description: Path specifies the full path on disk where to store the file. + type: string + permissions: + description: Permissions specifies the permissions to assign to the file, e.g. "0640". + type: string + required: + - path + type: object + type: array + format: + description: Format specifies the output format of the bootstrap data + enum: + - cloud-config + type: string + initConfiguration: + description: InitConfiguration along with ClusterConfiguration are the configurations necessary for the init command + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + bootstrapTokens: + description: BootstrapTokens is respected at `kubeadm init` time and describes a set of Bootstrap Tokens to create. This information IS NOT uploaded to the kubeadm cluster configmap, partly because of its sensitive nature + items: + description: BootstrapToken describes one bootstrap token, stored as a Secret in the cluster. + properties: + description: + description: Description sets a human-friendly message why this token exists and what it's used for, so other administrators can know its purpose. type: string - imageTag: - description: ImageTag allows to specify a tag for the - image. In case this value is set, kubeadm does not change - automatically the version of the above components during - upgrades. + expires: + description: Expires specifies the timestamp when this token expires. Defaults to being set dynamically at runtime based on the TTL. Expires and TTL are mutually exclusive. + format: date-time type: string - peerCertSANs: - description: PeerCertSANs sets extra Subject Alternative - Names for the etcd peer signing cert. + groups: + description: Groups specifies the extra groups that this token will authenticate as when/if used for authentication items: type: string type: array - serverCertSANs: - description: ServerCertSANs sets extra Subject Alternative - Names for the etcd server signing cert. + token: + description: Token is used for establishing bidirectional trust between nodes and control-planes. Used for joining nodes in the cluster. + type: string + ttl: + description: TTL defines the time to live for this token. Defaults to 24h. Expires and TTL are mutually exclusive. + type: string + usages: + description: Usages describes the ways in which this token can be used. Can by default be used for establishing bidirectional trust, but that can be changed here. items: type: string type: array + required: + - token type: object - type: object - featureGates: - additionalProperties: - type: boolean - description: FeatureGates enabled by the user. - type: object - imageRepository: - description: ImageRepository sets the container registry to pull - images from. If empty, `registry.k8s.io` will be used by default; - in case of kubernetes version is a CI build (kubernetes version - starts with `ci/` or `ci-cross/`) `gcr.io/k8s-staging-ci-images` - will be used as a default for control plane components and for - kube-proxy, while `registry.k8s.io` will be used for all the - other images. - type: string - kind: - description: 'Kind is a string value representing the REST resource - this object represents. Servers may infer this from the endpoint - the client submits requests to. Cannot be updated. In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - kubernetesVersion: - description: 'KubernetesVersion is the target version of the control - plane. NB: This value defaults to the Machine object spec.version' - type: string - networking: - description: 'Networking holds configuration for the networking - topology of the cluster. NB: This value defaults to the Cluster - object spec.clusterNetwork.' - properties: - dnsDomain: - description: DNSDomain is the dns domain used by k8s services. - Defaults to "cluster.local". - type: string - podSubnet: - description: PodSubnet is the subnet used by pods. If unset, - the API server will not allocate CIDR ranges for every node. - Defaults to a comma-delimited string of the Cluster object's - spec.clusterNetwork.services.cidrBlocks if that is set - type: string - serviceSubnet: - description: ServiceSubnet is the subnet used by k8s services. - Defaults to a comma-delimited string of the Cluster object's - spec.clusterNetwork.pods.cidrBlocks, or to "10.96.0.0/12" - if that's unset. - type: string - type: object - scheduler: - description: Scheduler contains extra settings for the scheduler - control plane component - properties: - extraArgs: - additionalProperties: + type: array + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + localAPIEndpoint: + description: LocalAPIEndpoint represents the endpoint of the API server instance that's deployed on this control plane node In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint in the sense that ControlPlaneEndpoint is the global endpoint for the cluster, which then loadbalances the requests to each individual API server. This configuration object lets you customize what IP/DNS name and port the local API server advertises it's accessible on. By default, kubeadm tries to auto-detect the IP of the default interface and use that, but in case that process fails you may set the desired value here. + properties: + advertiseAddress: + description: AdvertiseAddress sets the IP address for the API server to advertise. type: string - description: 'ExtraArgs is an extra set of flags to pass to - the control plane component. TODO: This is temporary and - ideally we would like to switch all components to use ComponentConfig - + ConfigMaps.' - type: object - extraVolumes: - description: ExtraVolumes is an extra set of host volumes, - mounted to the control plane component. - items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. - properties: - hostPath: - description: HostPath is the path in the host that will - be mounted inside the pod. - type: string - mountPath: - description: MountPath is the path inside the pod where - hostPath will be mounted. - type: string - name: - description: Name of the volume inside the pod template. - type: string - pathType: - description: PathType is the type of the HostPath. - type: string - readOnly: - description: ReadOnly controls write access to the volume - type: boolean - required: - - hostPath - - mountPath - - name - type: object - type: array - type: object - type: object - diskSetup: - description: DiskSetup specifies options for the creation of partition - tables and file systems on devices. - properties: - filesystems: - description: Filesystems specifies the list of file systems to - setup. - items: - description: Filesystem defines the file systems to be created. + bindPort: + description: BindPort sets the secure port for the API Server to bind to. Defaults to 6443. + format: int32 + type: integer + type: object + nodeRegistration: + description: NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. When used in the context of control plane nodes, NodeRegistration should remain consistent across both InitConfiguration and JoinConfiguration properties: - device: - description: Device specifies the device name + criSocket: + description: CRISocket is used to retrieve container runtime info. This information will be annotated to the Node API object, for later re-use type: string - extraOpts: - description: ExtraOpts defined extra options to add to the - command for creating the file system. + ignorePreflightErrors: + description: IgnorePreflightErrors provides a slice of pre-flight errors to be ignored when the current node is registered. items: type: string type: array - filesystem: - description: Filesystem specifies the file system type. - type: string - label: - description: Label specifies the file system label to be - used. If set to None, no label is used. - type: string - overwrite: - description: Overwrite defines whether or not to overwrite - any existing filesystem. If true, any pre-existing file - system will be destroyed. Use with Caution. - type: boolean - partition: - description: 'Partition specifies the partition to use. - The valid options are: "auto|any", "auto", "any", "none", - and , where NUM is the actual partition number.' - type: string - replaceFS: - description: 'ReplaceFS is a special directive, used for - Microsoft Azure that instructs cloud-init to replace a - file system of . NOTE: unless you define a label, - this requires the use of the ''any'' partition directive.' - type: string - required: - - device - - filesystem - - label - type: object - type: array - partitions: - description: Partitions specifies the list of the partitions to - setup. - items: - description: Partition defines how to create and layout a partition. - properties: - device: - description: Device is the name of the device. - type: string - layout: - description: Layout specifies the device layout. If it is - true, a single partition will be created for the entire - device. When layout is false, it means don't partition - or ignore existing partitioning. - type: boolean - overwrite: - description: Overwrite describes whether to skip checks - and create the partition if a partition or filesystem - is found on the device. Use with caution. Default is 'false'. - type: boolean - tableType: - description: 'TableType specifies the tupe of partition - table. The following are supported: ''mbr'': default and - setups a MS-DOS partition table ''gpt'': setups a GPT - partition table' + kubeletExtraArgs: + additionalProperties: + type: string + description: KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. + type: object + name: + description: Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. This field is also used in the CommonName field of the kubelet's client certificate to the API server. Defaults to the hostname of the node if not provided. type: string - required: - - device - - layout + taints: + description: 'Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. If you don''t want to taint your control-plane node, set this field to an empty slice, i.e. `taints: {}` in the YAML file. This field is solely used for Node registration.' + items: + description: The node this Taint is attached to has the "effect" on any pod that does not tolerate the Taint. + properties: + effect: + description: Required. The effect of the taint on pods that do not tolerate the taint. Valid effects are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Required. The taint key to be applied to a node. + type: string + timeAdded: + description: TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints. + format: date-time + type: string + value: + description: The taint value corresponding to the taint key. + type: string + required: + - effect + - key + type: object + type: array type: object - type: array - type: object - files: - description: Files specifies extra files to be passed to user_data - upon creation. - items: - description: File defines the input for generating write_files in - cloud-init. + type: object + joinConfiguration: + description: JoinConfiguration is the kubeadm configuration for the join command properties: - content: - description: Content is the actual content of the file. + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + caCertPath: + description: 'CACertPath is the path to the SSL certificate authority used to secure comunications between node and control-plane. Defaults to "/etc/kubernetes/pki/ca.crt". TODO: revisit when there is defaulting from k/k' type: string - contentFrom: - description: ContentFrom is a referenced source of content to - populate the file. + controlPlane: + description: ControlPlane defines the additional control plane instance to be deployed on the joining node. If nil, no additional control plane instance will be deployed. + properties: + localAPIEndpoint: + description: LocalAPIEndpoint represents the endpoint of the API server instance to be deployed on this node. + properties: + advertiseAddress: + description: AdvertiseAddress sets the IP address for the API server to advertise. + type: string + bindPort: + description: BindPort sets the secure port for the API Server to bind to. Defaults to 6443. + format: int32 + type: integer + type: object + type: object + discovery: + description: 'Discovery specifies the options for the kubelet to use during the TLS Bootstrap process TODO: revisit when there is defaulting from k/k' properties: - secret: - description: Secret represents a secret that should populate - this file. + bootstrapToken: + description: BootstrapToken is used to set the options for bootstrap token based discovery BootstrapToken and File are mutually exclusive properties: - key: - description: Key is the key in the secret's data map - for this value. + apiServerEndpoint: + description: APIServerEndpoint is an IP or domain name to the API server from which info will be fetched. + type: string + caCertHashes: + description: 'CACertHashes specifies a set of public key pins to verify when token-based discovery is used. The root CA found during discovery must match one of these values. Specifying an empty set disables root CA pinning, which can be unsafe. Each hash is specified as ":", where the only currently supported type is "sha256". This is a hex-encoded SHA-256 hash of the Subject Public Key Info (SPKI) object in DER-encoded ASN.1. These hashes can be calculated using, for example, OpenSSL: openssl x509 -pubkey -in ca.crt openssl rsa -pubin -outform der 2>&/dev/null | openssl dgst -sha256 -hex' + items: + type: string + type: array + token: + description: Token is a token used to validate cluster information fetched from the control-plane. type: string - name: - description: Name of the secret in the KubeadmBootstrapConfig's - namespace to use. + unsafeSkipCAVerification: + description: UnsafeSkipCAVerification allows token-based discovery without CA verification via CACertHashes. This can weaken the security of kubeadm since other nodes can impersonate the control-plane. + type: boolean + required: + - token + type: object + file: + description: File is used to specify a file or URL to a kubeconfig file from which to load cluster information BootstrapToken and File are mutually exclusive + properties: + kubeConfigPath: + description: KubeConfigPath is used to specify the actual file path or URL to the kubeconfig file from which to load cluster information type: string required: - - key - - name + - kubeConfigPath type: object - required: - - secret + timeout: + description: Timeout modifies the discovery timeout + type: string + tlsBootstrapToken: + description: TLSBootstrapToken is a token used for TLS bootstrapping. If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, but can be overridden. If .File is set, this field **must be set** in case the KubeConfigFile does not contain any other authentication information + type: string type: object - encoding: - description: Encoding specifies the encoding of the file contents. - enum: - - base64 - - gzip - - gzip+base64 - type: string - owner: - description: Owner specifies the ownership of the file, e.g. - "root:root". - type: string - path: - description: Path specifies the full path on disk where to store - the file. + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - permissions: - description: Permissions specifies the permissions to assign - to the file, e.g. "0640". - type: string - required: - - path - type: object - type: array - format: - description: Format specifies the output format of the bootstrap data - enum: - - cloud-config - type: string - initConfiguration: - description: InitConfiguration along with ClusterConfiguration are - the configurations necessary for the init command - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this - representation of an object. Servers should convert recognized - schemas to the latest internal value, and may reject unrecognized - values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - bootstrapTokens: - description: BootstrapTokens is respected at `kubeadm init` time - and describes a set of Bootstrap Tokens to create. This information - IS NOT uploaded to the kubeadm cluster configmap, partly because - of its sensitive nature - items: - description: BootstrapToken describes one bootstrap token, stored - as a Secret in the cluster. + nodeRegistration: + description: NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. When used in the context of control plane nodes, NodeRegistration should remain consistent across both InitConfiguration and JoinConfiguration properties: - description: - description: Description sets a human-friendly message why - this token exists and what it's used for, so other administrators - can know its purpose. + criSocket: + description: CRISocket is used to retrieve container runtime info. This information will be annotated to the Node API object, for later re-use type: string - expires: - description: Expires specifies the timestamp when this token - expires. Defaults to being set dynamically at runtime - based on the TTL. Expires and TTL are mutually exclusive. - format: date-time - type: string - groups: - description: Groups specifies the extra groups that this - token will authenticate as when/if used for authentication + ignorePreflightErrors: + description: IgnorePreflightErrors provides a slice of pre-flight errors to be ignored when the current node is registered. items: type: string type: array - token: - description: Token is used for establishing bidirectional - trust between nodes and control-planes. Used for joining - nodes in the cluster. - type: string - ttl: - description: TTL defines the time to live for this token. - Defaults to 24h. Expires and TTL are mutually exclusive. + kubeletExtraArgs: + additionalProperties: + type: string + description: KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. + type: object + name: + description: Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. This field is also used in the CommonName field of the kubelet's client certificate to the API server. Defaults to the hostname of the node if not provided. type: string - usages: - description: Usages describes the ways in which this token - can be used. Can by default be used for establishing bidirectional - trust, but that can be changed here. + taints: + description: 'Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. If you don''t want to taint your control-plane node, set this field to an empty slice, i.e. `taints: {}` in the YAML file. This field is solely used for Node registration.' items: - type: string + description: The node this Taint is attached to has the "effect" on any pod that does not tolerate the Taint. + properties: + effect: + description: Required. The effect of the taint on pods that do not tolerate the taint. Valid effects are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Required. The taint key to be applied to a node. + type: string + timeAdded: + description: TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints. + format: date-time + type: string + value: + description: The taint value corresponding to the taint key. + type: string + required: + - effect + - key + type: object type: array - required: - - token type: object + type: object + mounts: + description: Mounts specifies a list of mount points to be setup. + items: + description: MountPoints defines input for generated mounts in cloud-init. + items: + type: string type: array - kind: - description: 'Kind is a string value representing the REST resource - this object represents. Servers may infer this from the endpoint - the client submits requests to. Cannot be updated. In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: array + ntp: + description: NTP specifies NTP configuration + properties: + enabled: + description: Enabled specifies whether NTP should be enabled + type: boolean + servers: + description: Servers specifies which NTP servers to use + items: + type: string + type: array + type: object + postKubeadmCommands: + description: PostKubeadmCommands specifies extra commands to run after kubeadm runs + items: + type: string + type: array + preKubeadmCommands: + description: PreKubeadmCommands specifies extra commands to run before kubeadm runs + items: type: string - localAPIEndpoint: - description: LocalAPIEndpoint represents the endpoint of the API - server instance that's deployed on this control plane node In - HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint - in the sense that ControlPlaneEndpoint is the global endpoint - for the cluster, which then loadbalances the requests to each - individual API server. This configuration object lets you customize - what IP/DNS name and port the local API server advertises it's - accessible on. By default, kubeadm tries to auto-detect the - IP of the default interface and use that, but in case that process - fails you may set the desired value here. + type: array + useExperimentalRetryJoin: + description: "UseExperimentalRetryJoin replaces a basic kubeadm command with a shell script with retries for joins. \n This is meant to be an experimental temporary workaround on some environments where joins fail due to timing (and other issues). The long term goal is to add retries to kubeadm proper and use that functionality. \n This will add about 40KB to userdata \n For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055." + type: boolean + users: + description: Users specifies extra users to add + items: + description: User defines the input for a generated user in cloud-init. properties: - advertiseAddress: - description: AdvertiseAddress sets the IP address for the - API server to advertise. + gecos: + description: Gecos specifies the gecos to use for the user type: string - bindPort: - description: BindPort sets the secure port for the API Server - to bind to. Defaults to 6443. - format: int32 - type: integer - type: object - nodeRegistration: - description: NodeRegistration holds fields that relate to registering - the new control-plane node to the cluster. When used in the - context of control plane nodes, NodeRegistration should remain - consistent across both InitConfiguration and JoinConfiguration - properties: - criSocket: - description: CRISocket is used to retrieve container runtime - info. This information will be annotated to the Node API - object, for later re-use + groups: + description: Groups specifies the additional groups for the user type: string - ignorePreflightErrors: - description: IgnorePreflightErrors provides a slice of pre-flight - errors to be ignored when the current node is registered. - items: - type: string - type: array - kubeletExtraArgs: - additionalProperties: - type: string - description: KubeletExtraArgs passes through extra arguments - to the kubelet. The arguments here are passed to the kubelet - command line via the environment file kubeadm writes at - runtime for the kubelet to source. This overrides the generic - base-level configuration in the kubelet-config-1.X ConfigMap - Flags have higher priority when parsing. These values are - local and specific to the node kubeadm is executing on. - type: object + homeDir: + description: HomeDir specifies the home directory to use for the user + type: string + inactive: + description: Inactive specifies whether to mark the user as inactive + type: boolean + lockPassword: + description: LockPassword specifies if password login should be disabled + type: boolean name: - description: Name is the `.Metadata.Name` field of the Node - API object that will be created in this `kubeadm init` or - `kubeadm join` operation. This field is also used in the - CommonName field of the kubelet's client certificate to - the API server. Defaults to the hostname of the node if - not provided. + description: Name specifies the user name type: string - taints: - description: 'Taints specifies the taints the Node API object - should be registered with. If this field is unset, i.e. - nil, in the `kubeadm init` process it will be defaulted - to []v1.Taint{''node-role.kubernetes.io/master=""''}. If - you don''t want to taint your control-plane node, set this - field to an empty slice, i.e. `taints: {}` in the YAML file. - This field is solely used for Node registration.' - items: - description: The node this Taint is attached to has the - "effect" on any pod that does not tolerate the Taint. - properties: - effect: - description: Required. The effect of the taint on pods - that do not tolerate the taint. Valid effects are - NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: Required. The taint key to be applied to - a node. - type: string - timeAdded: - description: TimeAdded represents the time at which - the taint was added. It is only written for NoExecute - taints. - format: date-time - type: string - value: - description: The taint value corresponding to the taint - key. - type: string - required: - - effect - - key - type: object - type: array - type: object - type: object - joinConfiguration: - description: JoinConfiguration is the kubeadm configuration for the - join command - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this - representation of an object. Servers should convert recognized - schemas to the latest internal value, and may reject unrecognized - values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - caCertPath: - description: 'CACertPath is the path to the SSL certificate authority - used to secure comunications between node and control-plane. - Defaults to "/etc/kubernetes/pki/ca.crt". TODO: revisit when - there is defaulting from k/k' - type: string - controlPlane: - description: ControlPlane defines the additional control plane - instance to be deployed on the joining node. If nil, no additional - control plane instance will be deployed. - properties: - localAPIEndpoint: - description: LocalAPIEndpoint represents the endpoint of the - API server instance to be deployed on this node. - properties: - advertiseAddress: - description: AdvertiseAddress sets the IP address for - the API server to advertise. - type: string - bindPort: - description: BindPort sets the secure port for the API - Server to bind to. Defaults to 6443. - format: int32 - type: integer - type: object - type: object - discovery: - description: 'Discovery specifies the options for the kubelet - to use during the TLS Bootstrap process TODO: revisit when there - is defaulting from k/k' - properties: - bootstrapToken: - description: BootstrapToken is used to set the options for - bootstrap token based discovery BootstrapToken and File - are mutually exclusive - properties: - apiServerEndpoint: - description: APIServerEndpoint is an IP or domain name - to the API server from which info will be fetched. - type: string - caCertHashes: - description: 'CACertHashes specifies a set of public key - pins to verify when token-based discovery is used. The - root CA found during discovery must match one of these - values. Specifying an empty set disables root CA pinning, - which can be unsafe. Each hash is specified as ":", - where the only currently supported type is "sha256". - This is a hex-encoded SHA-256 hash of the Subject Public - Key Info (SPKI) object in DER-encoded ASN.1. These hashes - can be calculated using, for example, OpenSSL: openssl - x509 -pubkey -in ca.crt openssl rsa -pubin -outform - der 2>&/dev/null | openssl dgst -sha256 -hex' - items: - type: string - type: array - token: - description: Token is a token used to validate cluster - information fetched from the control-plane. - type: string - unsafeSkipCAVerification: - description: UnsafeSkipCAVerification allows token-based - discovery without CA verification via CACertHashes. - This can weaken the security of kubeadm since other - nodes can impersonate the control-plane. - type: boolean - required: - - token - type: object - file: - description: File is used to specify a file or URL to a kubeconfig - file from which to load cluster information BootstrapToken - and File are mutually exclusive - properties: - kubeConfigPath: - description: KubeConfigPath is used to specify the actual - file path or URL to the kubeconfig file from which to - load cluster information - type: string - required: - - kubeConfigPath - type: object - timeout: - description: Timeout modifies the discovery timeout + passwd: + description: Passwd specifies a hashed password for the user type: string - tlsBootstrapToken: - description: TLSBootstrapToken is a token used for TLS bootstrapping. - If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, - but can be overridden. If .File is set, this field **must - be set** in case the KubeConfigFile does not contain any - other authentication information + primaryGroup: + description: PrimaryGroup specifies the primary group for the user type: string - type: object - kind: - description: 'Kind is a string value representing the REST resource - this object represents. Servers may infer this from the endpoint - the client submits requests to. Cannot be updated. In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - nodeRegistration: - description: NodeRegistration holds fields that relate to registering - the new control-plane node to the cluster. When used in the - context of control plane nodes, NodeRegistration should remain - consistent across both InitConfiguration and JoinConfiguration - properties: - criSocket: - description: CRISocket is used to retrieve container runtime - info. This information will be annotated to the Node API - object, for later re-use + shell: + description: Shell specifies the user's shell type: string - ignorePreflightErrors: - description: IgnorePreflightErrors provides a slice of pre-flight - errors to be ignored when the current node is registered. + sshAuthorizedKeys: + description: SSHAuthorizedKeys specifies a list of ssh authorized keys for the user items: type: string type: array - kubeletExtraArgs: - additionalProperties: - type: string - description: KubeletExtraArgs passes through extra arguments - to the kubelet. The arguments here are passed to the kubelet - command line via the environment file kubeadm writes at - runtime for the kubelet to source. This overrides the generic - base-level configuration in the kubelet-config-1.X ConfigMap - Flags have higher priority when parsing. These values are - local and specific to the node kubeadm is executing on. - type: object - name: - description: Name is the `.Metadata.Name` field of the Node - API object that will be created in this `kubeadm init` or - `kubeadm join` operation. This field is also used in the - CommonName field of the kubelet's client certificate to - the API server. Defaults to the hostname of the node if - not provided. + sudo: + description: Sudo specifies a sudo role for the user type: string - taints: - description: 'Taints specifies the taints the Node API object - should be registered with. If this field is unset, i.e. - nil, in the `kubeadm init` process it will be defaulted - to []v1.Taint{''node-role.kubernetes.io/master=""''}. If - you don''t want to taint your control-plane node, set this - field to an empty slice, i.e. `taints: {}` in the YAML file. - This field is solely used for Node registration.' - items: - description: The node this Taint is attached to has the - "effect" on any pod that does not tolerate the Taint. - properties: - effect: - description: Required. The effect of the taint on pods - that do not tolerate the taint. Valid effects are - NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: Required. The taint key to be applied to - a node. - type: string - timeAdded: - description: TimeAdded represents the time at which - the taint was added. It is only written for NoExecute - taints. - format: date-time - type: string - value: - description: The taint value corresponding to the taint - key. - type: string - required: - - effect - - key - type: object - type: array + required: + - name type: object - type: object - mounts: - description: Mounts specifies a list of mount points to be setup. - items: - description: MountPoints defines input for generated mounts in cloud-init. + type: array + verbosity: + description: Verbosity is the number for the kubeadm log level verbosity. It overrides the `--v` flag in kubeadm commands. + format: int32 + type: integer + type: object + status: + description: KubeadmConfigStatus defines the observed state of KubeadmConfig. + properties: + conditions: + description: Conditions defines current service state of the KubeadmConfig. items: - type: string + description: Condition defines an observation of a Cluster API resource operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. + type: string + severity: + description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + type: string + required: + - status + - type + type: object type: array - type: array - ntp: - description: NTP specifies NTP configuration - properties: - enabled: - description: Enabled specifies whether NTP should be enabled - type: boolean - servers: - description: Servers specifies which NTP servers to use - items: - type: string - type: array - type: object - postKubeadmCommands: - description: PostKubeadmCommands specifies extra commands to run after - kubeadm runs - items: + dataSecretName: + description: DataSecretName is the name of the secret that stores the bootstrap data script. type: string - type: array - preKubeadmCommands: - description: PreKubeadmCommands specifies extra commands to run before - kubeadm runs - items: + failureMessage: + description: FailureMessage will be set on non-retryable errors type: string - type: array - useExperimentalRetryJoin: - description: "UseExperimentalRetryJoin replaces a basic kubeadm command - with a shell script with retries for joins. \n This is meant to - be an experimental temporary workaround on some environments where - joins fail due to timing (and other issues). The long term goal - is to add retries to kubeadm proper and use that functionality. - \n This will add about 40KB to userdata \n For more information, - refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055." - type: boolean - users: - description: Users specifies extra users to add - items: - description: User defines the input for a generated user in cloud-init. - properties: - gecos: - description: Gecos specifies the gecos to use for the user - type: string - groups: - description: Groups specifies the additional groups for the - user - type: string - homeDir: - description: HomeDir specifies the home directory to use for - the user - type: string - inactive: - description: Inactive specifies whether to mark the user as - inactive - type: boolean - lockPassword: - description: LockPassword specifies if password login should - be disabled - type: boolean - name: - description: Name specifies the user name - type: string - passwd: - description: Passwd specifies a hashed password for the user - type: string - primaryGroup: - description: PrimaryGroup specifies the primary group for the - user - type: string - shell: - description: Shell specifies the user's shell - type: string - sshAuthorizedKeys: - description: SSHAuthorizedKeys specifies a list of ssh authorized - keys for the user - items: - type: string - type: array - sudo: - description: Sudo specifies a sudo role for the user - type: string - required: - - name - type: object - type: array - verbosity: - description: Verbosity is the number for the kubeadm log level verbosity. - It overrides the `--v` flag in kubeadm commands. - format: int32 - type: integer - type: object - status: - description: KubeadmConfigStatus defines the observed state of KubeadmConfig. - properties: - conditions: - description: Conditions defines current service state of the KubeadmConfig. - items: - description: Condition defines an observation of a Cluster API resource - operational state. + failureReason: + description: FailureReason will be set on non-retryable errors + type: string + observedGeneration: + description: ObservedGeneration is the latest generation observed by the controller. + format: int64 + type: integer + ready: + description: Ready indicates the BootstrapData field is ready to be consumed + type: boolean + type: object + type: object + served: false + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Cluster + jsonPath: .metadata.labels['cluster\.x-k8s\.io/cluster-name'] + name: Cluster + type: string + - description: Time duration since creation of KubeadmConfig + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: KubeadmConfig is the Schema for the kubeadmconfigs API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KubeadmConfigSpec defines the desired state of KubeadmConfig. Either ClusterConfiguration and InitConfiguration should be defined or the JoinConfiguration should be defined. + properties: + clusterConfiguration: + description: ClusterConfiguration along with InitConfiguration are the configurations necessary for the init command properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + apiServer: + description: APIServer contains extra settings for the API server control plane component + properties: + certSANs: + description: CertSANs sets extra Subject Alternative Names for the API Server signing cert. + items: + type: string + type: array + extraArgs: + additionalProperties: + type: string + description: 'ExtraArgs is an extra set of flags to pass to the control plane component. TODO: This is temporary and ideally we would like to switch all components to use ComponentConfig + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. + items: + description: HostPathMount contains elements describing volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host that will be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the pod where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + timeoutForControlPlane: + description: TimeoutForControlPlane controls the timeout that we use for API server to appear + type: string + type: object + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + certificatesDir: + description: 'CertificatesDir specifies where to store or look for all required certificates. NB: if not provided, this will default to `/etc/kubernetes/pki`' type: string - status: - description: Status of the condition, one of True, False, Unknown. + clusterName: + description: The cluster name type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + controlPlaneEndpoint: + description: 'ControlPlaneEndpoint sets a stable IP address or DNS name for the control plane; it can be a valid IP address or a RFC-1123 DNS subdomain, both with optional TCP port. In case the ControlPlaneEndpoint is not specified, the AdvertiseAddress + BindPort are used; in case the ControlPlaneEndpoint is specified but without a TCP port, the BindPort is used. Possible usages are: e.g. In a cluster with more than one control plane instances, this field should be assigned the address of the external load balancer in front of the control plane instances. e.g. in environments with enforced node recycling, the ControlPlaneEndpoint could be used for assigning a stable DNS to the control plane. NB: This value defaults to the first value in the Cluster object status.apiEndpoints array.' type: string - required: - - status - - type - type: object - type: array - dataSecretName: - description: DataSecretName is the name of the secret that stores - the bootstrap data script. - type: string - failureMessage: - description: FailureMessage will be set on non-retryable errors - type: string - failureReason: - description: FailureReason will be set on non-retryable errors - type: string - observedGeneration: - description: ObservedGeneration is the latest generation observed - by the controller. - format: int64 - type: integer - ready: - description: Ready indicates the BootstrapData field is ready to be - consumed - type: boolean - type: object - type: object - served: false - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - description: Cluster - jsonPath: .metadata.labels['cluster\.x-k8s\.io/cluster-name'] - name: Cluster - type: string - - description: Time duration since creation of KubeadmConfig - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: KubeadmConfig is the Schema for the kubeadmconfigs API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KubeadmConfigSpec defines the desired state of KubeadmConfig. - Either ClusterConfiguration and InitConfiguration should be defined - or the JoinConfiguration should be defined. - properties: - clusterConfiguration: - description: ClusterConfiguration along with InitConfiguration are - the configurations necessary for the init command - properties: - apiServer: - description: APIServer contains extra settings for the API server - control plane component - properties: - certSANs: - description: CertSANs sets extra Subject Alternative Names - for the API Server signing cert. - items: + controllerManager: + description: ControllerManager contains extra settings for the controller manager control plane component + properties: + extraArgs: + additionalProperties: + type: string + description: 'ExtraArgs is an extra set of flags to pass to the control plane component. TODO: This is temporary and ideally we would like to switch all components to use ComponentConfig + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. + items: + description: HostPathMount contains elements describing volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host that will be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the pod where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + type: object + dns: + description: DNS defines the options for the DNS add-on installed in the cluster. + properties: + imageRepository: + description: ImageRepository sets the container registry to pull images from. if not set, the ImageRepository defined in ClusterConfiguration will be used instead. type: string - type: array - extraArgs: - additionalProperties: + imageTag: + description: ImageTag allows to specify a tag for the image. In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. type: string - description: 'ExtraArgs is an extra set of flags to pass to - the control plane component. TODO: This is temporary and - ideally we would like to switch all components to use ComponentConfig - + ConfigMaps.' - type: object - extraVolumes: - description: ExtraVolumes is an extra set of host volumes, - mounted to the control plane component. - items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. + type: object + etcd: + description: 'Etcd holds configuration for etcd. NB: This value defaults to a Local (stacked) etcd' + properties: + external: + description: External describes how to connect to an external etcd cluster Local and External are mutually exclusive properties: - hostPath: - description: HostPath is the path in the host that will - be mounted inside the pod. + caFile: + description: CAFile is an SSL Certificate Authority file used to secure etcd communication. Required if using a TLS connection. type: string - mountPath: - description: MountPath is the path inside the pod where - hostPath will be mounted. + certFile: + description: CertFile is an SSL certification file used to secure etcd communication. Required if using a TLS connection. type: string - name: - description: Name of the volume inside the pod template. - type: string - pathType: - description: PathType is the type of the HostPath. + endpoints: + description: Endpoints of etcd members. Required for ExternalEtcd. + items: + type: string + type: array + keyFile: + description: KeyFile is an SSL key file used to secure etcd communication. Required if using a TLS connection. type: string - readOnly: - description: ReadOnly controls write access to the volume - type: boolean required: - - hostPath - - mountPath - - name + - caFile + - certFile + - endpoints + - keyFile type: object - type: array - timeoutForControlPlane: - description: TimeoutForControlPlane controls the timeout that - we use for API server to appear - type: string - type: object - apiVersion: - description: 'APIVersion defines the versioned schema of this - representation of an object. Servers should convert recognized - schemas to the latest internal value, and may reject unrecognized - values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - certificatesDir: - description: 'CertificatesDir specifies where to store or look - for all required certificates. NB: if not provided, this will - default to `/etc/kubernetes/pki`' - type: string - clusterName: - description: The cluster name - type: string - controlPlaneEndpoint: - description: 'ControlPlaneEndpoint sets a stable IP address or - DNS name for the control plane; it can be a valid IP address - or a RFC-1123 DNS subdomain, both with optional TCP port. In - case the ControlPlaneEndpoint is not specified, the AdvertiseAddress - + BindPort are used; in case the ControlPlaneEndpoint is specified - but without a TCP port, the BindPort is used. Possible usages - are: e.g. In a cluster with more than one control plane instances, - this field should be assigned the address of the external load - balancer in front of the control plane instances. e.g. in environments - with enforced node recycling, the ControlPlaneEndpoint could - be used for assigning a stable DNS to the control plane. NB: - This value defaults to the first value in the Cluster object - status.apiEndpoints array.' - type: string - controllerManager: - description: ControllerManager contains extra settings for the - controller manager control plane component - properties: - extraArgs: - additionalProperties: - type: string - description: 'ExtraArgs is an extra set of flags to pass to - the control plane component. TODO: This is temporary and - ideally we would like to switch all components to use ComponentConfig - + ConfigMaps.' - type: object - extraVolumes: - description: ExtraVolumes is an extra set of host volumes, - mounted to the control plane component. - items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. + local: + description: Local provides configuration knobs for configuring the local etcd instance Local and External are mutually exclusive properties: - hostPath: - description: HostPath is the path in the host that will - be mounted inside the pod. + dataDir: + description: DataDir is the directory etcd will place its data. Defaults to "/var/lib/etcd". type: string - mountPath: - description: MountPath is the path inside the pod where - hostPath will be mounted. - type: string - name: - description: Name of the volume inside the pod template. + extraArgs: + additionalProperties: + type: string + description: ExtraArgs are extra arguments provided to the etcd binary when run inside a static pod. + type: object + imageRepository: + description: ImageRepository sets the container registry to pull images from. if not set, the ImageRepository defined in ClusterConfiguration will be used instead. type: string - pathType: - description: PathType is the type of the HostPath. + imageTag: + description: ImageTag allows to specify a tag for the image. In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. type: string - readOnly: - description: ReadOnly controls write access to the volume - type: boolean - required: - - hostPath - - mountPath - - name + peerCertSANs: + description: PeerCertSANs sets extra Subject Alternative Names for the etcd peer signing cert. + items: + type: string + type: array + serverCertSANs: + description: ServerCertSANs sets extra Subject Alternative Names for the etcd server signing cert. + items: + type: string + type: array type: object - type: array - type: object - dns: - description: DNS defines the options for the DNS add-on installed - in the cluster. - properties: - imageRepository: - description: ImageRepository sets the container registry to - pull images from. if not set, the ImageRepository defined - in ClusterConfiguration will be used instead. - type: string - imageTag: - description: ImageTag allows to specify a tag for the image. - In case this value is set, kubeadm does not change automatically - the version of the above components during upgrades. - type: string - type: object - etcd: - description: 'Etcd holds configuration for etcd. NB: This value - defaults to a Local (stacked) etcd' - properties: - external: - description: External describes how to connect to an external - etcd cluster Local and External are mutually exclusive - properties: - caFile: - description: CAFile is an SSL Certificate Authority file - used to secure etcd communication. Required if using - a TLS connection. + type: object + featureGates: + additionalProperties: + type: boolean + description: FeatureGates enabled by the user. + type: object + imageRepository: + description: 'ImageRepository sets the container registry to pull images from. * If not set, the default registry of kubeadm will be used, i.e. * registry.k8s.io (new registry): >= v1.22.17, >= v1.23.15, >= v1.24.9, >= v1.25.0 * k8s.gcr.io (old registry): all older versions Please note that when imageRepository is not set we don''t allow upgrades to versions >= v1.22.0 which use the old registry (k8s.gcr.io). Please use a newer patch version with the new registry instead (i.e. >= v1.22.17, >= v1.23.15, >= v1.24.9, >= v1.25.0). * If the version is a CI build (kubernetes version starts with `ci/` or `ci-cross/`) `gcr.io/k8s-staging-ci-images` will be used as a default for control plane components and for kube-proxy, while `registry.k8s.io` will be used for all the other images.' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + kubernetesVersion: + description: 'KubernetesVersion is the target version of the control plane. NB: This value defaults to the Machine object spec.version' + type: string + networking: + description: 'Networking holds configuration for the networking topology of the cluster. NB: This value defaults to the Cluster object spec.clusterNetwork.' + properties: + dnsDomain: + description: DNSDomain is the dns domain used by k8s services. Defaults to "cluster.local". + type: string + podSubnet: + description: PodSubnet is the subnet used by pods. If unset, the API server will not allocate CIDR ranges for every node. Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.services.cidrBlocks if that is set + type: string + serviceSubnet: + description: ServiceSubnet is the subnet used by k8s services. Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.pods.cidrBlocks, or to "10.96.0.0/12" if that's unset. + type: string + type: object + scheduler: + description: Scheduler contains extra settings for the scheduler control plane component + properties: + extraArgs: + additionalProperties: type: string - certFile: - description: CertFile is an SSL certification file used - to secure etcd communication. Required if using a TLS - connection. + description: 'ExtraArgs is an extra set of flags to pass to the control plane component. TODO: This is temporary and ideally we would like to switch all components to use ComponentConfig + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. + items: + description: HostPathMount contains elements describing volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host that will be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the pod where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + type: object + type: object + diskSetup: + description: DiskSetup specifies options for the creation of partition tables and file systems on devices. + properties: + filesystems: + description: Filesystems specifies the list of file systems to setup. + items: + description: Filesystem defines the file systems to be created. + properties: + device: + description: Device specifies the device name type: string - endpoints: - description: Endpoints of etcd members. Required for ExternalEtcd. + extraOpts: + description: ExtraOpts defined extra options to add to the command for creating the file system. items: type: string type: array - keyFile: - description: KeyFile is an SSL key file used to secure - etcd communication. Required if using a TLS connection. + filesystem: + description: Filesystem specifies the file system type. + type: string + label: + description: Label specifies the file system label to be used. If set to None, no label is used. + type: string + overwrite: + description: Overwrite defines whether or not to overwrite any existing filesystem. If true, any pre-existing file system will be destroyed. Use with Caution. + type: boolean + partition: + description: 'Partition specifies the partition to use. The valid options are: "auto|any", "auto", "any", "none", and , where NUM is the actual partition number.' + type: string + replaceFS: + description: 'ReplaceFS is a special directive, used for Microsoft Azure that instructs cloud-init to replace a file system of . NOTE: unless you define a label, this requires the use of the ''any'' partition directive.' type: string required: - - caFile - - certFile - - endpoints - - keyFile + - device + - filesystem + - label type: object - local: - description: Local provides configuration knobs for configuring - the local etcd instance Local and External are mutually - exclusive + type: array + partitions: + description: Partitions specifies the list of the partitions to setup. + items: + description: Partition defines how to create and layout a partition. properties: - dataDir: - description: DataDir is the directory etcd will place - its data. Defaults to "/var/lib/etcd". + device: + description: Device is the name of the device. type: string - extraArgs: - additionalProperties: - type: string - description: ExtraArgs are extra arguments provided to - the etcd binary when run inside a static pod. + layout: + description: Layout specifies the device layout. If it is true, a single partition will be created for the entire device. When layout is false, it means don't partition or ignore existing partitioning. + type: boolean + overwrite: + description: Overwrite describes whether to skip checks and create the partition if a partition or filesystem is found on the device. Use with caution. Default is 'false'. + type: boolean + tableType: + description: 'TableType specifies the tupe of partition table. The following are supported: ''mbr'': default and setups a MS-DOS partition table ''gpt'': setups a GPT partition table' + type: string + required: + - device + - layout + type: object + type: array + type: object + files: + description: Files specifies extra files to be passed to user_data upon creation. + items: + description: File defines the input for generating write_files in cloud-init. + properties: + append: + description: Append specifies whether to append Content to existing file if Path exists. + type: boolean + content: + description: Content is the actual content of the file. + type: string + contentFrom: + description: ContentFrom is a referenced source of content to populate the file. + properties: + secret: + description: Secret represents a secret that should populate this file. + properties: + key: + description: Key is the key in the secret's data map for this value. + type: string + name: + description: Name of the secret in the KubeadmBootstrapConfig's namespace to use. + type: string + required: + - key + - name type: object - imageRepository: - description: ImageRepository sets the container registry - to pull images from. if not set, the ImageRepository - defined in ClusterConfiguration will be used instead. + required: + - secret + type: object + encoding: + description: Encoding specifies the encoding of the file contents. + enum: + - base64 + - gzip + - gzip+base64 + type: string + owner: + description: Owner specifies the ownership of the file, e.g. "root:root". + type: string + path: + description: Path specifies the full path on disk where to store the file. + type: string + permissions: + description: Permissions specifies the permissions to assign to the file, e.g. "0640". + type: string + required: + - path + type: object + type: array + format: + description: Format specifies the output format of the bootstrap data + enum: + - cloud-config + - ignition + type: string + ignition: + description: Ignition contains Ignition specific configuration. + properties: + containerLinuxConfig: + description: ContainerLinuxConfig contains CLC specific configuration. + properties: + additionalConfig: + description: "AdditionalConfig contains additional configuration to be merged with the Ignition configuration generated by the bootstrapper controller. More info: https://coreos.github.io/ignition/operator-notes/#config-merging \n The data format is documented here: https://kinvolk.io/docs/flatcar-container-linux/latest/provisioning/cl-config/" + type: string + strict: + description: Strict controls if AdditionalConfig should be strictly parsed. If so, warnings are treated as errors. + type: boolean + type: object + type: object + initConfiguration: + description: InitConfiguration along with ClusterConfiguration are the configurations necessary for the init command + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + bootstrapTokens: + description: BootstrapTokens is respected at `kubeadm init` time and describes a set of Bootstrap Tokens to create. This information IS NOT uploaded to the kubeadm cluster configmap, partly because of its sensitive nature + items: + description: BootstrapToken describes one bootstrap token, stored as a Secret in the cluster. + properties: + description: + description: Description sets a human-friendly message why this token exists and what it's used for, so other administrators can know its purpose. type: string - imageTag: - description: ImageTag allows to specify a tag for the - image. In case this value is set, kubeadm does not change - automatically the version of the above components during - upgrades. + expires: + description: Expires specifies the timestamp when this token expires. Defaults to being set dynamically at runtime based on the TTL. Expires and TTL are mutually exclusive. + format: date-time type: string - peerCertSANs: - description: PeerCertSANs sets extra Subject Alternative - Names for the etcd peer signing cert. + groups: + description: Groups specifies the extra groups that this token will authenticate as when/if used for authentication items: type: string type: array - serverCertSANs: - description: ServerCertSANs sets extra Subject Alternative - Names for the etcd server signing cert. + token: + description: Token is used for establishing bidirectional trust between nodes and control-planes. Used for joining nodes in the cluster. + type: string + ttl: + description: TTL defines the time to live for this token. Defaults to 24h. Expires and TTL are mutually exclusive. + type: string + usages: + description: Usages describes the ways in which this token can be used. Can by default be used for establishing bidirectional trust, but that can be changed here. items: type: string type: array + required: + - token type: object - type: object - featureGates: - additionalProperties: - type: boolean - description: FeatureGates enabled by the user. - type: object - imageRepository: - description: 'ImageRepository sets the container registry to pull - images from. * If not set, the default registry of kubeadm will - be used, i.e. * registry.k8s.io (new registry): >= v1.22.17, - >= v1.23.15, >= v1.24.9, >= v1.25.0 * k8s.gcr.io (old registry): - all older versions Please note that when imageRepository is - not set we don''t allow upgrades to versions >= v1.22.0 which - use the old registry (k8s.gcr.io). Please use a newer patch - version with the new registry instead (i.e. >= v1.22.17, >= - v1.23.15, >= v1.24.9, >= v1.25.0). * If the version is a CI - build (kubernetes version starts with `ci/` or `ci-cross/`) - `gcr.io/k8s-staging-ci-images` will be used as a default for - control plane components and for kube-proxy, while `registry.k8s.io` - will be used for all the other images.' - type: string - kind: - description: 'Kind is a string value representing the REST resource - this object represents. Servers may infer this from the endpoint - the client submits requests to. Cannot be updated. In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - kubernetesVersion: - description: 'KubernetesVersion is the target version of the control - plane. NB: This value defaults to the Machine object spec.version' - type: string - networking: - description: 'Networking holds configuration for the networking - topology of the cluster. NB: This value defaults to the Cluster - object spec.clusterNetwork.' - properties: - dnsDomain: - description: DNSDomain is the dns domain used by k8s services. - Defaults to "cluster.local". - type: string - podSubnet: - description: PodSubnet is the subnet used by pods. If unset, - the API server will not allocate CIDR ranges for every node. - Defaults to a comma-delimited string of the Cluster object's - spec.clusterNetwork.services.cidrBlocks if that is set - type: string - serviceSubnet: - description: ServiceSubnet is the subnet used by k8s services. - Defaults to a comma-delimited string of the Cluster object's - spec.clusterNetwork.pods.cidrBlocks, or to "10.96.0.0/12" - if that's unset. - type: string - type: object - scheduler: - description: Scheduler contains extra settings for the scheduler - control plane component - properties: - extraArgs: - additionalProperties: + type: array + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + localAPIEndpoint: + description: LocalAPIEndpoint represents the endpoint of the API server instance that's deployed on this control plane node In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint in the sense that ControlPlaneEndpoint is the global endpoint for the cluster, which then loadbalances the requests to each individual API server. This configuration object lets you customize what IP/DNS name and port the local API server advertises it's accessible on. By default, kubeadm tries to auto-detect the IP of the default interface and use that, but in case that process fails you may set the desired value here. + properties: + advertiseAddress: + description: AdvertiseAddress sets the IP address for the API server to advertise. type: string - description: 'ExtraArgs is an extra set of flags to pass to - the control plane component. TODO: This is temporary and - ideally we would like to switch all components to use ComponentConfig - + ConfigMaps.' - type: object - extraVolumes: - description: ExtraVolumes is an extra set of host volumes, - mounted to the control plane component. - items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. - properties: - hostPath: - description: HostPath is the path in the host that will - be mounted inside the pod. - type: string - mountPath: - description: MountPath is the path inside the pod where - hostPath will be mounted. - type: string - name: - description: Name of the volume inside the pod template. - type: string - pathType: - description: PathType is the type of the HostPath. - type: string - readOnly: - description: ReadOnly controls write access to the volume - type: boolean - required: - - hostPath - - mountPath - - name - type: object - type: array - type: object - type: object - diskSetup: - description: DiskSetup specifies options for the creation of partition - tables and file systems on devices. - properties: - filesystems: - description: Filesystems specifies the list of file systems to - setup. - items: - description: Filesystem defines the file systems to be created. + bindPort: + description: BindPort sets the secure port for the API Server to bind to. Defaults to 6443. + format: int32 + type: integer + type: object + nodeRegistration: + description: NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. When used in the context of control plane nodes, NodeRegistration should remain consistent across both InitConfiguration and JoinConfiguration properties: - device: - description: Device specifies the device name + criSocket: + description: CRISocket is used to retrieve container runtime info. This information will be annotated to the Node API object, for later re-use type: string - extraOpts: - description: ExtraOpts defined extra options to add to the - command for creating the file system. + ignorePreflightErrors: + description: IgnorePreflightErrors provides a slice of pre-flight errors to be ignored when the current node is registered. items: type: string type: array - filesystem: - description: Filesystem specifies the file system type. - type: string - label: - description: Label specifies the file system label to be - used. If set to None, no label is used. - type: string - overwrite: - description: Overwrite defines whether or not to overwrite - any existing filesystem. If true, any pre-existing file - system will be destroyed. Use with Caution. - type: boolean - partition: - description: 'Partition specifies the partition to use. - The valid options are: "auto|any", "auto", "any", "none", - and , where NUM is the actual partition number.' + imagePullPolicy: + description: ImagePullPolicy specifies the policy for image pulling during kubeadm "init" and "join" operations. The value of this field must be one of "Always", "IfNotPresent" or "Never". Defaults to "IfNotPresent". This can be used only with Kubernetes version equal to 1.22 and later. + enum: + - Always + - IfNotPresent + - Never type: string - replaceFS: - description: 'ReplaceFS is a special directive, used for - Microsoft Azure that instructs cloud-init to replace a - file system of . NOTE: unless you define a label, - this requires the use of the ''any'' partition directive.' + kubeletExtraArgs: + additionalProperties: + type: string + description: KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. + type: object + name: + description: Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. This field is also used in the CommonName field of the kubelet's client certificate to the API server. Defaults to the hostname of the node if not provided. type: string - required: - - device - - filesystem - - label + taints: + description: 'Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. If you don''t want to taint your control-plane node, set this field to an empty slice, i.e. `taints: []` in the YAML file. This field is solely used for Node registration.' + items: + description: The node this Taint is attached to has the "effect" on any pod that does not tolerate the Taint. + properties: + effect: + description: Required. The effect of the taint on pods that do not tolerate the taint. Valid effects are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Required. The taint key to be applied to a node. + type: string + timeAdded: + description: TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints. + format: date-time + type: string + value: + description: The taint value corresponding to the taint key. + type: string + required: + - effect + - key + type: object + type: array type: object - type: array - partitions: - description: Partitions specifies the list of the partitions to - setup. - items: - description: Partition defines how to create and layout a partition. + patches: + description: Patches contains options related to applying patches to components deployed by kubeadm during "kubeadm init". The minimum kubernetes version needed to support Patches is v1.22 properties: - device: - description: Device is the name of the device. - type: string - layout: - description: Layout specifies the device layout. If it is - true, a single partition will be created for the entire - device. When layout is false, it means don't partition - or ignore existing partitioning. - type: boolean - overwrite: - description: Overwrite describes whether to skip checks - and create the partition if a partition or filesystem - is found on the device. Use with caution. Default is 'false'. - type: boolean - tableType: - description: 'TableType specifies the tupe of partition - table. The following are supported: ''mbr'': default and - setups a MS-DOS partition table ''gpt'': setups a GPT - partition table' + directory: + description: Directory is a path to a directory that contains files named "target[suffix][+patchtype].extension". For example, "kube-apiserver0+merge.yaml" or just "etcd.json". "target" can be one of "kube-apiserver", "kube-controller-manager", "kube-scheduler", "etcd". "patchtype" can be one of "strategic" "merge" or "json" and they match the patch formats supported by kubectl. The default "patchtype" is "strategic". "extension" must be either "json" or "yaml". "suffix" is an optional string that can be used to determine which patches are applied first alpha-numerically. These files can be written into the target directory via KubeadmConfig.Files which specifies additional files to be created on the machine, either with content inline or by referencing a secret. type: string - required: - - device - - layout type: object - type: array - type: object - files: - description: Files specifies extra files to be passed to user_data - upon creation. - items: - description: File defines the input for generating write_files in - cloud-init. + skipPhases: + description: SkipPhases is a list of phases to skip during command execution. The list of phases can be obtained with the "kubeadm init --help" command. This option takes effect only on Kubernetes >=1.22.0. + items: + type: string + type: array + type: object + joinConfiguration: + description: JoinConfiguration is the kubeadm configuration for the join command properties: - append: - description: Append specifies whether to append Content to existing - file if Path exists. - type: boolean - content: - description: Content is the actual content of the file. + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + caCertPath: + description: 'CACertPath is the path to the SSL certificate authority used to secure comunications between node and control-plane. Defaults to "/etc/kubernetes/pki/ca.crt". TODO: revisit when there is defaulting from k/k' type: string - contentFrom: - description: ContentFrom is a referenced source of content to - populate the file. + controlPlane: + description: ControlPlane defines the additional control plane instance to be deployed on the joining node. If nil, no additional control plane instance will be deployed. + properties: + localAPIEndpoint: + description: LocalAPIEndpoint represents the endpoint of the API server instance to be deployed on this node. + properties: + advertiseAddress: + description: AdvertiseAddress sets the IP address for the API server to advertise. + type: string + bindPort: + description: BindPort sets the secure port for the API Server to bind to. Defaults to 6443. + format: int32 + type: integer + type: object + type: object + discovery: + description: 'Discovery specifies the options for the kubelet to use during the TLS Bootstrap process TODO: revisit when there is defaulting from k/k' properties: - secret: - description: Secret represents a secret that should populate - this file. + bootstrapToken: + description: BootstrapToken is used to set the options for bootstrap token based discovery BootstrapToken and File are mutually exclusive properties: - key: - description: Key is the key in the secret's data map - for this value. + apiServerEndpoint: + description: APIServerEndpoint is an IP or domain name to the API server from which info will be fetched. type: string - name: - description: Name of the secret in the KubeadmBootstrapConfig's - namespace to use. + caCertHashes: + description: 'CACertHashes specifies a set of public key pins to verify when token-based discovery is used. The root CA found during discovery must match one of these values. Specifying an empty set disables root CA pinning, which can be unsafe. Each hash is specified as ":", where the only currently supported type is "sha256". This is a hex-encoded SHA-256 hash of the Subject Public Key Info (SPKI) object in DER-encoded ASN.1. These hashes can be calculated using, for example, OpenSSL: openssl x509 -pubkey -in ca.crt openssl rsa -pubin -outform der 2>&/dev/null | openssl dgst -sha256 -hex' + items: + type: string + type: array + token: + description: Token is a token used to validate cluster information fetched from the control-plane. type: string + unsafeSkipCAVerification: + description: UnsafeSkipCAVerification allows token-based discovery without CA verification via CACertHashes. This can weaken the security of kubeadm since other nodes can impersonate the control-plane. + type: boolean required: - - key - - name + - token type: object - required: - - secret + file: + description: File is used to specify a file or URL to a kubeconfig file from which to load cluster information BootstrapToken and File are mutually exclusive + properties: + kubeConfigPath: + description: KubeConfigPath is used to specify the actual file path or URL to the kubeconfig file from which to load cluster information + type: string + required: + - kubeConfigPath + type: object + timeout: + description: Timeout modifies the discovery timeout + type: string + tlsBootstrapToken: + description: TLSBootstrapToken is a token used for TLS bootstrapping. If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, but can be overridden. If .File is set, this field **must be set** in case the KubeConfigFile does not contain any other authentication information + type: string type: object - encoding: - description: Encoding specifies the encoding of the file contents. - enum: - - base64 - - gzip - - gzip+base64 - type: string - owner: - description: Owner specifies the ownership of the file, e.g. - "root:root". - type: string - path: - description: Path specifies the full path on disk where to store - the file. + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - permissions: - description: Permissions specifies the permissions to assign - to the file, e.g. "0640". - type: string - required: - - path - type: object - type: array - format: - description: Format specifies the output format of the bootstrap data - enum: - - cloud-config - - ignition - type: string - ignition: - description: Ignition contains Ignition specific configuration. - properties: - containerLinuxConfig: - description: ContainerLinuxConfig contains CLC specific configuration. - properties: - additionalConfig: - description: "AdditionalConfig contains additional configuration - to be merged with the Ignition configuration generated by - the bootstrapper controller. More info: https://coreos.github.io/ignition/operator-notes/#config-merging - \n The data format is documented here: https://kinvolk.io/docs/flatcar-container-linux/latest/provisioning/cl-config/" - type: string - strict: - description: Strict controls if AdditionalConfig should be - strictly parsed. If so, warnings are treated as errors. - type: boolean - type: object - type: object - initConfiguration: - description: InitConfiguration along with ClusterConfiguration are - the configurations necessary for the init command - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this - representation of an object. Servers should convert recognized - schemas to the latest internal value, and may reject unrecognized - values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - bootstrapTokens: - description: BootstrapTokens is respected at `kubeadm init` time - and describes a set of Bootstrap Tokens to create. This information - IS NOT uploaded to the kubeadm cluster configmap, partly because - of its sensitive nature - items: - description: BootstrapToken describes one bootstrap token, stored - as a Secret in the cluster. + nodeRegistration: + description: NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. When used in the context of control plane nodes, NodeRegistration should remain consistent across both InitConfiguration and JoinConfiguration properties: - description: - description: Description sets a human-friendly message why - this token exists and what it's used for, so other administrators - can know its purpose. + criSocket: + description: CRISocket is used to retrieve container runtime info. This information will be annotated to the Node API object, for later re-use type: string - expires: - description: Expires specifies the timestamp when this token - expires. Defaults to being set dynamically at runtime - based on the TTL. Expires and TTL are mutually exclusive. - format: date-time - type: string - groups: - description: Groups specifies the extra groups that this - token will authenticate as when/if used for authentication + ignorePreflightErrors: + description: IgnorePreflightErrors provides a slice of pre-flight errors to be ignored when the current node is registered. items: type: string type: array - token: - description: Token is used for establishing bidirectional - trust between nodes and control-planes. Used for joining - nodes in the cluster. + imagePullPolicy: + description: ImagePullPolicy specifies the policy for image pulling during kubeadm "init" and "join" operations. The value of this field must be one of "Always", "IfNotPresent" or "Never". Defaults to "IfNotPresent". This can be used only with Kubernetes version equal to 1.22 and later. + enum: + - Always + - IfNotPresent + - Never type: string - ttl: - description: TTL defines the time to live for this token. - Defaults to 24h. Expires and TTL are mutually exclusive. + kubeletExtraArgs: + additionalProperties: + type: string + description: KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. + type: object + name: + description: Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. This field is also used in the CommonName field of the kubelet's client certificate to the API server. Defaults to the hostname of the node if not provided. type: string - usages: - description: Usages describes the ways in which this token - can be used. Can by default be used for establishing bidirectional - trust, but that can be changed here. + taints: + description: 'Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. If you don''t want to taint your control-plane node, set this field to an empty slice, i.e. `taints: []` in the YAML file. This field is solely used for Node registration.' items: - type: string + description: The node this Taint is attached to has the "effect" on any pod that does not tolerate the Taint. + properties: + effect: + description: Required. The effect of the taint on pods that do not tolerate the taint. Valid effects are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Required. The taint key to be applied to a node. + type: string + timeAdded: + description: TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints. + format: date-time + type: string + value: + description: The taint value corresponding to the taint key. + type: string + required: + - effect + - key + type: object type: array - required: - - token type: object + patches: + description: Patches contains options related to applying patches to components deployed by kubeadm during "kubeadm join". The minimum kubernetes version needed to support Patches is v1.22 + properties: + directory: + description: Directory is a path to a directory that contains files named "target[suffix][+patchtype].extension". For example, "kube-apiserver0+merge.yaml" or just "etcd.json". "target" can be one of "kube-apiserver", "kube-controller-manager", "kube-scheduler", "etcd". "patchtype" can be one of "strategic" "merge" or "json" and they match the patch formats supported by kubectl. The default "patchtype" is "strategic". "extension" must be either "json" or "yaml". "suffix" is an optional string that can be used to determine which patches are applied first alpha-numerically. These files can be written into the target directory via KubeadmConfig.Files which specifies additional files to be created on the machine, either with content inline or by referencing a secret. + type: string + type: object + skipPhases: + description: SkipPhases is a list of phases to skip during command execution. The list of phases can be obtained with the "kubeadm init --help" command. This option takes effect only on Kubernetes >=1.22.0. + items: + type: string + type: array + type: object + mounts: + description: Mounts specifies a list of mount points to be setup. + items: + description: MountPoints defines input for generated mounts in cloud-init. + items: + type: string type: array - kind: - description: 'Kind is a string value representing the REST resource - this object represents. Servers may infer this from the endpoint - the client submits requests to. Cannot be updated. In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: array + ntp: + description: NTP specifies NTP configuration + properties: + enabled: + description: Enabled specifies whether NTP should be enabled + type: boolean + servers: + description: Servers specifies which NTP servers to use + items: + type: string + type: array + type: object + postKubeadmCommands: + description: PostKubeadmCommands specifies extra commands to run after kubeadm runs + items: + type: string + type: array + preKubeadmCommands: + description: PreKubeadmCommands specifies extra commands to run before kubeadm runs + items: type: string - localAPIEndpoint: - description: LocalAPIEndpoint represents the endpoint of the API - server instance that's deployed on this control plane node In - HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint - in the sense that ControlPlaneEndpoint is the global endpoint - for the cluster, which then loadbalances the requests to each - individual API server. This configuration object lets you customize - what IP/DNS name and port the local API server advertises it's - accessible on. By default, kubeadm tries to auto-detect the - IP of the default interface and use that, but in case that process - fails you may set the desired value here. + type: array + useExperimentalRetryJoin: + description: "UseExperimentalRetryJoin replaces a basic kubeadm command with a shell script with retries for joins. \n This is meant to be an experimental temporary workaround on some environments where joins fail due to timing (and other issues). The long term goal is to add retries to kubeadm proper and use that functionality. \n This will add about 40KB to userdata \n For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055. \n Deprecated: This experimental fix is no longer needed and this field will be removed in a future release. When removing also remove from staticcheck exclude-rules for SA1019 in golangci.yml" + type: boolean + users: + description: Users specifies extra users to add + items: + description: User defines the input for a generated user in cloud-init. properties: - advertiseAddress: - description: AdvertiseAddress sets the IP address for the - API server to advertise. + gecos: + description: Gecos specifies the gecos to use for the user type: string - bindPort: - description: BindPort sets the secure port for the API Server - to bind to. Defaults to 6443. - format: int32 - type: integer - type: object - nodeRegistration: - description: NodeRegistration holds fields that relate to registering - the new control-plane node to the cluster. When used in the - context of control plane nodes, NodeRegistration should remain - consistent across both InitConfiguration and JoinConfiguration - properties: - criSocket: - description: CRISocket is used to retrieve container runtime - info. This information will be annotated to the Node API - object, for later re-use + groups: + description: Groups specifies the additional groups for the user type: string - ignorePreflightErrors: - description: IgnorePreflightErrors provides a slice of pre-flight - errors to be ignored when the current node is registered. - items: - type: string - type: array - imagePullPolicy: - description: ImagePullPolicy specifies the policy for image - pulling during kubeadm "init" and "join" operations. The - value of this field must be one of "Always", "IfNotPresent" - or "Never". Defaults to "IfNotPresent". This can be used - only with Kubernetes version equal to 1.22 and later. - enum: - - Always - - IfNotPresent - - Never + homeDir: + description: HomeDir specifies the home directory to use for the user type: string - kubeletExtraArgs: - additionalProperties: - type: string - description: KubeletExtraArgs passes through extra arguments - to the kubelet. The arguments here are passed to the kubelet - command line via the environment file kubeadm writes at - runtime for the kubelet to source. This overrides the generic - base-level configuration in the kubelet-config-1.X ConfigMap - Flags have higher priority when parsing. These values are - local and specific to the node kubeadm is executing on. - type: object + inactive: + description: Inactive specifies whether to mark the user as inactive + type: boolean + lockPassword: + description: LockPassword specifies if password login should be disabled + type: boolean name: - description: Name is the `.Metadata.Name` field of the Node - API object that will be created in this `kubeadm init` or - `kubeadm join` operation. This field is also used in the - CommonName field of the kubelet's client certificate to - the API server. Defaults to the hostname of the node if - not provided. + description: Name specifies the user name + type: string + passwd: + description: Passwd specifies a hashed password for the user + type: string + passwdFrom: + description: PasswdFrom is a referenced source of passwd to populate the passwd. + properties: + secret: + description: Secret represents a secret that should populate this password. + properties: + key: + description: Key is the key in the secret's data map for this value. + type: string + name: + description: Name of the secret in the KubeadmBootstrapConfig's namespace to use. + type: string + required: + - key + - name + type: object + required: + - secret + type: object + primaryGroup: + description: PrimaryGroup specifies the primary group for the user type: string - taints: - description: 'Taints specifies the taints the Node API object - should be registered with. If this field is unset, i.e. - nil, in the `kubeadm init` process it will be defaulted - to []v1.Taint{''node-role.kubernetes.io/master=""''}. If - you don''t want to taint your control-plane node, set this - field to an empty slice, i.e. `taints: []` in the YAML file. - This field is solely used for Node registration.' + shell: + description: Shell specifies the user's shell + type: string + sshAuthorizedKeys: + description: SSHAuthorizedKeys specifies a list of ssh authorized keys for the user items: - description: The node this Taint is attached to has the - "effect" on any pod that does not tolerate the Taint. - properties: - effect: - description: Required. The effect of the taint on pods - that do not tolerate the taint. Valid effects are - NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: Required. The taint key to be applied to - a node. - type: string - timeAdded: - description: TimeAdded represents the time at which - the taint was added. It is only written for NoExecute - taints. - format: date-time - type: string - value: - description: The taint value corresponding to the taint - key. - type: string - required: - - effect - - key - type: object + type: string type: array + sudo: + description: Sudo specifies a sudo role for the user + type: string + required: + - name type: object - patches: - description: Patches contains options related to applying patches - to components deployed by kubeadm during "kubeadm init". The - minimum kubernetes version needed to support Patches is v1.22 + type: array + verbosity: + description: Verbosity is the number for the kubeadm log level verbosity. It overrides the `--v` flag in kubeadm commands. + format: int32 + type: integer + type: object + status: + description: KubeadmConfigStatus defines the observed state of KubeadmConfig. + properties: + conditions: + description: Conditions defines current service state of the KubeadmConfig. + items: + description: Condition defines an observation of a Cluster API resource operational state. properties: - directory: - description: Directory is a path to a directory that contains - files named "target[suffix][+patchtype].extension". For - example, "kube-apiserver0+merge.yaml" or just "etcd.json". - "target" can be one of "kube-apiserver", "kube-controller-manager", - "kube-scheduler", "etcd". "patchtype" can be one of "strategic" - "merge" or "json" and they match the patch formats supported - by kubectl. The default "patchtype" is "strategic". "extension" - must be either "json" or "yaml". "suffix" is an optional - string that can be used to determine which patches are applied - first alpha-numerically. These files can be written into - the target directory via KubeadmConfig.Files which specifies - additional files to be created on the machine, either with - content inline or by referencing a secret. + lastTransitionTime: + description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time type: string - type: object - skipPhases: - description: SkipPhases is a list of phases to skip during command - execution. The list of phases can be obtained with the "kubeadm - init --help" command. This option takes effect only on Kubernetes - >=1.22.0. - items: - type: string - type: array - type: object - joinConfiguration: - description: JoinConfiguration is the kubeadm configuration for the - join command - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this - representation of an object. Servers should convert recognized - schemas to the latest internal value, and may reject unrecognized - values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - caCertPath: - description: 'CACertPath is the path to the SSL certificate authority - used to secure comunications between node and control-plane. - Defaults to "/etc/kubernetes/pki/ca.crt". TODO: revisit when - there is defaulting from k/k' - type: string - controlPlane: - description: ControlPlane defines the additional control plane - instance to be deployed on the joining node. If nil, no additional - control plane instance will be deployed. - properties: - localAPIEndpoint: - description: LocalAPIEndpoint represents the endpoint of the - API server instance to be deployed on this node. - properties: - advertiseAddress: - description: AdvertiseAddress sets the IP address for - the API server to advertise. - type: string - bindPort: - description: BindPort sets the secure port for the API - Server to bind to. Defaults to 6443. - format: int32 - type: integer - type: object - type: object - discovery: - description: 'Discovery specifies the options for the kubelet - to use during the TLS Bootstrap process TODO: revisit when there - is defaulting from k/k' - properties: - bootstrapToken: - description: BootstrapToken is used to set the options for - bootstrap token based discovery BootstrapToken and File - are mutually exclusive - properties: - apiServerEndpoint: - description: APIServerEndpoint is an IP or domain name - to the API server from which info will be fetched. - type: string - caCertHashes: - description: 'CACertHashes specifies a set of public key - pins to verify when token-based discovery is used. The - root CA found during discovery must match one of these - values. Specifying an empty set disables root CA pinning, - which can be unsafe. Each hash is specified as ":", - where the only currently supported type is "sha256". - This is a hex-encoded SHA-256 hash of the Subject Public - Key Info (SPKI) object in DER-encoded ASN.1. These hashes - can be calculated using, for example, OpenSSL: openssl - x509 -pubkey -in ca.crt openssl rsa -pubin -outform - der 2>&/dev/null | openssl dgst -sha256 -hex' - items: - type: string - type: array - token: - description: Token is a token used to validate cluster - information fetched from the control-plane. - type: string - unsafeSkipCAVerification: - description: UnsafeSkipCAVerification allows token-based - discovery without CA verification via CACertHashes. - This can weaken the security of kubeadm since other - nodes can impersonate the control-plane. - type: boolean - required: - - token - type: object - file: - description: File is used to specify a file or URL to a kubeconfig - file from which to load cluster information BootstrapToken - and File are mutually exclusive - properties: - kubeConfigPath: - description: KubeConfigPath is used to specify the actual - file path or URL to the kubeconfig file from which to - load cluster information - type: string - required: - - kubeConfigPath - type: object - timeout: - description: Timeout modifies the discovery timeout - type: string - tlsBootstrapToken: - description: TLSBootstrapToken is a token used for TLS bootstrapping. - If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, - but can be overridden. If .File is set, this field **must - be set** in case the KubeConfigFile does not contain any - other authentication information + message: + description: A human readable message indicating details about the transition. This field may be empty. type: string - type: object - kind: - description: 'Kind is a string value representing the REST resource - this object represents. Servers may infer this from the endpoint - the client submits requests to. Cannot be updated. In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - nodeRegistration: - description: NodeRegistration holds fields that relate to registering - the new control-plane node to the cluster. When used in the - context of control plane nodes, NodeRegistration should remain - consistent across both InitConfiguration and JoinConfiguration - properties: - criSocket: - description: CRISocket is used to retrieve container runtime - info. This information will be annotated to the Node API - object, for later re-use + reason: + description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. type: string - ignorePreflightErrors: - description: IgnorePreflightErrors provides a slice of pre-flight - errors to be ignored when the current node is registered. - items: - type: string - type: array - imagePullPolicy: - description: ImagePullPolicy specifies the policy for image - pulling during kubeadm "init" and "join" operations. The - value of this field must be one of "Always", "IfNotPresent" - or "Never". Defaults to "IfNotPresent". This can be used - only with Kubernetes version equal to 1.22 and later. - enum: - - Always - - IfNotPresent - - Never + severity: + description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. type: string - kubeletExtraArgs: - additionalProperties: - type: string - description: KubeletExtraArgs passes through extra arguments - to the kubelet. The arguments here are passed to the kubelet - command line via the environment file kubeadm writes at - runtime for the kubelet to source. This overrides the generic - base-level configuration in the kubelet-config-1.X ConfigMap - Flags have higher priority when parsing. These values are - local and specific to the node kubeadm is executing on. - type: object - name: - description: Name is the `.Metadata.Name` field of the Node - API object that will be created in this `kubeadm init` or - `kubeadm join` operation. This field is also used in the - CommonName field of the kubelet's client certificate to - the API server. Defaults to the hostname of the node if - not provided. + status: + description: Status of the condition, one of True, False, Unknown. type: string - taints: - description: 'Taints specifies the taints the Node API object - should be registered with. If this field is unset, i.e. - nil, in the `kubeadm init` process it will be defaulted - to []v1.Taint{''node-role.kubernetes.io/master=""''}. If - you don''t want to taint your control-plane node, set this - field to an empty slice, i.e. `taints: []` in the YAML file. - This field is solely used for Node registration.' - items: - description: The node this Taint is attached to has the - "effect" on any pod that does not tolerate the Taint. - properties: - effect: - description: Required. The effect of the taint on pods - that do not tolerate the taint. Valid effects are - NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: Required. The taint key to be applied to - a node. - type: string - timeAdded: - description: TimeAdded represents the time at which - the taint was added. It is only written for NoExecute - taints. - format: date-time - type: string - value: - description: The taint value corresponding to the taint - key. - type: string - required: - - effect - - key - type: object - type: array - type: object - patches: - description: Patches contains options related to applying patches - to components deployed by kubeadm during "kubeadm join". The - minimum kubernetes version needed to support Patches is v1.22 - properties: - directory: - description: Directory is a path to a directory that contains - files named "target[suffix][+patchtype].extension". For - example, "kube-apiserver0+merge.yaml" or just "etcd.json". - "target" can be one of "kube-apiserver", "kube-controller-manager", - "kube-scheduler", "etcd". "patchtype" can be one of "strategic" - "merge" or "json" and they match the patch formats supported - by kubectl. The default "patchtype" is "strategic". "extension" - must be either "json" or "yaml". "suffix" is an optional - string that can be used to determine which patches are applied - first alpha-numerically. These files can be written into - the target directory via KubeadmConfig.Files which specifies - additional files to be created on the machine, either with - content inline or by referencing a secret. + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. type: string + required: + - lastTransitionTime + - status + - type type: object - skipPhases: - description: SkipPhases is a list of phases to skip during command - execution. The list of phases can be obtained with the "kubeadm - init --help" command. This option takes effect only on Kubernetes - >=1.22.0. - items: - type: string - type: array - type: object - mounts: - description: Mounts specifies a list of mount points to be setup. - items: - description: MountPoints defines input for generated mounts in cloud-init. - items: - type: string type: array - type: array - ntp: - description: NTP specifies NTP configuration - properties: - enabled: - description: Enabled specifies whether NTP should be enabled - type: boolean - servers: - description: Servers specifies which NTP servers to use - items: - type: string - type: array - type: object - postKubeadmCommands: - description: PostKubeadmCommands specifies extra commands to run after - kubeadm runs - items: + dataSecretName: + description: DataSecretName is the name of the secret that stores the bootstrap data script. type: string - type: array - preKubeadmCommands: - description: PreKubeadmCommands specifies extra commands to run before - kubeadm runs - items: + failureMessage: + description: FailureMessage will be set on non-retryable errors type: string - type: array - useExperimentalRetryJoin: - description: "UseExperimentalRetryJoin replaces a basic kubeadm command - with a shell script with retries for joins. \n This is meant to - be an experimental temporary workaround on some environments where - joins fail due to timing (and other issues). The long term goal - is to add retries to kubeadm proper and use that functionality. - \n This will add about 40KB to userdata \n For more information, - refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055. - \n Deprecated: This experimental fix is no longer needed and this - field will be removed in a future release. When removing also remove - from staticcheck exclude-rules for SA1019 in golangci.yml" - type: boolean - users: - description: Users specifies extra users to add - items: - description: User defines the input for a generated user in cloud-init. - properties: - gecos: - description: Gecos specifies the gecos to use for the user - type: string - groups: - description: Groups specifies the additional groups for the - user - type: string - homeDir: - description: HomeDir specifies the home directory to use for - the user - type: string - inactive: - description: Inactive specifies whether to mark the user as - inactive - type: boolean - lockPassword: - description: LockPassword specifies if password login should - be disabled - type: boolean - name: - description: Name specifies the user name - type: string - passwd: - description: Passwd specifies a hashed password for the user - type: string - passwdFrom: - description: PasswdFrom is a referenced source of passwd to - populate the passwd. - properties: - secret: - description: Secret represents a secret that should populate - this password. - properties: - key: - description: Key is the key in the secret's data map - for this value. - type: string - name: - description: Name of the secret in the KubeadmBootstrapConfig's - namespace to use. - type: string - required: - - key - - name - type: object - required: - - secret - type: object - primaryGroup: - description: PrimaryGroup specifies the primary group for the - user - type: string - shell: - description: Shell specifies the user's shell - type: string - sshAuthorizedKeys: - description: SSHAuthorizedKeys specifies a list of ssh authorized - keys for the user - items: - type: string - type: array - sudo: - description: Sudo specifies a sudo role for the user - type: string - required: - - name - type: object - type: array - verbosity: - description: Verbosity is the number for the kubeadm log level verbosity. - It overrides the `--v` flag in kubeadm commands. - format: int32 - type: integer - type: object - status: - description: KubeadmConfigStatus defines the observed state of KubeadmConfig. - properties: - conditions: - description: Conditions defines current service state of the KubeadmConfig. - items: - description: Condition defines an observation of a Cluster API resource - operational state. - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. - type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. - type: string - required: - - lastTransitionTime - - status - - type - type: object - type: array - dataSecretName: - description: DataSecretName is the name of the secret that stores - the bootstrap data script. - type: string - failureMessage: - description: FailureMessage will be set on non-retryable errors - type: string - failureReason: - description: FailureReason will be set on non-retryable errors - type: string - observedGeneration: - description: ObservedGeneration is the latest generation observed - by the controller. - format: int64 - type: integer - ready: - description: Ready indicates the BootstrapData field is ready to be - consumed - type: boolean - type: object - type: object - served: true - storage: true - subresources: - status: {} + failureReason: + description: FailureReason will be set on non-retryable errors + type: string + observedGeneration: + description: ObservedGeneration is the latest generation observed by the controller. + format: int64 + type: integer + ready: + description: Ready indicates the BootstrapData field is ready to be consumed + type: boolean + type: object + type: object + served: true + storage: true + subresources: + status: {} status: acceptedNames: kind: "" @@ -3174,3130 +2246,2074 @@ spec: namespace: capi-kubeadm-bootstrap-system path: /convert conversionReviewVersions: - - v1 - - v1beta1 + - v1 + - v1beta1 group: bootstrap.cluster.x-k8s.io names: categories: - - cluster-api + - cluster-api kind: KubeadmConfigTemplate listKind: KubeadmConfigTemplateList plural: kubeadmconfigtemplates singular: kubeadmconfigtemplate scope: Namespaced versions: - - deprecated: true - name: v1alpha3 - schema: - openAPIV3Schema: - description: "KubeadmConfigTemplate is the Schema for the kubeadmconfigtemplates - API. \n Deprecated: This type will be removed in one of the next releases." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KubeadmConfigTemplateSpec defines the desired state of KubeadmConfigTemplate. - properties: - template: - description: KubeadmConfigTemplateResource defines the Template structure. - properties: - spec: - description: KubeadmConfigSpec defines the desired state of KubeadmConfig. - Either ClusterConfiguration and InitConfiguration should be - defined or the JoinConfiguration should be defined. - properties: - clusterConfiguration: - description: ClusterConfiguration along with InitConfiguration - are the configurations necessary for the init command - properties: - apiServer: - description: APIServer contains extra settings for the - API server control plane component - properties: - certSANs: - description: CertSANs sets extra Subject Alternative - Names for the API Server signing cert. - items: + - deprecated: true + name: v1alpha3 + schema: + openAPIV3Schema: + description: "KubeadmConfigTemplate is the Schema for the kubeadmconfigtemplates API. \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KubeadmConfigTemplateSpec defines the desired state of KubeadmConfigTemplate. + properties: + template: + description: KubeadmConfigTemplateResource defines the Template structure. + properties: + spec: + description: KubeadmConfigSpec defines the desired state of KubeadmConfig. Either ClusterConfiguration and InitConfiguration should be defined or the JoinConfiguration should be defined. + properties: + clusterConfiguration: + description: ClusterConfiguration along with InitConfiguration are the configurations necessary for the init command + properties: + apiServer: + description: APIServer contains extra settings for the API server control plane component + properties: + certSANs: + description: CertSANs sets extra Subject Alternative Names for the API Server signing cert. + items: + type: string + type: array + extraArgs: + additionalProperties: + type: string + description: 'ExtraArgs is an extra set of flags to pass to the control plane component. TODO: This is temporary and ideally we would like to switch all components to use ComponentConfig + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. + items: + description: HostPathMount contains elements describing volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host that will be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the pod where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + timeoutForControlPlane: + description: TimeoutForControlPlane controls the timeout that we use for API server to appear type: string - type: array - extraArgs: - additionalProperties: + type: object + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + certificatesDir: + description: 'CertificatesDir specifies where to store or look for all required certificates. NB: if not provided, this will default to `/etc/kubernetes/pki`' + type: string + clusterName: + description: The cluster name + type: string + controlPlaneEndpoint: + description: 'ControlPlaneEndpoint sets a stable IP address or DNS name for the control plane; it can be a valid IP address or a RFC-1123 DNS subdomain, both with optional TCP port. In case the ControlPlaneEndpoint is not specified, the AdvertiseAddress + BindPort are used; in case the ControlPlaneEndpoint is specified but without a TCP port, the BindPort is used. Possible usages are: e.g. In a cluster with more than one control plane instances, this field should be assigned the address of the external load balancer in front of the control plane instances. e.g. in environments with enforced node recycling, the ControlPlaneEndpoint could be used for assigning a stable DNS to the control plane. NB: This value defaults to the first value in the Cluster object status.apiEndpoints array.' + type: string + controllerManager: + description: ControllerManager contains extra settings for the controller manager control plane component + properties: + extraArgs: + additionalProperties: + type: string + description: 'ExtraArgs is an extra set of flags to pass to the control plane component. TODO: This is temporary and ideally we would like to switch all components to use ComponentConfig + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. + items: + description: HostPathMount contains elements describing volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host that will be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the pod where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + type: object + dns: + description: DNS defines the options for the DNS add-on installed in the cluster. + properties: + imageRepository: + description: ImageRepository sets the container registry to pull images from. if not set, the ImageRepository defined in ClusterConfiguration will be used instead. type: string - description: 'ExtraArgs is an extra set of flags to - pass to the control plane component. TODO: This - is temporary and ideally we would like to switch - all components to use ComponentConfig + ConfigMaps.' - type: object - extraVolumes: - description: ExtraVolumes is an extra set of host - volumes, mounted to the control plane component. - items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. + imageTag: + description: ImageTag allows to specify a tag for the image. In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. + type: string + type: + description: Type defines the DNS add-on to be used + type: string + type: object + etcd: + description: 'Etcd holds configuration for etcd. NB: This value defaults to a Local (stacked) etcd' + properties: + external: + description: External describes how to connect to an external etcd cluster Local and External are mutually exclusive properties: - hostPath: - description: HostPath is the path in the host - that will be mounted inside the pod. - type: string - mountPath: - description: MountPath is the path inside the - pod where hostPath will be mounted. + caFile: + description: CAFile is an SSL Certificate Authority file used to secure etcd communication. Required if using a TLS connection. type: string - name: - description: Name of the volume inside the pod - template. + certFile: + description: CertFile is an SSL certification file used to secure etcd communication. Required if using a TLS connection. type: string - pathType: - description: PathType is the type of the HostPath. + endpoints: + description: Endpoints of etcd members. Required for ExternalEtcd. + items: + type: string + type: array + keyFile: + description: KeyFile is an SSL key file used to secure etcd communication. Required if using a TLS connection. type: string - readOnly: - description: ReadOnly controls write access - to the volume - type: boolean required: - - hostPath - - mountPath - - name + - caFile + - certFile + - endpoints + - keyFile type: object - type: array - timeoutForControlPlane: - description: TimeoutForControlPlane controls the timeout - that we use for API server to appear - type: string - type: object - apiVersion: - description: 'APIVersion defines the versioned schema - of this representation of an object. Servers should - convert recognized schemas to the latest internal value, - and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - certificatesDir: - description: 'CertificatesDir specifies where to store - or look for all required certificates. NB: if not provided, - this will default to `/etc/kubernetes/pki`' - type: string - clusterName: - description: The cluster name - type: string - controlPlaneEndpoint: - description: 'ControlPlaneEndpoint sets a stable IP address - or DNS name for the control plane; it can be a valid - IP address or a RFC-1123 DNS subdomain, both with optional - TCP port. In case the ControlPlaneEndpoint is not specified, - the AdvertiseAddress + BindPort are used; in case the - ControlPlaneEndpoint is specified but without a TCP - port, the BindPort is used. Possible usages are: e.g. - In a cluster with more than one control plane instances, - this field should be assigned the address of the external - load balancer in front of the control plane instances. - e.g. in environments with enforced node recycling, - the ControlPlaneEndpoint could be used for assigning - a stable DNS to the control plane. NB: This value defaults - to the first value in the Cluster object status.apiEndpoints - array.' - type: string - controllerManager: - description: ControllerManager contains extra settings - for the controller manager control plane component - properties: - extraArgs: - additionalProperties: - type: string - description: 'ExtraArgs is an extra set of flags to - pass to the control plane component. TODO: This - is temporary and ideally we would like to switch - all components to use ComponentConfig + ConfigMaps.' - type: object - extraVolumes: - description: ExtraVolumes is an extra set of host - volumes, mounted to the control plane component. - items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. + local: + description: Local provides configuration knobs for configuring the local etcd instance Local and External are mutually exclusive properties: - hostPath: - description: HostPath is the path in the host - that will be mounted inside the pod. + dataDir: + description: DataDir is the directory etcd will place its data. Defaults to "/var/lib/etcd". type: string - mountPath: - description: MountPath is the path inside the - pod where hostPath will be mounted. + extraArgs: + additionalProperties: + type: string + description: ExtraArgs are extra arguments provided to the etcd binary when run inside a static pod. + type: object + imageRepository: + description: ImageRepository sets the container registry to pull images from. if not set, the ImageRepository defined in ClusterConfiguration will be used instead. type: string - name: - description: Name of the volume inside the pod - template. + imageTag: + description: ImageTag allows to specify a tag for the image. In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. type: string - pathType: - description: PathType is the type of the HostPath. - type: string - readOnly: - description: ReadOnly controls write access - to the volume - type: boolean - required: - - hostPath - - mountPath - - name + peerCertSANs: + description: PeerCertSANs sets extra Subject Alternative Names for the etcd peer signing cert. + items: + type: string + type: array + serverCertSANs: + description: ServerCertSANs sets extra Subject Alternative Names for the etcd server signing cert. + items: + type: string + type: array type: object - type: array - type: object - dns: - description: DNS defines the options for the DNS add-on - installed in the cluster. - properties: - imageRepository: - description: ImageRepository sets the container registry - to pull images from. if not set, the ImageRepository - defined in ClusterConfiguration will be used instead. - type: string - imageTag: - description: ImageTag allows to specify a tag for - the image. In case this value is set, kubeadm does - not change automatically the version of the above - components during upgrades. - type: string - type: - description: Type defines the DNS add-on to be used - type: string - type: object - etcd: - description: 'Etcd holds configuration for etcd. NB: This - value defaults to a Local (stacked) etcd' - properties: - external: - description: External describes how to connect to - an external etcd cluster Local and External are - mutually exclusive - properties: - caFile: - description: CAFile is an SSL Certificate Authority - file used to secure etcd communication. Required - if using a TLS connection. + type: object + featureGates: + additionalProperties: + type: boolean + description: FeatureGates enabled by the user. + type: object + imageRepository: + description: ImageRepository sets the container registry to pull images from. If empty, `k8s.gcr.io` will be used by default; in case of kubernetes version is a CI build (kubernetes version starts with `ci/` or `ci-cross/`) `gcr.io/k8s-staging-ci-images` will be used as a default for control plane components and for kube-proxy, while `k8s.gcr.io` will be used for all the other images. + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + kubernetesVersion: + description: 'KubernetesVersion is the target version of the control plane. NB: This value defaults to the Machine object spec.version' + type: string + networking: + description: 'Networking holds configuration for the networking topology of the cluster. NB: This value defaults to the Cluster object spec.clusterNetwork.' + properties: + dnsDomain: + description: DNSDomain is the dns domain used by k8s services. Defaults to "cluster.local". + type: string + podSubnet: + description: PodSubnet is the subnet used by pods. If unset, the API server will not allocate CIDR ranges for every node. Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.services.cidrBlocks if that is set + type: string + serviceSubnet: + description: ServiceSubnet is the subnet used by k8s services. Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.pods.cidrBlocks, or to "10.96.0.0/12" if that's unset. + type: string + type: object + scheduler: + description: Scheduler contains extra settings for the scheduler control plane component + properties: + extraArgs: + additionalProperties: type: string - certFile: - description: CertFile is an SSL certification - file used to secure etcd communication. Required - if using a TLS connection. + description: 'ExtraArgs is an extra set of flags to pass to the control plane component. TODO: This is temporary and ideally we would like to switch all components to use ComponentConfig + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. + items: + description: HostPathMount contains elements describing volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host that will be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the pod where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + type: object + useHyperKubeImage: + description: UseHyperKubeImage controls if hyperkube should be used for Kubernetes components instead of their respective separate images + type: boolean + type: object + diskSetup: + description: DiskSetup specifies options for the creation of partition tables and file systems on devices. + properties: + filesystems: + description: Filesystems specifies the list of file systems to setup. + items: + description: Filesystem defines the file systems to be created. + properties: + device: + description: Device specifies the device name type: string - endpoints: - description: Endpoints of etcd members. Required - for ExternalEtcd. + extraOpts: + description: ExtraOpts defined extra options to add to the command for creating the file system. items: type: string type: array - keyFile: - description: KeyFile is an SSL key file used to - secure etcd communication. Required if using - a TLS connection. + filesystem: + description: Filesystem specifies the file system type. + type: string + label: + description: Label specifies the file system label to be used. If set to None, no label is used. + type: string + overwrite: + description: Overwrite defines whether or not to overwrite any existing filesystem. If true, any pre-existing file system will be destroyed. Use with Caution. + type: boolean + partition: + description: 'Partition specifies the partition to use. The valid options are: "auto|any", "auto", "any", "none", and , where NUM is the actual partition number.' + type: string + replaceFS: + description: 'ReplaceFS is a special directive, used for Microsoft Azure that instructs cloud-init to replace a file system of . NOTE: unless you define a label, this requires the use of the ''any'' partition directive.' type: string required: - - caFile - - certFile - - endpoints - - keyFile + - device + - filesystem + - label type: object - local: - description: Local provides configuration knobs for - configuring the local etcd instance Local and External - are mutually exclusive + type: array + partitions: + description: Partitions specifies the list of the partitions to setup. + items: + description: Partition defines how to create and layout a partition. properties: - dataDir: - description: DataDir is the directory etcd will - place its data. Defaults to "/var/lib/etcd". + device: + description: Device is the name of the device. type: string - extraArgs: - additionalProperties: - type: string - description: ExtraArgs are extra arguments provided - to the etcd binary when run inside a static - pod. + layout: + description: Layout specifies the device layout. If it is true, a single partition will be created for the entire device. When layout is false, it means don't partition or ignore existing partitioning. + type: boolean + overwrite: + description: Overwrite describes whether to skip checks and create the partition if a partition or filesystem is found on the device. Use with caution. Default is 'false'. + type: boolean + tableType: + description: 'TableType specifies the tupe of partition table. The following are supported: ''mbr'': default and setups a MS-DOS partition table ''gpt'': setups a GPT partition table' + type: string + required: + - device + - layout + type: object + type: array + type: object + files: + description: Files specifies extra files to be passed to user_data upon creation. + items: + description: File defines the input for generating write_files in cloud-init. + properties: + content: + description: Content is the actual content of the file. + type: string + contentFrom: + description: ContentFrom is a referenced source of content to populate the file. + properties: + secret: + description: Secret represents a secret that should populate this file. + properties: + key: + description: Key is the key in the secret's data map for this value. + type: string + name: + description: Name of the secret in the KubeadmBootstrapConfig's namespace to use. + type: string + required: + - key + - name type: object - imageRepository: - description: ImageRepository sets the container - registry to pull images from. if not set, the - ImageRepository defined in ClusterConfiguration - will be used instead. + required: + - secret + type: object + encoding: + description: Encoding specifies the encoding of the file contents. + enum: + - base64 + - gzip + - gzip+base64 + type: string + owner: + description: Owner specifies the ownership of the file, e.g. "root:root". + type: string + path: + description: Path specifies the full path on disk where to store the file. + type: string + permissions: + description: Permissions specifies the permissions to assign to the file, e.g. "0640". + type: string + required: + - path + type: object + type: array + format: + description: Format specifies the output format of the bootstrap data + enum: + - cloud-config + type: string + initConfiguration: + description: InitConfiguration along with ClusterConfiguration are the configurations necessary for the init command + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + bootstrapTokens: + description: BootstrapTokens is respected at `kubeadm init` time and describes a set of Bootstrap Tokens to create. This information IS NOT uploaded to the kubeadm cluster configmap, partly because of its sensitive nature + items: + description: BootstrapToken describes one bootstrap token, stored as a Secret in the cluster. + properties: + description: + description: Description sets a human-friendly message why this token exists and what it's used for, so other administrators can know its purpose. type: string - imageTag: - description: ImageTag allows to specify a tag - for the image. In case this value is set, kubeadm - does not change automatically the version of - the above components during upgrades. + expires: + description: Expires specifies the timestamp when this token expires. Defaults to being set dynamically at runtime based on the TTL. Expires and TTL are mutually exclusive. + format: date-time type: string - peerCertSANs: - description: PeerCertSANs sets extra Subject Alternative - Names for the etcd peer signing cert. + groups: + description: Groups specifies the extra groups that this token will authenticate as when/if used for authentication items: type: string type: array - serverCertSANs: - description: ServerCertSANs sets extra Subject - Alternative Names for the etcd server signing - cert. + token: + description: Token is used for establishing bidirectional trust between nodes and control-planes. Used for joining nodes in the cluster. + type: string + ttl: + description: TTL defines the time to live for this token. Defaults to 24h. Expires and TTL are mutually exclusive. + type: string + usages: + description: Usages describes the ways in which this token can be used. Can by default be used for establishing bidirectional trust, but that can be changed here. items: type: string type: array + required: + - token type: object - type: object - featureGates: - additionalProperties: - type: boolean - description: FeatureGates enabled by the user. - type: object - imageRepository: - description: ImageRepository sets the container registry - to pull images from. If empty, `k8s.gcr.io` will be - used by default; in case of kubernetes version is a - CI build (kubernetes version starts with `ci/` or `ci-cross/`) - `gcr.io/k8s-staging-ci-images` will be used as a default - for control plane components and for kube-proxy, while - `k8s.gcr.io` will be used for all the other images. - type: string - kind: - description: 'Kind is a string value representing the - REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - kubernetesVersion: - description: 'KubernetesVersion is the target version - of the control plane. NB: This value defaults to the - Machine object spec.version' - type: string - networking: - description: 'Networking holds configuration for the networking - topology of the cluster. NB: This value defaults to - the Cluster object spec.clusterNetwork.' - properties: - dnsDomain: - description: DNSDomain is the dns domain used by k8s - services. Defaults to "cluster.local". - type: string - podSubnet: - description: PodSubnet is the subnet used by pods. - If unset, the API server will not allocate CIDR - ranges for every node. Defaults to a comma-delimited - string of the Cluster object's spec.clusterNetwork.services.cidrBlocks - if that is set - type: string - serviceSubnet: - description: ServiceSubnet is the subnet used by k8s - services. Defaults to a comma-delimited string of - the Cluster object's spec.clusterNetwork.pods.cidrBlocks, - or to "10.96.0.0/12" if that's unset. - type: string - type: object - scheduler: - description: Scheduler contains extra settings for the - scheduler control plane component - properties: - extraArgs: - additionalProperties: + type: array + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + localAPIEndpoint: + description: LocalAPIEndpoint represents the endpoint of the API server instance that's deployed on this control plane node In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint in the sense that ControlPlaneEndpoint is the global endpoint for the cluster, which then loadbalances the requests to each individual API server. This configuration object lets you customize what IP/DNS name and port the local API server advertises it's accessible on. By default, kubeadm tries to auto-detect the IP of the default interface and use that, but in case that process fails you may set the desired value here. + properties: + advertiseAddress: + description: AdvertiseAddress sets the IP address for the API server to advertise. type: string - description: 'ExtraArgs is an extra set of flags to - pass to the control plane component. TODO: This - is temporary and ideally we would like to switch - all components to use ComponentConfig + ConfigMaps.' - type: object - extraVolumes: - description: ExtraVolumes is an extra set of host - volumes, mounted to the control plane component. - items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. + bindPort: + description: BindPort sets the secure port for the API Server to bind to. Defaults to 6443. + format: int32 + type: integer + required: + - advertiseAddress + - bindPort + type: object + nodeRegistration: + description: NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. When used in the context of control plane nodes, NodeRegistration should remain consistent across both InitConfiguration and JoinConfiguration + properties: + criSocket: + description: CRISocket is used to retrieve container runtime info. This information will be annotated to the Node API object, for later re-use + type: string + kubeletExtraArgs: + additionalProperties: + type: string + description: KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. + type: object + name: + description: Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. This field is also used in the CommonName field of the kubelet's client certificate to the API server. Defaults to the hostname of the node if not provided. + type: string + taints: + description: 'Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. If you don''t want to taint your control-plane node, set this field to an empty slice, i.e. `taints: {}` in the YAML file. This field is solely used for Node registration.' + items: + description: The node this Taint is attached to has the "effect" on any pod that does not tolerate the Taint. + properties: + effect: + description: Required. The effect of the taint on pods that do not tolerate the taint. Valid effects are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Required. The taint key to be applied to a node. + type: string + timeAdded: + description: TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints. + format: date-time + type: string + value: + description: The taint value corresponding to the taint key. + type: string + required: + - effect + - key + type: object + type: array + type: object + type: object + joinConfiguration: + description: JoinConfiguration is the kubeadm configuration for the join command + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + caCertPath: + description: 'CACertPath is the path to the SSL certificate authority used to secure comunications between node and control-plane. Defaults to "/etc/kubernetes/pki/ca.crt". TODO: revisit when there is defaulting from k/k' + type: string + controlPlane: + description: ControlPlane defines the additional control plane instance to be deployed on the joining node. If nil, no additional control plane instance will be deployed. + properties: + localAPIEndpoint: + description: LocalAPIEndpoint represents the endpoint of the API server instance to be deployed on this node. properties: - hostPath: - description: HostPath is the path in the host - that will be mounted inside the pod. + advertiseAddress: + description: AdvertiseAddress sets the IP address for the API server to advertise. type: string - mountPath: - description: MountPath is the path inside the - pod where hostPath will be mounted. - type: string - name: - description: Name of the volume inside the pod - template. + bindPort: + description: BindPort sets the secure port for the API Server to bind to. Defaults to 6443. + format: int32 + type: integer + required: + - advertiseAddress + - bindPort + type: object + type: object + discovery: + description: 'Discovery specifies the options for the kubelet to use during the TLS Bootstrap process TODO: revisit when there is defaulting from k/k' + properties: + bootstrapToken: + description: BootstrapToken is used to set the options for bootstrap token based discovery BootstrapToken and File are mutually exclusive + properties: + apiServerEndpoint: + description: APIServerEndpoint is an IP or domain name to the API server from which info will be fetched. type: string - pathType: - description: PathType is the type of the HostPath. + caCertHashes: + description: 'CACertHashes specifies a set of public key pins to verify when token-based discovery is used. The root CA found during discovery must match one of these values. Specifying an empty set disables root CA pinning, which can be unsafe. Each hash is specified as ":", where the only currently supported type is "sha256". This is a hex-encoded SHA-256 hash of the Subject Public Key Info (SPKI) object in DER-encoded ASN.1. These hashes can be calculated using, for example, OpenSSL: openssl x509 -pubkey -in ca.crt openssl rsa -pubin -outform der 2>&/dev/null | openssl dgst -sha256 -hex' + items: + type: string + type: array + token: + description: Token is a token used to validate cluster information fetched from the control-plane. type: string - readOnly: - description: ReadOnly controls write access - to the volume + unsafeSkipCAVerification: + description: UnsafeSkipCAVerification allows token-based discovery without CA verification via CACertHashes. This can weaken the security of kubeadm since other nodes can impersonate the control-plane. type: boolean required: - - hostPath - - mountPath - - name + - token + - unsafeSkipCAVerification type: object - type: array - type: object - useHyperKubeImage: - description: UseHyperKubeImage controls if hyperkube should - be used for Kubernetes components instead of their respective - separate images - type: boolean - type: object - diskSetup: - description: DiskSetup specifies options for the creation - of partition tables and file systems on devices. - properties: - filesystems: - description: Filesystems specifies the list of file systems - to setup. - items: - description: Filesystem defines the file systems to - be created. - properties: - device: - description: Device specifies the device name - type: string - extraOpts: - description: ExtraOpts defined extra options to - add to the command for creating the file system. - items: - type: string - type: array - filesystem: - description: Filesystem specifies the file system - type. - type: string - label: - description: Label specifies the file system label - to be used. If set to None, no label is used. - type: string - overwrite: - description: Overwrite defines whether or not to - overwrite any existing filesystem. If true, any - pre-existing file system will be destroyed. Use - with Caution. - type: boolean - partition: - description: 'Partition specifies the partition - to use. The valid options are: "auto|any", "auto", - "any", "none", and , where NUM is the actual - partition number.' - type: string - replaceFS: - description: 'ReplaceFS is a special directive, - used for Microsoft Azure that instructs cloud-init - to replace a file system of . NOTE: unless - you define a label, this requires the use of the - ''any'' partition directive.' - type: string - required: - - device - - filesystem - - label - type: object - type: array - partitions: - description: Partitions specifies the list of the partitions - to setup. - items: - description: Partition defines how to create and layout - a partition. - properties: - device: - description: Device is the name of the device. - type: string - layout: - description: Layout specifies the device layout. - If it is true, a single partition will be created - for the entire device. When layout is false, it - means don't partition or ignore existing partitioning. - type: boolean - overwrite: - description: Overwrite describes whether to skip - checks and create the partition if a partition - or filesystem is found on the device. Use with - caution. Default is 'false'. - type: boolean - tableType: - description: 'TableType specifies the tupe of partition - table. The following are supported: ''mbr'': default - and setups a MS-DOS partition table ''gpt'': setups - a GPT partition table' - type: string - required: - - device - - layout - type: object - type: array - type: object - files: - description: Files specifies extra files to be passed to user_data - upon creation. - items: - description: File defines the input for generating write_files - in cloud-init. - properties: - content: - description: Content is the actual content of the file. - type: string - contentFrom: - description: ContentFrom is a referenced source of content - to populate the file. - properties: - secret: - description: Secret represents a secret that should - populate this file. + file: + description: File is used to specify a file or URL to a kubeconfig file from which to load cluster information BootstrapToken and File are mutually exclusive properties: - key: - description: Key is the key in the secret's - data map for this value. - type: string - name: - description: Name of the secret in the KubeadmBootstrapConfig's - namespace to use. + kubeConfigPath: + description: KubeConfigPath is used to specify the actual file path or URL to the kubeconfig file from which to load cluster information type: string required: - - key - - name + - kubeConfigPath type: object - required: - - secret + timeout: + description: Timeout modifies the discovery timeout + type: string + tlsBootstrapToken: + description: 'TLSBootstrapToken is a token used for TLS bootstrapping. If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, but can be overridden. If .File is set, this field **must be set** in case the KubeConfigFile does not contain any other authentication information TODO: revisit when there is defaulting from k/k' + type: string type: object - encoding: - description: Encoding specifies the encoding of the - file contents. - enum: - - base64 - - gzip - - gzip+base64 - type: string - owner: - description: Owner specifies the ownership of the file, - e.g. "root:root". + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - path: - description: Path specifies the full path on disk where - to store the file. - type: string - permissions: - description: Permissions specifies the permissions to - assign to the file, e.g. "0640". - type: string - required: - - path - type: object - type: array - format: - description: Format specifies the output format of the bootstrap - data - enum: - - cloud-config - type: string - initConfiguration: - description: InitConfiguration along with ClusterConfiguration - are the configurations necessary for the init command - properties: - apiVersion: - description: 'APIVersion defines the versioned schema - of this representation of an object. Servers should - convert recognized schemas to the latest internal value, - and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - bootstrapTokens: - description: BootstrapTokens is respected at `kubeadm - init` time and describes a set of Bootstrap Tokens to - create. This information IS NOT uploaded to the kubeadm - cluster configmap, partly because of its sensitive nature - items: - description: BootstrapToken describes one bootstrap - token, stored as a Secret in the cluster. + nodeRegistration: + description: NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. When used in the context of control plane nodes, NodeRegistration should remain consistent across both InitConfiguration and JoinConfiguration properties: - description: - description: Description sets a human-friendly message - why this token exists and what it's used for, - so other administrators can know its purpose. + criSocket: + description: CRISocket is used to retrieve container runtime info. This information will be annotated to the Node API object, for later re-use type: string - expires: - description: Expires specifies the timestamp when - this token expires. Defaults to being set dynamically - at runtime based on the TTL. Expires and TTL are - mutually exclusive. - format: date-time - type: string - groups: - description: Groups specifies the extra groups that - this token will authenticate as when/if used for - authentication - items: + kubeletExtraArgs: + additionalProperties: type: string - type: array - token: - description: Token is used for establishing bidirectional - trust between nodes and control-planes. Used for - joining nodes in the cluster. - type: string - ttl: - description: TTL defines the time to live for this - token. Defaults to 24h. Expires and TTL are mutually - exclusive. + description: KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. + type: object + name: + description: Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. This field is also used in the CommonName field of the kubelet's client certificate to the API server. Defaults to the hostname of the node if not provided. type: string - usages: - description: Usages describes the ways in which - this token can be used. Can by default be used - for establishing bidirectional trust, but that - can be changed here. + taints: + description: 'Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. If you don''t want to taint your control-plane node, set this field to an empty slice, i.e. `taints: {}` in the YAML file. This field is solely used for Node registration.' items: - type: string + description: The node this Taint is attached to has the "effect" on any pod that does not tolerate the Taint. + properties: + effect: + description: Required. The effect of the taint on pods that do not tolerate the taint. Valid effects are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Required. The taint key to be applied to a node. + type: string + timeAdded: + description: TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints. + format: date-time + type: string + value: + description: The taint value corresponding to the taint key. + type: string + required: + - effect + - key + type: object type: array - required: - - token type: object + type: object + mounts: + description: Mounts specifies a list of mount points to be setup. + items: + description: MountPoints defines input for generated mounts in cloud-init. + items: + type: string type: array - kind: - description: 'Kind is a string value representing the - REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - localAPIEndpoint: - description: LocalAPIEndpoint represents the endpoint - of the API server instance that's deployed on this control - plane node In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint - in the sense that ControlPlaneEndpoint is the global - endpoint for the cluster, which then loadbalances the - requests to each individual API server. This configuration - object lets you customize what IP/DNS name and port - the local API server advertises it's accessible on. - By default, kubeadm tries to auto-detect the IP of the - default interface and use that, but in case that process - fails you may set the desired value here. - properties: - advertiseAddress: - description: AdvertiseAddress sets the IP address - for the API server to advertise. - type: string - bindPort: - description: BindPort sets the secure port for the - API Server to bind to. Defaults to 6443. - format: int32 - type: integer - required: - - advertiseAddress - - bindPort - type: object - nodeRegistration: - description: NodeRegistration holds fields that relate - to registering the new control-plane node to the cluster. - When used in the context of control plane nodes, NodeRegistration - should remain consistent across both InitConfiguration - and JoinConfiguration - properties: - criSocket: - description: CRISocket is used to retrieve container - runtime info. This information will be annotated - to the Node API object, for later re-use - type: string - kubeletExtraArgs: - additionalProperties: - type: string - description: KubeletExtraArgs passes through extra - arguments to the kubelet. The arguments here are - passed to the kubelet command line via the environment - file kubeadm writes at runtime for the kubelet to - source. This overrides the generic base-level configuration - in the kubelet-config-1.X ConfigMap Flags have higher - priority when parsing. These values are local and - specific to the node kubeadm is executing on. - type: object - name: - description: Name is the `.Metadata.Name` field of - the Node API object that will be created in this - `kubeadm init` or `kubeadm join` operation. This - field is also used in the CommonName field of the - kubelet's client certificate to the API server. - Defaults to the hostname of the node if not provided. + type: array + ntp: + description: NTP specifies NTP configuration + properties: + enabled: + description: Enabled specifies whether NTP should be enabled + type: boolean + servers: + description: Servers specifies which NTP servers to use + items: type: string - taints: - description: 'Taints specifies the taints the Node - API object should be registered with. If this field - is unset, i.e. nil, in the `kubeadm init` process - it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. - If you don''t want to taint your control-plane node, - set this field to an empty slice, i.e. `taints: - {}` in the YAML file. This field is solely used - for Node registration.' - items: - description: The node this Taint is attached to - has the "effect" on any pod that does not tolerate - the Taint. - properties: - effect: - description: Required. The effect of the taint - on pods that do not tolerate the taint. Valid - effects are NoSchedule, PreferNoSchedule and - NoExecute. - type: string - key: - description: Required. The taint key to be applied - to a node. - type: string - timeAdded: - description: TimeAdded represents the time at - which the taint was added. It is only written - for NoExecute taints. - format: date-time - type: string - value: - description: The taint value corresponding to - the taint key. - type: string - required: - - effect - - key - type: object - type: array - type: object - type: object - joinConfiguration: - description: JoinConfiguration is the kubeadm configuration - for the join command - properties: - apiVersion: - description: 'APIVersion defines the versioned schema - of this representation of an object. Servers should - convert recognized schemas to the latest internal value, - and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: array + type: object + postKubeadmCommands: + description: PostKubeadmCommands specifies extra commands to run after kubeadm runs + items: type: string - caCertPath: - description: 'CACertPath is the path to the SSL certificate - authority used to secure comunications between node - and control-plane. Defaults to "/etc/kubernetes/pki/ca.crt". - TODO: revisit when there is defaulting from k/k' + type: array + preKubeadmCommands: + description: PreKubeadmCommands specifies extra commands to run before kubeadm runs + items: type: string - controlPlane: - description: ControlPlane defines the additional control - plane instance to be deployed on the joining node. If - nil, no additional control plane instance will be deployed. - properties: - localAPIEndpoint: - description: LocalAPIEndpoint represents the endpoint - of the API server instance to be deployed on this - node. - properties: - advertiseAddress: - description: AdvertiseAddress sets the IP address - for the API server to advertise. - type: string - bindPort: - description: BindPort sets the secure port for - the API Server to bind to. Defaults to 6443. - format: int32 - type: integer - required: - - advertiseAddress - - bindPort - type: object - type: object - discovery: - description: 'Discovery specifies the options for the - kubelet to use during the TLS Bootstrap process TODO: - revisit when there is defaulting from k/k' + type: array + useExperimentalRetryJoin: + description: "UseExperimentalRetryJoin replaces a basic kubeadm command with a shell script with retries for joins. \n This is meant to be an experimental temporary workaround on some environments where joins fail due to timing (and other issues). The long term goal is to add retries to kubeadm proper and use that functionality. \n This will add about 40KB to userdata \n For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055." + type: boolean + users: + description: Users specifies extra users to add + items: + description: User defines the input for a generated user in cloud-init. properties: - bootstrapToken: - description: BootstrapToken is used to set the options - for bootstrap token based discovery BootstrapToken - and File are mutually exclusive - properties: - apiServerEndpoint: - description: APIServerEndpoint is an IP or domain - name to the API server from which info will - be fetched. - type: string - caCertHashes: - description: 'CACertHashes specifies a set of - public key pins to verify when token-based discovery - is used. The root CA found during discovery - must match one of these values. Specifying an - empty set disables root CA pinning, which can - be unsafe. Each hash is specified as ":", - where the only currently supported type is "sha256". - This is a hex-encoded SHA-256 hash of the Subject - Public Key Info (SPKI) object in DER-encoded - ASN.1. These hashes can be calculated using, - for example, OpenSSL: openssl x509 -pubkey -in - ca.crt openssl rsa -pubin -outform der 2>&/dev/null - | openssl dgst -sha256 -hex' - items: - type: string - type: array - token: - description: Token is a token used to validate - cluster information fetched from the control-plane. - type: string - unsafeSkipCAVerification: - description: UnsafeSkipCAVerification allows token-based - discovery without CA verification via CACertHashes. - This can weaken the security of kubeadm since - other nodes can impersonate the control-plane. - type: boolean - required: - - token - - unsafeSkipCAVerification - type: object - file: - description: File is used to specify a file or URL - to a kubeconfig file from which to load cluster - information BootstrapToken and File are mutually - exclusive - properties: - kubeConfigPath: - description: KubeConfigPath is used to specify - the actual file path or URL to the kubeconfig - file from which to load cluster information - type: string - required: - - kubeConfigPath - type: object - timeout: - description: Timeout modifies the discovery timeout + gecos: + description: Gecos specifies the gecos to use for the user type: string - tlsBootstrapToken: - description: 'TLSBootstrapToken is a token used for - TLS bootstrapping. If .BootstrapToken is set, this - field is defaulted to .BootstrapToken.Token, but - can be overridden. If .File is set, this field **must - be set** in case the KubeConfigFile does not contain - any other authentication information TODO: revisit - when there is defaulting from k/k' + groups: + description: Groups specifies the additional groups for the user type: string - type: object - kind: - description: 'Kind is a string value representing the - REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - nodeRegistration: - description: NodeRegistration holds fields that relate - to registering the new control-plane node to the cluster. - When used in the context of control plane nodes, NodeRegistration - should remain consistent across both InitConfiguration - and JoinConfiguration - properties: - criSocket: - description: CRISocket is used to retrieve container - runtime info. This information will be annotated - to the Node API object, for later re-use + homeDir: + description: HomeDir specifies the home directory to use for the user type: string - kubeletExtraArgs: - additionalProperties: - type: string - description: KubeletExtraArgs passes through extra - arguments to the kubelet. The arguments here are - passed to the kubelet command line via the environment - file kubeadm writes at runtime for the kubelet to - source. This overrides the generic base-level configuration - in the kubelet-config-1.X ConfigMap Flags have higher - priority when parsing. These values are local and - specific to the node kubeadm is executing on. - type: object + inactive: + description: Inactive specifies whether to mark the user as inactive + type: boolean + lockPassword: + description: LockPassword specifies if password login should be disabled + type: boolean name: - description: Name is the `.Metadata.Name` field of - the Node API object that will be created in this - `kubeadm init` or `kubeadm join` operation. This - field is also used in the CommonName field of the - kubelet's client certificate to the API server. - Defaults to the hostname of the node if not provided. + description: Name specifies the user name + type: string + passwd: + description: Passwd specifies a hashed password for the user type: string - taints: - description: 'Taints specifies the taints the Node - API object should be registered with. If this field - is unset, i.e. nil, in the `kubeadm init` process - it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. - If you don''t want to taint your control-plane node, - set this field to an empty slice, i.e. `taints: - {}` in the YAML file. This field is solely used - for Node registration.' + primaryGroup: + description: PrimaryGroup specifies the primary group for the user + type: string + shell: + description: Shell specifies the user's shell + type: string + sshAuthorizedKeys: + description: SSHAuthorizedKeys specifies a list of ssh authorized keys for the user items: - description: The node this Taint is attached to - has the "effect" on any pod that does not tolerate - the Taint. - properties: - effect: - description: Required. The effect of the taint - on pods that do not tolerate the taint. Valid - effects are NoSchedule, PreferNoSchedule and - NoExecute. - type: string - key: - description: Required. The taint key to be applied - to a node. - type: string - timeAdded: - description: TimeAdded represents the time at - which the taint was added. It is only written - for NoExecute taints. - format: date-time - type: string - value: - description: The taint value corresponding to - the taint key. - type: string - required: - - effect - - key - type: object + type: string type: array + sudo: + description: Sudo specifies a sudo role for the user + type: string + required: + - name type: object - type: object - mounts: - description: Mounts specifies a list of mount points to be - setup. - items: - description: MountPoints defines input for generated mounts - in cloud-init. - items: - type: string type: array - type: array - ntp: - description: NTP specifies NTP configuration - properties: - enabled: - description: Enabled specifies whether NTP should be enabled - type: boolean - servers: - description: Servers specifies which NTP servers to use - items: - type: string - type: array - type: object - postKubeadmCommands: - description: PostKubeadmCommands specifies extra commands - to run after kubeadm runs - items: - type: string - type: array - preKubeadmCommands: - description: PreKubeadmCommands specifies extra commands to - run before kubeadm runs - items: - type: string - type: array - useExperimentalRetryJoin: - description: "UseExperimentalRetryJoin replaces a basic kubeadm - command with a shell script with retries for joins. \n This - is meant to be an experimental temporary workaround on some - environments where joins fail due to timing (and other issues). - The long term goal is to add retries to kubeadm proper and - use that functionality. \n This will add about 40KB to userdata - \n For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055." - type: boolean - users: - description: Users specifies extra users to add - items: - description: User defines the input for a generated user - in cloud-init. + verbosity: + description: Verbosity is the number for the kubeadm log level verbosity. It overrides the `--v` flag in kubeadm commands. + format: int32 + type: integer + type: object + type: object + required: + - template + type: object + type: object + served: false + storage: false + - additionalPrinterColumns: + - description: Time duration since creation of KubeadmConfigTemplate + jsonPath: .metadata.creationTimestamp + name: Age + type: date + deprecated: true + name: v1alpha4 + schema: + openAPIV3Schema: + description: "KubeadmConfigTemplate is the Schema for the kubeadmconfigtemplates API. \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KubeadmConfigTemplateSpec defines the desired state of KubeadmConfigTemplate. + properties: + template: + description: KubeadmConfigTemplateResource defines the Template structure. + properties: + spec: + description: KubeadmConfigSpec defines the desired state of KubeadmConfig. Either ClusterConfiguration and InitConfiguration should be defined or the JoinConfiguration should be defined. + properties: + clusterConfiguration: + description: ClusterConfiguration along with InitConfiguration are the configurations necessary for the init command properties: - gecos: - description: Gecos specifies the gecos to use for the - user - type: string - groups: - description: Groups specifies the additional groups - for the user - type: string - homeDir: - description: HomeDir specifies the home directory to - use for the user - type: string - inactive: - description: Inactive specifies whether to mark the - user as inactive - type: boolean - lockPassword: - description: LockPassword specifies if password login - should be disabled - type: boolean - name: - description: Name specifies the user name - type: string - passwd: - description: Passwd specifies a hashed password for - the user + apiServer: + description: APIServer contains extra settings for the API server control plane component + properties: + certSANs: + description: CertSANs sets extra Subject Alternative Names for the API Server signing cert. + items: + type: string + type: array + extraArgs: + additionalProperties: + type: string + description: 'ExtraArgs is an extra set of flags to pass to the control plane component. TODO: This is temporary and ideally we would like to switch all components to use ComponentConfig + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. + items: + description: HostPathMount contains elements describing volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host that will be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the pod where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + timeoutForControlPlane: + description: TimeoutForControlPlane controls the timeout that we use for API server to appear + type: string + type: object + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string - primaryGroup: - description: PrimaryGroup specifies the primary group - for the user + certificatesDir: + description: 'CertificatesDir specifies where to store or look for all required certificates. NB: if not provided, this will default to `/etc/kubernetes/pki`' type: string - shell: - description: Shell specifies the user's shell + clusterName: + description: The cluster name type: string - sshAuthorizedKeys: - description: SSHAuthorizedKeys specifies a list of ssh - authorized keys for the user - items: - type: string - type: array - sudo: - description: Sudo specifies a sudo role for the user + controlPlaneEndpoint: + description: 'ControlPlaneEndpoint sets a stable IP address or DNS name for the control plane; it can be a valid IP address or a RFC-1123 DNS subdomain, both with optional TCP port. In case the ControlPlaneEndpoint is not specified, the AdvertiseAddress + BindPort are used; in case the ControlPlaneEndpoint is specified but without a TCP port, the BindPort is used. Possible usages are: e.g. In a cluster with more than one control plane instances, this field should be assigned the address of the external load balancer in front of the control plane instances. e.g. in environments with enforced node recycling, the ControlPlaneEndpoint could be used for assigning a stable DNS to the control plane. NB: This value defaults to the first value in the Cluster object status.apiEndpoints array.' type: string - required: - - name - type: object - type: array - verbosity: - description: Verbosity is the number for the kubeadm log level - verbosity. It overrides the `--v` flag in kubeadm commands. - format: int32 - type: integer - type: object - type: object - required: - - template - type: object - type: object - served: false - storage: false - - additionalPrinterColumns: - - description: Time duration since creation of KubeadmConfigTemplate - jsonPath: .metadata.creationTimestamp - name: Age - type: date - deprecated: true - name: v1alpha4 - schema: - openAPIV3Schema: - description: "KubeadmConfigTemplate is the Schema for the kubeadmconfigtemplates - API. \n Deprecated: This type will be removed in one of the next releases." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KubeadmConfigTemplateSpec defines the desired state of KubeadmConfigTemplate. - properties: - template: - description: KubeadmConfigTemplateResource defines the Template structure. - properties: - spec: - description: KubeadmConfigSpec defines the desired state of KubeadmConfig. - Either ClusterConfiguration and InitConfiguration should be - defined or the JoinConfiguration should be defined. - properties: - clusterConfiguration: - description: ClusterConfiguration along with InitConfiguration - are the configurations necessary for the init command - properties: - apiServer: - description: APIServer contains extra settings for the - API server control plane component - properties: - certSANs: - description: CertSANs sets extra Subject Alternative - Names for the API Server signing cert. - items: + controllerManager: + description: ControllerManager contains extra settings for the controller manager control plane component + properties: + extraArgs: + additionalProperties: + type: string + description: 'ExtraArgs is an extra set of flags to pass to the control plane component. TODO: This is temporary and ideally we would like to switch all components to use ComponentConfig + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. + items: + description: HostPathMount contains elements describing volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host that will be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the pod where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + type: object + dns: + description: DNS defines the options for the DNS add-on installed in the cluster. + properties: + imageRepository: + description: ImageRepository sets the container registry to pull images from. if not set, the ImageRepository defined in ClusterConfiguration will be used instead. type: string - type: array - extraArgs: - additionalProperties: + imageTag: + description: ImageTag allows to specify a tag for the image. In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. type: string - description: 'ExtraArgs is an extra set of flags to - pass to the control plane component. TODO: This - is temporary and ideally we would like to switch - all components to use ComponentConfig + ConfigMaps.' - type: object - extraVolumes: - description: ExtraVolumes is an extra set of host - volumes, mounted to the control plane component. - items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. + type: object + etcd: + description: 'Etcd holds configuration for etcd. NB: This value defaults to a Local (stacked) etcd' + properties: + external: + description: External describes how to connect to an external etcd cluster Local and External are mutually exclusive properties: - hostPath: - description: HostPath is the path in the host - that will be mounted inside the pod. + caFile: + description: CAFile is an SSL Certificate Authority file used to secure etcd communication. Required if using a TLS connection. type: string - mountPath: - description: MountPath is the path inside the - pod where hostPath will be mounted. + certFile: + description: CertFile is an SSL certification file used to secure etcd communication. Required if using a TLS connection. type: string - name: - description: Name of the volume inside the pod - template. + endpoints: + description: Endpoints of etcd members. Required for ExternalEtcd. + items: + type: string + type: array + keyFile: + description: KeyFile is an SSL key file used to secure etcd communication. Required if using a TLS connection. type: string - pathType: - description: PathType is the type of the HostPath. - type: string - readOnly: - description: ReadOnly controls write access - to the volume - type: boolean required: - - hostPath - - mountPath - - name + - caFile + - certFile + - endpoints + - keyFile type: object - type: array - timeoutForControlPlane: - description: TimeoutForControlPlane controls the timeout - that we use for API server to appear - type: string - type: object - apiVersion: - description: 'APIVersion defines the versioned schema - of this representation of an object. Servers should - convert recognized schemas to the latest internal value, - and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - certificatesDir: - description: 'CertificatesDir specifies where to store - or look for all required certificates. NB: if not provided, - this will default to `/etc/kubernetes/pki`' - type: string - clusterName: - description: The cluster name - type: string - controlPlaneEndpoint: - description: 'ControlPlaneEndpoint sets a stable IP address - or DNS name for the control plane; it can be a valid - IP address or a RFC-1123 DNS subdomain, both with optional - TCP port. In case the ControlPlaneEndpoint is not specified, - the AdvertiseAddress + BindPort are used; in case the - ControlPlaneEndpoint is specified but without a TCP - port, the BindPort is used. Possible usages are: e.g. - In a cluster with more than one control plane instances, - this field should be assigned the address of the external - load balancer in front of the control plane instances. - e.g. in environments with enforced node recycling, - the ControlPlaneEndpoint could be used for assigning - a stable DNS to the control plane. NB: This value defaults - to the first value in the Cluster object status.apiEndpoints - array.' - type: string - controllerManager: - description: ControllerManager contains extra settings - for the controller manager control plane component - properties: - extraArgs: - additionalProperties: - type: string - description: 'ExtraArgs is an extra set of flags to - pass to the control plane component. TODO: This - is temporary and ideally we would like to switch - all components to use ComponentConfig + ConfigMaps.' - type: object - extraVolumes: - description: ExtraVolumes is an extra set of host - volumes, mounted to the control plane component. - items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. + local: + description: Local provides configuration knobs for configuring the local etcd instance Local and External are mutually exclusive properties: - hostPath: - description: HostPath is the path in the host - that will be mounted inside the pod. - type: string - mountPath: - description: MountPath is the path inside the - pod where hostPath will be mounted. + dataDir: + description: DataDir is the directory etcd will place its data. Defaults to "/var/lib/etcd". type: string - name: - description: Name of the volume inside the pod - template. + extraArgs: + additionalProperties: + type: string + description: ExtraArgs are extra arguments provided to the etcd binary when run inside a static pod. + type: object + imageRepository: + description: ImageRepository sets the container registry to pull images from. if not set, the ImageRepository defined in ClusterConfiguration will be used instead. type: string - pathType: - description: PathType is the type of the HostPath. + imageTag: + description: ImageTag allows to specify a tag for the image. In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. type: string - readOnly: - description: ReadOnly controls write access - to the volume - type: boolean - required: - - hostPath - - mountPath - - name + peerCertSANs: + description: PeerCertSANs sets extra Subject Alternative Names for the etcd peer signing cert. + items: + type: string + type: array + serverCertSANs: + description: ServerCertSANs sets extra Subject Alternative Names for the etcd server signing cert. + items: + type: string + type: array type: object - type: array - type: object - dns: - description: DNS defines the options for the DNS add-on - installed in the cluster. - properties: - imageRepository: - description: ImageRepository sets the container registry - to pull images from. if not set, the ImageRepository - defined in ClusterConfiguration will be used instead. - type: string - imageTag: - description: ImageTag allows to specify a tag for - the image. In case this value is set, kubeadm does - not change automatically the version of the above - components during upgrades. - type: string - type: object - etcd: - description: 'Etcd holds configuration for etcd. NB: This - value defaults to a Local (stacked) etcd' - properties: - external: - description: External describes how to connect to - an external etcd cluster Local and External are - mutually exclusive - properties: - caFile: - description: CAFile is an SSL Certificate Authority - file used to secure etcd communication. Required - if using a TLS connection. + type: object + featureGates: + additionalProperties: + type: boolean + description: FeatureGates enabled by the user. + type: object + imageRepository: + description: ImageRepository sets the container registry to pull images from. If empty, `registry.k8s.io` will be used by default; in case of kubernetes version is a CI build (kubernetes version starts with `ci/` or `ci-cross/`) `gcr.io/k8s-staging-ci-images` will be used as a default for control plane components and for kube-proxy, while `registry.k8s.io` will be used for all the other images. + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + kubernetesVersion: + description: 'KubernetesVersion is the target version of the control plane. NB: This value defaults to the Machine object spec.version' + type: string + networking: + description: 'Networking holds configuration for the networking topology of the cluster. NB: This value defaults to the Cluster object spec.clusterNetwork.' + properties: + dnsDomain: + description: DNSDomain is the dns domain used by k8s services. Defaults to "cluster.local". + type: string + podSubnet: + description: PodSubnet is the subnet used by pods. If unset, the API server will not allocate CIDR ranges for every node. Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.services.cidrBlocks if that is set + type: string + serviceSubnet: + description: ServiceSubnet is the subnet used by k8s services. Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.pods.cidrBlocks, or to "10.96.0.0/12" if that's unset. + type: string + type: object + scheduler: + description: Scheduler contains extra settings for the scheduler control plane component + properties: + extraArgs: + additionalProperties: type: string - certFile: - description: CertFile is an SSL certification - file used to secure etcd communication. Required - if using a TLS connection. + description: 'ExtraArgs is an extra set of flags to pass to the control plane component. TODO: This is temporary and ideally we would like to switch all components to use ComponentConfig + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. + items: + description: HostPathMount contains elements describing volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host that will be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the pod where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + type: object + type: object + diskSetup: + description: DiskSetup specifies options for the creation of partition tables and file systems on devices. + properties: + filesystems: + description: Filesystems specifies the list of file systems to setup. + items: + description: Filesystem defines the file systems to be created. + properties: + device: + description: Device specifies the device name type: string - endpoints: - description: Endpoints of etcd members. Required - for ExternalEtcd. + extraOpts: + description: ExtraOpts defined extra options to add to the command for creating the file system. items: type: string type: array - keyFile: - description: KeyFile is an SSL key file used to - secure etcd communication. Required if using - a TLS connection. + filesystem: + description: Filesystem specifies the file system type. + type: string + label: + description: Label specifies the file system label to be used. If set to None, no label is used. + type: string + overwrite: + description: Overwrite defines whether or not to overwrite any existing filesystem. If true, any pre-existing file system will be destroyed. Use with Caution. + type: boolean + partition: + description: 'Partition specifies the partition to use. The valid options are: "auto|any", "auto", "any", "none", and , where NUM is the actual partition number.' + type: string + replaceFS: + description: 'ReplaceFS is a special directive, used for Microsoft Azure that instructs cloud-init to replace a file system of . NOTE: unless you define a label, this requires the use of the ''any'' partition directive.' type: string required: - - caFile - - certFile - - endpoints - - keyFile + - device + - filesystem + - label type: object - local: - description: Local provides configuration knobs for - configuring the local etcd instance Local and External - are mutually exclusive + type: array + partitions: + description: Partitions specifies the list of the partitions to setup. + items: + description: Partition defines how to create and layout a partition. properties: - dataDir: - description: DataDir is the directory etcd will - place its data. Defaults to "/var/lib/etcd". - type: string - extraArgs: - additionalProperties: - type: string - description: ExtraArgs are extra arguments provided - to the etcd binary when run inside a static - pod. - type: object - imageRepository: - description: ImageRepository sets the container - registry to pull images from. if not set, the - ImageRepository defined in ClusterConfiguration - will be used instead. + device: + description: Device is the name of the device. type: string - imageTag: - description: ImageTag allows to specify a tag - for the image. In case this value is set, kubeadm - does not change automatically the version of - the above components during upgrades. + layout: + description: Layout specifies the device layout. If it is true, a single partition will be created for the entire device. When layout is false, it means don't partition or ignore existing partitioning. + type: boolean + overwrite: + description: Overwrite describes whether to skip checks and create the partition if a partition or filesystem is found on the device. Use with caution. Default is 'false'. + type: boolean + tableType: + description: 'TableType specifies the tupe of partition table. The following are supported: ''mbr'': default and setups a MS-DOS partition table ''gpt'': setups a GPT partition table' type: string - peerCertSANs: - description: PeerCertSANs sets extra Subject Alternative - Names for the etcd peer signing cert. - items: - type: string - type: array - serverCertSANs: - description: ServerCertSANs sets extra Subject - Alternative Names for the etcd server signing - cert. - items: - type: string - type: array + required: + - device + - layout type: object - type: object - featureGates: - additionalProperties: - type: boolean - description: FeatureGates enabled by the user. - type: object - imageRepository: - description: ImageRepository sets the container registry - to pull images from. If empty, `registry.k8s.io` will - be used by default; in case of kubernetes version is - a CI build (kubernetes version starts with `ci/` or - `ci-cross/`) `gcr.io/k8s-staging-ci-images` will be - used as a default for control plane components and for - kube-proxy, while `registry.k8s.io` will be used for - all the other images. - type: string - kind: - description: 'Kind is a string value representing the - REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - kubernetesVersion: - description: 'KubernetesVersion is the target version - of the control plane. NB: This value defaults to the - Machine object spec.version' - type: string - networking: - description: 'Networking holds configuration for the networking - topology of the cluster. NB: This value defaults to - the Cluster object spec.clusterNetwork.' + type: array + type: object + files: + description: Files specifies extra files to be passed to user_data upon creation. + items: + description: File defines the input for generating write_files in cloud-init. properties: - dnsDomain: - description: DNSDomain is the dns domain used by k8s - services. Defaults to "cluster.local". + content: + description: Content is the actual content of the file. type: string - podSubnet: - description: PodSubnet is the subnet used by pods. - If unset, the API server will not allocate CIDR - ranges for every node. Defaults to a comma-delimited - string of the Cluster object's spec.clusterNetwork.services.cidrBlocks - if that is set + contentFrom: + description: ContentFrom is a referenced source of content to populate the file. + properties: + secret: + description: Secret represents a secret that should populate this file. + properties: + key: + description: Key is the key in the secret's data map for this value. + type: string + name: + description: Name of the secret in the KubeadmBootstrapConfig's namespace to use. + type: string + required: + - key + - name + type: object + required: + - secret + type: object + encoding: + description: Encoding specifies the encoding of the file contents. + enum: + - base64 + - gzip + - gzip+base64 + type: string + owner: + description: Owner specifies the ownership of the file, e.g. "root:root". type: string - serviceSubnet: - description: ServiceSubnet is the subnet used by k8s - services. Defaults to a comma-delimited string of - the Cluster object's spec.clusterNetwork.pods.cidrBlocks, - or to "10.96.0.0/12" if that's unset. + path: + description: Path specifies the full path on disk where to store the file. type: string + permissions: + description: Permissions specifies the permissions to assign to the file, e.g. "0640". + type: string + required: + - path type: object - scheduler: - description: Scheduler contains extra settings for the - scheduler control plane component - properties: - extraArgs: - additionalProperties: - type: string - description: 'ExtraArgs is an extra set of flags to - pass to the control plane component. TODO: This - is temporary and ideally we would like to switch - all components to use ComponentConfig + ConfigMaps.' - type: object - extraVolumes: - description: ExtraVolumes is an extra set of host - volumes, mounted to the control plane component. - items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. - properties: - hostPath: - description: HostPath is the path in the host - that will be mounted inside the pod. - type: string - mountPath: - description: MountPath is the path inside the - pod where hostPath will be mounted. - type: string - name: - description: Name of the volume inside the pod - template. + type: array + format: + description: Format specifies the output format of the bootstrap data + enum: + - cloud-config + type: string + initConfiguration: + description: InitConfiguration along with ClusterConfiguration are the configurations necessary for the init command + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + bootstrapTokens: + description: BootstrapTokens is respected at `kubeadm init` time and describes a set of Bootstrap Tokens to create. This information IS NOT uploaded to the kubeadm cluster configmap, partly because of its sensitive nature + items: + description: BootstrapToken describes one bootstrap token, stored as a Secret in the cluster. + properties: + description: + description: Description sets a human-friendly message why this token exists and what it's used for, so other administrators can know its purpose. + type: string + expires: + description: Expires specifies the timestamp when this token expires. Defaults to being set dynamically at runtime based on the TTL. Expires and TTL are mutually exclusive. + format: date-time + type: string + groups: + description: Groups specifies the extra groups that this token will authenticate as when/if used for authentication + items: type: string - pathType: - description: PathType is the type of the HostPath. + type: array + token: + description: Token is used for establishing bidirectional trust between nodes and control-planes. Used for joining nodes in the cluster. + type: string + ttl: + description: TTL defines the time to live for this token. Defaults to 24h. Expires and TTL are mutually exclusive. + type: string + usages: + description: Usages describes the ways in which this token can be used. Can by default be used for establishing bidirectional trust, but that can be changed here. + items: type: string - readOnly: - description: ReadOnly controls write access - to the volume - type: boolean - required: - - hostPath - - mountPath - - name - type: object - type: array - type: object - type: object - diskSetup: - description: DiskSetup specifies options for the creation - of partition tables and file systems on devices. - properties: - filesystems: - description: Filesystems specifies the list of file systems - to setup. - items: - description: Filesystem defines the file systems to - be created. + type: array + required: + - token + type: object + type: array + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + localAPIEndpoint: + description: LocalAPIEndpoint represents the endpoint of the API server instance that's deployed on this control plane node In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint in the sense that ControlPlaneEndpoint is the global endpoint for the cluster, which then loadbalances the requests to each individual API server. This configuration object lets you customize what IP/DNS name and port the local API server advertises it's accessible on. By default, kubeadm tries to auto-detect the IP of the default interface and use that, but in case that process fails you may set the desired value here. properties: - device: - description: Device specifies the device name - type: string - extraOpts: - description: ExtraOpts defined extra options to - add to the command for creating the file system. - items: - type: string - type: array - filesystem: - description: Filesystem specifies the file system - type. - type: string - label: - description: Label specifies the file system label - to be used. If set to None, no label is used. + advertiseAddress: + description: AdvertiseAddress sets the IP address for the API server to advertise. type: string - overwrite: - description: Overwrite defines whether or not to - overwrite any existing filesystem. If true, any - pre-existing file system will be destroyed. Use - with Caution. - type: boolean - partition: - description: 'Partition specifies the partition - to use. The valid options are: "auto|any", "auto", - "any", "none", and , where NUM is the actual - partition number.' - type: string - replaceFS: - description: 'ReplaceFS is a special directive, - used for Microsoft Azure that instructs cloud-init - to replace a file system of . NOTE: unless - you define a label, this requires the use of the - ''any'' partition directive.' - type: string - required: - - device - - filesystem - - label + bindPort: + description: BindPort sets the secure port for the API Server to bind to. Defaults to 6443. + format: int32 + type: integer type: object - type: array - partitions: - description: Partitions specifies the list of the partitions - to setup. - items: - description: Partition defines how to create and layout - a partition. + nodeRegistration: + description: NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. When used in the context of control plane nodes, NodeRegistration should remain consistent across both InitConfiguration and JoinConfiguration properties: - device: - description: Device is the name of the device. + criSocket: + description: CRISocket is used to retrieve container runtime info. This information will be annotated to the Node API object, for later re-use type: string - layout: - description: Layout specifies the device layout. - If it is true, a single partition will be created - for the entire device. When layout is false, it - means don't partition or ignore existing partitioning. - type: boolean - overwrite: - description: Overwrite describes whether to skip - checks and create the partition if a partition - or filesystem is found on the device. Use with - caution. Default is 'false'. - type: boolean - tableType: - description: 'TableType specifies the tupe of partition - table. The following are supported: ''mbr'': default - and setups a MS-DOS partition table ''gpt'': setups - a GPT partition table' + ignorePreflightErrors: + description: IgnorePreflightErrors provides a slice of pre-flight errors to be ignored when the current node is registered. + items: + type: string + type: array + kubeletExtraArgs: + additionalProperties: + type: string + description: KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. + type: object + name: + description: Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. This field is also used in the CommonName field of the kubelet's client certificate to the API server. Defaults to the hostname of the node if not provided. type: string - required: - - device - - layout + taints: + description: 'Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. If you don''t want to taint your control-plane node, set this field to an empty slice, i.e. `taints: {}` in the YAML file. This field is solely used for Node registration.' + items: + description: The node this Taint is attached to has the "effect" on any pod that does not tolerate the Taint. + properties: + effect: + description: Required. The effect of the taint on pods that do not tolerate the taint. Valid effects are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Required. The taint key to be applied to a node. + type: string + timeAdded: + description: TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints. + format: date-time + type: string + value: + description: The taint value corresponding to the taint key. + type: string + required: + - effect + - key + type: object + type: array type: object - type: array - type: object - files: - description: Files specifies extra files to be passed to user_data - upon creation. - items: - description: File defines the input for generating write_files - in cloud-init. + type: object + joinConfiguration: + description: JoinConfiguration is the kubeadm configuration for the join command properties: - content: - description: Content is the actual content of the file. + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + caCertPath: + description: 'CACertPath is the path to the SSL certificate authority used to secure comunications between node and control-plane. Defaults to "/etc/kubernetes/pki/ca.crt". TODO: revisit when there is defaulting from k/k' type: string - contentFrom: - description: ContentFrom is a referenced source of content - to populate the file. + controlPlane: + description: ControlPlane defines the additional control plane instance to be deployed on the joining node. If nil, no additional control plane instance will be deployed. properties: - secret: - description: Secret represents a secret that should - populate this file. + localAPIEndpoint: + description: LocalAPIEndpoint represents the endpoint of the API server instance to be deployed on this node. properties: - key: - description: Key is the key in the secret's - data map for this value. + advertiseAddress: + description: AdvertiseAddress sets the IP address for the API server to advertise. type: string - name: - description: Name of the secret in the KubeadmBootstrapConfig's - namespace to use. + bindPort: + description: BindPort sets the secure port for the API Server to bind to. Defaults to 6443. + format: int32 + type: integer + type: object + type: object + discovery: + description: 'Discovery specifies the options for the kubelet to use during the TLS Bootstrap process TODO: revisit when there is defaulting from k/k' + properties: + bootstrapToken: + description: BootstrapToken is used to set the options for bootstrap token based discovery BootstrapToken and File are mutually exclusive + properties: + apiServerEndpoint: + description: APIServerEndpoint is an IP or domain name to the API server from which info will be fetched. type: string + caCertHashes: + description: 'CACertHashes specifies a set of public key pins to verify when token-based discovery is used. The root CA found during discovery must match one of these values. Specifying an empty set disables root CA pinning, which can be unsafe. Each hash is specified as ":", where the only currently supported type is "sha256". This is a hex-encoded SHA-256 hash of the Subject Public Key Info (SPKI) object in DER-encoded ASN.1. These hashes can be calculated using, for example, OpenSSL: openssl x509 -pubkey -in ca.crt openssl rsa -pubin -outform der 2>&/dev/null | openssl dgst -sha256 -hex' + items: + type: string + type: array + token: + description: Token is a token used to validate cluster information fetched from the control-plane. + type: string + unsafeSkipCAVerification: + description: UnsafeSkipCAVerification allows token-based discovery without CA verification via CACertHashes. This can weaken the security of kubeadm since other nodes can impersonate the control-plane. + type: boolean required: - - key - - name + - token type: object - required: - - secret + file: + description: File is used to specify a file or URL to a kubeconfig file from which to load cluster information BootstrapToken and File are mutually exclusive + properties: + kubeConfigPath: + description: KubeConfigPath is used to specify the actual file path or URL to the kubeconfig file from which to load cluster information + type: string + required: + - kubeConfigPath + type: object + timeout: + description: Timeout modifies the discovery timeout + type: string + tlsBootstrapToken: + description: TLSBootstrapToken is a token used for TLS bootstrapping. If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, but can be overridden. If .File is set, this field **must be set** in case the KubeConfigFile does not contain any other authentication information + type: string type: object - encoding: - description: Encoding specifies the encoding of the - file contents. - enum: - - base64 - - gzip - - gzip+base64 - type: string - owner: - description: Owner specifies the ownership of the file, - e.g. "root:root". - type: string - path: - description: Path specifies the full path on disk where - to store the file. + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - permissions: - description: Permissions specifies the permissions to - assign to the file, e.g. "0640". - type: string - required: - - path - type: object - type: array - format: - description: Format specifies the output format of the bootstrap - data - enum: - - cloud-config - type: string - initConfiguration: - description: InitConfiguration along with ClusterConfiguration - are the configurations necessary for the init command - properties: - apiVersion: - description: 'APIVersion defines the versioned schema - of this representation of an object. Servers should - convert recognized schemas to the latest internal value, - and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - bootstrapTokens: - description: BootstrapTokens is respected at `kubeadm - init` time and describes a set of Bootstrap Tokens to - create. This information IS NOT uploaded to the kubeadm - cluster configmap, partly because of its sensitive nature - items: - description: BootstrapToken describes one bootstrap - token, stored as a Secret in the cluster. + nodeRegistration: + description: NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. When used in the context of control plane nodes, NodeRegistration should remain consistent across both InitConfiguration and JoinConfiguration properties: - description: - description: Description sets a human-friendly message - why this token exists and what it's used for, - so other administrators can know its purpose. + criSocket: + description: CRISocket is used to retrieve container runtime info. This information will be annotated to the Node API object, for later re-use type: string - expires: - description: Expires specifies the timestamp when - this token expires. Defaults to being set dynamically - at runtime based on the TTL. Expires and TTL are - mutually exclusive. - format: date-time - type: string - groups: - description: Groups specifies the extra groups that - this token will authenticate as when/if used for - authentication + ignorePreflightErrors: + description: IgnorePreflightErrors provides a slice of pre-flight errors to be ignored when the current node is registered. items: type: string type: array - token: - description: Token is used for establishing bidirectional - trust between nodes and control-planes. Used for - joining nodes in the cluster. - type: string - ttl: - description: TTL defines the time to live for this - token. Defaults to 24h. Expires and TTL are mutually - exclusive. + kubeletExtraArgs: + additionalProperties: + type: string + description: KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. + type: object + name: + description: Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. This field is also used in the CommonName field of the kubelet's client certificate to the API server. Defaults to the hostname of the node if not provided. type: string - usages: - description: Usages describes the ways in which - this token can be used. Can by default be used - for establishing bidirectional trust, but that - can be changed here. + taints: + description: 'Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. If you don''t want to taint your control-plane node, set this field to an empty slice, i.e. `taints: {}` in the YAML file. This field is solely used for Node registration.' items: - type: string + description: The node this Taint is attached to has the "effect" on any pod that does not tolerate the Taint. + properties: + effect: + description: Required. The effect of the taint on pods that do not tolerate the taint. Valid effects are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Required. The taint key to be applied to a node. + type: string + timeAdded: + description: TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints. + format: date-time + type: string + value: + description: The taint value corresponding to the taint key. + type: string + required: + - effect + - key + type: object type: array - required: - - token type: object + type: object + mounts: + description: Mounts specifies a list of mount points to be setup. + items: + description: MountPoints defines input for generated mounts in cloud-init. + items: + type: string type: array - kind: - description: 'Kind is a string value representing the - REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: array + ntp: + description: NTP specifies NTP configuration + properties: + enabled: + description: Enabled specifies whether NTP should be enabled + type: boolean + servers: + description: Servers specifies which NTP servers to use + items: + type: string + type: array + type: object + postKubeadmCommands: + description: PostKubeadmCommands specifies extra commands to run after kubeadm runs + items: + type: string + type: array + preKubeadmCommands: + description: PreKubeadmCommands specifies extra commands to run before kubeadm runs + items: type: string - localAPIEndpoint: - description: LocalAPIEndpoint represents the endpoint - of the API server instance that's deployed on this control - plane node In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint - in the sense that ControlPlaneEndpoint is the global - endpoint for the cluster, which then loadbalances the - requests to each individual API server. This configuration - object lets you customize what IP/DNS name and port - the local API server advertises it's accessible on. - By default, kubeadm tries to auto-detect the IP of the - default interface and use that, but in case that process - fails you may set the desired value here. + type: array + useExperimentalRetryJoin: + description: "UseExperimentalRetryJoin replaces a basic kubeadm command with a shell script with retries for joins. \n This is meant to be an experimental temporary workaround on some environments where joins fail due to timing (and other issues). The long term goal is to add retries to kubeadm proper and use that functionality. \n This will add about 40KB to userdata \n For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055." + type: boolean + users: + description: Users specifies extra users to add + items: + description: User defines the input for a generated user in cloud-init. properties: - advertiseAddress: - description: AdvertiseAddress sets the IP address - for the API server to advertise. + gecos: + description: Gecos specifies the gecos to use for the user type: string - bindPort: - description: BindPort sets the secure port for the - API Server to bind to. Defaults to 6443. - format: int32 - type: integer - type: object - nodeRegistration: - description: NodeRegistration holds fields that relate - to registering the new control-plane node to the cluster. - When used in the context of control plane nodes, NodeRegistration - should remain consistent across both InitConfiguration - and JoinConfiguration - properties: - criSocket: - description: CRISocket is used to retrieve container - runtime info. This information will be annotated - to the Node API object, for later re-use + groups: + description: Groups specifies the additional groups for the user type: string - ignorePreflightErrors: - description: IgnorePreflightErrors provides a slice - of pre-flight errors to be ignored when the current - node is registered. - items: - type: string - type: array - kubeletExtraArgs: - additionalProperties: - type: string - description: KubeletExtraArgs passes through extra - arguments to the kubelet. The arguments here are - passed to the kubelet command line via the environment - file kubeadm writes at runtime for the kubelet to - source. This overrides the generic base-level configuration - in the kubelet-config-1.X ConfigMap Flags have higher - priority when parsing. These values are local and - specific to the node kubeadm is executing on. - type: object + homeDir: + description: HomeDir specifies the home directory to use for the user + type: string + inactive: + description: Inactive specifies whether to mark the user as inactive + type: boolean + lockPassword: + description: LockPassword specifies if password login should be disabled + type: boolean name: - description: Name is the `.Metadata.Name` field of - the Node API object that will be created in this - `kubeadm init` or `kubeadm join` operation. This - field is also used in the CommonName field of the - kubelet's client certificate to the API server. - Defaults to the hostname of the node if not provided. + description: Name specifies the user name type: string - taints: - description: 'Taints specifies the taints the Node - API object should be registered with. If this field - is unset, i.e. nil, in the `kubeadm init` process - it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. - If you don''t want to taint your control-plane node, - set this field to an empty slice, i.e. `taints: - {}` in the YAML file. This field is solely used - for Node registration.' - items: - description: The node this Taint is attached to - has the "effect" on any pod that does not tolerate - the Taint. - properties: - effect: - description: Required. The effect of the taint - on pods that do not tolerate the taint. Valid - effects are NoSchedule, PreferNoSchedule and - NoExecute. - type: string - key: - description: Required. The taint key to be applied - to a node. - type: string - timeAdded: - description: TimeAdded represents the time at - which the taint was added. It is only written - for NoExecute taints. - format: date-time - type: string - value: - description: The taint value corresponding to - the taint key. - type: string - required: - - effect - - key - type: object - type: array - type: object - type: object - joinConfiguration: - description: JoinConfiguration is the kubeadm configuration - for the join command - properties: - apiVersion: - description: 'APIVersion defines the versioned schema - of this representation of an object. Servers should - convert recognized schemas to the latest internal value, - and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - caCertPath: - description: 'CACertPath is the path to the SSL certificate - authority used to secure comunications between node - and control-plane. Defaults to "/etc/kubernetes/pki/ca.crt". - TODO: revisit when there is defaulting from k/k' - type: string - controlPlane: - description: ControlPlane defines the additional control - plane instance to be deployed on the joining node. If - nil, no additional control plane instance will be deployed. - properties: - localAPIEndpoint: - description: LocalAPIEndpoint represents the endpoint - of the API server instance to be deployed on this - node. - properties: - advertiseAddress: - description: AdvertiseAddress sets the IP address - for the API server to advertise. - type: string - bindPort: - description: BindPort sets the secure port for - the API Server to bind to. Defaults to 6443. - format: int32 - type: integer - type: object - type: object - discovery: - description: 'Discovery specifies the options for the - kubelet to use during the TLS Bootstrap process TODO: - revisit when there is defaulting from k/k' - properties: - bootstrapToken: - description: BootstrapToken is used to set the options - for bootstrap token based discovery BootstrapToken - and File are mutually exclusive - properties: - apiServerEndpoint: - description: APIServerEndpoint is an IP or domain - name to the API server from which info will - be fetched. - type: string - caCertHashes: - description: 'CACertHashes specifies a set of - public key pins to verify when token-based discovery - is used. The root CA found during discovery - must match one of these values. Specifying an - empty set disables root CA pinning, which can - be unsafe. Each hash is specified as ":", - where the only currently supported type is "sha256". - This is a hex-encoded SHA-256 hash of the Subject - Public Key Info (SPKI) object in DER-encoded - ASN.1. These hashes can be calculated using, - for example, OpenSSL: openssl x509 -pubkey -in - ca.crt openssl rsa -pubin -outform der 2>&/dev/null - | openssl dgst -sha256 -hex' - items: - type: string - type: array - token: - description: Token is a token used to validate - cluster information fetched from the control-plane. - type: string - unsafeSkipCAVerification: - description: UnsafeSkipCAVerification allows token-based - discovery without CA verification via CACertHashes. - This can weaken the security of kubeadm since - other nodes can impersonate the control-plane. - type: boolean - required: - - token - type: object - file: - description: File is used to specify a file or URL - to a kubeconfig file from which to load cluster - information BootstrapToken and File are mutually - exclusive - properties: - kubeConfigPath: - description: KubeConfigPath is used to specify - the actual file path or URL to the kubeconfig - file from which to load cluster information - type: string - required: - - kubeConfigPath - type: object - timeout: - description: Timeout modifies the discovery timeout + passwd: + description: Passwd specifies a hashed password for the user type: string - tlsBootstrapToken: - description: TLSBootstrapToken is a token used for - TLS bootstrapping. If .BootstrapToken is set, this - field is defaulted to .BootstrapToken.Token, but - can be overridden. If .File is set, this field **must - be set** in case the KubeConfigFile does not contain - any other authentication information + primaryGroup: + description: PrimaryGroup specifies the primary group for the user type: string - type: object - kind: - description: 'Kind is a string value representing the - REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - nodeRegistration: - description: NodeRegistration holds fields that relate - to registering the new control-plane node to the cluster. - When used in the context of control plane nodes, NodeRegistration - should remain consistent across both InitConfiguration - and JoinConfiguration - properties: - criSocket: - description: CRISocket is used to retrieve container - runtime info. This information will be annotated - to the Node API object, for later re-use + shell: + description: Shell specifies the user's shell type: string - ignorePreflightErrors: - description: IgnorePreflightErrors provides a slice - of pre-flight errors to be ignored when the current - node is registered. + sshAuthorizedKeys: + description: SSHAuthorizedKeys specifies a list of ssh authorized keys for the user items: type: string type: array - kubeletExtraArgs: - additionalProperties: - type: string - description: KubeletExtraArgs passes through extra - arguments to the kubelet. The arguments here are - passed to the kubelet command line via the environment - file kubeadm writes at runtime for the kubelet to - source. This overrides the generic base-level configuration - in the kubelet-config-1.X ConfigMap Flags have higher - priority when parsing. These values are local and - specific to the node kubeadm is executing on. - type: object - name: - description: Name is the `.Metadata.Name` field of - the Node API object that will be created in this - `kubeadm init` or `kubeadm join` operation. This - field is also used in the CommonName field of the - kubelet's client certificate to the API server. - Defaults to the hostname of the node if not provided. + sudo: + description: Sudo specifies a sudo role for the user type: string - taints: - description: 'Taints specifies the taints the Node - API object should be registered with. If this field - is unset, i.e. nil, in the `kubeadm init` process - it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. - If you don''t want to taint your control-plane node, - set this field to an empty slice, i.e. `taints: - {}` in the YAML file. This field is solely used - for Node registration.' - items: - description: The node this Taint is attached to - has the "effect" on any pod that does not tolerate - the Taint. - properties: - effect: - description: Required. The effect of the taint - on pods that do not tolerate the taint. Valid - effects are NoSchedule, PreferNoSchedule and - NoExecute. - type: string - key: - description: Required. The taint key to be applied - to a node. - type: string - timeAdded: - description: TimeAdded represents the time at - which the taint was added. It is only written - for NoExecute taints. - format: date-time - type: string - value: - description: The taint value corresponding to - the taint key. - type: string - required: - - effect - - key - type: object - type: array + required: + - name type: object - type: object - mounts: - description: Mounts specifies a list of mount points to be - setup. - items: - description: MountPoints defines input for generated mounts - in cloud-init. - items: - type: string type: array - type: array - ntp: - description: NTP specifies NTP configuration - properties: - enabled: - description: Enabled specifies whether NTP should be enabled - type: boolean - servers: - description: Servers specifies which NTP servers to use - items: - type: string - type: array - type: object - postKubeadmCommands: - description: PostKubeadmCommands specifies extra commands - to run after kubeadm runs - items: - type: string - type: array - preKubeadmCommands: - description: PreKubeadmCommands specifies extra commands to - run before kubeadm runs - items: - type: string - type: array - useExperimentalRetryJoin: - description: "UseExperimentalRetryJoin replaces a basic kubeadm - command with a shell script with retries for joins. \n This - is meant to be an experimental temporary workaround on some - environments where joins fail due to timing (and other issues). - The long term goal is to add retries to kubeadm proper and - use that functionality. \n This will add about 40KB to userdata - \n For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055." - type: boolean - users: - description: Users specifies extra users to add - items: - description: User defines the input for a generated user - in cloud-init. + verbosity: + description: Verbosity is the number for the kubeadm log level verbosity. It overrides the `--v` flag in kubeadm commands. + format: int32 + type: integer + type: object + type: object + required: + - template + type: object + type: object + served: false + storage: false + subresources: {} + - additionalPrinterColumns: + - description: Time duration since creation of KubeadmConfigTemplate + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: KubeadmConfigTemplate is the Schema for the kubeadmconfigtemplates API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KubeadmConfigTemplateSpec defines the desired state of KubeadmConfigTemplate. + properties: + template: + description: KubeadmConfigTemplateResource defines the Template structure. + properties: + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: KubeadmConfigSpec defines the desired state of KubeadmConfig. Either ClusterConfiguration and InitConfiguration should be defined or the JoinConfiguration should be defined. + properties: + clusterConfiguration: + description: ClusterConfiguration along with InitConfiguration are the configurations necessary for the init command properties: - gecos: - description: Gecos specifies the gecos to use for the - user - type: string - groups: - description: Groups specifies the additional groups - for the user - type: string - homeDir: - description: HomeDir specifies the home directory to - use for the user - type: string - inactive: - description: Inactive specifies whether to mark the - user as inactive - type: boolean - lockPassword: - description: LockPassword specifies if password login - should be disabled - type: boolean - name: - description: Name specifies the user name - type: string - passwd: - description: Passwd specifies a hashed password for - the user + apiServer: + description: APIServer contains extra settings for the API server control plane component + properties: + certSANs: + description: CertSANs sets extra Subject Alternative Names for the API Server signing cert. + items: + type: string + type: array + extraArgs: + additionalProperties: + type: string + description: 'ExtraArgs is an extra set of flags to pass to the control plane component. TODO: This is temporary and ideally we would like to switch all components to use ComponentConfig + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. + items: + description: HostPathMount contains elements describing volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host that will be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the pod where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + timeoutForControlPlane: + description: TimeoutForControlPlane controls the timeout that we use for API server to appear + type: string + type: object + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string - primaryGroup: - description: PrimaryGroup specifies the primary group - for the user + certificatesDir: + description: 'CertificatesDir specifies where to store or look for all required certificates. NB: if not provided, this will default to `/etc/kubernetes/pki`' type: string - shell: - description: Shell specifies the user's shell + clusterName: + description: The cluster name type: string - sshAuthorizedKeys: - description: SSHAuthorizedKeys specifies a list of ssh - authorized keys for the user - items: - type: string - type: array - sudo: - description: Sudo specifies a sudo role for the user + controlPlaneEndpoint: + description: 'ControlPlaneEndpoint sets a stable IP address or DNS name for the control plane; it can be a valid IP address or a RFC-1123 DNS subdomain, both with optional TCP port. In case the ControlPlaneEndpoint is not specified, the AdvertiseAddress + BindPort are used; in case the ControlPlaneEndpoint is specified but without a TCP port, the BindPort is used. Possible usages are: e.g. In a cluster with more than one control plane instances, this field should be assigned the address of the external load balancer in front of the control plane instances. e.g. in environments with enforced node recycling, the ControlPlaneEndpoint could be used for assigning a stable DNS to the control plane. NB: This value defaults to the first value in the Cluster object status.apiEndpoints array.' type: string - required: - - name - type: object - type: array - verbosity: - description: Verbosity is the number for the kubeadm log level - verbosity. It overrides the `--v` flag in kubeadm commands. - format: int32 - type: integer - type: object - type: object - required: - - template - type: object - type: object - served: false - storage: false - subresources: {} - - additionalPrinterColumns: - - description: Time duration since creation of KubeadmConfigTemplate - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: KubeadmConfigTemplate is the Schema for the kubeadmconfigtemplates - API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KubeadmConfigTemplateSpec defines the desired state of KubeadmConfigTemplate. - properties: - template: - description: KubeadmConfigTemplateResource defines the Template structure. - properties: - metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' - properties: - annotations: - additionalProperties: - type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - http://kubernetes.io/docs/user-guide/annotations' - type: object - labels: - additionalProperties: - type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. May - match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' - type: object - type: object - spec: - description: KubeadmConfigSpec defines the desired state of KubeadmConfig. - Either ClusterConfiguration and InitConfiguration should be - defined or the JoinConfiguration should be defined. - properties: - clusterConfiguration: - description: ClusterConfiguration along with InitConfiguration - are the configurations necessary for the init command - properties: - apiServer: - description: APIServer contains extra settings for the - API server control plane component - properties: - certSANs: - description: CertSANs sets extra Subject Alternative - Names for the API Server signing cert. - items: + controllerManager: + description: ControllerManager contains extra settings for the controller manager control plane component + properties: + extraArgs: + additionalProperties: + type: string + description: 'ExtraArgs is an extra set of flags to pass to the control plane component. TODO: This is temporary and ideally we would like to switch all components to use ComponentConfig + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. + items: + description: HostPathMount contains elements describing volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host that will be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the pod where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + type: object + dns: + description: DNS defines the options for the DNS add-on installed in the cluster. + properties: + imageRepository: + description: ImageRepository sets the container registry to pull images from. if not set, the ImageRepository defined in ClusterConfiguration will be used instead. type: string - type: array - extraArgs: - additionalProperties: + imageTag: + description: ImageTag allows to specify a tag for the image. In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. type: string - description: 'ExtraArgs is an extra set of flags to - pass to the control plane component. TODO: This - is temporary and ideally we would like to switch - all components to use ComponentConfig + ConfigMaps.' - type: object - extraVolumes: - description: ExtraVolumes is an extra set of host - volumes, mounted to the control plane component. - items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. + type: object + etcd: + description: 'Etcd holds configuration for etcd. NB: This value defaults to a Local (stacked) etcd' + properties: + external: + description: External describes how to connect to an external etcd cluster Local and External are mutually exclusive properties: - hostPath: - description: HostPath is the path in the host - that will be mounted inside the pod. + caFile: + description: CAFile is an SSL Certificate Authority file used to secure etcd communication. Required if using a TLS connection. type: string - mountPath: - description: MountPath is the path inside the - pod where hostPath will be mounted. + certFile: + description: CertFile is an SSL certification file used to secure etcd communication. Required if using a TLS connection. type: string - name: - description: Name of the volume inside the pod - template. + endpoints: + description: Endpoints of etcd members. Required for ExternalEtcd. + items: + type: string + type: array + keyFile: + description: KeyFile is an SSL key file used to secure etcd communication. Required if using a TLS connection. type: string - pathType: - description: PathType is the type of the HostPath. - type: string - readOnly: - description: ReadOnly controls write access - to the volume - type: boolean required: - - hostPath - - mountPath - - name + - caFile + - certFile + - endpoints + - keyFile type: object - type: array - timeoutForControlPlane: - description: TimeoutForControlPlane controls the timeout - that we use for API server to appear - type: string - type: object - apiVersion: - description: 'APIVersion defines the versioned schema - of this representation of an object. Servers should - convert recognized schemas to the latest internal value, - and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - certificatesDir: - description: 'CertificatesDir specifies where to store - or look for all required certificates. NB: if not provided, - this will default to `/etc/kubernetes/pki`' - type: string - clusterName: - description: The cluster name - type: string - controlPlaneEndpoint: - description: 'ControlPlaneEndpoint sets a stable IP address - or DNS name for the control plane; it can be a valid - IP address or a RFC-1123 DNS subdomain, both with optional - TCP port. In case the ControlPlaneEndpoint is not specified, - the AdvertiseAddress + BindPort are used; in case the - ControlPlaneEndpoint is specified but without a TCP - port, the BindPort is used. Possible usages are: e.g. - In a cluster with more than one control plane instances, - this field should be assigned the address of the external - load balancer in front of the control plane instances. - e.g. in environments with enforced node recycling, - the ControlPlaneEndpoint could be used for assigning - a stable DNS to the control plane. NB: This value defaults - to the first value in the Cluster object status.apiEndpoints - array.' - type: string - controllerManager: - description: ControllerManager contains extra settings - for the controller manager control plane component - properties: - extraArgs: - additionalProperties: - type: string - description: 'ExtraArgs is an extra set of flags to - pass to the control plane component. TODO: This - is temporary and ideally we would like to switch - all components to use ComponentConfig + ConfigMaps.' - type: object - extraVolumes: - description: ExtraVolumes is an extra set of host - volumes, mounted to the control plane component. - items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. + local: + description: Local provides configuration knobs for configuring the local etcd instance Local and External are mutually exclusive properties: - hostPath: - description: HostPath is the path in the host - that will be mounted inside the pod. - type: string - mountPath: - description: MountPath is the path inside the - pod where hostPath will be mounted. + dataDir: + description: DataDir is the directory etcd will place its data. Defaults to "/var/lib/etcd". type: string - name: - description: Name of the volume inside the pod - template. + extraArgs: + additionalProperties: + type: string + description: ExtraArgs are extra arguments provided to the etcd binary when run inside a static pod. + type: object + imageRepository: + description: ImageRepository sets the container registry to pull images from. if not set, the ImageRepository defined in ClusterConfiguration will be used instead. type: string - pathType: - description: PathType is the type of the HostPath. + imageTag: + description: ImageTag allows to specify a tag for the image. In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. type: string - readOnly: - description: ReadOnly controls write access - to the volume - type: boolean - required: - - hostPath - - mountPath - - name + peerCertSANs: + description: PeerCertSANs sets extra Subject Alternative Names for the etcd peer signing cert. + items: + type: string + type: array + serverCertSANs: + description: ServerCertSANs sets extra Subject Alternative Names for the etcd server signing cert. + items: + type: string + type: array type: object - type: array - type: object - dns: - description: DNS defines the options for the DNS add-on - installed in the cluster. - properties: - imageRepository: - description: ImageRepository sets the container registry - to pull images from. if not set, the ImageRepository - defined in ClusterConfiguration will be used instead. - type: string - imageTag: - description: ImageTag allows to specify a tag for - the image. In case this value is set, kubeadm does - not change automatically the version of the above - components during upgrades. - type: string - type: object - etcd: - description: 'Etcd holds configuration for etcd. NB: This - value defaults to a Local (stacked) etcd' - properties: - external: - description: External describes how to connect to - an external etcd cluster Local and External are - mutually exclusive - properties: - caFile: - description: CAFile is an SSL Certificate Authority - file used to secure etcd communication. Required - if using a TLS connection. + type: object + featureGates: + additionalProperties: + type: boolean + description: FeatureGates enabled by the user. + type: object + imageRepository: + description: 'ImageRepository sets the container registry to pull images from. * If not set, the default registry of kubeadm will be used, i.e. * registry.k8s.io (new registry): >= v1.22.17, >= v1.23.15, >= v1.24.9, >= v1.25.0 * k8s.gcr.io (old registry): all older versions Please note that when imageRepository is not set we don''t allow upgrades to versions >= v1.22.0 which use the old registry (k8s.gcr.io). Please use a newer patch version with the new registry instead (i.e. >= v1.22.17, >= v1.23.15, >= v1.24.9, >= v1.25.0). * If the version is a CI build (kubernetes version starts with `ci/` or `ci-cross/`) `gcr.io/k8s-staging-ci-images` will be used as a default for control plane components and for kube-proxy, while `registry.k8s.io` will be used for all the other images.' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + kubernetesVersion: + description: 'KubernetesVersion is the target version of the control plane. NB: This value defaults to the Machine object spec.version' + type: string + networking: + description: 'Networking holds configuration for the networking topology of the cluster. NB: This value defaults to the Cluster object spec.clusterNetwork.' + properties: + dnsDomain: + description: DNSDomain is the dns domain used by k8s services. Defaults to "cluster.local". + type: string + podSubnet: + description: PodSubnet is the subnet used by pods. If unset, the API server will not allocate CIDR ranges for every node. Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.services.cidrBlocks if that is set + type: string + serviceSubnet: + description: ServiceSubnet is the subnet used by k8s services. Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.pods.cidrBlocks, or to "10.96.0.0/12" if that's unset. + type: string + type: object + scheduler: + description: Scheduler contains extra settings for the scheduler control plane component + properties: + extraArgs: + additionalProperties: type: string - certFile: - description: CertFile is an SSL certification - file used to secure etcd communication. Required - if using a TLS connection. + description: 'ExtraArgs is an extra set of flags to pass to the control plane component. TODO: This is temporary and ideally we would like to switch all components to use ComponentConfig + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. + items: + description: HostPathMount contains elements describing volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host that will be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the pod where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + type: object + type: object + diskSetup: + description: DiskSetup specifies options for the creation of partition tables and file systems on devices. + properties: + filesystems: + description: Filesystems specifies the list of file systems to setup. + items: + description: Filesystem defines the file systems to be created. + properties: + device: + description: Device specifies the device name type: string - endpoints: - description: Endpoints of etcd members. Required - for ExternalEtcd. + extraOpts: + description: ExtraOpts defined extra options to add to the command for creating the file system. items: type: string type: array - keyFile: - description: KeyFile is an SSL key file used to - secure etcd communication. Required if using - a TLS connection. + filesystem: + description: Filesystem specifies the file system type. + type: string + label: + description: Label specifies the file system label to be used. If set to None, no label is used. + type: string + overwrite: + description: Overwrite defines whether or not to overwrite any existing filesystem. If true, any pre-existing file system will be destroyed. Use with Caution. + type: boolean + partition: + description: 'Partition specifies the partition to use. The valid options are: "auto|any", "auto", "any", "none", and , where NUM is the actual partition number.' + type: string + replaceFS: + description: 'ReplaceFS is a special directive, used for Microsoft Azure that instructs cloud-init to replace a file system of . NOTE: unless you define a label, this requires the use of the ''any'' partition directive.' type: string required: - - caFile - - certFile - - endpoints - - keyFile + - device + - filesystem + - label type: object - local: - description: Local provides configuration knobs for - configuring the local etcd instance Local and External - are mutually exclusive + type: array + partitions: + description: Partitions specifies the list of the partitions to setup. + items: + description: Partition defines how to create and layout a partition. properties: - dataDir: - description: DataDir is the directory etcd will - place its data. Defaults to "/var/lib/etcd". + device: + description: Device is the name of the device. type: string - extraArgs: - additionalProperties: - type: string - description: ExtraArgs are extra arguments provided - to the etcd binary when run inside a static - pod. - type: object - imageRepository: - description: ImageRepository sets the container - registry to pull images from. if not set, the - ImageRepository defined in ClusterConfiguration - will be used instead. - type: string - imageTag: - description: ImageTag allows to specify a tag - for the image. In case this value is set, kubeadm - does not change automatically the version of - the above components during upgrades. + layout: + description: Layout specifies the device layout. If it is true, a single partition will be created for the entire device. When layout is false, it means don't partition or ignore existing partitioning. + type: boolean + overwrite: + description: Overwrite describes whether to skip checks and create the partition if a partition or filesystem is found on the device. Use with caution. Default is 'false'. + type: boolean + tableType: + description: 'TableType specifies the tupe of partition table. The following are supported: ''mbr'': default and setups a MS-DOS partition table ''gpt'': setups a GPT partition table' type: string - peerCertSANs: - description: PeerCertSANs sets extra Subject Alternative - Names for the etcd peer signing cert. - items: - type: string - type: array - serverCertSANs: - description: ServerCertSANs sets extra Subject - Alternative Names for the etcd server signing - cert. - items: - type: string - type: array + required: + - device + - layout type: object - type: object - featureGates: - additionalProperties: - type: boolean - description: FeatureGates enabled by the user. - type: object - imageRepository: - description: 'ImageRepository sets the container registry - to pull images from. * If not set, the default registry - of kubeadm will be used, i.e. * registry.k8s.io (new - registry): >= v1.22.17, >= v1.23.15, >= v1.24.9, >= - v1.25.0 * k8s.gcr.io (old registry): all older versions - Please note that when imageRepository is not set we - don''t allow upgrades to versions >= v1.22.0 which use - the old registry (k8s.gcr.io). Please use a newer patch - version with the new registry instead (i.e. >= v1.22.17, - >= v1.23.15, >= v1.24.9, >= v1.25.0). * If the version - is a CI build (kubernetes version starts with `ci/` - or `ci-cross/`) `gcr.io/k8s-staging-ci-images` will - be used as a default for control plane components and - for kube-proxy, while `registry.k8s.io` will be used - for all the other images.' - type: string - kind: - description: 'Kind is a string value representing the - REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - kubernetesVersion: - description: 'KubernetesVersion is the target version - of the control plane. NB: This value defaults to the - Machine object spec.version' - type: string - networking: - description: 'Networking holds configuration for the networking - topology of the cluster. NB: This value defaults to - the Cluster object spec.clusterNetwork.' + type: array + type: object + files: + description: Files specifies extra files to be passed to user_data upon creation. + items: + description: File defines the input for generating write_files in cloud-init. properties: - dnsDomain: - description: DNSDomain is the dns domain used by k8s - services. Defaults to "cluster.local". + append: + description: Append specifies whether to append Content to existing file if Path exists. + type: boolean + content: + description: Content is the actual content of the file. + type: string + contentFrom: + description: ContentFrom is a referenced source of content to populate the file. + properties: + secret: + description: Secret represents a secret that should populate this file. + properties: + key: + description: Key is the key in the secret's data map for this value. + type: string + name: + description: Name of the secret in the KubeadmBootstrapConfig's namespace to use. + type: string + required: + - key + - name + type: object + required: + - secret + type: object + encoding: + description: Encoding specifies the encoding of the file contents. + enum: + - base64 + - gzip + - gzip+base64 + type: string + owner: + description: Owner specifies the ownership of the file, e.g. "root:root". type: string - podSubnet: - description: PodSubnet is the subnet used by pods. - If unset, the API server will not allocate CIDR - ranges for every node. Defaults to a comma-delimited - string of the Cluster object's spec.clusterNetwork.services.cidrBlocks - if that is set + path: + description: Path specifies the full path on disk where to store the file. type: string - serviceSubnet: - description: ServiceSubnet is the subnet used by k8s - services. Defaults to a comma-delimited string of - the Cluster object's spec.clusterNetwork.pods.cidrBlocks, - or to "10.96.0.0/12" if that's unset. + permissions: + description: Permissions specifies the permissions to assign to the file, e.g. "0640". type: string + required: + - path type: object - scheduler: - description: Scheduler contains extra settings for the - scheduler control plane component - properties: - extraArgs: - additionalProperties: + type: array + format: + description: Format specifies the output format of the bootstrap data + enum: + - cloud-config + - ignition + type: string + ignition: + description: Ignition contains Ignition specific configuration. + properties: + containerLinuxConfig: + description: ContainerLinuxConfig contains CLC specific configuration. + properties: + additionalConfig: + description: "AdditionalConfig contains additional configuration to be merged with the Ignition configuration generated by the bootstrapper controller. More info: https://coreos.github.io/ignition/operator-notes/#config-merging \n The data format is documented here: https://kinvolk.io/docs/flatcar-container-linux/latest/provisioning/cl-config/" type: string - description: 'ExtraArgs is an extra set of flags to - pass to the control plane component. TODO: This - is temporary and ideally we would like to switch - all components to use ComponentConfig + ConfigMaps.' - type: object - extraVolumes: - description: ExtraVolumes is an extra set of host - volumes, mounted to the control plane component. - items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. - properties: - hostPath: - description: HostPath is the path in the host - that will be mounted inside the pod. - type: string - mountPath: - description: MountPath is the path inside the - pod where hostPath will be mounted. - type: string - name: - description: Name of the volume inside the pod - template. + strict: + description: Strict controls if AdditionalConfig should be strictly parsed. If so, warnings are treated as errors. + type: boolean + type: object + type: object + initConfiguration: + description: InitConfiguration along with ClusterConfiguration are the configurations necessary for the init command + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + bootstrapTokens: + description: BootstrapTokens is respected at `kubeadm init` time and describes a set of Bootstrap Tokens to create. This information IS NOT uploaded to the kubeadm cluster configmap, partly because of its sensitive nature + items: + description: BootstrapToken describes one bootstrap token, stored as a Secret in the cluster. + properties: + description: + description: Description sets a human-friendly message why this token exists and what it's used for, so other administrators can know its purpose. + type: string + expires: + description: Expires specifies the timestamp when this token expires. Defaults to being set dynamically at runtime based on the TTL. Expires and TTL are mutually exclusive. + format: date-time + type: string + groups: + description: Groups specifies the extra groups that this token will authenticate as when/if used for authentication + items: type: string - pathType: - description: PathType is the type of the HostPath. + type: array + token: + description: Token is used for establishing bidirectional trust between nodes and control-planes. Used for joining nodes in the cluster. + type: string + ttl: + description: TTL defines the time to live for this token. Defaults to 24h. Expires and TTL are mutually exclusive. + type: string + usages: + description: Usages describes the ways in which this token can be used. Can by default be used for establishing bidirectional trust, but that can be changed here. + items: type: string - readOnly: - description: ReadOnly controls write access - to the volume - type: boolean - required: - - hostPath - - mountPath - - name - type: object - type: array - type: object - type: object - diskSetup: - description: DiskSetup specifies options for the creation - of partition tables and file systems on devices. - properties: - filesystems: - description: Filesystems specifies the list of file systems - to setup. - items: - description: Filesystem defines the file systems to - be created. + type: array + required: + - token + type: object + type: array + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + localAPIEndpoint: + description: LocalAPIEndpoint represents the endpoint of the API server instance that's deployed on this control plane node In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint in the sense that ControlPlaneEndpoint is the global endpoint for the cluster, which then loadbalances the requests to each individual API server. This configuration object lets you customize what IP/DNS name and port the local API server advertises it's accessible on. By default, kubeadm tries to auto-detect the IP of the default interface and use that, but in case that process fails you may set the desired value here. properties: - device: - description: Device specifies the device name + advertiseAddress: + description: AdvertiseAddress sets the IP address for the API server to advertise. type: string - extraOpts: - description: ExtraOpts defined extra options to - add to the command for creating the file system. + bindPort: + description: BindPort sets the secure port for the API Server to bind to. Defaults to 6443. + format: int32 + type: integer + type: object + nodeRegistration: + description: NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. When used in the context of control plane nodes, NodeRegistration should remain consistent across both InitConfiguration and JoinConfiguration + properties: + criSocket: + description: CRISocket is used to retrieve container runtime info. This information will be annotated to the Node API object, for later re-use + type: string + ignorePreflightErrors: + description: IgnorePreflightErrors provides a slice of pre-flight errors to be ignored when the current node is registered. items: type: string type: array - filesystem: - description: Filesystem specifies the file system - type. - type: string - label: - description: Label specifies the file system label - to be used. If set to None, no label is used. + imagePullPolicy: + description: ImagePullPolicy specifies the policy for image pulling during kubeadm "init" and "join" operations. The value of this field must be one of "Always", "IfNotPresent" or "Never". Defaults to "IfNotPresent". This can be used only with Kubernetes version equal to 1.22 and later. + enum: + - Always + - IfNotPresent + - Never type: string - overwrite: - description: Overwrite defines whether or not to - overwrite any existing filesystem. If true, any - pre-existing file system will be destroyed. Use - with Caution. - type: boolean - partition: - description: 'Partition specifies the partition - to use. The valid options are: "auto|any", "auto", - "any", "none", and , where NUM is the actual - partition number.' - type: string - replaceFS: - description: 'ReplaceFS is a special directive, - used for Microsoft Azure that instructs cloud-init - to replace a file system of . NOTE: unless - you define a label, this requires the use of the - ''any'' partition directive.' + kubeletExtraArgs: + additionalProperties: + type: string + description: KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. + type: object + name: + description: Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. This field is also used in the CommonName field of the kubelet's client certificate to the API server. Defaults to the hostname of the node if not provided. type: string - required: - - device - - filesystem - - label + taints: + description: 'Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. If you don''t want to taint your control-plane node, set this field to an empty slice, i.e. `taints: []` in the YAML file. This field is solely used for Node registration.' + items: + description: The node this Taint is attached to has the "effect" on any pod that does not tolerate the Taint. + properties: + effect: + description: Required. The effect of the taint on pods that do not tolerate the taint. Valid effects are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Required. The taint key to be applied to a node. + type: string + timeAdded: + description: TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints. + format: date-time + type: string + value: + description: The taint value corresponding to the taint key. + type: string + required: + - effect + - key + type: object + type: array type: object - type: array - partitions: - description: Partitions specifies the list of the partitions - to setup. - items: - description: Partition defines how to create and layout - a partition. + patches: + description: Patches contains options related to applying patches to components deployed by kubeadm during "kubeadm init". The minimum kubernetes version needed to support Patches is v1.22 properties: - device: - description: Device is the name of the device. - type: string - layout: - description: Layout specifies the device layout. - If it is true, a single partition will be created - for the entire device. When layout is false, it - means don't partition or ignore existing partitioning. - type: boolean - overwrite: - description: Overwrite describes whether to skip - checks and create the partition if a partition - or filesystem is found on the device. Use with - caution. Default is 'false'. - type: boolean - tableType: - description: 'TableType specifies the tupe of partition - table. The following are supported: ''mbr'': default - and setups a MS-DOS partition table ''gpt'': setups - a GPT partition table' + directory: + description: Directory is a path to a directory that contains files named "target[suffix][+patchtype].extension". For example, "kube-apiserver0+merge.yaml" or just "etcd.json". "target" can be one of "kube-apiserver", "kube-controller-manager", "kube-scheduler", "etcd". "patchtype" can be one of "strategic" "merge" or "json" and they match the patch formats supported by kubectl. The default "patchtype" is "strategic". "extension" must be either "json" or "yaml". "suffix" is an optional string that can be used to determine which patches are applied first alpha-numerically. These files can be written into the target directory via KubeadmConfig.Files which specifies additional files to be created on the machine, either with content inline or by referencing a secret. type: string - required: - - device - - layout type: object - type: array - type: object - files: - description: Files specifies extra files to be passed to user_data - upon creation. - items: - description: File defines the input for generating write_files - in cloud-init. + skipPhases: + description: SkipPhases is a list of phases to skip during command execution. The list of phases can be obtained with the "kubeadm init --help" command. This option takes effect only on Kubernetes >=1.22.0. + items: + type: string + type: array + type: object + joinConfiguration: + description: JoinConfiguration is the kubeadm configuration for the join command properties: - append: - description: Append specifies whether to append Content - to existing file if Path exists. - type: boolean - content: - description: Content is the actual content of the file. + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string - contentFrom: - description: ContentFrom is a referenced source of content - to populate the file. + caCertPath: + description: 'CACertPath is the path to the SSL certificate authority used to secure comunications between node and control-plane. Defaults to "/etc/kubernetes/pki/ca.crt". TODO: revisit when there is defaulting from k/k' + type: string + controlPlane: + description: ControlPlane defines the additional control plane instance to be deployed on the joining node. If nil, no additional control plane instance will be deployed. + properties: + localAPIEndpoint: + description: LocalAPIEndpoint represents the endpoint of the API server instance to be deployed on this node. + properties: + advertiseAddress: + description: AdvertiseAddress sets the IP address for the API server to advertise. + type: string + bindPort: + description: BindPort sets the secure port for the API Server to bind to. Defaults to 6443. + format: int32 + type: integer + type: object + type: object + discovery: + description: 'Discovery specifies the options for the kubelet to use during the TLS Bootstrap process TODO: revisit when there is defaulting from k/k' properties: - secret: - description: Secret represents a secret that should - populate this file. + bootstrapToken: + description: BootstrapToken is used to set the options for bootstrap token based discovery BootstrapToken and File are mutually exclusive properties: - key: - description: Key is the key in the secret's - data map for this value. + apiServerEndpoint: + description: APIServerEndpoint is an IP or domain name to the API server from which info will be fetched. type: string - name: - description: Name of the secret in the KubeadmBootstrapConfig's - namespace to use. + caCertHashes: + description: 'CACertHashes specifies a set of public key pins to verify when token-based discovery is used. The root CA found during discovery must match one of these values. Specifying an empty set disables root CA pinning, which can be unsafe. Each hash is specified as ":", where the only currently supported type is "sha256". This is a hex-encoded SHA-256 hash of the Subject Public Key Info (SPKI) object in DER-encoded ASN.1. These hashes can be calculated using, for example, OpenSSL: openssl x509 -pubkey -in ca.crt openssl rsa -pubin -outform der 2>&/dev/null | openssl dgst -sha256 -hex' + items: + type: string + type: array + token: + description: Token is a token used to validate cluster information fetched from the control-plane. type: string + unsafeSkipCAVerification: + description: UnsafeSkipCAVerification allows token-based discovery without CA verification via CACertHashes. This can weaken the security of kubeadm since other nodes can impersonate the control-plane. + type: boolean required: - - key - - name + - token type: object - required: - - secret + file: + description: File is used to specify a file or URL to a kubeconfig file from which to load cluster information BootstrapToken and File are mutually exclusive + properties: + kubeConfigPath: + description: KubeConfigPath is used to specify the actual file path or URL to the kubeconfig file from which to load cluster information + type: string + required: + - kubeConfigPath + type: object + timeout: + description: Timeout modifies the discovery timeout + type: string + tlsBootstrapToken: + description: TLSBootstrapToken is a token used for TLS bootstrapping. If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, but can be overridden. If .File is set, this field **must be set** in case the KubeConfigFile does not contain any other authentication information + type: string type: object - encoding: - description: Encoding specifies the encoding of the - file contents. - enum: - - base64 - - gzip - - gzip+base64 + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - owner: - description: Owner specifies the ownership of the file, - e.g. "root:root". - type: string - path: - description: Path specifies the full path on disk where - to store the file. - type: string - permissions: - description: Permissions specifies the permissions to - assign to the file, e.g. "0640". - type: string - required: - - path - type: object - type: array - format: - description: Format specifies the output format of the bootstrap - data - enum: - - cloud-config - - ignition - type: string - ignition: - description: Ignition contains Ignition specific configuration. - properties: - containerLinuxConfig: - description: ContainerLinuxConfig contains CLC specific - configuration. - properties: - additionalConfig: - description: "AdditionalConfig contains additional - configuration to be merged with the Ignition configuration - generated by the bootstrapper controller. More info: - https://coreos.github.io/ignition/operator-notes/#config-merging - \n The data format is documented here: https://kinvolk.io/docs/flatcar-container-linux/latest/provisioning/cl-config/" - type: string - strict: - description: Strict controls if AdditionalConfig should - be strictly parsed. If so, warnings are treated - as errors. - type: boolean - type: object - type: object - initConfiguration: - description: InitConfiguration along with ClusterConfiguration - are the configurations necessary for the init command - properties: - apiVersion: - description: 'APIVersion defines the versioned schema - of this representation of an object. Servers should - convert recognized schemas to the latest internal value, - and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - bootstrapTokens: - description: BootstrapTokens is respected at `kubeadm - init` time and describes a set of Bootstrap Tokens to - create. This information IS NOT uploaded to the kubeadm - cluster configmap, partly because of its sensitive nature - items: - description: BootstrapToken describes one bootstrap - token, stored as a Secret in the cluster. + nodeRegistration: + description: NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. When used in the context of control plane nodes, NodeRegistration should remain consistent across both InitConfiguration and JoinConfiguration properties: - description: - description: Description sets a human-friendly message - why this token exists and what it's used for, - so other administrators can know its purpose. - type: string - expires: - description: Expires specifies the timestamp when - this token expires. Defaults to being set dynamically - at runtime based on the TTL. Expires and TTL are - mutually exclusive. - format: date-time + criSocket: + description: CRISocket is used to retrieve container runtime info. This information will be annotated to the Node API object, for later re-use type: string - groups: - description: Groups specifies the extra groups that - this token will authenticate as when/if used for - authentication + ignorePreflightErrors: + description: IgnorePreflightErrors provides a slice of pre-flight errors to be ignored when the current node is registered. items: type: string type: array - token: - description: Token is used for establishing bidirectional - trust between nodes and control-planes. Used for - joining nodes in the cluster. + imagePullPolicy: + description: ImagePullPolicy specifies the policy for image pulling during kubeadm "init" and "join" operations. The value of this field must be one of "Always", "IfNotPresent" or "Never". Defaults to "IfNotPresent". This can be used only with Kubernetes version equal to 1.22 and later. + enum: + - Always + - IfNotPresent + - Never type: string - ttl: - description: TTL defines the time to live for this - token. Defaults to 24h. Expires and TTL are mutually - exclusive. + kubeletExtraArgs: + additionalProperties: + type: string + description: KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. + type: object + name: + description: Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. This field is also used in the CommonName field of the kubelet's client certificate to the API server. Defaults to the hostname of the node if not provided. type: string - usages: - description: Usages describes the ways in which - this token can be used. Can by default be used - for establishing bidirectional trust, but that - can be changed here. + taints: + description: 'Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. If you don''t want to taint your control-plane node, set this field to an empty slice, i.e. `taints: []` in the YAML file. This field is solely used for Node registration.' items: - type: string + description: The node this Taint is attached to has the "effect" on any pod that does not tolerate the Taint. + properties: + effect: + description: Required. The effect of the taint on pods that do not tolerate the taint. Valid effects are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Required. The taint key to be applied to a node. + type: string + timeAdded: + description: TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints. + format: date-time + type: string + value: + description: The taint value corresponding to the taint key. + type: string + required: + - effect + - key + type: object type: array - required: - - token type: object + patches: + description: Patches contains options related to applying patches to components deployed by kubeadm during "kubeadm join". The minimum kubernetes version needed to support Patches is v1.22 + properties: + directory: + description: Directory is a path to a directory that contains files named "target[suffix][+patchtype].extension". For example, "kube-apiserver0+merge.yaml" or just "etcd.json". "target" can be one of "kube-apiserver", "kube-controller-manager", "kube-scheduler", "etcd". "patchtype" can be one of "strategic" "merge" or "json" and they match the patch formats supported by kubectl. The default "patchtype" is "strategic". "extension" must be either "json" or "yaml". "suffix" is an optional string that can be used to determine which patches are applied first alpha-numerically. These files can be written into the target directory via KubeadmConfig.Files which specifies additional files to be created on the machine, either with content inline or by referencing a secret. + type: string + type: object + skipPhases: + description: SkipPhases is a list of phases to skip during command execution. The list of phases can be obtained with the "kubeadm init --help" command. This option takes effect only on Kubernetes >=1.22.0. + items: + type: string + type: array + type: object + mounts: + description: Mounts specifies a list of mount points to be setup. + items: + description: MountPoints defines input for generated mounts in cloud-init. + items: + type: string type: array - kind: - description: 'Kind is a string value representing the - REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: array + ntp: + description: NTP specifies NTP configuration + properties: + enabled: + description: Enabled specifies whether NTP should be enabled + type: boolean + servers: + description: Servers specifies which NTP servers to use + items: + type: string + type: array + type: object + postKubeadmCommands: + description: PostKubeadmCommands specifies extra commands to run after kubeadm runs + items: + type: string + type: array + preKubeadmCommands: + description: PreKubeadmCommands specifies extra commands to run before kubeadm runs + items: type: string - localAPIEndpoint: - description: LocalAPIEndpoint represents the endpoint - of the API server instance that's deployed on this control - plane node In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint - in the sense that ControlPlaneEndpoint is the global - endpoint for the cluster, which then loadbalances the - requests to each individual API server. This configuration - object lets you customize what IP/DNS name and port - the local API server advertises it's accessible on. - By default, kubeadm tries to auto-detect the IP of the - default interface and use that, but in case that process - fails you may set the desired value here. + type: array + useExperimentalRetryJoin: + description: "UseExperimentalRetryJoin replaces a basic kubeadm command with a shell script with retries for joins. \n This is meant to be an experimental temporary workaround on some environments where joins fail due to timing (and other issues). The long term goal is to add retries to kubeadm proper and use that functionality. \n This will add about 40KB to userdata \n For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055. \n Deprecated: This experimental fix is no longer needed and this field will be removed in a future release. When removing also remove from staticcheck exclude-rules for SA1019 in golangci.yml" + type: boolean + users: + description: Users specifies extra users to add + items: + description: User defines the input for a generated user in cloud-init. properties: - advertiseAddress: - description: AdvertiseAddress sets the IP address - for the API server to advertise. + gecos: + description: Gecos specifies the gecos to use for the user type: string - bindPort: - description: BindPort sets the secure port for the - API Server to bind to. Defaults to 6443. - format: int32 - type: integer - type: object - nodeRegistration: - description: NodeRegistration holds fields that relate - to registering the new control-plane node to the cluster. - When used in the context of control plane nodes, NodeRegistration - should remain consistent across both InitConfiguration - and JoinConfiguration - properties: - criSocket: - description: CRISocket is used to retrieve container - runtime info. This information will be annotated - to the Node API object, for later re-use + groups: + description: Groups specifies the additional groups for the user type: string - ignorePreflightErrors: - description: IgnorePreflightErrors provides a slice - of pre-flight errors to be ignored when the current - node is registered. - items: - type: string - type: array - imagePullPolicy: - description: ImagePullPolicy specifies the policy - for image pulling during kubeadm "init" and "join" - operations. The value of this field must be one - of "Always", "IfNotPresent" or "Never". Defaults - to "IfNotPresent". This can be used only with Kubernetes - version equal to 1.22 and later. - enum: - - Always - - IfNotPresent - - Never + homeDir: + description: HomeDir specifies the home directory to use for the user type: string - kubeletExtraArgs: - additionalProperties: - type: string - description: KubeletExtraArgs passes through extra - arguments to the kubelet. The arguments here are - passed to the kubelet command line via the environment - file kubeadm writes at runtime for the kubelet to - source. This overrides the generic base-level configuration - in the kubelet-config-1.X ConfigMap Flags have higher - priority when parsing. These values are local and - specific to the node kubeadm is executing on. - type: object + inactive: + description: Inactive specifies whether to mark the user as inactive + type: boolean + lockPassword: + description: LockPassword specifies if password login should be disabled + type: boolean name: - description: Name is the `.Metadata.Name` field of - the Node API object that will be created in this - `kubeadm init` or `kubeadm join` operation. This - field is also used in the CommonName field of the - kubelet's client certificate to the API server. - Defaults to the hostname of the node if not provided. + description: Name specifies the user name type: string - taints: - description: 'Taints specifies the taints the Node - API object should be registered with. If this field - is unset, i.e. nil, in the `kubeadm init` process - it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. - If you don''t want to taint your control-plane node, - set this field to an empty slice, i.e. `taints: - []` in the YAML file. This field is solely used - for Node registration.' - items: - description: The node this Taint is attached to - has the "effect" on any pod that does not tolerate - the Taint. - properties: - effect: - description: Required. The effect of the taint - on pods that do not tolerate the taint. Valid - effects are NoSchedule, PreferNoSchedule and - NoExecute. - type: string - key: - description: Required. The taint key to be applied - to a node. - type: string - timeAdded: - description: TimeAdded represents the time at - which the taint was added. It is only written - for NoExecute taints. - format: date-time - type: string - value: - description: The taint value corresponding to - the taint key. - type: string - required: - - effect - - key - type: object - type: array - type: object - patches: - description: Patches contains options related to applying - patches to components deployed by kubeadm during "kubeadm - init". The minimum kubernetes version needed to support - Patches is v1.22 - properties: - directory: - description: Directory is a path to a directory that - contains files named "target[suffix][+patchtype].extension". - For example, "kube-apiserver0+merge.yaml" or just - "etcd.json". "target" can be one of "kube-apiserver", - "kube-controller-manager", "kube-scheduler", "etcd". - "patchtype" can be one of "strategic" "merge" or - "json" and they match the patch formats supported - by kubectl. The default "patchtype" is "strategic". - "extension" must be either "json" or "yaml". "suffix" - is an optional string that can be used to determine - which patches are applied first alpha-numerically. - These files can be written into the target directory - via KubeadmConfig.Files which specifies additional - files to be created on the machine, either with - content inline or by referencing a secret. + passwd: + description: Passwd specifies a hashed password for the user type: string - type: object - skipPhases: - description: SkipPhases is a list of phases to skip during - command execution. The list of phases can be obtained - with the "kubeadm init --help" command. This option - takes effect only on Kubernetes >=1.22.0. - items: - type: string - type: array - type: object - joinConfiguration: - description: JoinConfiguration is the kubeadm configuration - for the join command - properties: - apiVersion: - description: 'APIVersion defines the versioned schema - of this representation of an object. Servers should - convert recognized schemas to the latest internal value, - and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - caCertPath: - description: 'CACertPath is the path to the SSL certificate - authority used to secure comunications between node - and control-plane. Defaults to "/etc/kubernetes/pki/ca.crt". - TODO: revisit when there is defaulting from k/k' - type: string - controlPlane: - description: ControlPlane defines the additional control - plane instance to be deployed on the joining node. If - nil, no additional control plane instance will be deployed. - properties: - localAPIEndpoint: - description: LocalAPIEndpoint represents the endpoint - of the API server instance to be deployed on this - node. - properties: - advertiseAddress: - description: AdvertiseAddress sets the IP address - for the API server to advertise. - type: string - bindPort: - description: BindPort sets the secure port for - the API Server to bind to. Defaults to 6443. - format: int32 - type: integer - type: object - type: object - discovery: - description: 'Discovery specifies the options for the - kubelet to use during the TLS Bootstrap process TODO: - revisit when there is defaulting from k/k' - properties: - bootstrapToken: - description: BootstrapToken is used to set the options - for bootstrap token based discovery BootstrapToken - and File are mutually exclusive - properties: - apiServerEndpoint: - description: APIServerEndpoint is an IP or domain - name to the API server from which info will - be fetched. - type: string - caCertHashes: - description: 'CACertHashes specifies a set of - public key pins to verify when token-based discovery - is used. The root CA found during discovery - must match one of these values. Specifying an - empty set disables root CA pinning, which can - be unsafe. Each hash is specified as ":", - where the only currently supported type is "sha256". - This is a hex-encoded SHA-256 hash of the Subject - Public Key Info (SPKI) object in DER-encoded - ASN.1. These hashes can be calculated using, - for example, OpenSSL: openssl x509 -pubkey -in - ca.crt openssl rsa -pubin -outform der 2>&/dev/null - | openssl dgst -sha256 -hex' - items: - type: string - type: array - token: - description: Token is a token used to validate - cluster information fetched from the control-plane. - type: string - unsafeSkipCAVerification: - description: UnsafeSkipCAVerification allows token-based - discovery without CA verification via CACertHashes. - This can weaken the security of kubeadm since - other nodes can impersonate the control-plane. - type: boolean - required: - - token - type: object - file: - description: File is used to specify a file or URL - to a kubeconfig file from which to load cluster - information BootstrapToken and File are mutually - exclusive + passwdFrom: + description: PasswdFrom is a referenced source of passwd to populate the passwd. properties: - kubeConfigPath: - description: KubeConfigPath is used to specify - the actual file path or URL to the kubeconfig - file from which to load cluster information - type: string + secret: + description: Secret represents a secret that should populate this password. + properties: + key: + description: Key is the key in the secret's data map for this value. + type: string + name: + description: Name of the secret in the KubeadmBootstrapConfig's namespace to use. + type: string + required: + - key + - name + type: object required: - - kubeConfigPath + - secret type: object - timeout: - description: Timeout modifies the discovery timeout + primaryGroup: + description: PrimaryGroup specifies the primary group for the user type: string - tlsBootstrapToken: - description: TLSBootstrapToken is a token used for - TLS bootstrapping. If .BootstrapToken is set, this - field is defaulted to .BootstrapToken.Token, but - can be overridden. If .File is set, this field **must - be set** in case the KubeConfigFile does not contain - any other authentication information - type: string - type: object - kind: - description: 'Kind is a string value representing the - REST resource this object represents. Servers may infer - this from the endpoint the client submits requests to. - Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - nodeRegistration: - description: NodeRegistration holds fields that relate - to registering the new control-plane node to the cluster. - When used in the context of control plane nodes, NodeRegistration - should remain consistent across both InitConfiguration - and JoinConfiguration - properties: - criSocket: - description: CRISocket is used to retrieve container - runtime info. This information will be annotated - to the Node API object, for later re-use + shell: + description: Shell specifies the user's shell type: string - ignorePreflightErrors: - description: IgnorePreflightErrors provides a slice - of pre-flight errors to be ignored when the current - node is registered. + sshAuthorizedKeys: + description: SSHAuthorizedKeys specifies a list of ssh authorized keys for the user items: type: string type: array - imagePullPolicy: - description: ImagePullPolicy specifies the policy - for image pulling during kubeadm "init" and "join" - operations. The value of this field must be one - of "Always", "IfNotPresent" or "Never". Defaults - to "IfNotPresent". This can be used only with Kubernetes - version equal to 1.22 and later. - enum: - - Always - - IfNotPresent - - Never - type: string - kubeletExtraArgs: - additionalProperties: - type: string - description: KubeletExtraArgs passes through extra - arguments to the kubelet. The arguments here are - passed to the kubelet command line via the environment - file kubeadm writes at runtime for the kubelet to - source. This overrides the generic base-level configuration - in the kubelet-config-1.X ConfigMap Flags have higher - priority when parsing. These values are local and - specific to the node kubeadm is executing on. - type: object - name: - description: Name is the `.Metadata.Name` field of - the Node API object that will be created in this - `kubeadm init` or `kubeadm join` operation. This - field is also used in the CommonName field of the - kubelet's client certificate to the API server. - Defaults to the hostname of the node if not provided. - type: string - taints: - description: 'Taints specifies the taints the Node - API object should be registered with. If this field - is unset, i.e. nil, in the `kubeadm init` process - it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. - If you don''t want to taint your control-plane node, - set this field to an empty slice, i.e. `taints: - []` in the YAML file. This field is solely used - for Node registration.' - items: - description: The node this Taint is attached to - has the "effect" on any pod that does not tolerate - the Taint. - properties: - effect: - description: Required. The effect of the taint - on pods that do not tolerate the taint. Valid - effects are NoSchedule, PreferNoSchedule and - NoExecute. - type: string - key: - description: Required. The taint key to be applied - to a node. - type: string - timeAdded: - description: TimeAdded represents the time at - which the taint was added. It is only written - for NoExecute taints. - format: date-time - type: string - value: - description: The taint value corresponding to - the taint key. - type: string - required: - - effect - - key - type: object - type: array - type: object - patches: - description: Patches contains options related to applying - patches to components deployed by kubeadm during "kubeadm - join". The minimum kubernetes version needed to support - Patches is v1.22 - properties: - directory: - description: Directory is a path to a directory that - contains files named "target[suffix][+patchtype].extension". - For example, "kube-apiserver0+merge.yaml" or just - "etcd.json". "target" can be one of "kube-apiserver", - "kube-controller-manager", "kube-scheduler", "etcd". - "patchtype" can be one of "strategic" "merge" or - "json" and they match the patch formats supported - by kubectl. The default "patchtype" is "strategic". - "extension" must be either "json" or "yaml". "suffix" - is an optional string that can be used to determine - which patches are applied first alpha-numerically. - These files can be written into the target directory - via KubeadmConfig.Files which specifies additional - files to be created on the machine, either with - content inline or by referencing a secret. + sudo: + description: Sudo specifies a sudo role for the user type: string + required: + - name type: object - skipPhases: - description: SkipPhases is a list of phases to skip during - command execution. The list of phases can be obtained - with the "kubeadm init --help" command. This option - takes effect only on Kubernetes >=1.22.0. - items: - type: string - type: array - type: object - mounts: - description: Mounts specifies a list of mount points to be - setup. - items: - description: MountPoints defines input for generated mounts - in cloud-init. - items: - type: string type: array - type: array - ntp: - description: NTP specifies NTP configuration - properties: - enabled: - description: Enabled specifies whether NTP should be enabled - type: boolean - servers: - description: Servers specifies which NTP servers to use - items: - type: string - type: array - type: object - postKubeadmCommands: - description: PostKubeadmCommands specifies extra commands - to run after kubeadm runs - items: - type: string - type: array - preKubeadmCommands: - description: PreKubeadmCommands specifies extra commands to - run before kubeadm runs - items: - type: string - type: array - useExperimentalRetryJoin: - description: "UseExperimentalRetryJoin replaces a basic kubeadm - command with a shell script with retries for joins. \n This - is meant to be an experimental temporary workaround on some - environments where joins fail due to timing (and other issues). - The long term goal is to add retries to kubeadm proper and - use that functionality. \n This will add about 40KB to userdata - \n For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055. - \n Deprecated: This experimental fix is no longer needed - and this field will be removed in a future release. When - removing also remove from staticcheck exclude-rules for - SA1019 in golangci.yml" - type: boolean - users: - description: Users specifies extra users to add - items: - description: User defines the input for a generated user - in cloud-init. - properties: - gecos: - description: Gecos specifies the gecos to use for the - user - type: string - groups: - description: Groups specifies the additional groups - for the user - type: string - homeDir: - description: HomeDir specifies the home directory to - use for the user - type: string - inactive: - description: Inactive specifies whether to mark the - user as inactive - type: boolean - lockPassword: - description: LockPassword specifies if password login - should be disabled - type: boolean - name: - description: Name specifies the user name - type: string - passwd: - description: Passwd specifies a hashed password for - the user - type: string - passwdFrom: - description: PasswdFrom is a referenced source of passwd - to populate the passwd. - properties: - secret: - description: Secret represents a secret that should - populate this password. - properties: - key: - description: Key is the key in the secret's - data map for this value. - type: string - name: - description: Name of the secret in the KubeadmBootstrapConfig's - namespace to use. - type: string - required: - - key - - name - type: object - required: - - secret - type: object - primaryGroup: - description: PrimaryGroup specifies the primary group - for the user - type: string - shell: - description: Shell specifies the user's shell - type: string - sshAuthorizedKeys: - description: SSHAuthorizedKeys specifies a list of ssh - authorized keys for the user - items: - type: string - type: array - sudo: - description: Sudo specifies a sudo role for the user - type: string - required: - - name - type: object - type: array - verbosity: - description: Verbosity is the number for the kubeadm log level - verbosity. It overrides the `--v` flag in kubeadm commands. - format: int32 - type: integer - type: object - type: object - required: - - template - type: object - type: object - served: true - storage: true - subresources: {} + verbosity: + description: Verbosity is the number for the kubeadm log level verbosity. It overrides the `--v` flag in kubeadm commands. + format: int32 + type: integer + type: object + type: object + required: + - template + type: object + type: object + served: true + storage: true + subresources: {} status: acceptedNames: kind: "" @@ -6323,24 +4339,24 @@ metadata: name: capi-kubeadm-bootstrap-leader-election-role namespace: capi-kubeadm-bootstrap-system rules: -- apiGroups: - - "" - resources: - - events - verbs: - - create -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -6350,60 +4366,60 @@ metadata: clusterctl.cluster.x-k8s.io: "" name: capi-kubeadm-bootstrap-manager-role rules: -- apiGroups: - - "" - resources: - - configmaps - - events - - secrets - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - authentication.k8s.io - resources: - - tokenreviews - verbs: - - create -- apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create -- apiGroups: - - bootstrap.cluster.x-k8s.io - resources: - - kubeadmconfigs - - kubeadmconfigs/finalizers - - kubeadmconfigs/status - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - cluster.x-k8s.io - resources: - - clusters - - clusters/status - - machinepools - - machinepools/status - - machines - - machines/status - - machinesets - verbs: - - get - - list - - watch + - apiGroups: + - "" + resources: + - configmaps + - events + - secrets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create + - apiGroups: + - bootstrap.cluster.x-k8s.io + resources: + - kubeadmconfigs + - kubeadmconfigs/finalizers + - kubeadmconfigs/status + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - cluster.x-k8s.io + resources: + - clusters + - clusters/status + - machinepools + - machinepools/status + - machines + - machines/status + - machinesets + verbs: + - get + - list + - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding @@ -6419,9 +4435,9 @@ roleRef: kind: Role name: capi-kubeadm-bootstrap-leader-election-role subjects: -- kind: ServiceAccount - name: capi-kubeadm-bootstrap-manager - namespace: capi-kubeadm-bootstrap-system + - kind: ServiceAccount + name: capi-kubeadm-bootstrap-manager + namespace: capi-kubeadm-bootstrap-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding @@ -6436,9 +4452,9 @@ roleRef: kind: ClusterRole name: capi-kubeadm-bootstrap-manager-role subjects: -- kind: ServiceAccount - name: capi-kubeadm-bootstrap-manager - namespace: capi-kubeadm-bootstrap-system + - kind: ServiceAccount + name: capi-kubeadm-bootstrap-manager + namespace: capi-kubeadm-bootstrap-system --- apiVersion: v1 kind: Service @@ -6450,8 +4466,8 @@ metadata: namespace: capi-kubeadm-bootstrap-system spec: ports: - - port: 443 - targetPort: webhook-server + - port: 443 + targetPort: webhook-server selector: cluster.x-k8s.io/provider: bootstrap-kubeadm --- @@ -6480,48 +4496,48 @@ spec: control-plane: controller-manager spec: containers: - - args: - - --leader-elect - - --diagnostics-address=:8443 - - --insecure-diagnostics=false - - --feature-gates=MachinePool=false,KubeadmBootstrapFormatIgnition=false - - --bootstrap-token-ttl=15m - command: - - /manager - image: registry.k8s.io/cluster-api/kubeadm-bootstrap-controller:v1.6.2 - imagePullPolicy: IfNotPresent - livenessProbe: - httpGet: - path: /healthz - port: healthz - name: manager - ports: - - containerPort: 9443 - name: webhook-server - protocol: TCP - - containerPort: 9440 - name: healthz - protocol: TCP - - containerPort: 8443 - name: metrics - protocol: TCP - readinessProbe: - httpGet: - path: /readyz - port: healthz - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - privileged: false - runAsGroup: 65532 - runAsUser: 65532 - volumeMounts: - - mountPath: /tmp/k8s-webhook-server/serving-certs - name: cert - readOnly: true + - args: + - --leader-elect + - --diagnostics-address=:8443 + - --insecure-diagnostics=false + - --feature-gates=MachinePool=false,KubeadmBootstrapFormatIgnition=false + - --bootstrap-token-ttl=15m + command: + - /manager + image: registry.k8s.io/cluster-api/kubeadm-bootstrap-controller:v1.6.2 + imagePullPolicy: IfNotPresent + livenessProbe: + httpGet: + path: /healthz + port: healthz + name: manager + ports: + - containerPort: 9443 + name: webhook-server + protocol: TCP + - containerPort: 9440 + name: healthz + protocol: TCP + - containerPort: 8443 + name: metrics + protocol: TCP + readinessProbe: + httpGet: + path: /readyz + port: healthz + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + privileged: false + runAsGroup: 65532 + runAsUser: 65532 + volumeMounts: + - mountPath: /tmp/k8s-webhook-server/serving-certs + name: cert + readOnly: true securityContext: runAsNonRoot: true seccompProfile: @@ -6529,14 +4545,14 @@ spec: serviceAccountName: capi-kubeadm-bootstrap-manager terminationGracePeriodSeconds: 10 tolerations: - - effect: NoSchedule - key: node-role.kubernetes.io/master - - effect: NoSchedule - key: node-role.kubernetes.io/control-plane + - effect: NoSchedule + key: node-role.kubernetes.io/master + - effect: NoSchedule + key: node-role.kubernetes.io/control-plane volumes: - - name: cert - secret: - secretName: capi-kubeadm-bootstrap-webhook-service-cert + - name: cert + secret: + secretName: capi-kubeadm-bootstrap-webhook-service-cert status: {} --- apiVersion: cert-manager.io/v1 @@ -6549,15 +4565,15 @@ metadata: namespace: capi-kubeadm-bootstrap-system spec: dnsNames: - - capi-kubeadm-bootstrap-webhook-service.capi-kubeadm-bootstrap-system.svc - - capi-kubeadm-bootstrap-webhook-service.capi-kubeadm-bootstrap-system.svc.cluster.local + - capi-kubeadm-bootstrap-webhook-service.capi-kubeadm-bootstrap-system.svc + - capi-kubeadm-bootstrap-webhook-service.capi-kubeadm-bootstrap-system.svc.cluster.local issuerRef: kind: Issuer name: capi-kubeadm-bootstrap-selfsigned-issuer secretName: capi-kubeadm-bootstrap-webhook-service-cert subject: organizations: - - k8s-sig-cluster-lifecycle + - k8s-sig-cluster-lifecycle --- apiVersion: cert-manager.io/v1 kind: Issuer @@ -6581,48 +4597,48 @@ metadata: clusterctl.cluster.x-k8s.io: "" name: capi-kubeadm-bootstrap-mutating-webhook-configuration webhooks: -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: capi-kubeadm-bootstrap-webhook-service - namespace: capi-kubeadm-bootstrap-system - path: /mutate-bootstrap-cluster-x-k8s-io-v1beta1-kubeadmconfig - failurePolicy: Fail - name: default.kubeadmconfig.bootstrap.cluster.x-k8s.io - rules: - - apiGroups: - - bootstrap.cluster.x-k8s.io - apiVersions: - - v1beta1 - operations: - - CREATE - - UPDATE - resources: - - kubeadmconfigs - sideEffects: None -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: capi-kubeadm-bootstrap-webhook-service - namespace: capi-kubeadm-bootstrap-system - path: /mutate-bootstrap-cluster-x-k8s-io-v1beta1-kubeadmconfigtemplate - failurePolicy: Fail - name: default.kubeadmconfigtemplate.bootstrap.cluster.x-k8s.io - rules: - - apiGroups: - - bootstrap.cluster.x-k8s.io - apiVersions: - - v1beta1 - operations: - - CREATE - - UPDATE - resources: - - kubeadmconfigtemplates - sideEffects: None + - admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-kubeadm-bootstrap-webhook-service + namespace: capi-kubeadm-bootstrap-system + path: /mutate-bootstrap-cluster-x-k8s-io-v1beta1-kubeadmconfig + failurePolicy: Fail + name: default.kubeadmconfig.bootstrap.cluster.x-k8s.io + rules: + - apiGroups: + - bootstrap.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - kubeadmconfigs + sideEffects: None + - admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-kubeadm-bootstrap-webhook-service + namespace: capi-kubeadm-bootstrap-system + path: /mutate-bootstrap-cluster-x-k8s-io-v1beta1-kubeadmconfigtemplate + failurePolicy: Fail + name: default.kubeadmconfigtemplate.bootstrap.cluster.x-k8s.io + rules: + - apiGroups: + - bootstrap.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - kubeadmconfigtemplates + sideEffects: None --- apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration @@ -6635,47 +4651,47 @@ metadata: clusterctl.cluster.x-k8s.io: "" name: capi-kubeadm-bootstrap-validating-webhook-configuration webhooks: -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: capi-kubeadm-bootstrap-webhook-service - namespace: capi-kubeadm-bootstrap-system - path: /validate-bootstrap-cluster-x-k8s-io-v1beta1-kubeadmconfig - failurePolicy: Fail - matchPolicy: Equivalent - name: validation.kubeadmconfig.bootstrap.cluster.x-k8s.io - rules: - - apiGroups: - - bootstrap.cluster.x-k8s.io - apiVersions: - - v1beta1 - operations: - - CREATE - - UPDATE - resources: - - kubeadmconfigs - sideEffects: None -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: capi-kubeadm-bootstrap-webhook-service - namespace: capi-kubeadm-bootstrap-system - path: /validate-bootstrap-cluster-x-k8s-io-v1beta1-kubeadmconfigtemplate - failurePolicy: Fail - matchPolicy: Equivalent - name: validation.kubeadmconfigtemplate.bootstrap.cluster.x-k8s.io - rules: - - apiGroups: - - bootstrap.cluster.x-k8s.io - apiVersions: - - v1beta1 - operations: - - CREATE - - UPDATE - resources: - - kubeadmconfigtemplates - sideEffects: None + - admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-kubeadm-bootstrap-webhook-service + namespace: capi-kubeadm-bootstrap-system + path: /validate-bootstrap-cluster-x-k8s-io-v1beta1-kubeadmconfig + failurePolicy: Fail + matchPolicy: Equivalent + name: validation.kubeadmconfig.bootstrap.cluster.x-k8s.io + rules: + - apiGroups: + - bootstrap.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - kubeadmconfigs + sideEffects: None + - admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-kubeadm-bootstrap-webhook-service + namespace: capi-kubeadm-bootstrap-system + path: /validate-bootstrap-cluster-x-k8s-io-v1beta1-kubeadmconfigtemplate + failurePolicy: Fail + matchPolicy: Equivalent + name: validation.kubeadmconfigtemplate.bootstrap.cluster.x-k8s.io + rules: + - apiGroups: + - bootstrap.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - kubeadmconfigtemplates + sideEffects: None diff --git a/infra/capi/cluster-capi/cluster-api-control-plane.yaml b/infra/capi/cluster-capi/cluster-api-control-plane.yaml index b7ea7a4..13dab99 100644 --- a/infra/capi/cluster-capi/cluster-api-control-plane.yaml +++ b/infra/capi/cluster-capi/cluster-api-control-plane.yaml @@ -31,3871 +31,2643 @@ spec: namespace: capi-kubeadm-control-plane-system path: /convert conversionReviewVersions: - - v1 - - v1beta1 + - v1 + - v1beta1 group: controlplane.cluster.x-k8s.io names: categories: - - cluster-api + - cluster-api kind: KubeadmControlPlane listKind: KubeadmControlPlaneList plural: kubeadmcontrolplanes shortNames: - - kcp + - kcp singular: kubeadmcontrolplane scope: Namespaced versions: - - additionalPrinterColumns: - - description: This denotes whether or not the control plane has the uploaded - kubeadm-config configmap - jsonPath: .status.initialized - name: Initialized - type: boolean - - description: KubeadmControlPlane API Server is ready to receive requests - jsonPath: .status.ready - name: API Server Available - type: boolean - - description: Kubernetes version associated with this control plane - jsonPath: .spec.version - name: Version - type: string - - description: Total number of non-terminated machines targeted by this control - plane - jsonPath: .status.replicas - name: Replicas - type: integer - - description: Total number of fully running and ready control plane machines - jsonPath: .status.readyReplicas - name: Ready - type: integer - - description: Total number of non-terminated machines targeted by this control - plane that have the desired template spec - jsonPath: .status.updatedReplicas - name: Updated - type: integer - - description: Total number of unavailable machines targeted by this control plane - jsonPath: .status.unavailableReplicas - name: Unavailable - type: integer - deprecated: true - name: v1alpha3 - schema: - openAPIV3Schema: - description: "KubeadmControlPlane is the Schema for the KubeadmControlPlane - API. \n Deprecated: This type will be removed in one of the next releases." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KubeadmControlPlaneSpec defines the desired state of KubeadmControlPlane. - properties: - infrastructureTemplate: - description: InfrastructureTemplate is a required reference to a custom - resource offered by an infrastructure provider. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - kubeadmConfigSpec: - description: KubeadmConfigSpec is a KubeadmConfigSpec to use for initializing - and joining machines to the control plane. - properties: - clusterConfiguration: - description: ClusterConfiguration along with InitConfiguration - are the configurations necessary for the init command - properties: - apiServer: - description: APIServer contains extra settings for the API - server control plane component - properties: - certSANs: - description: CertSANs sets extra Subject Alternative Names - for the API Server signing cert. - items: + - additionalPrinterColumns: + - description: This denotes whether or not the control plane has the uploaded kubeadm-config configmap + jsonPath: .status.initialized + name: Initialized + type: boolean + - description: KubeadmControlPlane API Server is ready to receive requests + jsonPath: .status.ready + name: API Server Available + type: boolean + - description: Kubernetes version associated with this control plane + jsonPath: .spec.version + name: Version + type: string + - description: Total number of non-terminated machines targeted by this control plane + jsonPath: .status.replicas + name: Replicas + type: integer + - description: Total number of fully running and ready control plane machines + jsonPath: .status.readyReplicas + name: Ready + type: integer + - description: Total number of non-terminated machines targeted by this control plane that have the desired template spec + jsonPath: .status.updatedReplicas + name: Updated + type: integer + - description: Total number of unavailable machines targeted by this control plane + jsonPath: .status.unavailableReplicas + name: Unavailable + type: integer + deprecated: true + name: v1alpha3 + schema: + openAPIV3Schema: + description: "KubeadmControlPlane is the Schema for the KubeadmControlPlane API. \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KubeadmControlPlaneSpec defines the desired state of KubeadmControlPlane. + properties: + infrastructureTemplate: + description: InfrastructureTemplate is a required reference to a custom resource offered by an infrastructure provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + kubeadmConfigSpec: + description: KubeadmConfigSpec is a KubeadmConfigSpec to use for initializing and joining machines to the control plane. + properties: + clusterConfiguration: + description: ClusterConfiguration along with InitConfiguration are the configurations necessary for the init command + properties: + apiServer: + description: APIServer contains extra settings for the API server control plane component + properties: + certSANs: + description: CertSANs sets extra Subject Alternative Names for the API Server signing cert. + items: + type: string + type: array + extraArgs: + additionalProperties: + type: string + description: 'ExtraArgs is an extra set of flags to pass to the control plane component. TODO: This is temporary and ideally we would like to switch all components to use ComponentConfig + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. + items: + description: HostPathMount contains elements describing volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host that will be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the pod where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + timeoutForControlPlane: + description: TimeoutForControlPlane controls the timeout that we use for API server to appear type: string - type: array - extraArgs: - additionalProperties: + type: object + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + certificatesDir: + description: 'CertificatesDir specifies where to store or look for all required certificates. NB: if not provided, this will default to `/etc/kubernetes/pki`' + type: string + clusterName: + description: The cluster name + type: string + controlPlaneEndpoint: + description: 'ControlPlaneEndpoint sets a stable IP address or DNS name for the control plane; it can be a valid IP address or a RFC-1123 DNS subdomain, both with optional TCP port. In case the ControlPlaneEndpoint is not specified, the AdvertiseAddress + BindPort are used; in case the ControlPlaneEndpoint is specified but without a TCP port, the BindPort is used. Possible usages are: e.g. In a cluster with more than one control plane instances, this field should be assigned the address of the external load balancer in front of the control plane instances. e.g. in environments with enforced node recycling, the ControlPlaneEndpoint could be used for assigning a stable DNS to the control plane. NB: This value defaults to the first value in the Cluster object status.apiEndpoints array.' + type: string + controllerManager: + description: ControllerManager contains extra settings for the controller manager control plane component + properties: + extraArgs: + additionalProperties: + type: string + description: 'ExtraArgs is an extra set of flags to pass to the control plane component. TODO: This is temporary and ideally we would like to switch all components to use ComponentConfig + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. + items: + description: HostPathMount contains elements describing volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host that will be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the pod where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + type: object + dns: + description: DNS defines the options for the DNS add-on installed in the cluster. + properties: + imageRepository: + description: ImageRepository sets the container registry to pull images from. if not set, the ImageRepository defined in ClusterConfiguration will be used instead. type: string - description: 'ExtraArgs is an extra set of flags to pass - to the control plane component. TODO: This is temporary - and ideally we would like to switch all components to - use ComponentConfig + ConfigMaps.' - type: object - extraVolumes: - description: ExtraVolumes is an extra set of host volumes, - mounted to the control plane component. - items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. + imageTag: + description: ImageTag allows to specify a tag for the image. In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. + type: string + type: + description: Type defines the DNS add-on to be used + type: string + type: object + etcd: + description: 'Etcd holds configuration for etcd. NB: This value defaults to a Local (stacked) etcd' + properties: + external: + description: External describes how to connect to an external etcd cluster Local and External are mutually exclusive properties: - hostPath: - description: HostPath is the path in the host that - will be mounted inside the pod. - type: string - mountPath: - description: MountPath is the path inside the pod - where hostPath will be mounted. + caFile: + description: CAFile is an SSL Certificate Authority file used to secure etcd communication. Required if using a TLS connection. type: string - name: - description: Name of the volume inside the pod template. + certFile: + description: CertFile is an SSL certification file used to secure etcd communication. Required if using a TLS connection. type: string - pathType: - description: PathType is the type of the HostPath. + endpoints: + description: Endpoints of etcd members. Required for ExternalEtcd. + items: + type: string + type: array + keyFile: + description: KeyFile is an SSL key file used to secure etcd communication. Required if using a TLS connection. type: string - readOnly: - description: ReadOnly controls write access to the - volume - type: boolean required: - - hostPath - - mountPath - - name + - caFile + - certFile + - endpoints + - keyFile type: object - type: array - timeoutForControlPlane: - description: TimeoutForControlPlane controls the timeout - that we use for API server to appear - type: string - type: object - apiVersion: - description: 'APIVersion defines the versioned schema of this - representation of an object. Servers should convert recognized - schemas to the latest internal value, and may reject unrecognized - values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - certificatesDir: - description: 'CertificatesDir specifies where to store or - look for all required certificates. NB: if not provided, - this will default to `/etc/kubernetes/pki`' - type: string - clusterName: - description: The cluster name - type: string - controlPlaneEndpoint: - description: 'ControlPlaneEndpoint sets a stable IP address - or DNS name for the control plane; it can be a valid IP - address or a RFC-1123 DNS subdomain, both with optional - TCP port. In case the ControlPlaneEndpoint is not specified, - the AdvertiseAddress + BindPort are used; in case the ControlPlaneEndpoint - is specified but without a TCP port, the BindPort is used. - Possible usages are: e.g. In a cluster with more than one - control plane instances, this field should be assigned the - address of the external load balancer in front of the control - plane instances. e.g. in environments with enforced node - recycling, the ControlPlaneEndpoint could be used for assigning - a stable DNS to the control plane. NB: This value defaults - to the first value in the Cluster object status.apiEndpoints - array.' - type: string - controllerManager: - description: ControllerManager contains extra settings for - the controller manager control plane component - properties: - extraArgs: - additionalProperties: - type: string - description: 'ExtraArgs is an extra set of flags to pass - to the control plane component. TODO: This is temporary - and ideally we would like to switch all components to - use ComponentConfig + ConfigMaps.' - type: object - extraVolumes: - description: ExtraVolumes is an extra set of host volumes, - mounted to the control plane component. - items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. + local: + description: Local provides configuration knobs for configuring the local etcd instance Local and External are mutually exclusive properties: - hostPath: - description: HostPath is the path in the host that - will be mounted inside the pod. + dataDir: + description: DataDir is the directory etcd will place its data. Defaults to "/var/lib/etcd". type: string - mountPath: - description: MountPath is the path inside the pod - where hostPath will be mounted. - type: string - name: - description: Name of the volume inside the pod template. + extraArgs: + additionalProperties: + type: string + description: ExtraArgs are extra arguments provided to the etcd binary when run inside a static pod. + type: object + imageRepository: + description: ImageRepository sets the container registry to pull images from. if not set, the ImageRepository defined in ClusterConfiguration will be used instead. type: string - pathType: - description: PathType is the type of the HostPath. + imageTag: + description: ImageTag allows to specify a tag for the image. In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. type: string - readOnly: - description: ReadOnly controls write access to the - volume - type: boolean - required: - - hostPath - - mountPath - - name + peerCertSANs: + description: PeerCertSANs sets extra Subject Alternative Names for the etcd peer signing cert. + items: + type: string + type: array + serverCertSANs: + description: ServerCertSANs sets extra Subject Alternative Names for the etcd server signing cert. + items: + type: string + type: array type: object - type: array - type: object - dns: - description: DNS defines the options for the DNS add-on installed - in the cluster. - properties: - imageRepository: - description: ImageRepository sets the container registry - to pull images from. if not set, the ImageRepository - defined in ClusterConfiguration will be used instead. - type: string - imageTag: - description: ImageTag allows to specify a tag for the - image. In case this value is set, kubeadm does not change - automatically the version of the above components during - upgrades. - type: string - type: - description: Type defines the DNS add-on to be used - type: string - type: object - etcd: - description: 'Etcd holds configuration for etcd. NB: This - value defaults to a Local (stacked) etcd' - properties: - external: - description: External describes how to connect to an external - etcd cluster Local and External are mutually exclusive - properties: - caFile: - description: CAFile is an SSL Certificate Authority - file used to secure etcd communication. Required - if using a TLS connection. + type: object + featureGates: + additionalProperties: + type: boolean + description: FeatureGates enabled by the user. + type: object + imageRepository: + description: ImageRepository sets the container registry to pull images from. If empty, `k8s.gcr.io` will be used by default; in case of kubernetes version is a CI build (kubernetes version starts with `ci/` or `ci-cross/`) `gcr.io/k8s-staging-ci-images` will be used as a default for control plane components and for kube-proxy, while `k8s.gcr.io` will be used for all the other images. + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + kubernetesVersion: + description: 'KubernetesVersion is the target version of the control plane. NB: This value defaults to the Machine object spec.version' + type: string + networking: + description: 'Networking holds configuration for the networking topology of the cluster. NB: This value defaults to the Cluster object spec.clusterNetwork.' + properties: + dnsDomain: + description: DNSDomain is the dns domain used by k8s services. Defaults to "cluster.local". + type: string + podSubnet: + description: PodSubnet is the subnet used by pods. If unset, the API server will not allocate CIDR ranges for every node. Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.services.cidrBlocks if that is set + type: string + serviceSubnet: + description: ServiceSubnet is the subnet used by k8s services. Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.pods.cidrBlocks, or to "10.96.0.0/12" if that's unset. + type: string + type: object + scheduler: + description: Scheduler contains extra settings for the scheduler control plane component + properties: + extraArgs: + additionalProperties: type: string - certFile: - description: CertFile is an SSL certification file - used to secure etcd communication. Required if using - a TLS connection. + description: 'ExtraArgs is an extra set of flags to pass to the control plane component. TODO: This is temporary and ideally we would like to switch all components to use ComponentConfig + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. + items: + description: HostPathMount contains elements describing volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host that will be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the pod where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + type: object + useHyperKubeImage: + description: UseHyperKubeImage controls if hyperkube should be used for Kubernetes components instead of their respective separate images + type: boolean + type: object + diskSetup: + description: DiskSetup specifies options for the creation of partition tables and file systems on devices. + properties: + filesystems: + description: Filesystems specifies the list of file systems to setup. + items: + description: Filesystem defines the file systems to be created. + properties: + device: + description: Device specifies the device name type: string - endpoints: - description: Endpoints of etcd members. Required for - ExternalEtcd. + extraOpts: + description: ExtraOpts defined extra options to add to the command for creating the file system. items: type: string type: array - keyFile: - description: KeyFile is an SSL key file used to secure - etcd communication. Required if using a TLS connection. + filesystem: + description: Filesystem specifies the file system type. + type: string + label: + description: Label specifies the file system label to be used. If set to None, no label is used. + type: string + overwrite: + description: Overwrite defines whether or not to overwrite any existing filesystem. If true, any pre-existing file system will be destroyed. Use with Caution. + type: boolean + partition: + description: 'Partition specifies the partition to use. The valid options are: "auto|any", "auto", "any", "none", and , where NUM is the actual partition number.' + type: string + replaceFS: + description: 'ReplaceFS is a special directive, used for Microsoft Azure that instructs cloud-init to replace a file system of . NOTE: unless you define a label, this requires the use of the ''any'' partition directive.' type: string required: - - caFile - - certFile - - endpoints - - keyFile + - device + - filesystem + - label type: object - local: - description: Local provides configuration knobs for configuring - the local etcd instance Local and External are mutually - exclusive + type: array + partitions: + description: Partitions specifies the list of the partitions to setup. + items: + description: Partition defines how to create and layout a partition. properties: - dataDir: - description: DataDir is the directory etcd will place - its data. Defaults to "/var/lib/etcd". + device: + description: Device is the name of the device. type: string - extraArgs: - additionalProperties: - type: string - description: ExtraArgs are extra arguments provided - to the etcd binary when run inside a static pod. + layout: + description: Layout specifies the device layout. If it is true, a single partition will be created for the entire device. When layout is false, it means don't partition or ignore existing partitioning. + type: boolean + overwrite: + description: Overwrite describes whether to skip checks and create the partition if a partition or filesystem is found on the device. Use with caution. Default is 'false'. + type: boolean + tableType: + description: 'TableType specifies the tupe of partition table. The following are supported: ''mbr'': default and setups a MS-DOS partition table ''gpt'': setups a GPT partition table' + type: string + required: + - device + - layout + type: object + type: array + type: object + files: + description: Files specifies extra files to be passed to user_data upon creation. + items: + description: File defines the input for generating write_files in cloud-init. + properties: + content: + description: Content is the actual content of the file. + type: string + contentFrom: + description: ContentFrom is a referenced source of content to populate the file. + properties: + secret: + description: Secret represents a secret that should populate this file. + properties: + key: + description: Key is the key in the secret's data map for this value. + type: string + name: + description: Name of the secret in the KubeadmBootstrapConfig's namespace to use. + type: string + required: + - key + - name type: object - imageRepository: - description: ImageRepository sets the container registry - to pull images from. if not set, the ImageRepository - defined in ClusterConfiguration will be used instead. + required: + - secret + type: object + encoding: + description: Encoding specifies the encoding of the file contents. + enum: + - base64 + - gzip + - gzip+base64 + type: string + owner: + description: Owner specifies the ownership of the file, e.g. "root:root". + type: string + path: + description: Path specifies the full path on disk where to store the file. + type: string + permissions: + description: Permissions specifies the permissions to assign to the file, e.g. "0640". + type: string + required: + - path + type: object + type: array + format: + description: Format specifies the output format of the bootstrap data + enum: + - cloud-config + type: string + initConfiguration: + description: InitConfiguration along with ClusterConfiguration are the configurations necessary for the init command + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + bootstrapTokens: + description: BootstrapTokens is respected at `kubeadm init` time and describes a set of Bootstrap Tokens to create. This information IS NOT uploaded to the kubeadm cluster configmap, partly because of its sensitive nature + items: + description: BootstrapToken describes one bootstrap token, stored as a Secret in the cluster. + properties: + description: + description: Description sets a human-friendly message why this token exists and what it's used for, so other administrators can know its purpose. type: string - imageTag: - description: ImageTag allows to specify a tag for - the image. In case this value is set, kubeadm does - not change automatically the version of the above - components during upgrades. + expires: + description: Expires specifies the timestamp when this token expires. Defaults to being set dynamically at runtime based on the TTL. Expires and TTL are mutually exclusive. + format: date-time type: string - peerCertSANs: - description: PeerCertSANs sets extra Subject Alternative - Names for the etcd peer signing cert. + groups: + description: Groups specifies the extra groups that this token will authenticate as when/if used for authentication items: type: string type: array - serverCertSANs: - description: ServerCertSANs sets extra Subject Alternative - Names for the etcd server signing cert. + token: + description: Token is used for establishing bidirectional trust between nodes and control-planes. Used for joining nodes in the cluster. + type: string + ttl: + description: TTL defines the time to live for this token. Defaults to 24h. Expires and TTL are mutually exclusive. + type: string + usages: + description: Usages describes the ways in which this token can be used. Can by default be used for establishing bidirectional trust, but that can be changed here. items: type: string type: array + required: + - token type: object - type: object - featureGates: - additionalProperties: - type: boolean - description: FeatureGates enabled by the user. - type: object - imageRepository: - description: ImageRepository sets the container registry to - pull images from. If empty, `k8s.gcr.io` will be used by - default; in case of kubernetes version is a CI build (kubernetes - version starts with `ci/` or `ci-cross/`) `gcr.io/k8s-staging-ci-images` - will be used as a default for control plane components and - for kube-proxy, while `k8s.gcr.io` will be used for all - the other images. - type: string - kind: - description: 'Kind is a string value representing the REST - resource this object represents. Servers may infer this - from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - kubernetesVersion: - description: 'KubernetesVersion is the target version of the - control plane. NB: This value defaults to the Machine object - spec.version' - type: string - networking: - description: 'Networking holds configuration for the networking - topology of the cluster. NB: This value defaults to the - Cluster object spec.clusterNetwork.' - properties: - dnsDomain: - description: DNSDomain is the dns domain used by k8s services. - Defaults to "cluster.local". - type: string - podSubnet: - description: PodSubnet is the subnet used by pods. If - unset, the API server will not allocate CIDR ranges - for every node. Defaults to a comma-delimited string - of the Cluster object's spec.clusterNetwork.services.cidrBlocks - if that is set - type: string - serviceSubnet: - description: ServiceSubnet is the subnet used by k8s services. - Defaults to a comma-delimited string of the Cluster - object's spec.clusterNetwork.pods.cidrBlocks, or to - "10.96.0.0/12" if that's unset. - type: string - type: object - scheduler: - description: Scheduler contains extra settings for the scheduler - control plane component - properties: - extraArgs: - additionalProperties: - type: string - description: 'ExtraArgs is an extra set of flags to pass - to the control plane component. TODO: This is temporary - and ideally we would like to switch all components to - use ComponentConfig + ConfigMaps.' - type: object - extraVolumes: - description: ExtraVolumes is an extra set of host volumes, - mounted to the control plane component. - items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. - properties: - hostPath: - description: HostPath is the path in the host that - will be mounted inside the pod. - type: string - mountPath: - description: MountPath is the path inside the pod - where hostPath will be mounted. - type: string - name: - description: Name of the volume inside the pod template. - type: string - pathType: - description: PathType is the type of the HostPath. - type: string - readOnly: - description: ReadOnly controls write access to the - volume - type: boolean - required: - - hostPath - - mountPath - - name - type: object - type: array - type: object - useHyperKubeImage: - description: UseHyperKubeImage controls if hyperkube should - be used for Kubernetes components instead of their respective - separate images - type: boolean - type: object - diskSetup: - description: DiskSetup specifies options for the creation of partition - tables and file systems on devices. - properties: - filesystems: - description: Filesystems specifies the list of file systems - to setup. - items: - description: Filesystem defines the file systems to be created. + type: array + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + localAPIEndpoint: + description: LocalAPIEndpoint represents the endpoint of the API server instance that's deployed on this control plane node In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint in the sense that ControlPlaneEndpoint is the global endpoint for the cluster, which then loadbalances the requests to each individual API server. This configuration object lets you customize what IP/DNS name and port the local API server advertises it's accessible on. By default, kubeadm tries to auto-detect the IP of the default interface and use that, but in case that process fails you may set the desired value here. properties: - device: - description: Device specifies the device name - type: string - extraOpts: - description: ExtraOpts defined extra options to add - to the command for creating the file system. - items: - type: string - type: array - filesystem: - description: Filesystem specifies the file system type. - type: string - label: - description: Label specifies the file system label to - be used. If set to None, no label is used. - type: string - overwrite: - description: Overwrite defines whether or not to overwrite - any existing filesystem. If true, any pre-existing - file system will be destroyed. Use with Caution. - type: boolean - partition: - description: 'Partition specifies the partition to use. - The valid options are: "auto|any", "auto", "any", - "none", and , where NUM is the actual partition - number.' - type: string - replaceFS: - description: 'ReplaceFS is a special directive, used - for Microsoft Azure that instructs cloud-init to replace - a file system of . NOTE: unless you define - a label, this requires the use of the ''any'' partition - directive.' + advertiseAddress: + description: AdvertiseAddress sets the IP address for the API server to advertise. type: string + bindPort: + description: BindPort sets the secure port for the API Server to bind to. Defaults to 6443. + format: int32 + type: integer required: - - device - - filesystem - - label + - advertiseAddress + - bindPort type: object - type: array - partitions: - description: Partitions specifies the list of the partitions - to setup. - items: - description: Partition defines how to create and layout - a partition. + nodeRegistration: + description: NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. When used in the context of control plane nodes, NodeRegistration should remain consistent across both InitConfiguration and JoinConfiguration properties: - device: - description: Device is the name of the device. + criSocket: + description: CRISocket is used to retrieve container runtime info. This information will be annotated to the Node API object, for later re-use type: string - layout: - description: Layout specifies the device layout. If - it is true, a single partition will be created for - the entire device. When layout is false, it means - don't partition or ignore existing partitioning. - type: boolean - overwrite: - description: Overwrite describes whether to skip checks - and create the partition if a partition or filesystem - is found on the device. Use with caution. Default - is 'false'. - type: boolean - tableType: - description: 'TableType specifies the tupe of partition - table. The following are supported: ''mbr'': default - and setups a MS-DOS partition table ''gpt'': setups - a GPT partition table' + kubeletExtraArgs: + additionalProperties: + type: string + description: KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. + type: object + name: + description: Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. This field is also used in the CommonName field of the kubelet's client certificate to the API server. Defaults to the hostname of the node if not provided. type: string - required: - - device - - layout + taints: + description: 'Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. If you don''t want to taint your control-plane node, set this field to an empty slice, i.e. `taints: {}` in the YAML file. This field is solely used for Node registration.' + items: + description: The node this Taint is attached to has the "effect" on any pod that does not tolerate the Taint. + properties: + effect: + description: Required. The effect of the taint on pods that do not tolerate the taint. Valid effects are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Required. The taint key to be applied to a node. + type: string + timeAdded: + description: TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints. + format: date-time + type: string + value: + description: The taint value corresponding to the taint key. + type: string + required: + - effect + - key + type: object + type: array type: object - type: array - type: object - files: - description: Files specifies extra files to be passed to user_data - upon creation. - items: - description: File defines the input for generating write_files - in cloud-init. + type: object + joinConfiguration: + description: JoinConfiguration is the kubeadm configuration for the join command properties: - content: - description: Content is the actual content of the file. + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string - contentFrom: - description: ContentFrom is a referenced source of content - to populate the file. + caCertPath: + description: 'CACertPath is the path to the SSL certificate authority used to secure comunications between node and control-plane. Defaults to "/etc/kubernetes/pki/ca.crt". TODO: revisit when there is defaulting from k/k' + type: string + controlPlane: + description: ControlPlane defines the additional control plane instance to be deployed on the joining node. If nil, no additional control plane instance will be deployed. properties: - secret: - description: Secret represents a secret that should - populate this file. + localAPIEndpoint: + description: LocalAPIEndpoint represents the endpoint of the API server instance to be deployed on this node. properties: - key: - description: Key is the key in the secret's data - map for this value. + advertiseAddress: + description: AdvertiseAddress sets the IP address for the API server to advertise. type: string - name: - description: Name of the secret in the KubeadmBootstrapConfig's - namespace to use. + bindPort: + description: BindPort sets the secure port for the API Server to bind to. Defaults to 6443. + format: int32 + type: integer + required: + - advertiseAddress + - bindPort + type: object + type: object + discovery: + description: 'Discovery specifies the options for the kubelet to use during the TLS Bootstrap process TODO: revisit when there is defaulting from k/k' + properties: + bootstrapToken: + description: BootstrapToken is used to set the options for bootstrap token based discovery BootstrapToken and File are mutually exclusive + properties: + apiServerEndpoint: + description: APIServerEndpoint is an IP or domain name to the API server from which info will be fetched. + type: string + caCertHashes: + description: 'CACertHashes specifies a set of public key pins to verify when token-based discovery is used. The root CA found during discovery must match one of these values. Specifying an empty set disables root CA pinning, which can be unsafe. Each hash is specified as ":", where the only currently supported type is "sha256". This is a hex-encoded SHA-256 hash of the Subject Public Key Info (SPKI) object in DER-encoded ASN.1. These hashes can be calculated using, for example, OpenSSL: openssl x509 -pubkey -in ca.crt openssl rsa -pubin -outform der 2>&/dev/null | openssl dgst -sha256 -hex' + items: + type: string + type: array + token: + description: Token is a token used to validate cluster information fetched from the control-plane. type: string + unsafeSkipCAVerification: + description: UnsafeSkipCAVerification allows token-based discovery without CA verification via CACertHashes. This can weaken the security of kubeadm since other nodes can impersonate the control-plane. + type: boolean required: - - key - - name + - token + - unsafeSkipCAVerification type: object - required: - - secret + file: + description: File is used to specify a file or URL to a kubeconfig file from which to load cluster information BootstrapToken and File are mutually exclusive + properties: + kubeConfigPath: + description: KubeConfigPath is used to specify the actual file path or URL to the kubeconfig file from which to load cluster information + type: string + required: + - kubeConfigPath + type: object + timeout: + description: Timeout modifies the discovery timeout + type: string + tlsBootstrapToken: + description: 'TLSBootstrapToken is a token used for TLS bootstrapping. If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, but can be overridden. If .File is set, this field **must be set** in case the KubeConfigFile does not contain any other authentication information TODO: revisit when there is defaulting from k/k' + type: string type: object - encoding: - description: Encoding specifies the encoding of the file - contents. - enum: - - base64 - - gzip - - gzip+base64 - type: string - owner: - description: Owner specifies the ownership of the file, - e.g. "root:root". - type: string - path: - description: Path specifies the full path on disk where - to store the file. - type: string - permissions: - description: Permissions specifies the permissions to assign - to the file, e.g. "0640". + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - required: - - path - type: object - type: array - format: - description: Format specifies the output format of the bootstrap - data - enum: - - cloud-config - type: string - initConfiguration: - description: InitConfiguration along with ClusterConfiguration - are the configurations necessary for the init command - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this - representation of an object. Servers should convert recognized - schemas to the latest internal value, and may reject unrecognized - values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - bootstrapTokens: - description: BootstrapTokens is respected at `kubeadm init` - time and describes a set of Bootstrap Tokens to create. - This information IS NOT uploaded to the kubeadm cluster - configmap, partly because of its sensitive nature - items: - description: BootstrapToken describes one bootstrap token, - stored as a Secret in the cluster. + nodeRegistration: + description: NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. When used in the context of control plane nodes, NodeRegistration should remain consistent across both InitConfiguration and JoinConfiguration properties: - description: - description: Description sets a human-friendly message - why this token exists and what it's used for, so other - administrators can know its purpose. + criSocket: + description: CRISocket is used to retrieve container runtime info. This information will be annotated to the Node API object, for later re-use type: string - expires: - description: Expires specifies the timestamp when this - token expires. Defaults to being set dynamically at - runtime based on the TTL. Expires and TTL are mutually - exclusive. - format: date-time + kubeletExtraArgs: + additionalProperties: + type: string + description: KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. + type: object + name: + description: Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. This field is also used in the CommonName field of the kubelet's client certificate to the API server. Defaults to the hostname of the node if not provided. type: string - groups: - description: Groups specifies the extra groups that - this token will authenticate as when/if used for authentication + taints: + description: 'Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. If you don''t want to taint your control-plane node, set this field to an empty slice, i.e. `taints: {}` in the YAML file. This field is solely used for Node registration.' items: - type: string - type: array - token: - description: Token is used for establishing bidirectional - trust between nodes and control-planes. Used for joining - nodes in the cluster. - type: string - ttl: - description: TTL defines the time to live for this token. - Defaults to 24h. Expires and TTL are mutually exclusive. - type: string - usages: - description: Usages describes the ways in which this - token can be used. Can by default be used for establishing - bidirectional trust, but that can be changed here. - items: - type: string + description: The node this Taint is attached to has the "effect" on any pod that does not tolerate the Taint. + properties: + effect: + description: Required. The effect of the taint on pods that do not tolerate the taint. Valid effects are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Required. The taint key to be applied to a node. + type: string + timeAdded: + description: TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints. + format: date-time + type: string + value: + description: The taint value corresponding to the taint key. + type: string + required: + - effect + - key + type: object type: array - required: - - token type: object + type: object + mounts: + description: Mounts specifies a list of mount points to be setup. + items: + description: MountPoints defines input for generated mounts in cloud-init. + items: + type: string type: array - kind: - description: 'Kind is a string value representing the REST - resource this object represents. Servers may infer this - from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - localAPIEndpoint: - description: LocalAPIEndpoint represents the endpoint of the - API server instance that's deployed on this control plane - node In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint - in the sense that ControlPlaneEndpoint is the global endpoint - for the cluster, which then loadbalances the requests to - each individual API server. This configuration object lets - you customize what IP/DNS name and port the local API server - advertises it's accessible on. By default, kubeadm tries - to auto-detect the IP of the default interface and use that, - but in case that process fails you may set the desired value - here. - properties: - advertiseAddress: - description: AdvertiseAddress sets the IP address for - the API server to advertise. - type: string - bindPort: - description: BindPort sets the secure port for the API - Server to bind to. Defaults to 6443. - format: int32 - type: integer - required: - - advertiseAddress - - bindPort - type: object - nodeRegistration: - description: NodeRegistration holds fields that relate to - registering the new control-plane node to the cluster. When - used in the context of control plane nodes, NodeRegistration - should remain consistent across both InitConfiguration and - JoinConfiguration - properties: - criSocket: - description: CRISocket is used to retrieve container runtime - info. This information will be annotated to the Node - API object, for later re-use - type: string - kubeletExtraArgs: - additionalProperties: - type: string - description: KubeletExtraArgs passes through extra arguments - to the kubelet. The arguments here are passed to the - kubelet command line via the environment file kubeadm - writes at runtime for the kubelet to source. This overrides - the generic base-level configuration in the kubelet-config-1.X - ConfigMap Flags have higher priority when parsing. These - values are local and specific to the node kubeadm is - executing on. - type: object - name: - description: Name is the `.Metadata.Name` field of the - Node API object that will be created in this `kubeadm - init` or `kubeadm join` operation. This field is also - used in the CommonName field of the kubelet's client - certificate to the API server. Defaults to the hostname - of the node if not provided. + type: array + ntp: + description: NTP specifies NTP configuration + properties: + enabled: + description: Enabled specifies whether NTP should be enabled + type: boolean + servers: + description: Servers specifies which NTP servers to use + items: type: string - taints: - description: 'Taints specifies the taints the Node API - object should be registered with. If this field is unset, - i.e. nil, in the `kubeadm init` process it will be defaulted - to []v1.Taint{''node-role.kubernetes.io/master=""''}. - If you don''t want to taint your control-plane node, - set this field to an empty slice, i.e. `taints: {}` - in the YAML file. This field is solely used for Node - registration.' - items: - description: The node this Taint is attached to has - the "effect" on any pod that does not tolerate the - Taint. - properties: - effect: - description: Required. The effect of the taint on - pods that do not tolerate the taint. Valid effects - are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: Required. The taint key to be applied - to a node. - type: string - timeAdded: - description: TimeAdded represents the time at which - the taint was added. It is only written for NoExecute - taints. - format: date-time - type: string - value: - description: The taint value corresponding to the - taint key. - type: string - required: - - effect - - key - type: object - type: array - type: object - type: object - joinConfiguration: - description: JoinConfiguration is the kubeadm configuration for - the join command - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this - representation of an object. Servers should convert recognized - schemas to the latest internal value, and may reject unrecognized - values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: array + type: object + postKubeadmCommands: + description: PostKubeadmCommands specifies extra commands to run after kubeadm runs + items: type: string - caCertPath: - description: 'CACertPath is the path to the SSL certificate - authority used to secure comunications between node and - control-plane. Defaults to "/etc/kubernetes/pki/ca.crt". - TODO: revisit when there is defaulting from k/k' + type: array + preKubeadmCommands: + description: PreKubeadmCommands specifies extra commands to run before kubeadm runs + items: type: string - controlPlane: - description: ControlPlane defines the additional control plane - instance to be deployed on the joining node. If nil, no - additional control plane instance will be deployed. - properties: - localAPIEndpoint: - description: LocalAPIEndpoint represents the endpoint - of the API server instance to be deployed on this node. - properties: - advertiseAddress: - description: AdvertiseAddress sets the IP address - for the API server to advertise. - type: string - bindPort: - description: BindPort sets the secure port for the - API Server to bind to. Defaults to 6443. - format: int32 - type: integer - required: - - advertiseAddress - - bindPort - type: object - type: object - discovery: - description: 'Discovery specifies the options for the kubelet - to use during the TLS Bootstrap process TODO: revisit when - there is defaulting from k/k' + type: array + useExperimentalRetryJoin: + description: "UseExperimentalRetryJoin replaces a basic kubeadm command with a shell script with retries for joins. \n This is meant to be an experimental temporary workaround on some environments where joins fail due to timing (and other issues). The long term goal is to add retries to kubeadm proper and use that functionality. \n This will add about 40KB to userdata \n For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055." + type: boolean + users: + description: Users specifies extra users to add + items: + description: User defines the input for a generated user in cloud-init. properties: - bootstrapToken: - description: BootstrapToken is used to set the options - for bootstrap token based discovery BootstrapToken and - File are mutually exclusive - properties: - apiServerEndpoint: - description: APIServerEndpoint is an IP or domain - name to the API server from which info will be fetched. - type: string - caCertHashes: - description: 'CACertHashes specifies a set of public - key pins to verify when token-based discovery is - used. The root CA found during discovery must match - one of these values. Specifying an empty set disables - root CA pinning, which can be unsafe. Each hash - is specified as ":", where the only - currently supported type is "sha256". This is a - hex-encoded SHA-256 hash of the Subject Public Key - Info (SPKI) object in DER-encoded ASN.1. These hashes - can be calculated using, for example, OpenSSL: openssl - x509 -pubkey -in ca.crt openssl rsa -pubin -outform - der 2>&/dev/null | openssl dgst -sha256 -hex' - items: - type: string - type: array - token: - description: Token is a token used to validate cluster - information fetched from the control-plane. - type: string - unsafeSkipCAVerification: - description: UnsafeSkipCAVerification allows token-based - discovery without CA verification via CACertHashes. - This can weaken the security of kubeadm since other - nodes can impersonate the control-plane. - type: boolean - required: - - token - - unsafeSkipCAVerification - type: object - file: - description: File is used to specify a file or URL to - a kubeconfig file from which to load cluster information - BootstrapToken and File are mutually exclusive - properties: - kubeConfigPath: - description: KubeConfigPath is used to specify the - actual file path or URL to the kubeconfig file from - which to load cluster information - type: string - required: - - kubeConfigPath - type: object - timeout: - description: Timeout modifies the discovery timeout + gecos: + description: Gecos specifies the gecos to use for the user type: string - tlsBootstrapToken: - description: 'TLSBootstrapToken is a token used for TLS - bootstrapping. If .BootstrapToken is set, this field - is defaulted to .BootstrapToken.Token, but can be overridden. - If .File is set, this field **must be set** in case - the KubeConfigFile does not contain any other authentication - information TODO: revisit when there is defaulting from - k/k' + groups: + description: Groups specifies the additional groups for the user type: string - type: object - kind: - description: 'Kind is a string value representing the REST - resource this object represents. Servers may infer this - from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - nodeRegistration: - description: NodeRegistration holds fields that relate to - registering the new control-plane node to the cluster. When - used in the context of control plane nodes, NodeRegistration - should remain consistent across both InitConfiguration and - JoinConfiguration - properties: - criSocket: - description: CRISocket is used to retrieve container runtime - info. This information will be annotated to the Node - API object, for later re-use + homeDir: + description: HomeDir specifies the home directory to use for the user type: string - kubeletExtraArgs: - additionalProperties: - type: string - description: KubeletExtraArgs passes through extra arguments - to the kubelet. The arguments here are passed to the - kubelet command line via the environment file kubeadm - writes at runtime for the kubelet to source. This overrides - the generic base-level configuration in the kubelet-config-1.X - ConfigMap Flags have higher priority when parsing. These - values are local and specific to the node kubeadm is - executing on. - type: object + inactive: + description: Inactive specifies whether to mark the user as inactive + type: boolean + lockPassword: + description: LockPassword specifies if password login should be disabled + type: boolean name: - description: Name is the `.Metadata.Name` field of the - Node API object that will be created in this `kubeadm - init` or `kubeadm join` operation. This field is also - used in the CommonName field of the kubelet's client - certificate to the API server. Defaults to the hostname - of the node if not provided. + description: Name specifies the user name + type: string + passwd: + description: Passwd specifies a hashed password for the user type: string - taints: - description: 'Taints specifies the taints the Node API - object should be registered with. If this field is unset, - i.e. nil, in the `kubeadm init` process it will be defaulted - to []v1.Taint{''node-role.kubernetes.io/master=""''}. - If you don''t want to taint your control-plane node, - set this field to an empty slice, i.e. `taints: {}` - in the YAML file. This field is solely used for Node - registration.' + primaryGroup: + description: PrimaryGroup specifies the primary group for the user + type: string + shell: + description: Shell specifies the user's shell + type: string + sshAuthorizedKeys: + description: SSHAuthorizedKeys specifies a list of ssh authorized keys for the user items: - description: The node this Taint is attached to has - the "effect" on any pod that does not tolerate the - Taint. - properties: - effect: - description: Required. The effect of the taint on - pods that do not tolerate the taint. Valid effects - are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: Required. The taint key to be applied - to a node. - type: string - timeAdded: - description: TimeAdded represents the time at which - the taint was added. It is only written for NoExecute - taints. - format: date-time - type: string - value: - description: The taint value corresponding to the - taint key. - type: string - required: - - effect - - key - type: object + type: string type: array + sudo: + description: Sudo specifies a sudo role for the user + type: string + required: + - name type: object - type: object - mounts: - description: Mounts specifies a list of mount points to be setup. - items: - description: MountPoints defines input for generated mounts - in cloud-init. - items: - type: string type: array - type: array - ntp: - description: NTP specifies NTP configuration + verbosity: + description: Verbosity is the number for the kubeadm log level verbosity. It overrides the `--v` flag in kubeadm commands. + format: int32 + type: integer + type: object + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time that the controller will spend on draining a controlplane node The default value is 0, meaning that the node can be drained without any time limitations. NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`' + type: string + replicas: + description: Number of desired machines. Defaults to 1. When stacked etcd is used only odd numbers are permitted, as per [etcd best practice](https://etcd.io/docs/v3.3.12/faq/#why-an-odd-number-of-cluster-members). This is a pointer to distinguish between explicit zero and not specified. + format: int32 + type: integer + rolloutStrategy: + description: The RolloutStrategy to use to replace control plane machines with new ones. + properties: + rollingUpdate: + description: Rolling update config params. Present only if RolloutStrategyType = RollingUpdate. + properties: + maxSurge: + anyOf: + - type: integer + - type: string + description: 'The maximum number of control planes that can be scheduled above or under the desired number of control planes. Value can be an absolute number 1 or 0. Defaults to 1. Example: when this is set to 1, the control plane can be scaled up immediately when the rolling update starts.' + x-kubernetes-int-or-string: true + type: object + type: + description: Type of rollout. Currently the only supported strategy is "RollingUpdate". Default is RollingUpdate. + type: string + type: object + upgradeAfter: + description: UpgradeAfter is a field to indicate an upgrade should be performed after the specified time even if no changes have been made to the KubeadmControlPlane + format: date-time + type: string + version: + description: Version defines the desired Kubernetes version. + type: string + required: + - infrastructureTemplate + - kubeadmConfigSpec + - version + type: object + status: + description: KubeadmControlPlaneStatus defines the observed state of KubeadmControlPlane. + properties: + conditions: + description: Conditions defines current service state of the KubeadmControlPlane. + items: + description: Condition defines an observation of a Cluster API resource operational state. properties: - enabled: - description: Enabled specifies whether NTP should be enabled - type: boolean - servers: - description: Servers specifies which NTP servers to use - items: - type: string - type: array + lastTransitionTime: + description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. + type: string + severity: + description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + type: string + required: + - status + - type type: object - postKubeadmCommands: - description: PostKubeadmCommands specifies extra commands to run - after kubeadm runs - items: - type: string - type: array - preKubeadmCommands: - description: PreKubeadmCommands specifies extra commands to run - before kubeadm runs - items: - type: string - type: array - useExperimentalRetryJoin: - description: "UseExperimentalRetryJoin replaces a basic kubeadm - command with a shell script with retries for joins. \n This - is meant to be an experimental temporary workaround on some - environments where joins fail due to timing (and other issues). - The long term goal is to add retries to kubeadm proper and use - that functionality. \n This will add about 40KB to userdata - \n For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055." - type: boolean - users: - description: Users specifies extra users to add - items: - description: User defines the input for a generated user in - cloud-init. + type: array + failureMessage: + description: ErrorMessage indicates that there is a terminal problem reconciling the state, and will be set to a descriptive error message. + type: string + failureReason: + description: FailureReason indicates that there is a terminal problem reconciling the state, and will be set to a token value suitable for programmatic interpretation. + type: string + initialized: + description: Initialized denotes whether or not the control plane has the uploaded kubeadm-config configmap. + type: boolean + observedGeneration: + description: ObservedGeneration is the latest generation observed by the controller. + format: int64 + type: integer + ready: + description: Ready denotes that the KubeadmControlPlane API Server is ready to receive requests. + type: boolean + readyReplicas: + description: Total number of fully running and ready control plane machines. + format: int32 + type: integer + replicas: + description: Total number of non-terminated machines targeted by this control plane (their labels match the selector). + format: int32 + type: integer + selector: + description: 'Selector is the label selector in string format to avoid introspection by clients, and is used to provide the CRD-based integration for the scale subresource and additional integrations for things like kubectl describe.. The string will be in the same format as the query-param syntax. More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors' + type: string + unavailableReplicas: + description: Total number of unavailable machines targeted by this control plane. This is the total number of machines that are still required for the deployment to have 100% available capacity. They may either be machines that are running but not yet ready or machines that still have not been created. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated machines targeted by this control plane that have the desired template spec. + format: int32 + type: integer + type: object + type: object + served: false + storage: false + subresources: + scale: + labelSelectorPath: .status.selector + specReplicasPath: .spec.replicas + statusReplicasPath: .status.replicas + status: {} + - additionalPrinterColumns: + - description: Time duration since creation of KubeadmControlPlane + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: This denotes whether or not the control plane has the uploaded kubeadm-config configmap + jsonPath: .status.initialized + name: Initialized + type: boolean + - description: KubeadmControlPlane API Server is ready to receive requests + jsonPath: .status.ready + name: API Server Available + type: boolean + - description: Kubernetes version associated with this control plane + jsonPath: .spec.version + name: Version + type: string + - description: Total number of non-terminated machines targeted by this control plane + jsonPath: .status.replicas + name: Replicas + type: integer + - description: Total number of fully running and ready control plane machines + jsonPath: .status.readyReplicas + name: Ready + type: integer + - description: Total number of non-terminated machines targeted by this control plane that have the desired template spec + jsonPath: .status.updatedReplicas + name: Updated + type: integer + - description: Total number of unavailable machines targeted by this control plane + jsonPath: .status.unavailableReplicas + name: Unavailable + type: integer + deprecated: true + name: v1alpha4 + schema: + openAPIV3Schema: + description: "KubeadmControlPlane is the Schema for the KubeadmControlPlane API. \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KubeadmControlPlaneSpec defines the desired state of KubeadmControlPlane. + properties: + kubeadmConfigSpec: + description: KubeadmConfigSpec is a KubeadmConfigSpec to use for initializing and joining machines to the control plane. + properties: + clusterConfiguration: + description: ClusterConfiguration along with InitConfiguration are the configurations necessary for the init command properties: - gecos: - description: Gecos specifies the gecos to use for the user - type: string - groups: - description: Groups specifies the additional groups for - the user - type: string - homeDir: - description: HomeDir specifies the home directory to use - for the user - type: string - inactive: - description: Inactive specifies whether to mark the user - as inactive - type: boolean - lockPassword: - description: LockPassword specifies if password login should - be disabled - type: boolean - name: - description: Name specifies the user name - type: string - passwd: - description: Passwd specifies a hashed password for the - user + apiServer: + description: APIServer contains extra settings for the API server control plane component + properties: + certSANs: + description: CertSANs sets extra Subject Alternative Names for the API Server signing cert. + items: + type: string + type: array + extraArgs: + additionalProperties: + type: string + description: 'ExtraArgs is an extra set of flags to pass to the control plane component. TODO: This is temporary and ideally we would like to switch all components to use ComponentConfig + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. + items: + description: HostPathMount contains elements describing volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host that will be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the pod where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + timeoutForControlPlane: + description: TimeoutForControlPlane controls the timeout that we use for API server to appear + type: string + type: object + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string - primaryGroup: - description: PrimaryGroup specifies the primary group for - the user + certificatesDir: + description: 'CertificatesDir specifies where to store or look for all required certificates. NB: if not provided, this will default to `/etc/kubernetes/pki`' type: string - shell: - description: Shell specifies the user's shell + clusterName: + description: The cluster name type: string - sshAuthorizedKeys: - description: SSHAuthorizedKeys specifies a list of ssh authorized - keys for the user - items: - type: string - type: array - sudo: - description: Sudo specifies a sudo role for the user + controlPlaneEndpoint: + description: 'ControlPlaneEndpoint sets a stable IP address or DNS name for the control plane; it can be a valid IP address or a RFC-1123 DNS subdomain, both with optional TCP port. In case the ControlPlaneEndpoint is not specified, the AdvertiseAddress + BindPort are used; in case the ControlPlaneEndpoint is specified but without a TCP port, the BindPort is used. Possible usages are: e.g. In a cluster with more than one control plane instances, this field should be assigned the address of the external load balancer in front of the control plane instances. e.g. in environments with enforced node recycling, the ControlPlaneEndpoint could be used for assigning a stable DNS to the control plane. NB: This value defaults to the first value in the Cluster object status.apiEndpoints array.' type: string - required: - - name - type: object - type: array - verbosity: - description: Verbosity is the number for the kubeadm log level - verbosity. It overrides the `--v` flag in kubeadm commands. - format: int32 - type: integer - type: object - nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of time that the - controller will spend on draining a controlplane node The default - value is 0, meaning that the node can be drained without any time - limitations. NOTE: NodeDrainTimeout is different from `kubectl drain - --timeout`' - type: string - replicas: - description: Number of desired machines. Defaults to 1. When stacked - etcd is used only odd numbers are permitted, as per [etcd best practice](https://etcd.io/docs/v3.3.12/faq/#why-an-odd-number-of-cluster-members). - This is a pointer to distinguish between explicit zero and not specified. - format: int32 - type: integer - rolloutStrategy: - description: The RolloutStrategy to use to replace control plane machines - with new ones. - properties: - rollingUpdate: - description: Rolling update config params. Present only if RolloutStrategyType - = RollingUpdate. - properties: - maxSurge: - anyOf: - - type: integer - - type: string - description: 'The maximum number of control planes that can - be scheduled above or under the desired number of control - planes. Value can be an absolute number 1 or 0. Defaults - to 1. Example: when this is set to 1, the control plane - can be scaled up immediately when the rolling update starts.' - x-kubernetes-int-or-string: true - type: object - type: - description: Type of rollout. Currently the only supported strategy - is "RollingUpdate". Default is RollingUpdate. - type: string - type: object - upgradeAfter: - description: UpgradeAfter is a field to indicate an upgrade should - be performed after the specified time even if no changes have been - made to the KubeadmControlPlane - format: date-time - type: string - version: - description: Version defines the desired Kubernetes version. - type: string - required: - - infrastructureTemplate - - kubeadmConfigSpec - - version - type: object - status: - description: KubeadmControlPlaneStatus defines the observed state of KubeadmControlPlane. - properties: - conditions: - description: Conditions defines current service state of the KubeadmControlPlane. - items: - description: Condition defines an observation of a Cluster API resource - operational state. - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. - type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. - type: string - required: - - status - - type - type: object - type: array - failureMessage: - description: ErrorMessage indicates that there is a terminal problem - reconciling the state, and will be set to a descriptive error message. - type: string - failureReason: - description: FailureReason indicates that there is a terminal problem - reconciling the state, and will be set to a token value suitable - for programmatic interpretation. - type: string - initialized: - description: Initialized denotes whether or not the control plane - has the uploaded kubeadm-config configmap. - type: boolean - observedGeneration: - description: ObservedGeneration is the latest generation observed - by the controller. - format: int64 - type: integer - ready: - description: Ready denotes that the KubeadmControlPlane API Server - is ready to receive requests. - type: boolean - readyReplicas: - description: Total number of fully running and ready control plane - machines. - format: int32 - type: integer - replicas: - description: Total number of non-terminated machines targeted by this - control plane (their labels match the selector). - format: int32 - type: integer - selector: - description: 'Selector is the label selector in string format to avoid - introspection by clients, and is used to provide the CRD-based integration - for the scale subresource and additional integrations for things - like kubectl describe.. The string will be in the same format as - the query-param syntax. More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors' - type: string - unavailableReplicas: - description: Total number of unavailable machines targeted by this - control plane. This is the total number of machines that are still - required for the deployment to have 100% available capacity. They - may either be machines that are running but not yet ready or machines - that still have not been created. - format: int32 - type: integer - updatedReplicas: - description: Total number of non-terminated machines targeted by this - control plane that have the desired template spec. - format: int32 - type: integer - type: object - type: object - served: false - storage: false - subresources: - scale: - labelSelectorPath: .status.selector - specReplicasPath: .spec.replicas - statusReplicasPath: .status.replicas - status: {} - - additionalPrinterColumns: - - description: Time duration since creation of KubeadmControlPlane - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - description: This denotes whether or not the control plane has the uploaded - kubeadm-config configmap - jsonPath: .status.initialized - name: Initialized - type: boolean - - description: KubeadmControlPlane API Server is ready to receive requests - jsonPath: .status.ready - name: API Server Available - type: boolean - - description: Kubernetes version associated with this control plane - jsonPath: .spec.version - name: Version - type: string - - description: Total number of non-terminated machines targeted by this control - plane - jsonPath: .status.replicas - name: Replicas - type: integer - - description: Total number of fully running and ready control plane machines - jsonPath: .status.readyReplicas - name: Ready - type: integer - - description: Total number of non-terminated machines targeted by this control - plane that have the desired template spec - jsonPath: .status.updatedReplicas - name: Updated - type: integer - - description: Total number of unavailable machines targeted by this control plane - jsonPath: .status.unavailableReplicas - name: Unavailable - type: integer - deprecated: true - name: v1alpha4 - schema: - openAPIV3Schema: - description: "KubeadmControlPlane is the Schema for the KubeadmControlPlane - API. \n Deprecated: This type will be removed in one of the next releases." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KubeadmControlPlaneSpec defines the desired state of KubeadmControlPlane. - properties: - kubeadmConfigSpec: - description: KubeadmConfigSpec is a KubeadmConfigSpec to use for initializing - and joining machines to the control plane. - properties: - clusterConfiguration: - description: ClusterConfiguration along with InitConfiguration - are the configurations necessary for the init command - properties: - apiServer: - description: APIServer contains extra settings for the API - server control plane component - properties: - certSANs: - description: CertSANs sets extra Subject Alternative Names - for the API Server signing cert. - items: + controllerManager: + description: ControllerManager contains extra settings for the controller manager control plane component + properties: + extraArgs: + additionalProperties: + type: string + description: 'ExtraArgs is an extra set of flags to pass to the control plane component. TODO: This is temporary and ideally we would like to switch all components to use ComponentConfig + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. + items: + description: HostPathMount contains elements describing volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host that will be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the pod where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + type: object + dns: + description: DNS defines the options for the DNS add-on installed in the cluster. + properties: + imageRepository: + description: ImageRepository sets the container registry to pull images from. if not set, the ImageRepository defined in ClusterConfiguration will be used instead. type: string - type: array - extraArgs: - additionalProperties: + imageTag: + description: ImageTag allows to specify a tag for the image. In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. type: string - description: 'ExtraArgs is an extra set of flags to pass - to the control plane component. TODO: This is temporary - and ideally we would like to switch all components to - use ComponentConfig + ConfigMaps.' - type: object - extraVolumes: - description: ExtraVolumes is an extra set of host volumes, - mounted to the control plane component. - items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. + type: object + etcd: + description: 'Etcd holds configuration for etcd. NB: This value defaults to a Local (stacked) etcd' + properties: + external: + description: External describes how to connect to an external etcd cluster Local and External are mutually exclusive properties: - hostPath: - description: HostPath is the path in the host that - will be mounted inside the pod. - type: string - mountPath: - description: MountPath is the path inside the pod - where hostPath will be mounted. + caFile: + description: CAFile is an SSL Certificate Authority file used to secure etcd communication. Required if using a TLS connection. type: string - name: - description: Name of the volume inside the pod template. + certFile: + description: CertFile is an SSL certification file used to secure etcd communication. Required if using a TLS connection. type: string - pathType: - description: PathType is the type of the HostPath. + endpoints: + description: Endpoints of etcd members. Required for ExternalEtcd. + items: + type: string + type: array + keyFile: + description: KeyFile is an SSL key file used to secure etcd communication. Required if using a TLS connection. type: string - readOnly: - description: ReadOnly controls write access to the - volume - type: boolean required: - - hostPath - - mountPath - - name + - caFile + - certFile + - endpoints + - keyFile type: object - type: array - timeoutForControlPlane: - description: TimeoutForControlPlane controls the timeout - that we use for API server to appear - type: string - type: object - apiVersion: - description: 'APIVersion defines the versioned schema of this - representation of an object. Servers should convert recognized - schemas to the latest internal value, and may reject unrecognized - values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - certificatesDir: - description: 'CertificatesDir specifies where to store or - look for all required certificates. NB: if not provided, - this will default to `/etc/kubernetes/pki`' - type: string - clusterName: - description: The cluster name - type: string - controlPlaneEndpoint: - description: 'ControlPlaneEndpoint sets a stable IP address - or DNS name for the control plane; it can be a valid IP - address or a RFC-1123 DNS subdomain, both with optional - TCP port. In case the ControlPlaneEndpoint is not specified, - the AdvertiseAddress + BindPort are used; in case the ControlPlaneEndpoint - is specified but without a TCP port, the BindPort is used. - Possible usages are: e.g. In a cluster with more than one - control plane instances, this field should be assigned the - address of the external load balancer in front of the control - plane instances. e.g. in environments with enforced node - recycling, the ControlPlaneEndpoint could be used for assigning - a stable DNS to the control plane. NB: This value defaults - to the first value in the Cluster object status.apiEndpoints - array.' - type: string - controllerManager: - description: ControllerManager contains extra settings for - the controller manager control plane component - properties: - extraArgs: - additionalProperties: - type: string - description: 'ExtraArgs is an extra set of flags to pass - to the control plane component. TODO: This is temporary - and ideally we would like to switch all components to - use ComponentConfig + ConfigMaps.' - type: object - extraVolumes: - description: ExtraVolumes is an extra set of host volumes, - mounted to the control plane component. - items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. + local: + description: Local provides configuration knobs for configuring the local etcd instance Local and External are mutually exclusive properties: - hostPath: - description: HostPath is the path in the host that - will be mounted inside the pod. - type: string - mountPath: - description: MountPath is the path inside the pod - where hostPath will be mounted. + dataDir: + description: DataDir is the directory etcd will place its data. Defaults to "/var/lib/etcd". type: string - name: - description: Name of the volume inside the pod template. + extraArgs: + additionalProperties: + type: string + description: ExtraArgs are extra arguments provided to the etcd binary when run inside a static pod. + type: object + imageRepository: + description: ImageRepository sets the container registry to pull images from. if not set, the ImageRepository defined in ClusterConfiguration will be used instead. type: string - pathType: - description: PathType is the type of the HostPath. + imageTag: + description: ImageTag allows to specify a tag for the image. In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. type: string - readOnly: - description: ReadOnly controls write access to the - volume - type: boolean - required: - - hostPath - - mountPath - - name + peerCertSANs: + description: PeerCertSANs sets extra Subject Alternative Names for the etcd peer signing cert. + items: + type: string + type: array + serverCertSANs: + description: ServerCertSANs sets extra Subject Alternative Names for the etcd server signing cert. + items: + type: string + type: array type: object - type: array - type: object - dns: - description: DNS defines the options for the DNS add-on installed - in the cluster. - properties: - imageRepository: - description: ImageRepository sets the container registry - to pull images from. if not set, the ImageRepository - defined in ClusterConfiguration will be used instead. - type: string - imageTag: - description: ImageTag allows to specify a tag for the - image. In case this value is set, kubeadm does not change - automatically the version of the above components during - upgrades. - type: string - type: object - etcd: - description: 'Etcd holds configuration for etcd. NB: This - value defaults to a Local (stacked) etcd' - properties: - external: - description: External describes how to connect to an external - etcd cluster Local and External are mutually exclusive - properties: - caFile: - description: CAFile is an SSL Certificate Authority - file used to secure etcd communication. Required - if using a TLS connection. + type: object + featureGates: + additionalProperties: + type: boolean + description: FeatureGates enabled by the user. + type: object + imageRepository: + description: ImageRepository sets the container registry to pull images from. If empty, `registry.k8s.io` will be used by default; in case of kubernetes version is a CI build (kubernetes version starts with `ci/` or `ci-cross/`) `gcr.io/k8s-staging-ci-images` will be used as a default for control plane components and for kube-proxy, while `registry.k8s.io` will be used for all the other images. + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + kubernetesVersion: + description: 'KubernetesVersion is the target version of the control plane. NB: This value defaults to the Machine object spec.version' + type: string + networking: + description: 'Networking holds configuration for the networking topology of the cluster. NB: This value defaults to the Cluster object spec.clusterNetwork.' + properties: + dnsDomain: + description: DNSDomain is the dns domain used by k8s services. Defaults to "cluster.local". + type: string + podSubnet: + description: PodSubnet is the subnet used by pods. If unset, the API server will not allocate CIDR ranges for every node. Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.services.cidrBlocks if that is set + type: string + serviceSubnet: + description: ServiceSubnet is the subnet used by k8s services. Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.pods.cidrBlocks, or to "10.96.0.0/12" if that's unset. + type: string + type: object + scheduler: + description: Scheduler contains extra settings for the scheduler control plane component + properties: + extraArgs: + additionalProperties: type: string - certFile: - description: CertFile is an SSL certification file - used to secure etcd communication. Required if using - a TLS connection. + description: 'ExtraArgs is an extra set of flags to pass to the control plane component. TODO: This is temporary and ideally we would like to switch all components to use ComponentConfig + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. + items: + description: HostPathMount contains elements describing volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host that will be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the pod where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + type: object + type: object + diskSetup: + description: DiskSetup specifies options for the creation of partition tables and file systems on devices. + properties: + filesystems: + description: Filesystems specifies the list of file systems to setup. + items: + description: Filesystem defines the file systems to be created. + properties: + device: + description: Device specifies the device name type: string - endpoints: - description: Endpoints of etcd members. Required for - ExternalEtcd. + extraOpts: + description: ExtraOpts defined extra options to add to the command for creating the file system. items: type: string type: array - keyFile: - description: KeyFile is an SSL key file used to secure - etcd communication. Required if using a TLS connection. + filesystem: + description: Filesystem specifies the file system type. + type: string + label: + description: Label specifies the file system label to be used. If set to None, no label is used. + type: string + overwrite: + description: Overwrite defines whether or not to overwrite any existing filesystem. If true, any pre-existing file system will be destroyed. Use with Caution. + type: boolean + partition: + description: 'Partition specifies the partition to use. The valid options are: "auto|any", "auto", "any", "none", and , where NUM is the actual partition number.' + type: string + replaceFS: + description: 'ReplaceFS is a special directive, used for Microsoft Azure that instructs cloud-init to replace a file system of . NOTE: unless you define a label, this requires the use of the ''any'' partition directive.' type: string required: - - caFile - - certFile - - endpoints - - keyFile + - device + - filesystem + - label type: object - local: - description: Local provides configuration knobs for configuring - the local etcd instance Local and External are mutually - exclusive + type: array + partitions: + description: Partitions specifies the list of the partitions to setup. + items: + description: Partition defines how to create and layout a partition. properties: - dataDir: - description: DataDir is the directory etcd will place - its data. Defaults to "/var/lib/etcd". + device: + description: Device is the name of the device. type: string - extraArgs: - additionalProperties: - type: string - description: ExtraArgs are extra arguments provided - to the etcd binary when run inside a static pod. + layout: + description: Layout specifies the device layout. If it is true, a single partition will be created for the entire device. When layout is false, it means don't partition or ignore existing partitioning. + type: boolean + overwrite: + description: Overwrite describes whether to skip checks and create the partition if a partition or filesystem is found on the device. Use with caution. Default is 'false'. + type: boolean + tableType: + description: 'TableType specifies the tupe of partition table. The following are supported: ''mbr'': default and setups a MS-DOS partition table ''gpt'': setups a GPT partition table' + type: string + required: + - device + - layout + type: object + type: array + type: object + files: + description: Files specifies extra files to be passed to user_data upon creation. + items: + description: File defines the input for generating write_files in cloud-init. + properties: + content: + description: Content is the actual content of the file. + type: string + contentFrom: + description: ContentFrom is a referenced source of content to populate the file. + properties: + secret: + description: Secret represents a secret that should populate this file. + properties: + key: + description: Key is the key in the secret's data map for this value. + type: string + name: + description: Name of the secret in the KubeadmBootstrapConfig's namespace to use. + type: string + required: + - key + - name type: object - imageRepository: - description: ImageRepository sets the container registry - to pull images from. if not set, the ImageRepository - defined in ClusterConfiguration will be used instead. + required: + - secret + type: object + encoding: + description: Encoding specifies the encoding of the file contents. + enum: + - base64 + - gzip + - gzip+base64 + type: string + owner: + description: Owner specifies the ownership of the file, e.g. "root:root". + type: string + path: + description: Path specifies the full path on disk where to store the file. + type: string + permissions: + description: Permissions specifies the permissions to assign to the file, e.g. "0640". + type: string + required: + - path + type: object + type: array + format: + description: Format specifies the output format of the bootstrap data + enum: + - cloud-config + type: string + initConfiguration: + description: InitConfiguration along with ClusterConfiguration are the configurations necessary for the init command + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + bootstrapTokens: + description: BootstrapTokens is respected at `kubeadm init` time and describes a set of Bootstrap Tokens to create. This information IS NOT uploaded to the kubeadm cluster configmap, partly because of its sensitive nature + items: + description: BootstrapToken describes one bootstrap token, stored as a Secret in the cluster. + properties: + description: + description: Description sets a human-friendly message why this token exists and what it's used for, so other administrators can know its purpose. type: string - imageTag: - description: ImageTag allows to specify a tag for - the image. In case this value is set, kubeadm does - not change automatically the version of the above - components during upgrades. + expires: + description: Expires specifies the timestamp when this token expires. Defaults to being set dynamically at runtime based on the TTL. Expires and TTL are mutually exclusive. + format: date-time type: string - peerCertSANs: - description: PeerCertSANs sets extra Subject Alternative - Names for the etcd peer signing cert. + groups: + description: Groups specifies the extra groups that this token will authenticate as when/if used for authentication items: type: string type: array - serverCertSANs: - description: ServerCertSANs sets extra Subject Alternative - Names for the etcd server signing cert. + token: + description: Token is used for establishing bidirectional trust between nodes and control-planes. Used for joining nodes in the cluster. + type: string + ttl: + description: TTL defines the time to live for this token. Defaults to 24h. Expires and TTL are mutually exclusive. + type: string + usages: + description: Usages describes the ways in which this token can be used. Can by default be used for establishing bidirectional trust, but that can be changed here. items: type: string type: array + required: + - token type: object - type: object - featureGates: - additionalProperties: - type: boolean - description: FeatureGates enabled by the user. - type: object - imageRepository: - description: ImageRepository sets the container registry to - pull images from. If empty, `registry.k8s.io` will be used - by default; in case of kubernetes version is a CI build - (kubernetes version starts with `ci/` or `ci-cross/`) `gcr.io/k8s-staging-ci-images` - will be used as a default for control plane components and - for kube-proxy, while `registry.k8s.io` will be used for - all the other images. - type: string - kind: - description: 'Kind is a string value representing the REST - resource this object represents. Servers may infer this - from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - kubernetesVersion: - description: 'KubernetesVersion is the target version of the - control plane. NB: This value defaults to the Machine object - spec.version' - type: string - networking: - description: 'Networking holds configuration for the networking - topology of the cluster. NB: This value defaults to the - Cluster object spec.clusterNetwork.' - properties: - dnsDomain: - description: DNSDomain is the dns domain used by k8s services. - Defaults to "cluster.local". - type: string - podSubnet: - description: PodSubnet is the subnet used by pods. If - unset, the API server will not allocate CIDR ranges - for every node. Defaults to a comma-delimited string - of the Cluster object's spec.clusterNetwork.services.cidrBlocks - if that is set - type: string - serviceSubnet: - description: ServiceSubnet is the subnet used by k8s services. - Defaults to a comma-delimited string of the Cluster - object's spec.clusterNetwork.pods.cidrBlocks, or to - "10.96.0.0/12" if that's unset. - type: string - type: object - scheduler: - description: Scheduler contains extra settings for the scheduler - control plane component - properties: - extraArgs: - additionalProperties: + type: array + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + localAPIEndpoint: + description: LocalAPIEndpoint represents the endpoint of the API server instance that's deployed on this control plane node In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint in the sense that ControlPlaneEndpoint is the global endpoint for the cluster, which then loadbalances the requests to each individual API server. This configuration object lets you customize what IP/DNS name and port the local API server advertises it's accessible on. By default, kubeadm tries to auto-detect the IP of the default interface and use that, but in case that process fails you may set the desired value here. + properties: + advertiseAddress: + description: AdvertiseAddress sets the IP address for the API server to advertise. type: string - description: 'ExtraArgs is an extra set of flags to pass - to the control plane component. TODO: This is temporary - and ideally we would like to switch all components to - use ComponentConfig + ConfigMaps.' - type: object - extraVolumes: - description: ExtraVolumes is an extra set of host volumes, - mounted to the control plane component. - items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. - properties: - hostPath: - description: HostPath is the path in the host that - will be mounted inside the pod. - type: string - mountPath: - description: MountPath is the path inside the pod - where hostPath will be mounted. - type: string - name: - description: Name of the volume inside the pod template. - type: string - pathType: - description: PathType is the type of the HostPath. - type: string - readOnly: - description: ReadOnly controls write access to the - volume - type: boolean - required: - - hostPath - - mountPath - - name - type: object - type: array - type: object - type: object - diskSetup: - description: DiskSetup specifies options for the creation of partition - tables and file systems on devices. - properties: - filesystems: - description: Filesystems specifies the list of file systems - to setup. - items: - description: Filesystem defines the file systems to be created. + bindPort: + description: BindPort sets the secure port for the API Server to bind to. Defaults to 6443. + format: int32 + type: integer + type: object + nodeRegistration: + description: NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. When used in the context of control plane nodes, NodeRegistration should remain consistent across both InitConfiguration and JoinConfiguration properties: - device: - description: Device specifies the device name + criSocket: + description: CRISocket is used to retrieve container runtime info. This information will be annotated to the Node API object, for later re-use type: string - extraOpts: - description: ExtraOpts defined extra options to add - to the command for creating the file system. + ignorePreflightErrors: + description: IgnorePreflightErrors provides a slice of pre-flight errors to be ignored when the current node is registered. items: type: string type: array - filesystem: - description: Filesystem specifies the file system type. - type: string - label: - description: Label specifies the file system label to - be used. If set to None, no label is used. - type: string - overwrite: - description: Overwrite defines whether or not to overwrite - any existing filesystem. If true, any pre-existing - file system will be destroyed. Use with Caution. - type: boolean - partition: - description: 'Partition specifies the partition to use. - The valid options are: "auto|any", "auto", "any", - "none", and , where NUM is the actual partition - number.' - type: string - replaceFS: - description: 'ReplaceFS is a special directive, used - for Microsoft Azure that instructs cloud-init to replace - a file system of . NOTE: unless you define - a label, this requires the use of the ''any'' partition - directive.' - type: string - required: - - device - - filesystem - - label - type: object - type: array - partitions: - description: Partitions specifies the list of the partitions - to setup. - items: - description: Partition defines how to create and layout - a partition. - properties: - device: - description: Device is the name of the device. - type: string - layout: - description: Layout specifies the device layout. If - it is true, a single partition will be created for - the entire device. When layout is false, it means - don't partition or ignore existing partitioning. - type: boolean - overwrite: - description: Overwrite describes whether to skip checks - and create the partition if a partition or filesystem - is found on the device. Use with caution. Default - is 'false'. - type: boolean - tableType: - description: 'TableType specifies the tupe of partition - table. The following are supported: ''mbr'': default - and setups a MS-DOS partition table ''gpt'': setups - a GPT partition table' + kubeletExtraArgs: + additionalProperties: + type: string + description: KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. + type: object + name: + description: Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. This field is also used in the CommonName field of the kubelet's client certificate to the API server. Defaults to the hostname of the node if not provided. type: string - required: - - device - - layout + taints: + description: 'Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. If you don''t want to taint your control-plane node, set this field to an empty slice, i.e. `taints: {}` in the YAML file. This field is solely used for Node registration.' + items: + description: The node this Taint is attached to has the "effect" on any pod that does not tolerate the Taint. + properties: + effect: + description: Required. The effect of the taint on pods that do not tolerate the taint. Valid effects are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Required. The taint key to be applied to a node. + type: string + timeAdded: + description: TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints. + format: date-time + type: string + value: + description: The taint value corresponding to the taint key. + type: string + required: + - effect + - key + type: object + type: array type: object - type: array - type: object - files: - description: Files specifies extra files to be passed to user_data - upon creation. - items: - description: File defines the input for generating write_files - in cloud-init. + type: object + joinConfiguration: + description: JoinConfiguration is the kubeadm configuration for the join command properties: - content: - description: Content is the actual content of the file. + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + caCertPath: + description: 'CACertPath is the path to the SSL certificate authority used to secure comunications between node and control-plane. Defaults to "/etc/kubernetes/pki/ca.crt". TODO: revisit when there is defaulting from k/k' type: string - contentFrom: - description: ContentFrom is a referenced source of content - to populate the file. + controlPlane: + description: ControlPlane defines the additional control plane instance to be deployed on the joining node. If nil, no additional control plane instance will be deployed. properties: - secret: - description: Secret represents a secret that should - populate this file. + localAPIEndpoint: + description: LocalAPIEndpoint represents the endpoint of the API server instance to be deployed on this node. properties: - key: - description: Key is the key in the secret's data - map for this value. + advertiseAddress: + description: AdvertiseAddress sets the IP address for the API server to advertise. type: string - name: - description: Name of the secret in the KubeadmBootstrapConfig's - namespace to use. + bindPort: + description: BindPort sets the secure port for the API Server to bind to. Defaults to 6443. + format: int32 + type: integer + type: object + type: object + discovery: + description: 'Discovery specifies the options for the kubelet to use during the TLS Bootstrap process TODO: revisit when there is defaulting from k/k' + properties: + bootstrapToken: + description: BootstrapToken is used to set the options for bootstrap token based discovery BootstrapToken and File are mutually exclusive + properties: + apiServerEndpoint: + description: APIServerEndpoint is an IP or domain name to the API server from which info will be fetched. type: string + caCertHashes: + description: 'CACertHashes specifies a set of public key pins to verify when token-based discovery is used. The root CA found during discovery must match one of these values. Specifying an empty set disables root CA pinning, which can be unsafe. Each hash is specified as ":", where the only currently supported type is "sha256". This is a hex-encoded SHA-256 hash of the Subject Public Key Info (SPKI) object in DER-encoded ASN.1. These hashes can be calculated using, for example, OpenSSL: openssl x509 -pubkey -in ca.crt openssl rsa -pubin -outform der 2>&/dev/null | openssl dgst -sha256 -hex' + items: + type: string + type: array + token: + description: Token is a token used to validate cluster information fetched from the control-plane. + type: string + unsafeSkipCAVerification: + description: UnsafeSkipCAVerification allows token-based discovery without CA verification via CACertHashes. This can weaken the security of kubeadm since other nodes can impersonate the control-plane. + type: boolean required: - - key - - name + - token type: object - required: - - secret + file: + description: File is used to specify a file or URL to a kubeconfig file from which to load cluster information BootstrapToken and File are mutually exclusive + properties: + kubeConfigPath: + description: KubeConfigPath is used to specify the actual file path or URL to the kubeconfig file from which to load cluster information + type: string + required: + - kubeConfigPath + type: object + timeout: + description: Timeout modifies the discovery timeout + type: string + tlsBootstrapToken: + description: TLSBootstrapToken is a token used for TLS bootstrapping. If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, but can be overridden. If .File is set, this field **must be set** in case the KubeConfigFile does not contain any other authentication information + type: string type: object - encoding: - description: Encoding specifies the encoding of the file - contents. - enum: - - base64 - - gzip - - gzip+base64 + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - owner: - description: Owner specifies the ownership of the file, - e.g. "root:root". - type: string - path: - description: Path specifies the full path on disk where - to store the file. - type: string - permissions: - description: Permissions specifies the permissions to assign - to the file, e.g. "0640". - type: string - required: - - path - type: object - type: array - format: - description: Format specifies the output format of the bootstrap - data - enum: - - cloud-config - type: string - initConfiguration: - description: InitConfiguration along with ClusterConfiguration - are the configurations necessary for the init command - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this - representation of an object. Servers should convert recognized - schemas to the latest internal value, and may reject unrecognized - values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - bootstrapTokens: - description: BootstrapTokens is respected at `kubeadm init` - time and describes a set of Bootstrap Tokens to create. - This information IS NOT uploaded to the kubeadm cluster - configmap, partly because of its sensitive nature - items: - description: BootstrapToken describes one bootstrap token, - stored as a Secret in the cluster. + nodeRegistration: + description: NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. When used in the context of control plane nodes, NodeRegistration should remain consistent across both InitConfiguration and JoinConfiguration properties: - description: - description: Description sets a human-friendly message - why this token exists and what it's used for, so other - administrators can know its purpose. + criSocket: + description: CRISocket is used to retrieve container runtime info. This information will be annotated to the Node API object, for later re-use type: string - expires: - description: Expires specifies the timestamp when this - token expires. Defaults to being set dynamically at - runtime based on the TTL. Expires and TTL are mutually - exclusive. - format: date-time - type: string - groups: - description: Groups specifies the extra groups that - this token will authenticate as when/if used for authentication + ignorePreflightErrors: + description: IgnorePreflightErrors provides a slice of pre-flight errors to be ignored when the current node is registered. items: type: string type: array - token: - description: Token is used for establishing bidirectional - trust between nodes and control-planes. Used for joining - nodes in the cluster. - type: string - ttl: - description: TTL defines the time to live for this token. - Defaults to 24h. Expires and TTL are mutually exclusive. + kubeletExtraArgs: + additionalProperties: + type: string + description: KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. + type: object + name: + description: Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. This field is also used in the CommonName field of the kubelet's client certificate to the API server. Defaults to the hostname of the node if not provided. type: string - usages: - description: Usages describes the ways in which this - token can be used. Can by default be used for establishing - bidirectional trust, but that can be changed here. + taints: + description: 'Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. If you don''t want to taint your control-plane node, set this field to an empty slice, i.e. `taints: {}` in the YAML file. This field is solely used for Node registration.' items: - type: string + description: The node this Taint is attached to has the "effect" on any pod that does not tolerate the Taint. + properties: + effect: + description: Required. The effect of the taint on pods that do not tolerate the taint. Valid effects are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Required. The taint key to be applied to a node. + type: string + timeAdded: + description: TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints. + format: date-time + type: string + value: + description: The taint value corresponding to the taint key. + type: string + required: + - effect + - key + type: object type: array - required: - - token type: object + type: object + mounts: + description: Mounts specifies a list of mount points to be setup. + items: + description: MountPoints defines input for generated mounts in cloud-init. + items: + type: string type: array - kind: - description: 'Kind is a string value representing the REST - resource this object represents. Servers may infer this - from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: array + ntp: + description: NTP specifies NTP configuration + properties: + enabled: + description: Enabled specifies whether NTP should be enabled + type: boolean + servers: + description: Servers specifies which NTP servers to use + items: + type: string + type: array + type: object + postKubeadmCommands: + description: PostKubeadmCommands specifies extra commands to run after kubeadm runs + items: type: string - localAPIEndpoint: - description: LocalAPIEndpoint represents the endpoint of the - API server instance that's deployed on this control plane - node In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint - in the sense that ControlPlaneEndpoint is the global endpoint - for the cluster, which then loadbalances the requests to - each individual API server. This configuration object lets - you customize what IP/DNS name and port the local API server - advertises it's accessible on. By default, kubeadm tries - to auto-detect the IP of the default interface and use that, - but in case that process fails you may set the desired value - here. + type: array + preKubeadmCommands: + description: PreKubeadmCommands specifies extra commands to run before kubeadm runs + items: + type: string + type: array + useExperimentalRetryJoin: + description: "UseExperimentalRetryJoin replaces a basic kubeadm command with a shell script with retries for joins. \n This is meant to be an experimental temporary workaround on some environments where joins fail due to timing (and other issues). The long term goal is to add retries to kubeadm proper and use that functionality. \n This will add about 40KB to userdata \n For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055." + type: boolean + users: + description: Users specifies extra users to add + items: + description: User defines the input for a generated user in cloud-init. properties: - advertiseAddress: - description: AdvertiseAddress sets the IP address for - the API server to advertise. + gecos: + description: Gecos specifies the gecos to use for the user type: string - bindPort: - description: BindPort sets the secure port for the API - Server to bind to. Defaults to 6443. - format: int32 - type: integer - type: object - nodeRegistration: - description: NodeRegistration holds fields that relate to - registering the new control-plane node to the cluster. When - used in the context of control plane nodes, NodeRegistration - should remain consistent across both InitConfiguration and - JoinConfiguration - properties: - criSocket: - description: CRISocket is used to retrieve container runtime - info. This information will be annotated to the Node - API object, for later re-use + groups: + description: Groups specifies the additional groups for the user type: string - ignorePreflightErrors: - description: IgnorePreflightErrors provides a slice of - pre-flight errors to be ignored when the current node - is registered. - items: - type: string - type: array - kubeletExtraArgs: - additionalProperties: - type: string - description: KubeletExtraArgs passes through extra arguments - to the kubelet. The arguments here are passed to the - kubelet command line via the environment file kubeadm - writes at runtime for the kubelet to source. This overrides - the generic base-level configuration in the kubelet-config-1.X - ConfigMap Flags have higher priority when parsing. These - values are local and specific to the node kubeadm is - executing on. - type: object + homeDir: + description: HomeDir specifies the home directory to use for the user + type: string + inactive: + description: Inactive specifies whether to mark the user as inactive + type: boolean + lockPassword: + description: LockPassword specifies if password login should be disabled + type: boolean name: - description: Name is the `.Metadata.Name` field of the - Node API object that will be created in this `kubeadm - init` or `kubeadm join` operation. This field is also - used in the CommonName field of the kubelet's client - certificate to the API server. Defaults to the hostname - of the node if not provided. + description: Name specifies the user name type: string - taints: - description: 'Taints specifies the taints the Node API - object should be registered with. If this field is unset, - i.e. nil, in the `kubeadm init` process it will be defaulted - to []v1.Taint{''node-role.kubernetes.io/master=""''}. - If you don''t want to taint your control-plane node, - set this field to an empty slice, i.e. `taints: {}` - in the YAML file. This field is solely used for Node - registration.' - items: - description: The node this Taint is attached to has - the "effect" on any pod that does not tolerate the - Taint. - properties: - effect: - description: Required. The effect of the taint on - pods that do not tolerate the taint. Valid effects - are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: Required. The taint key to be applied - to a node. - type: string - timeAdded: - description: TimeAdded represents the time at which - the taint was added. It is only written for NoExecute - taints. - format: date-time - type: string - value: - description: The taint value corresponding to the - taint key. - type: string - required: - - effect - - key - type: object - type: array - type: object - type: object - joinConfiguration: - description: JoinConfiguration is the kubeadm configuration for - the join command - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this - representation of an object. Servers should convert recognized - schemas to the latest internal value, and may reject unrecognized - values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - caCertPath: - description: 'CACertPath is the path to the SSL certificate - authority used to secure comunications between node and - control-plane. Defaults to "/etc/kubernetes/pki/ca.crt". - TODO: revisit when there is defaulting from k/k' - type: string - controlPlane: - description: ControlPlane defines the additional control plane - instance to be deployed on the joining node. If nil, no - additional control plane instance will be deployed. - properties: - localAPIEndpoint: - description: LocalAPIEndpoint represents the endpoint - of the API server instance to be deployed on this node. - properties: - advertiseAddress: - description: AdvertiseAddress sets the IP address - for the API server to advertise. - type: string - bindPort: - description: BindPort sets the secure port for the - API Server to bind to. Defaults to 6443. - format: int32 - type: integer - type: object - type: object - discovery: - description: 'Discovery specifies the options for the kubelet - to use during the TLS Bootstrap process TODO: revisit when - there is defaulting from k/k' - properties: - bootstrapToken: - description: BootstrapToken is used to set the options - for bootstrap token based discovery BootstrapToken and - File are mutually exclusive - properties: - apiServerEndpoint: - description: APIServerEndpoint is an IP or domain - name to the API server from which info will be fetched. - type: string - caCertHashes: - description: 'CACertHashes specifies a set of public - key pins to verify when token-based discovery is - used. The root CA found during discovery must match - one of these values. Specifying an empty set disables - root CA pinning, which can be unsafe. Each hash - is specified as ":", where the only - currently supported type is "sha256". This is a - hex-encoded SHA-256 hash of the Subject Public Key - Info (SPKI) object in DER-encoded ASN.1. These hashes - can be calculated using, for example, OpenSSL: openssl - x509 -pubkey -in ca.crt openssl rsa -pubin -outform - der 2>&/dev/null | openssl dgst -sha256 -hex' - items: - type: string - type: array - token: - description: Token is a token used to validate cluster - information fetched from the control-plane. - type: string - unsafeSkipCAVerification: - description: UnsafeSkipCAVerification allows token-based - discovery without CA verification via CACertHashes. - This can weaken the security of kubeadm since other - nodes can impersonate the control-plane. - type: boolean - required: - - token - type: object - file: - description: File is used to specify a file or URL to - a kubeconfig file from which to load cluster information - BootstrapToken and File are mutually exclusive - properties: - kubeConfigPath: - description: KubeConfigPath is used to specify the - actual file path or URL to the kubeconfig file from - which to load cluster information - type: string - required: - - kubeConfigPath - type: object - timeout: - description: Timeout modifies the discovery timeout + passwd: + description: Passwd specifies a hashed password for the user type: string - tlsBootstrapToken: - description: TLSBootstrapToken is a token used for TLS - bootstrapping. If .BootstrapToken is set, this field - is defaulted to .BootstrapToken.Token, but can be overridden. - If .File is set, this field **must be set** in case - the KubeConfigFile does not contain any other authentication - information + primaryGroup: + description: PrimaryGroup specifies the primary group for the user type: string - type: object - kind: - description: 'Kind is a string value representing the REST - resource this object represents. Servers may infer this - from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - nodeRegistration: - description: NodeRegistration holds fields that relate to - registering the new control-plane node to the cluster. When - used in the context of control plane nodes, NodeRegistration - should remain consistent across both InitConfiguration and - JoinConfiguration - properties: - criSocket: - description: CRISocket is used to retrieve container runtime - info. This information will be annotated to the Node - API object, for later re-use + shell: + description: Shell specifies the user's shell type: string - ignorePreflightErrors: - description: IgnorePreflightErrors provides a slice of - pre-flight errors to be ignored when the current node - is registered. + sshAuthorizedKeys: + description: SSHAuthorizedKeys specifies a list of ssh authorized keys for the user items: type: string type: array - kubeletExtraArgs: - additionalProperties: - type: string - description: KubeletExtraArgs passes through extra arguments - to the kubelet. The arguments here are passed to the - kubelet command line via the environment file kubeadm - writes at runtime for the kubelet to source. This overrides - the generic base-level configuration in the kubelet-config-1.X - ConfigMap Flags have higher priority when parsing. These - values are local and specific to the node kubeadm is - executing on. - type: object - name: - description: Name is the `.Metadata.Name` field of the - Node API object that will be created in this `kubeadm - init` or `kubeadm join` operation. This field is also - used in the CommonName field of the kubelet's client - certificate to the API server. Defaults to the hostname - of the node if not provided. + sudo: + description: Sudo specifies a sudo role for the user type: string - taints: - description: 'Taints specifies the taints the Node API - object should be registered with. If this field is unset, - i.e. nil, in the `kubeadm init` process it will be defaulted - to []v1.Taint{''node-role.kubernetes.io/master=""''}. - If you don''t want to taint your control-plane node, - set this field to an empty slice, i.e. `taints: {}` - in the YAML file. This field is solely used for Node - registration.' - items: - description: The node this Taint is attached to has - the "effect" on any pod that does not tolerate the - Taint. - properties: - effect: - description: Required. The effect of the taint on - pods that do not tolerate the taint. Valid effects - are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: Required. The taint key to be applied - to a node. - type: string - timeAdded: - description: TimeAdded represents the time at which - the taint was added. It is only written for NoExecute - taints. - format: date-time - type: string - value: - description: The taint value corresponding to the - taint key. - type: string - required: - - effect - - key - type: object - type: array + required: + - name type: object - type: object - mounts: - description: Mounts specifies a list of mount points to be setup. - items: - description: MountPoints defines input for generated mounts - in cloud-init. - items: - type: string type: array - type: array - ntp: - description: NTP specifies NTP configuration - properties: - enabled: - description: Enabled specifies whether NTP should be enabled - type: boolean - servers: - description: Servers specifies which NTP servers to use - items: - type: string - type: array - type: object - postKubeadmCommands: - description: PostKubeadmCommands specifies extra commands to run - after kubeadm runs - items: - type: string - type: array - preKubeadmCommands: - description: PreKubeadmCommands specifies extra commands to run - before kubeadm runs - items: - type: string - type: array - useExperimentalRetryJoin: - description: "UseExperimentalRetryJoin replaces a basic kubeadm - command with a shell script with retries for joins. \n This - is meant to be an experimental temporary workaround on some - environments where joins fail due to timing (and other issues). - The long term goal is to add retries to kubeadm proper and use - that functionality. \n This will add about 40KB to userdata - \n For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055." - type: boolean - users: - description: Users specifies extra users to add - items: - description: User defines the input for a generated user in - cloud-init. + verbosity: + description: Verbosity is the number for the kubeadm log level verbosity. It overrides the `--v` flag in kubeadm commands. + format: int32 + type: integer + type: object + machineTemplate: + description: MachineTemplate contains information about how machines should be shaped when creating or updating a control plane. + properties: + infrastructureRef: + description: InfrastructureRef is a required reference to a custom resource offered by an infrastructure provider. properties: - gecos: - description: Gecos specifies the gecos to use for the user + apiVersion: + description: API version of the referent. type: string - groups: - description: Groups specifies the additional groups for - the user + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' type: string - homeDir: - description: HomeDir specifies the home directory to use - for the user + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - inactive: - description: Inactive specifies whether to mark the user - as inactive - type: boolean - lockPassword: - description: LockPassword specifies if password login should - be disabled - type: boolean name: - description: Name specifies the user name + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - passwd: - description: Passwd specifies a hashed password for the - user + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string - primaryGroup: - description: PrimaryGroup specifies the primary group for - the user + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' type: string - shell: - description: Shell specifies the user's shell + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string - sshAuthorizedKeys: - description: SSHAuthorizedKeys specifies a list of ssh authorized - keys for the user - items: + type: object + x-kubernetes-map-type: atomic + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: type: string - type: array - sudo: - description: Sudo specifies a sudo role for the user - type: string - required: - - name + description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time that the controller will spend on draining a controlplane node The default value is 0, meaning that the node can be drained without any time limitations. NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`' + type: string + required: + - infrastructureRef + type: object + replicas: + description: Number of desired machines. Defaults to 1. When stacked etcd is used only odd numbers are permitted, as per [etcd best practice](https://etcd.io/docs/v3.3.12/faq/#why-an-odd-number-of-cluster-members). This is a pointer to distinguish between explicit zero and not specified. + format: int32 + type: integer + rolloutAfter: + description: RolloutAfter is a field to indicate a rollout should be performed after the specified time even if no changes have been made to the KubeadmControlPlane. + format: date-time + type: string + rolloutStrategy: + default: + rollingUpdate: + maxSurge: 1 + type: RollingUpdate + description: The RolloutStrategy to use to replace control plane machines with new ones. + properties: + rollingUpdate: + description: Rolling update config params. Present only if RolloutStrategyType = RollingUpdate. + properties: + maxSurge: + anyOf: + - type: integer + - type: string + description: 'The maximum number of control planes that can be scheduled above or under the desired number of control planes. Value can be an absolute number 1 or 0. Defaults to 1. Example: when this is set to 1, the control plane can be scaled up immediately when the rolling update starts.' + x-kubernetes-int-or-string: true type: object - type: array - verbosity: - description: Verbosity is the number for the kubeadm log level - verbosity. It overrides the `--v` flag in kubeadm commands. - format: int32 - type: integer - type: object - machineTemplate: - description: MachineTemplate contains information about how machines - should be shaped when creating or updating a control plane. - properties: - infrastructureRef: - description: InfrastructureRef is a required reference to a custom - resource offered by an infrastructure provider. + type: + description: Type of rollout. Currently the only supported strategy is "RollingUpdate". Default is RollingUpdate. + type: string + type: object + version: + description: Version defines the desired Kubernetes version. + type: string + required: + - kubeadmConfigSpec + - machineTemplate + - version + type: object + status: + description: KubeadmControlPlaneStatus defines the observed state of KubeadmControlPlane. + properties: + conditions: + description: Conditions defines current service state of the KubeadmControlPlane. + items: + description: Condition defines an observation of a Cluster API resource operational state. properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part - of an object. TODO: this design is not final and this field - is subject to change in the future.' + lastTransitionTime: + description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + message: + description: A human readable message indicating details about the transition. This field may be empty. type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + reason: + description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + severity: + description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + status: + description: Status of the condition, one of True, False, Unknown. type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. type: string + required: + - status + - type type: object - x-kubernetes-map-type: atomic - metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' - properties: - annotations: - additionalProperties: + type: array + failureMessage: + description: ErrorMessage indicates that there is a terminal problem reconciling the state, and will be set to a descriptive error message. + type: string + failureReason: + description: FailureReason indicates that there is a terminal problem reconciling the state, and will be set to a token value suitable for programmatic interpretation. + type: string + initialized: + description: Initialized denotes whether or not the control plane has the uploaded kubeadm-config configmap. + type: boolean + observedGeneration: + description: ObservedGeneration is the latest generation observed by the controller. + format: int64 + type: integer + ready: + description: Ready denotes that the KubeadmControlPlane API Server is ready to receive requests. + type: boolean + readyReplicas: + description: Total number of fully running and ready control plane machines. + format: int32 + type: integer + replicas: + description: Total number of non-terminated machines targeted by this control plane (their labels match the selector). + format: int32 + type: integer + selector: + description: 'Selector is the label selector in string format to avoid introspection by clients, and is used to provide the CRD-based integration for the scale subresource and additional integrations for things like kubectl describe.. The string will be in the same format as the query-param syntax. More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors' + type: string + unavailableReplicas: + description: Total number of unavailable machines targeted by this control plane. This is the total number of machines that are still required for the deployment to have 100% available capacity. They may either be machines that are running but not yet ready or machines that still have not been created. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated machines targeted by this control plane that have the desired template spec. + format: int32 + type: integer + version: + description: Version represents the minimum Kubernetes version for the control plane machines in the cluster. + type: string + type: object + type: object + served: false + storage: false + subresources: + scale: + labelSelectorPath: .status.selector + specReplicasPath: .spec.replicas + statusReplicasPath: .status.replicas + status: {} + - additionalPrinterColumns: + - description: Cluster + jsonPath: .metadata.labels['cluster\.x-k8s\.io/cluster-name'] + name: Cluster + type: string + - description: This denotes whether or not the control plane has the uploaded kubeadm-config configmap + jsonPath: .status.initialized + name: Initialized + type: boolean + - description: KubeadmControlPlane API Server is ready to receive requests + jsonPath: .status.ready + name: API Server Available + type: boolean + - description: Total number of machines desired by this control plane + jsonPath: .spec.replicas + name: Desired + priority: 10 + type: integer + - description: Total number of non-terminated machines targeted by this control plane + jsonPath: .status.replicas + name: Replicas + type: integer + - description: Total number of fully running and ready control plane machines + jsonPath: .status.readyReplicas + name: Ready + type: integer + - description: Total number of non-terminated machines targeted by this control plane that have the desired template spec + jsonPath: .status.updatedReplicas + name: Updated + type: integer + - description: Total number of unavailable machines targeted by this control plane + jsonPath: .status.unavailableReplicas + name: Unavailable + type: integer + - description: Time duration since creation of KubeadmControlPlane + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Kubernetes version associated with this control plane + jsonPath: .spec.version + name: Version + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: KubeadmControlPlane is the Schema for the KubeadmControlPlane API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KubeadmControlPlaneSpec defines the desired state of KubeadmControlPlane. + properties: + kubeadmConfigSpec: + description: KubeadmConfigSpec is a KubeadmConfigSpec to use for initializing and joining machines to the control plane. + properties: + clusterConfiguration: + description: ClusterConfiguration along with InitConfiguration are the configurations necessary for the init command + properties: + apiServer: + description: APIServer contains extra settings for the API server control plane component + properties: + certSANs: + description: CertSANs sets extra Subject Alternative Names for the API Server signing cert. + items: + type: string + type: array + extraArgs: + additionalProperties: + type: string + description: 'ExtraArgs is an extra set of flags to pass to the control plane component. TODO: This is temporary and ideally we would like to switch all components to use ComponentConfig + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. + items: + description: HostPathMount contains elements describing volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host that will be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the pod where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + timeoutForControlPlane: + description: TimeoutForControlPlane controls the timeout that we use for API server to appear + type: string + type: object + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - http://kubernetes.io/docs/user-guide/annotations' - type: object - labels: - additionalProperties: + certificatesDir: + description: 'CertificatesDir specifies where to store or look for all required certificates. NB: if not provided, this will default to `/etc/kubernetes/pki`' type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. May - match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' - type: object - type: object - nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of time that - the controller will spend on draining a controlplane node The - default value is 0, meaning that the node can be drained without - any time limitations. NOTE: NodeDrainTimeout is different from - `kubectl drain --timeout`' - type: string - required: - - infrastructureRef - type: object - replicas: - description: Number of desired machines. Defaults to 1. When stacked - etcd is used only odd numbers are permitted, as per [etcd best practice](https://etcd.io/docs/v3.3.12/faq/#why-an-odd-number-of-cluster-members). - This is a pointer to distinguish between explicit zero and not specified. - format: int32 - type: integer - rolloutAfter: - description: RolloutAfter is a field to indicate a rollout should - be performed after the specified time even if no changes have been - made to the KubeadmControlPlane. - format: date-time - type: string - rolloutStrategy: - default: - rollingUpdate: - maxSurge: 1 - type: RollingUpdate - description: The RolloutStrategy to use to replace control plane machines - with new ones. - properties: - rollingUpdate: - description: Rolling update config params. Present only if RolloutStrategyType - = RollingUpdate. - properties: - maxSurge: - anyOf: - - type: integer - - type: string - description: 'The maximum number of control planes that can - be scheduled above or under the desired number of control - planes. Value can be an absolute number 1 or 0. Defaults - to 1. Example: when this is set to 1, the control plane - can be scaled up immediately when the rolling update starts.' - x-kubernetes-int-or-string: true - type: object - type: - description: Type of rollout. Currently the only supported strategy - is "RollingUpdate". Default is RollingUpdate. - type: string - type: object - version: - description: Version defines the desired Kubernetes version. - type: string - required: - - kubeadmConfigSpec - - machineTemplate - - version - type: object - status: - description: KubeadmControlPlaneStatus defines the observed state of KubeadmControlPlane. - properties: - conditions: - description: Conditions defines current service state of the KubeadmControlPlane. - items: - description: Condition defines an observation of a Cluster API resource - operational state. - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. - type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. - type: string - required: - - status - - type - type: object - type: array - failureMessage: - description: ErrorMessage indicates that there is a terminal problem - reconciling the state, and will be set to a descriptive error message. - type: string - failureReason: - description: FailureReason indicates that there is a terminal problem - reconciling the state, and will be set to a token value suitable - for programmatic interpretation. - type: string - initialized: - description: Initialized denotes whether or not the control plane - has the uploaded kubeadm-config configmap. - type: boolean - observedGeneration: - description: ObservedGeneration is the latest generation observed - by the controller. - format: int64 - type: integer - ready: - description: Ready denotes that the KubeadmControlPlane API Server - is ready to receive requests. - type: boolean - readyReplicas: - description: Total number of fully running and ready control plane - machines. - format: int32 - type: integer - replicas: - description: Total number of non-terminated machines targeted by this - control plane (their labels match the selector). - format: int32 - type: integer - selector: - description: 'Selector is the label selector in string format to avoid - introspection by clients, and is used to provide the CRD-based integration - for the scale subresource and additional integrations for things - like kubectl describe.. The string will be in the same format as - the query-param syntax. More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors' - type: string - unavailableReplicas: - description: Total number of unavailable machines targeted by this - control plane. This is the total number of machines that are still - required for the deployment to have 100% available capacity. They - may either be machines that are running but not yet ready or machines - that still have not been created. - format: int32 - type: integer - updatedReplicas: - description: Total number of non-terminated machines targeted by this - control plane that have the desired template spec. - format: int32 - type: integer - version: - description: Version represents the minimum Kubernetes version for - the control plane machines in the cluster. - type: string - type: object - type: object - served: false - storage: false - subresources: - scale: - labelSelectorPath: .status.selector - specReplicasPath: .spec.replicas - statusReplicasPath: .status.replicas - status: {} - - additionalPrinterColumns: - - description: Cluster - jsonPath: .metadata.labels['cluster\.x-k8s\.io/cluster-name'] - name: Cluster - type: string - - description: This denotes whether or not the control plane has the uploaded - kubeadm-config configmap - jsonPath: .status.initialized - name: Initialized - type: boolean - - description: KubeadmControlPlane API Server is ready to receive requests - jsonPath: .status.ready - name: API Server Available - type: boolean - - description: Total number of machines desired by this control plane - jsonPath: .spec.replicas - name: Desired - priority: 10 - type: integer - - description: Total number of non-terminated machines targeted by this control - plane - jsonPath: .status.replicas - name: Replicas - type: integer - - description: Total number of fully running and ready control plane machines - jsonPath: .status.readyReplicas - name: Ready - type: integer - - description: Total number of non-terminated machines targeted by this control - plane that have the desired template spec - jsonPath: .status.updatedReplicas - name: Updated - type: integer - - description: Total number of unavailable machines targeted by this control plane - jsonPath: .status.unavailableReplicas - name: Unavailable - type: integer - - description: Time duration since creation of KubeadmControlPlane - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - description: Kubernetes version associated with this control plane - jsonPath: .spec.version - name: Version - type: string - name: v1beta1 - schema: - openAPIV3Schema: - description: KubeadmControlPlane is the Schema for the KubeadmControlPlane - API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KubeadmControlPlaneSpec defines the desired state of KubeadmControlPlane. - properties: - kubeadmConfigSpec: - description: KubeadmConfigSpec is a KubeadmConfigSpec to use for initializing - and joining machines to the control plane. - properties: - clusterConfiguration: - description: ClusterConfiguration along with InitConfiguration - are the configurations necessary for the init command - properties: - apiServer: - description: APIServer contains extra settings for the API - server control plane component - properties: - certSANs: - description: CertSANs sets extra Subject Alternative Names - for the API Server signing cert. - items: + clusterName: + description: The cluster name + type: string + controlPlaneEndpoint: + description: 'ControlPlaneEndpoint sets a stable IP address or DNS name for the control plane; it can be a valid IP address or a RFC-1123 DNS subdomain, both with optional TCP port. In case the ControlPlaneEndpoint is not specified, the AdvertiseAddress + BindPort are used; in case the ControlPlaneEndpoint is specified but without a TCP port, the BindPort is used. Possible usages are: e.g. In a cluster with more than one control plane instances, this field should be assigned the address of the external load balancer in front of the control plane instances. e.g. in environments with enforced node recycling, the ControlPlaneEndpoint could be used for assigning a stable DNS to the control plane. NB: This value defaults to the first value in the Cluster object status.apiEndpoints array.' + type: string + controllerManager: + description: ControllerManager contains extra settings for the controller manager control plane component + properties: + extraArgs: + additionalProperties: + type: string + description: 'ExtraArgs is an extra set of flags to pass to the control plane component. TODO: This is temporary and ideally we would like to switch all components to use ComponentConfig + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. + items: + description: HostPathMount contains elements describing volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host that will be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the pod where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + type: object + dns: + description: DNS defines the options for the DNS add-on installed in the cluster. + properties: + imageRepository: + description: ImageRepository sets the container registry to pull images from. if not set, the ImageRepository defined in ClusterConfiguration will be used instead. type: string - type: array - extraArgs: - additionalProperties: + imageTag: + description: ImageTag allows to specify a tag for the image. In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. type: string - description: 'ExtraArgs is an extra set of flags to pass - to the control plane component. TODO: This is temporary - and ideally we would like to switch all components to - use ComponentConfig + ConfigMaps.' - type: object - extraVolumes: - description: ExtraVolumes is an extra set of host volumes, - mounted to the control plane component. - items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. + type: object + etcd: + description: 'Etcd holds configuration for etcd. NB: This value defaults to a Local (stacked) etcd' + properties: + external: + description: External describes how to connect to an external etcd cluster Local and External are mutually exclusive properties: - hostPath: - description: HostPath is the path in the host that - will be mounted inside the pod. - type: string - mountPath: - description: MountPath is the path inside the pod - where hostPath will be mounted. + caFile: + description: CAFile is an SSL Certificate Authority file used to secure etcd communication. Required if using a TLS connection. type: string - name: - description: Name of the volume inside the pod template. + certFile: + description: CertFile is an SSL certification file used to secure etcd communication. Required if using a TLS connection. type: string - pathType: - description: PathType is the type of the HostPath. + endpoints: + description: Endpoints of etcd members. Required for ExternalEtcd. + items: + type: string + type: array + keyFile: + description: KeyFile is an SSL key file used to secure etcd communication. Required if using a TLS connection. type: string - readOnly: - description: ReadOnly controls write access to the - volume - type: boolean required: - - hostPath - - mountPath - - name + - caFile + - certFile + - endpoints + - keyFile type: object - type: array - timeoutForControlPlane: - description: TimeoutForControlPlane controls the timeout - that we use for API server to appear - type: string - type: object - apiVersion: - description: 'APIVersion defines the versioned schema of this - representation of an object. Servers should convert recognized - schemas to the latest internal value, and may reject unrecognized - values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - certificatesDir: - description: 'CertificatesDir specifies where to store or - look for all required certificates. NB: if not provided, - this will default to `/etc/kubernetes/pki`' - type: string - clusterName: - description: The cluster name - type: string - controlPlaneEndpoint: - description: 'ControlPlaneEndpoint sets a stable IP address - or DNS name for the control plane; it can be a valid IP - address or a RFC-1123 DNS subdomain, both with optional - TCP port. In case the ControlPlaneEndpoint is not specified, - the AdvertiseAddress + BindPort are used; in case the ControlPlaneEndpoint - is specified but without a TCP port, the BindPort is used. - Possible usages are: e.g. In a cluster with more than one - control plane instances, this field should be assigned the - address of the external load balancer in front of the control - plane instances. e.g. in environments with enforced node - recycling, the ControlPlaneEndpoint could be used for assigning - a stable DNS to the control plane. NB: This value defaults - to the first value in the Cluster object status.apiEndpoints - array.' - type: string - controllerManager: - description: ControllerManager contains extra settings for - the controller manager control plane component - properties: - extraArgs: - additionalProperties: - type: string - description: 'ExtraArgs is an extra set of flags to pass - to the control plane component. TODO: This is temporary - and ideally we would like to switch all components to - use ComponentConfig + ConfigMaps.' - type: object - extraVolumes: - description: ExtraVolumes is an extra set of host volumes, - mounted to the control plane component. - items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. + local: + description: Local provides configuration knobs for configuring the local etcd instance Local and External are mutually exclusive properties: - hostPath: - description: HostPath is the path in the host that - will be mounted inside the pod. + dataDir: + description: DataDir is the directory etcd will place its data. Defaults to "/var/lib/etcd". type: string - mountPath: - description: MountPath is the path inside the pod - where hostPath will be mounted. - type: string - name: - description: Name of the volume inside the pod template. + extraArgs: + additionalProperties: + type: string + description: ExtraArgs are extra arguments provided to the etcd binary when run inside a static pod. + type: object + imageRepository: + description: ImageRepository sets the container registry to pull images from. if not set, the ImageRepository defined in ClusterConfiguration will be used instead. type: string - pathType: - description: PathType is the type of the HostPath. + imageTag: + description: ImageTag allows to specify a tag for the image. In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. type: string - readOnly: - description: ReadOnly controls write access to the - volume - type: boolean - required: - - hostPath - - mountPath - - name + peerCertSANs: + description: PeerCertSANs sets extra Subject Alternative Names for the etcd peer signing cert. + items: + type: string + type: array + serverCertSANs: + description: ServerCertSANs sets extra Subject Alternative Names for the etcd server signing cert. + items: + type: string + type: array type: object - type: array - type: object - dns: - description: DNS defines the options for the DNS add-on installed - in the cluster. - properties: - imageRepository: - description: ImageRepository sets the container registry - to pull images from. if not set, the ImageRepository - defined in ClusterConfiguration will be used instead. - type: string - imageTag: - description: ImageTag allows to specify a tag for the - image. In case this value is set, kubeadm does not change - automatically the version of the above components during - upgrades. - type: string - type: object - etcd: - description: 'Etcd holds configuration for etcd. NB: This - value defaults to a Local (stacked) etcd' - properties: - external: - description: External describes how to connect to an external - etcd cluster Local and External are mutually exclusive - properties: - caFile: - description: CAFile is an SSL Certificate Authority - file used to secure etcd communication. Required - if using a TLS connection. + type: object + featureGates: + additionalProperties: + type: boolean + description: FeatureGates enabled by the user. + type: object + imageRepository: + description: 'ImageRepository sets the container registry to pull images from. * If not set, the default registry of kubeadm will be used, i.e. * registry.k8s.io (new registry): >= v1.22.17, >= v1.23.15, >= v1.24.9, >= v1.25.0 * k8s.gcr.io (old registry): all older versions Please note that when imageRepository is not set we don''t allow upgrades to versions >= v1.22.0 which use the old registry (k8s.gcr.io). Please use a newer patch version with the new registry instead (i.e. >= v1.22.17, >= v1.23.15, >= v1.24.9, >= v1.25.0). * If the version is a CI build (kubernetes version starts with `ci/` or `ci-cross/`) `gcr.io/k8s-staging-ci-images` will be used as a default for control plane components and for kube-proxy, while `registry.k8s.io` will be used for all the other images.' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + kubernetesVersion: + description: 'KubernetesVersion is the target version of the control plane. NB: This value defaults to the Machine object spec.version' + type: string + networking: + description: 'Networking holds configuration for the networking topology of the cluster. NB: This value defaults to the Cluster object spec.clusterNetwork.' + properties: + dnsDomain: + description: DNSDomain is the dns domain used by k8s services. Defaults to "cluster.local". + type: string + podSubnet: + description: PodSubnet is the subnet used by pods. If unset, the API server will not allocate CIDR ranges for every node. Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.services.cidrBlocks if that is set + type: string + serviceSubnet: + description: ServiceSubnet is the subnet used by k8s services. Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.pods.cidrBlocks, or to "10.96.0.0/12" if that's unset. + type: string + type: object + scheduler: + description: Scheduler contains extra settings for the scheduler control plane component + properties: + extraArgs: + additionalProperties: type: string - certFile: - description: CertFile is an SSL certification file - used to secure etcd communication. Required if using - a TLS connection. + description: 'ExtraArgs is an extra set of flags to pass to the control plane component. TODO: This is temporary and ideally we would like to switch all components to use ComponentConfig + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. + items: + description: HostPathMount contains elements describing volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host that will be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the pod where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + type: object + type: object + diskSetup: + description: DiskSetup specifies options for the creation of partition tables and file systems on devices. + properties: + filesystems: + description: Filesystems specifies the list of file systems to setup. + items: + description: Filesystem defines the file systems to be created. + properties: + device: + description: Device specifies the device name type: string - endpoints: - description: Endpoints of etcd members. Required for - ExternalEtcd. + extraOpts: + description: ExtraOpts defined extra options to add to the command for creating the file system. items: type: string type: array - keyFile: - description: KeyFile is an SSL key file used to secure - etcd communication. Required if using a TLS connection. + filesystem: + description: Filesystem specifies the file system type. + type: string + label: + description: Label specifies the file system label to be used. If set to None, no label is used. + type: string + overwrite: + description: Overwrite defines whether or not to overwrite any existing filesystem. If true, any pre-existing file system will be destroyed. Use with Caution. + type: boolean + partition: + description: 'Partition specifies the partition to use. The valid options are: "auto|any", "auto", "any", "none", and , where NUM is the actual partition number.' + type: string + replaceFS: + description: 'ReplaceFS is a special directive, used for Microsoft Azure that instructs cloud-init to replace a file system of . NOTE: unless you define a label, this requires the use of the ''any'' partition directive.' type: string required: - - caFile - - certFile - - endpoints - - keyFile + - device + - filesystem + - label type: object - local: - description: Local provides configuration knobs for configuring - the local etcd instance Local and External are mutually - exclusive + type: array + partitions: + description: Partitions specifies the list of the partitions to setup. + items: + description: Partition defines how to create and layout a partition. properties: - dataDir: - description: DataDir is the directory etcd will place - its data. Defaults to "/var/lib/etcd". + device: + description: Device is the name of the device. type: string - extraArgs: - additionalProperties: - type: string - description: ExtraArgs are extra arguments provided - to the etcd binary when run inside a static pod. + layout: + description: Layout specifies the device layout. If it is true, a single partition will be created for the entire device. When layout is false, it means don't partition or ignore existing partitioning. + type: boolean + overwrite: + description: Overwrite describes whether to skip checks and create the partition if a partition or filesystem is found on the device. Use with caution. Default is 'false'. + type: boolean + tableType: + description: 'TableType specifies the tupe of partition table. The following are supported: ''mbr'': default and setups a MS-DOS partition table ''gpt'': setups a GPT partition table' + type: string + required: + - device + - layout + type: object + type: array + type: object + files: + description: Files specifies extra files to be passed to user_data upon creation. + items: + description: File defines the input for generating write_files in cloud-init. + properties: + append: + description: Append specifies whether to append Content to existing file if Path exists. + type: boolean + content: + description: Content is the actual content of the file. + type: string + contentFrom: + description: ContentFrom is a referenced source of content to populate the file. + properties: + secret: + description: Secret represents a secret that should populate this file. + properties: + key: + description: Key is the key in the secret's data map for this value. + type: string + name: + description: Name of the secret in the KubeadmBootstrapConfig's namespace to use. + type: string + required: + - key + - name type: object - imageRepository: - description: ImageRepository sets the container registry - to pull images from. if not set, the ImageRepository - defined in ClusterConfiguration will be used instead. + required: + - secret + type: object + encoding: + description: Encoding specifies the encoding of the file contents. + enum: + - base64 + - gzip + - gzip+base64 + type: string + owner: + description: Owner specifies the ownership of the file, e.g. "root:root". + type: string + path: + description: Path specifies the full path on disk where to store the file. + type: string + permissions: + description: Permissions specifies the permissions to assign to the file, e.g. "0640". + type: string + required: + - path + type: object + type: array + format: + description: Format specifies the output format of the bootstrap data + enum: + - cloud-config + - ignition + type: string + ignition: + description: Ignition contains Ignition specific configuration. + properties: + containerLinuxConfig: + description: ContainerLinuxConfig contains CLC specific configuration. + properties: + additionalConfig: + description: "AdditionalConfig contains additional configuration to be merged with the Ignition configuration generated by the bootstrapper controller. More info: https://coreos.github.io/ignition/operator-notes/#config-merging \n The data format is documented here: https://kinvolk.io/docs/flatcar-container-linux/latest/provisioning/cl-config/" + type: string + strict: + description: Strict controls if AdditionalConfig should be strictly parsed. If so, warnings are treated as errors. + type: boolean + type: object + type: object + initConfiguration: + description: InitConfiguration along with ClusterConfiguration are the configurations necessary for the init command + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + bootstrapTokens: + description: BootstrapTokens is respected at `kubeadm init` time and describes a set of Bootstrap Tokens to create. This information IS NOT uploaded to the kubeadm cluster configmap, partly because of its sensitive nature + items: + description: BootstrapToken describes one bootstrap token, stored as a Secret in the cluster. + properties: + description: + description: Description sets a human-friendly message why this token exists and what it's used for, so other administrators can know its purpose. type: string - imageTag: - description: ImageTag allows to specify a tag for - the image. In case this value is set, kubeadm does - not change automatically the version of the above - components during upgrades. + expires: + description: Expires specifies the timestamp when this token expires. Defaults to being set dynamically at runtime based on the TTL. Expires and TTL are mutually exclusive. + format: date-time type: string - peerCertSANs: - description: PeerCertSANs sets extra Subject Alternative - Names for the etcd peer signing cert. + groups: + description: Groups specifies the extra groups that this token will authenticate as when/if used for authentication items: type: string type: array - serverCertSANs: - description: ServerCertSANs sets extra Subject Alternative - Names for the etcd server signing cert. + token: + description: Token is used for establishing bidirectional trust between nodes and control-planes. Used for joining nodes in the cluster. + type: string + ttl: + description: TTL defines the time to live for this token. Defaults to 24h. Expires and TTL are mutually exclusive. + type: string + usages: + description: Usages describes the ways in which this token can be used. Can by default be used for establishing bidirectional trust, but that can be changed here. items: type: string type: array + required: + - token type: object - type: object - featureGates: - additionalProperties: - type: boolean - description: FeatureGates enabled by the user. - type: object - imageRepository: - description: 'ImageRepository sets the container registry - to pull images from. * If not set, the default registry - of kubeadm will be used, i.e. * registry.k8s.io (new registry): - >= v1.22.17, >= v1.23.15, >= v1.24.9, >= v1.25.0 * k8s.gcr.io - (old registry): all older versions Please note that when - imageRepository is not set we don''t allow upgrades to versions - >= v1.22.0 which use the old registry (k8s.gcr.io). Please - use a newer patch version with the new registry instead - (i.e. >= v1.22.17, >= v1.23.15, >= v1.24.9, >= v1.25.0). - * If the version is a CI build (kubernetes version starts - with `ci/` or `ci-cross/`) `gcr.io/k8s-staging-ci-images` - will be used as a default for control plane components and - for kube-proxy, while `registry.k8s.io` will be used for - all the other images.' - type: string - kind: - description: 'Kind is a string value representing the REST - resource this object represents. Servers may infer this - from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - kubernetesVersion: - description: 'KubernetesVersion is the target version of the - control plane. NB: This value defaults to the Machine object - spec.version' - type: string - networking: - description: 'Networking holds configuration for the networking - topology of the cluster. NB: This value defaults to the - Cluster object spec.clusterNetwork.' - properties: - dnsDomain: - description: DNSDomain is the dns domain used by k8s services. - Defaults to "cluster.local". - type: string - podSubnet: - description: PodSubnet is the subnet used by pods. If - unset, the API server will not allocate CIDR ranges - for every node. Defaults to a comma-delimited string - of the Cluster object's spec.clusterNetwork.services.cidrBlocks - if that is set - type: string - serviceSubnet: - description: ServiceSubnet is the subnet used by k8s services. - Defaults to a comma-delimited string of the Cluster - object's spec.clusterNetwork.pods.cidrBlocks, or to - "10.96.0.0/12" if that's unset. - type: string - type: object - scheduler: - description: Scheduler contains extra settings for the scheduler - control plane component - properties: - extraArgs: - additionalProperties: + type: array + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + localAPIEndpoint: + description: LocalAPIEndpoint represents the endpoint of the API server instance that's deployed on this control plane node In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint in the sense that ControlPlaneEndpoint is the global endpoint for the cluster, which then loadbalances the requests to each individual API server. This configuration object lets you customize what IP/DNS name and port the local API server advertises it's accessible on. By default, kubeadm tries to auto-detect the IP of the default interface and use that, but in case that process fails you may set the desired value here. + properties: + advertiseAddress: + description: AdvertiseAddress sets the IP address for the API server to advertise. type: string - description: 'ExtraArgs is an extra set of flags to pass - to the control plane component. TODO: This is temporary - and ideally we would like to switch all components to - use ComponentConfig + ConfigMaps.' - type: object - extraVolumes: - description: ExtraVolumes is an extra set of host volumes, - mounted to the control plane component. - items: - description: HostPathMount contains elements describing - volumes that are mounted from the host. - properties: - hostPath: - description: HostPath is the path in the host that - will be mounted inside the pod. - type: string - mountPath: - description: MountPath is the path inside the pod - where hostPath will be mounted. - type: string - name: - description: Name of the volume inside the pod template. - type: string - pathType: - description: PathType is the type of the HostPath. - type: string - readOnly: - description: ReadOnly controls write access to the - volume - type: boolean - required: - - hostPath - - mountPath - - name - type: object - type: array - type: object - type: object - diskSetup: - description: DiskSetup specifies options for the creation of partition - tables and file systems on devices. - properties: - filesystems: - description: Filesystems specifies the list of file systems - to setup. - items: - description: Filesystem defines the file systems to be created. + bindPort: + description: BindPort sets the secure port for the API Server to bind to. Defaults to 6443. + format: int32 + type: integer + type: object + nodeRegistration: + description: NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. When used in the context of control plane nodes, NodeRegistration should remain consistent across both InitConfiguration and JoinConfiguration properties: - device: - description: Device specifies the device name + criSocket: + description: CRISocket is used to retrieve container runtime info. This information will be annotated to the Node API object, for later re-use type: string - extraOpts: - description: ExtraOpts defined extra options to add - to the command for creating the file system. + ignorePreflightErrors: + description: IgnorePreflightErrors provides a slice of pre-flight errors to be ignored when the current node is registered. items: type: string type: array - filesystem: - description: Filesystem specifies the file system type. + imagePullPolicy: + description: ImagePullPolicy specifies the policy for image pulling during kubeadm "init" and "join" operations. The value of this field must be one of "Always", "IfNotPresent" or "Never". Defaults to "IfNotPresent". This can be used only with Kubernetes version equal to 1.22 and later. + enum: + - Always + - IfNotPresent + - Never type: string - label: - description: Label specifies the file system label to - be used. If set to None, no label is used. - type: string - overwrite: - description: Overwrite defines whether or not to overwrite - any existing filesystem. If true, any pre-existing - file system will be destroyed. Use with Caution. - type: boolean - partition: - description: 'Partition specifies the partition to use. - The valid options are: "auto|any", "auto", "any", - "none", and , where NUM is the actual partition - number.' - type: string - replaceFS: - description: 'ReplaceFS is a special directive, used - for Microsoft Azure that instructs cloud-init to replace - a file system of . NOTE: unless you define - a label, this requires the use of the ''any'' partition - directive.' + kubeletExtraArgs: + additionalProperties: + type: string + description: KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. + type: object + name: + description: Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. This field is also used in the CommonName field of the kubelet's client certificate to the API server. Defaults to the hostname of the node if not provided. type: string - required: - - device - - filesystem - - label + taints: + description: 'Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. If you don''t want to taint your control-plane node, set this field to an empty slice, i.e. `taints: []` in the YAML file. This field is solely used for Node registration.' + items: + description: The node this Taint is attached to has the "effect" on any pod that does not tolerate the Taint. + properties: + effect: + description: Required. The effect of the taint on pods that do not tolerate the taint. Valid effects are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Required. The taint key to be applied to a node. + type: string + timeAdded: + description: TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints. + format: date-time + type: string + value: + description: The taint value corresponding to the taint key. + type: string + required: + - effect + - key + type: object + type: array type: object - type: array - partitions: - description: Partitions specifies the list of the partitions - to setup. - items: - description: Partition defines how to create and layout - a partition. + patches: + description: Patches contains options related to applying patches to components deployed by kubeadm during "kubeadm init". The minimum kubernetes version needed to support Patches is v1.22 properties: - device: - description: Device is the name of the device. + directory: + description: Directory is a path to a directory that contains files named "target[suffix][+patchtype].extension". For example, "kube-apiserver0+merge.yaml" or just "etcd.json". "target" can be one of "kube-apiserver", "kube-controller-manager", "kube-scheduler", "etcd". "patchtype" can be one of "strategic" "merge" or "json" and they match the patch formats supported by kubectl. The default "patchtype" is "strategic". "extension" must be either "json" or "yaml". "suffix" is an optional string that can be used to determine which patches are applied first alpha-numerically. These files can be written into the target directory via KubeadmConfig.Files which specifies additional files to be created on the machine, either with content inline or by referencing a secret. type: string - layout: - description: Layout specifies the device layout. If - it is true, a single partition will be created for - the entire device. When layout is false, it means - don't partition or ignore existing partitioning. - type: boolean - overwrite: - description: Overwrite describes whether to skip checks - and create the partition if a partition or filesystem - is found on the device. Use with caution. Default - is 'false'. - type: boolean - tableType: - description: 'TableType specifies the tupe of partition - table. The following are supported: ''mbr'': default - and setups a MS-DOS partition table ''gpt'': setups - a GPT partition table' - type: string - required: - - device - - layout type: object - type: array - type: object - files: - description: Files specifies extra files to be passed to user_data - upon creation. - items: - description: File defines the input for generating write_files - in cloud-init. + skipPhases: + description: SkipPhases is a list of phases to skip during command execution. The list of phases can be obtained with the "kubeadm init --help" command. This option takes effect only on Kubernetes >=1.22.0. + items: + type: string + type: array + type: object + joinConfiguration: + description: JoinConfiguration is the kubeadm configuration for the join command properties: - append: - description: Append specifies whether to append Content - to existing file if Path exists. - type: boolean - content: - description: Content is the actual content of the file. + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + caCertPath: + description: 'CACertPath is the path to the SSL certificate authority used to secure comunications between node and control-plane. Defaults to "/etc/kubernetes/pki/ca.crt". TODO: revisit when there is defaulting from k/k' type: string - contentFrom: - description: ContentFrom is a referenced source of content - to populate the file. + controlPlane: + description: ControlPlane defines the additional control plane instance to be deployed on the joining node. If nil, no additional control plane instance will be deployed. + properties: + localAPIEndpoint: + description: LocalAPIEndpoint represents the endpoint of the API server instance to be deployed on this node. + properties: + advertiseAddress: + description: AdvertiseAddress sets the IP address for the API server to advertise. + type: string + bindPort: + description: BindPort sets the secure port for the API Server to bind to. Defaults to 6443. + format: int32 + type: integer + type: object + type: object + discovery: + description: 'Discovery specifies the options for the kubelet to use during the TLS Bootstrap process TODO: revisit when there is defaulting from k/k' properties: - secret: - description: Secret represents a secret that should - populate this file. + bootstrapToken: + description: BootstrapToken is used to set the options for bootstrap token based discovery BootstrapToken and File are mutually exclusive properties: - key: - description: Key is the key in the secret's data - map for this value. + apiServerEndpoint: + description: APIServerEndpoint is an IP or domain name to the API server from which info will be fetched. type: string - name: - description: Name of the secret in the KubeadmBootstrapConfig's - namespace to use. + caCertHashes: + description: 'CACertHashes specifies a set of public key pins to verify when token-based discovery is used. The root CA found during discovery must match one of these values. Specifying an empty set disables root CA pinning, which can be unsafe. Each hash is specified as ":", where the only currently supported type is "sha256". This is a hex-encoded SHA-256 hash of the Subject Public Key Info (SPKI) object in DER-encoded ASN.1. These hashes can be calculated using, for example, OpenSSL: openssl x509 -pubkey -in ca.crt openssl rsa -pubin -outform der 2>&/dev/null | openssl dgst -sha256 -hex' + items: + type: string + type: array + token: + description: Token is a token used to validate cluster information fetched from the control-plane. type: string + unsafeSkipCAVerification: + description: UnsafeSkipCAVerification allows token-based discovery without CA verification via CACertHashes. This can weaken the security of kubeadm since other nodes can impersonate the control-plane. + type: boolean required: - - key - - name + - token type: object - required: - - secret + file: + description: File is used to specify a file or URL to a kubeconfig file from which to load cluster information BootstrapToken and File are mutually exclusive + properties: + kubeConfigPath: + description: KubeConfigPath is used to specify the actual file path or URL to the kubeconfig file from which to load cluster information + type: string + required: + - kubeConfigPath + type: object + timeout: + description: Timeout modifies the discovery timeout + type: string + tlsBootstrapToken: + description: TLSBootstrapToken is a token used for TLS bootstrapping. If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, but can be overridden. If .File is set, this field **must be set** in case the KubeConfigFile does not contain any other authentication information + type: string type: object - encoding: - description: Encoding specifies the encoding of the file - contents. - enum: - - base64 - - gzip - - gzip+base64 - type: string - owner: - description: Owner specifies the ownership of the file, - e.g. "root:root". - type: string - path: - description: Path specifies the full path on disk where - to store the file. - type: string - permissions: - description: Permissions specifies the permissions to assign - to the file, e.g. "0640". + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - required: - - path - type: object - type: array - format: - description: Format specifies the output format of the bootstrap - data - enum: - - cloud-config - - ignition - type: string - ignition: - description: Ignition contains Ignition specific configuration. - properties: - containerLinuxConfig: - description: ContainerLinuxConfig contains CLC specific configuration. - properties: - additionalConfig: - description: "AdditionalConfig contains additional configuration - to be merged with the Ignition configuration generated - by the bootstrapper controller. More info: https://coreos.github.io/ignition/operator-notes/#config-merging - \n The data format is documented here: https://kinvolk.io/docs/flatcar-container-linux/latest/provisioning/cl-config/" - type: string - strict: - description: Strict controls if AdditionalConfig should - be strictly parsed. If so, warnings are treated as errors. - type: boolean - type: object - type: object - initConfiguration: - description: InitConfiguration along with ClusterConfiguration - are the configurations necessary for the init command - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this - representation of an object. Servers should convert recognized - schemas to the latest internal value, and may reject unrecognized - values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - bootstrapTokens: - description: BootstrapTokens is respected at `kubeadm init` - time and describes a set of Bootstrap Tokens to create. - This information IS NOT uploaded to the kubeadm cluster - configmap, partly because of its sensitive nature - items: - description: BootstrapToken describes one bootstrap token, - stored as a Secret in the cluster. + nodeRegistration: + description: NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. When used in the context of control plane nodes, NodeRegistration should remain consistent across both InitConfiguration and JoinConfiguration properties: - description: - description: Description sets a human-friendly message - why this token exists and what it's used for, so other - administrators can know its purpose. - type: string - expires: - description: Expires specifies the timestamp when this - token expires. Defaults to being set dynamically at - runtime based on the TTL. Expires and TTL are mutually - exclusive. - format: date-time + criSocket: + description: CRISocket is used to retrieve container runtime info. This information will be annotated to the Node API object, for later re-use type: string - groups: - description: Groups specifies the extra groups that - this token will authenticate as when/if used for authentication + ignorePreflightErrors: + description: IgnorePreflightErrors provides a slice of pre-flight errors to be ignored when the current node is registered. items: type: string type: array - token: - description: Token is used for establishing bidirectional - trust between nodes and control-planes. Used for joining - nodes in the cluster. + imagePullPolicy: + description: ImagePullPolicy specifies the policy for image pulling during kubeadm "init" and "join" operations. The value of this field must be one of "Always", "IfNotPresent" or "Never". Defaults to "IfNotPresent". This can be used only with Kubernetes version equal to 1.22 and later. + enum: + - Always + - IfNotPresent + - Never type: string - ttl: - description: TTL defines the time to live for this token. - Defaults to 24h. Expires and TTL are mutually exclusive. + kubeletExtraArgs: + additionalProperties: + type: string + description: KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. + type: object + name: + description: Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. This field is also used in the CommonName field of the kubelet's client certificate to the API server. Defaults to the hostname of the node if not provided. type: string - usages: - description: Usages describes the ways in which this - token can be used. Can by default be used for establishing - bidirectional trust, but that can be changed here. + taints: + description: 'Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. If you don''t want to taint your control-plane node, set this field to an empty slice, i.e. `taints: []` in the YAML file. This field is solely used for Node registration.' items: - type: string + description: The node this Taint is attached to has the "effect" on any pod that does not tolerate the Taint. + properties: + effect: + description: Required. The effect of the taint on pods that do not tolerate the taint. Valid effects are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Required. The taint key to be applied to a node. + type: string + timeAdded: + description: TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints. + format: date-time + type: string + value: + description: The taint value corresponding to the taint key. + type: string + required: + - effect + - key + type: object type: array - required: - - token type: object + patches: + description: Patches contains options related to applying patches to components deployed by kubeadm during "kubeadm join". The minimum kubernetes version needed to support Patches is v1.22 + properties: + directory: + description: Directory is a path to a directory that contains files named "target[suffix][+patchtype].extension". For example, "kube-apiserver0+merge.yaml" or just "etcd.json". "target" can be one of "kube-apiserver", "kube-controller-manager", "kube-scheduler", "etcd". "patchtype" can be one of "strategic" "merge" or "json" and they match the patch formats supported by kubectl. The default "patchtype" is "strategic". "extension" must be either "json" or "yaml". "suffix" is an optional string that can be used to determine which patches are applied first alpha-numerically. These files can be written into the target directory via KubeadmConfig.Files which specifies additional files to be created on the machine, either with content inline or by referencing a secret. + type: string + type: object + skipPhases: + description: SkipPhases is a list of phases to skip during command execution. The list of phases can be obtained with the "kubeadm init --help" command. This option takes effect only on Kubernetes >=1.22.0. + items: + type: string + type: array + type: object + mounts: + description: Mounts specifies a list of mount points to be setup. + items: + description: MountPoints defines input for generated mounts in cloud-init. + items: + type: string type: array - kind: - description: 'Kind is a string value representing the REST - resource this object represents. Servers may infer this - from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: array + ntp: + description: NTP specifies NTP configuration + properties: + enabled: + description: Enabled specifies whether NTP should be enabled + type: boolean + servers: + description: Servers specifies which NTP servers to use + items: + type: string + type: array + type: object + postKubeadmCommands: + description: PostKubeadmCommands specifies extra commands to run after kubeadm runs + items: type: string - localAPIEndpoint: - description: LocalAPIEndpoint represents the endpoint of the - API server instance that's deployed on this control plane - node In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint - in the sense that ControlPlaneEndpoint is the global endpoint - for the cluster, which then loadbalances the requests to - each individual API server. This configuration object lets - you customize what IP/DNS name and port the local API server - advertises it's accessible on. By default, kubeadm tries - to auto-detect the IP of the default interface and use that, - but in case that process fails you may set the desired value - here. + type: array + preKubeadmCommands: + description: PreKubeadmCommands specifies extra commands to run before kubeadm runs + items: + type: string + type: array + useExperimentalRetryJoin: + description: "UseExperimentalRetryJoin replaces a basic kubeadm command with a shell script with retries for joins. \n This is meant to be an experimental temporary workaround on some environments where joins fail due to timing (and other issues). The long term goal is to add retries to kubeadm proper and use that functionality. \n This will add about 40KB to userdata \n For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055. \n Deprecated: This experimental fix is no longer needed and this field will be removed in a future release. When removing also remove from staticcheck exclude-rules for SA1019 in golangci.yml" + type: boolean + users: + description: Users specifies extra users to add + items: + description: User defines the input for a generated user in cloud-init. properties: - advertiseAddress: - description: AdvertiseAddress sets the IP address for - the API server to advertise. + gecos: + description: Gecos specifies the gecos to use for the user type: string - bindPort: - description: BindPort sets the secure port for the API - Server to bind to. Defaults to 6443. - format: int32 - type: integer - type: object - nodeRegistration: - description: NodeRegistration holds fields that relate to - registering the new control-plane node to the cluster. When - used in the context of control plane nodes, NodeRegistration - should remain consistent across both InitConfiguration and - JoinConfiguration - properties: - criSocket: - description: CRISocket is used to retrieve container runtime - info. This information will be annotated to the Node - API object, for later re-use + groups: + description: Groups specifies the additional groups for the user type: string - ignorePreflightErrors: - description: IgnorePreflightErrors provides a slice of - pre-flight errors to be ignored when the current node - is registered. - items: - type: string - type: array - imagePullPolicy: - description: ImagePullPolicy specifies the policy for - image pulling during kubeadm "init" and "join" operations. - The value of this field must be one of "Always", "IfNotPresent" - or "Never". Defaults to "IfNotPresent". This can be - used only with Kubernetes version equal to 1.22 and - later. - enum: - - Always - - IfNotPresent - - Never + homeDir: + description: HomeDir specifies the home directory to use for the user type: string - kubeletExtraArgs: - additionalProperties: - type: string - description: KubeletExtraArgs passes through extra arguments - to the kubelet. The arguments here are passed to the - kubelet command line via the environment file kubeadm - writes at runtime for the kubelet to source. This overrides - the generic base-level configuration in the kubelet-config-1.X - ConfigMap Flags have higher priority when parsing. These - values are local and specific to the node kubeadm is - executing on. - type: object + inactive: + description: Inactive specifies whether to mark the user as inactive + type: boolean + lockPassword: + description: LockPassword specifies if password login should be disabled + type: boolean name: - description: Name is the `.Metadata.Name` field of the - Node API object that will be created in this `kubeadm - init` or `kubeadm join` operation. This field is also - used in the CommonName field of the kubelet's client - certificate to the API server. Defaults to the hostname - of the node if not provided. + description: Name specifies the user name type: string - taints: - description: 'Taints specifies the taints the Node API - object should be registered with. If this field is unset, - i.e. nil, in the `kubeadm init` process it will be defaulted - to []v1.Taint{''node-role.kubernetes.io/master=""''}. - If you don''t want to taint your control-plane node, - set this field to an empty slice, i.e. `taints: []` - in the YAML file. This field is solely used for Node - registration.' - items: - description: The node this Taint is attached to has - the "effect" on any pod that does not tolerate the - Taint. - properties: - effect: - description: Required. The effect of the taint on - pods that do not tolerate the taint. Valid effects - are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: Required. The taint key to be applied - to a node. - type: string - timeAdded: - description: TimeAdded represents the time at which - the taint was added. It is only written for NoExecute - taints. - format: date-time - type: string - value: - description: The taint value corresponding to the - taint key. - type: string - required: - - effect - - key - type: object - type: array - type: object - patches: - description: Patches contains options related to applying - patches to components deployed by kubeadm during "kubeadm - init". The minimum kubernetes version needed to support - Patches is v1.22 - properties: - directory: - description: Directory is a path to a directory that contains - files named "target[suffix][+patchtype].extension". - For example, "kube-apiserver0+merge.yaml" or just "etcd.json". - "target" can be one of "kube-apiserver", "kube-controller-manager", - "kube-scheduler", "etcd". "patchtype" can be one of - "strategic" "merge" or "json" and they match the patch - formats supported by kubectl. The default "patchtype" - is "strategic". "extension" must be either "json" or - "yaml". "suffix" is an optional string that can be used - to determine which patches are applied first alpha-numerically. - These files can be written into the target directory - via KubeadmConfig.Files which specifies additional files - to be created on the machine, either with content inline - or by referencing a secret. + passwd: + description: Passwd specifies a hashed password for the user type: string - type: object - skipPhases: - description: SkipPhases is a list of phases to skip during - command execution. The list of phases can be obtained with - the "kubeadm init --help" command. This option takes effect - only on Kubernetes >=1.22.0. - items: - type: string - type: array - type: object - joinConfiguration: - description: JoinConfiguration is the kubeadm configuration for - the join command - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this - representation of an object. Servers should convert recognized - schemas to the latest internal value, and may reject unrecognized - values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - caCertPath: - description: 'CACertPath is the path to the SSL certificate - authority used to secure comunications between node and - control-plane. Defaults to "/etc/kubernetes/pki/ca.crt". - TODO: revisit when there is defaulting from k/k' - type: string - controlPlane: - description: ControlPlane defines the additional control plane - instance to be deployed on the joining node. If nil, no - additional control plane instance will be deployed. - properties: - localAPIEndpoint: - description: LocalAPIEndpoint represents the endpoint - of the API server instance to be deployed on this node. - properties: - advertiseAddress: - description: AdvertiseAddress sets the IP address - for the API server to advertise. - type: string - bindPort: - description: BindPort sets the secure port for the - API Server to bind to. Defaults to 6443. - format: int32 - type: integer - type: object - type: object - discovery: - description: 'Discovery specifies the options for the kubelet - to use during the TLS Bootstrap process TODO: revisit when - there is defaulting from k/k' - properties: - bootstrapToken: - description: BootstrapToken is used to set the options - for bootstrap token based discovery BootstrapToken and - File are mutually exclusive + passwdFrom: + description: PasswdFrom is a referenced source of passwd to populate the passwd. properties: - apiServerEndpoint: - description: APIServerEndpoint is an IP or domain - name to the API server from which info will be fetched. - type: string - caCertHashes: - description: 'CACertHashes specifies a set of public - key pins to verify when token-based discovery is - used. The root CA found during discovery must match - one of these values. Specifying an empty set disables - root CA pinning, which can be unsafe. Each hash - is specified as ":", where the only - currently supported type is "sha256". This is a - hex-encoded SHA-256 hash of the Subject Public Key - Info (SPKI) object in DER-encoded ASN.1. These hashes - can be calculated using, for example, OpenSSL: openssl - x509 -pubkey -in ca.crt openssl rsa -pubin -outform - der 2>&/dev/null | openssl dgst -sha256 -hex' - items: - type: string - type: array - token: - description: Token is a token used to validate cluster - information fetched from the control-plane. - type: string - unsafeSkipCAVerification: - description: UnsafeSkipCAVerification allows token-based - discovery without CA verification via CACertHashes. - This can weaken the security of kubeadm since other - nodes can impersonate the control-plane. - type: boolean - required: - - token - type: object - file: - description: File is used to specify a file or URL to - a kubeconfig file from which to load cluster information - BootstrapToken and File are mutually exclusive - properties: - kubeConfigPath: - description: KubeConfigPath is used to specify the - actual file path or URL to the kubeconfig file from - which to load cluster information - type: string + secret: + description: Secret represents a secret that should populate this password. + properties: + key: + description: Key is the key in the secret's data map for this value. + type: string + name: + description: Name of the secret in the KubeadmBootstrapConfig's namespace to use. + type: string + required: + - key + - name + type: object required: - - kubeConfigPath + - secret type: object - timeout: - description: Timeout modifies the discovery timeout + primaryGroup: + description: PrimaryGroup specifies the primary group for the user type: string - tlsBootstrapToken: - description: TLSBootstrapToken is a token used for TLS - bootstrapping. If .BootstrapToken is set, this field - is defaulted to .BootstrapToken.Token, but can be overridden. - If .File is set, this field **must be set** in case - the KubeConfigFile does not contain any other authentication - information + shell: + description: Shell specifies the user's shell type: string - type: object - kind: - description: 'Kind is a string value representing the REST - resource this object represents. Servers may infer this - from the endpoint the client submits requests to. Cannot - be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - nodeRegistration: - description: NodeRegistration holds fields that relate to - registering the new control-plane node to the cluster. When - used in the context of control plane nodes, NodeRegistration - should remain consistent across both InitConfiguration and - JoinConfiguration - properties: - criSocket: - description: CRISocket is used to retrieve container runtime - info. This information will be annotated to the Node - API object, for later re-use - type: string - ignorePreflightErrors: - description: IgnorePreflightErrors provides a slice of - pre-flight errors to be ignored when the current node - is registered. + sshAuthorizedKeys: + description: SSHAuthorizedKeys specifies a list of ssh authorized keys for the user items: type: string type: array - imagePullPolicy: - description: ImagePullPolicy specifies the policy for - image pulling during kubeadm "init" and "join" operations. - The value of this field must be one of "Always", "IfNotPresent" - or "Never". Defaults to "IfNotPresent". This can be - used only with Kubernetes version equal to 1.22 and - later. - enum: - - Always - - IfNotPresent - - Never - type: string - kubeletExtraArgs: - additionalProperties: - type: string - description: KubeletExtraArgs passes through extra arguments - to the kubelet. The arguments here are passed to the - kubelet command line via the environment file kubeadm - writes at runtime for the kubelet to source. This overrides - the generic base-level configuration in the kubelet-config-1.X - ConfigMap Flags have higher priority when parsing. These - values are local and specific to the node kubeadm is - executing on. - type: object - name: - description: Name is the `.Metadata.Name` field of the - Node API object that will be created in this `kubeadm - init` or `kubeadm join` operation. This field is also - used in the CommonName field of the kubelet's client - certificate to the API server. Defaults to the hostname - of the node if not provided. - type: string - taints: - description: 'Taints specifies the taints the Node API - object should be registered with. If this field is unset, - i.e. nil, in the `kubeadm init` process it will be defaulted - to []v1.Taint{''node-role.kubernetes.io/master=""''}. - If you don''t want to taint your control-plane node, - set this field to an empty slice, i.e. `taints: []` - in the YAML file. This field is solely used for Node - registration.' - items: - description: The node this Taint is attached to has - the "effect" on any pod that does not tolerate the - Taint. - properties: - effect: - description: Required. The effect of the taint on - pods that do not tolerate the taint. Valid effects - are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: Required. The taint key to be applied - to a node. - type: string - timeAdded: - description: TimeAdded represents the time at which - the taint was added. It is only written for NoExecute - taints. - format: date-time - type: string - value: - description: The taint value corresponding to the - taint key. - type: string - required: - - effect - - key - type: object - type: array - type: object - patches: - description: Patches contains options related to applying - patches to components deployed by kubeadm during "kubeadm - join". The minimum kubernetes version needed to support - Patches is v1.22 - properties: - directory: - description: Directory is a path to a directory that contains - files named "target[suffix][+patchtype].extension". - For example, "kube-apiserver0+merge.yaml" or just "etcd.json". - "target" can be one of "kube-apiserver", "kube-controller-manager", - "kube-scheduler", "etcd". "patchtype" can be one of - "strategic" "merge" or "json" and they match the patch - formats supported by kubectl. The default "patchtype" - is "strategic". "extension" must be either "json" or - "yaml". "suffix" is an optional string that can be used - to determine which patches are applied first alpha-numerically. - These files can be written into the target directory - via KubeadmConfig.Files which specifies additional files - to be created on the machine, either with content inline - or by referencing a secret. + sudo: + description: Sudo specifies a sudo role for the user type: string + required: + - name type: object - skipPhases: - description: SkipPhases is a list of phases to skip during - command execution. The list of phases can be obtained with - the "kubeadm init --help" command. This option takes effect - only on Kubernetes >=1.22.0. - items: - type: string - type: array - type: object - mounts: - description: Mounts specifies a list of mount points to be setup. - items: - description: MountPoints defines input for generated mounts - in cloud-init. - items: - type: string type: array - type: array - ntp: - description: NTP specifies NTP configuration - properties: - enabled: - description: Enabled specifies whether NTP should be enabled - type: boolean - servers: - description: Servers specifies which NTP servers to use - items: - type: string - type: array - type: object - postKubeadmCommands: - description: PostKubeadmCommands specifies extra commands to run - after kubeadm runs - items: - type: string - type: array - preKubeadmCommands: - description: PreKubeadmCommands specifies extra commands to run - before kubeadm runs - items: - type: string - type: array - useExperimentalRetryJoin: - description: "UseExperimentalRetryJoin replaces a basic kubeadm - command with a shell script with retries for joins. \n This - is meant to be an experimental temporary workaround on some - environments where joins fail due to timing (and other issues). - The long term goal is to add retries to kubeadm proper and use - that functionality. \n This will add about 40KB to userdata - \n For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055. - \n Deprecated: This experimental fix is no longer needed and - this field will be removed in a future release. When removing - also remove from staticcheck exclude-rules for SA1019 in golangci.yml" - type: boolean - users: - description: Users specifies extra users to add - items: - description: User defines the input for a generated user in - cloud-init. + verbosity: + description: Verbosity is the number for the kubeadm log level verbosity. It overrides the `--v` flag in kubeadm commands. + format: int32 + type: integer + type: object + machineTemplate: + description: MachineTemplate contains information about how machines should be shaped when creating or updating a control plane. + properties: + infrastructureRef: + description: InfrastructureRef is a required reference to a custom resource offered by an infrastructure provider. properties: - gecos: - description: Gecos specifies the gecos to use for the user + apiVersion: + description: API version of the referent. type: string - groups: - description: Groups specifies the additional groups for - the user + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' type: string - homeDir: - description: HomeDir specifies the home directory to use - for the user + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - inactive: - description: Inactive specifies whether to mark the user - as inactive - type: boolean - lockPassword: - description: LockPassword specifies if password login should - be disabled - type: boolean name: - description: Name specifies the user name + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - passwd: - description: Passwd specifies a hashed password for the - user + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string - passwdFrom: - description: PasswdFrom is a referenced source of passwd - to populate the passwd. - properties: - secret: - description: Secret represents a secret that should - populate this password. - properties: - key: - description: Key is the key in the secret's data - map for this value. - type: string - name: - description: Name of the secret in the KubeadmBootstrapConfig's - namespace to use. - type: string - required: - - key - - name - type: object - required: - - secret - type: object - primaryGroup: - description: PrimaryGroup specifies the primary group for - the user + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' type: string - shell: - description: Shell specifies the user's shell + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string - sshAuthorizedKeys: - description: SSHAuthorizedKeys specifies a list of ssh authorized - keys for the user - items: + type: object + x-kubernetes-map-type: atomic + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + properties: + annotations: + additionalProperties: type: string - type: array - sudo: - description: Sudo specifies a sudo role for the user - type: string - required: - - name + description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + nodeDeletionTimeout: + description: NodeDeletionTimeout defines how long the machine controller will attempt to delete the Node that the Machine hosts after the Machine is marked for deletion. A duration of 0 will retry deletion indefinitely. If no value is provided, the default value for this property of the Machine resource will be used. + type: string + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time that the controller will spend on draining a controlplane node The default value is 0, meaning that the node can be drained without any time limitations. NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`' + type: string + nodeVolumeDetachTimeout: + description: NodeVolumeDetachTimeout is the total amount of time that the controller will spend on waiting for all volumes to be detached. The default value is 0, meaning that the volumes can be detached without any time limitations. + type: string + required: + - infrastructureRef + type: object + remediationStrategy: + description: The RemediationStrategy that controls how control plane machine remediation happens. + properties: + maxRetry: + description: "MaxRetry is the Max number of retries while attempting to remediate an unhealthy machine. A retry happens when a machine that was created as a replacement for an unhealthy machine also fails. For example, given a control plane with three machines M1, M2, M3: \n M1 become unhealthy; remediation happens, and M1-1 is created as a replacement. If M1-1 (replacement of M1) has problems while bootstrapping it will become unhealthy, and then be remediated; such operation is considered a retry, remediation-retry #1. If M1-2 (replacement of M1-1) becomes unhealthy, remediation-retry #2 will happen, etc. \n A retry could happen only after RetryPeriod from the previous retry. If a machine is marked as unhealthy after MinHealthyPeriod from the previous remediation expired, this is not considered a retry anymore because the new issue is assumed unrelated from the previous one. \n If not set, the remedation will be retried infinitely." + format: int32 + type: integer + minHealthyPeriod: + description: "MinHealthyPeriod defines the duration after which KCP will consider any failure to a machine unrelated from the previous one. In this case the remediation is not considered a retry anymore, and thus the retry counter restarts from 0. For example, assuming MinHealthyPeriod is set to 1h (default) \n M1 become unhealthy; remediation happens, and M1-1 is created as a replacement. If M1-1 (replacement of M1) has problems within the 1hr after the creation, also this machine will be remediated and this operation is considered a retry - a problem related to the original issue happened to M1 -. \n If instead the problem on M1-1 is happening after MinHealthyPeriod expired, e.g. four days after m1-1 has been created as a remediation of M1, the problem on M1-1 is considered unrelated to the original issue happened to M1. \n If not set, this value is defaulted to 1h." + type: string + retryPeriod: + description: "RetryPeriod is the duration that KCP should wait before remediating a machine being created as a replacement for an unhealthy machine (a retry). \n If not set, a retry will happen immediately." + type: string + type: object + replicas: + description: Number of desired machines. Defaults to 1. When stacked etcd is used only odd numbers are permitted, as per [etcd best practice](https://etcd.io/docs/v3.3.12/faq/#why-an-odd-number-of-cluster-members). This is a pointer to distinguish between explicit zero and not specified. + format: int32 + type: integer + rolloutAfter: + description: 'RolloutAfter is a field to indicate a rollout should be performed after the specified time even if no changes have been made to the KubeadmControlPlane. Example: In the YAML the time can be specified in the RFC3339 format. To specify the rolloutAfter target as March 9, 2023, at 9 am UTC use "2023-03-09T09:00:00Z".' + format: date-time + type: string + rolloutBefore: + description: RolloutBefore is a field to indicate a rollout should be performed if the specified criteria is met. + properties: + certificatesExpiryDays: + description: CertificatesExpiryDays indicates a rollout needs to be performed if the certificates of the machine will expire within the specified days. + format: int32 + type: integer + type: object + rolloutStrategy: + default: + rollingUpdate: + maxSurge: 1 + type: RollingUpdate + description: The RolloutStrategy to use to replace control plane machines with new ones. + properties: + rollingUpdate: + description: Rolling update config params. Present only if RolloutStrategyType = RollingUpdate. + properties: + maxSurge: + anyOf: + - type: integer + - type: string + description: 'The maximum number of control planes that can be scheduled above or under the desired number of control planes. Value can be an absolute number 1 or 0. Defaults to 1. Example: when this is set to 1, the control plane can be scaled up immediately when the rolling update starts.' + x-kubernetes-int-or-string: true type: object - type: array - verbosity: - description: Verbosity is the number for the kubeadm log level - verbosity. It overrides the `--v` flag in kubeadm commands. - format: int32 - type: integer - type: object - machineTemplate: - description: MachineTemplate contains information about how machines - should be shaped when creating or updating a control plane. - properties: - infrastructureRef: - description: InfrastructureRef is a required reference to a custom - resource offered by an infrastructure provider. + type: + description: Type of rollout. Currently the only supported strategy is "RollingUpdate". Default is RollingUpdate. + type: string + type: object + version: + description: 'Version defines the desired Kubernetes version. Please note that if kubeadmConfigSpec.ClusterConfiguration.imageRepository is not set we don''t allow upgrades to versions >= v1.22.0 for which kubeadm uses the old registry (k8s.gcr.io). Please use a newer patch version with the new registry instead. The default registries of kubeadm are: * registry.k8s.io (new registry): >= v1.22.17, >= v1.23.15, >= v1.24.9, >= v1.25.0 * k8s.gcr.io (old registry): all older versions' + type: string + required: + - kubeadmConfigSpec + - machineTemplate + - version + type: object + status: + description: KubeadmControlPlaneStatus defines the observed state of KubeadmControlPlane. + properties: + conditions: + description: Conditions defines current service state of the KubeadmControlPlane. + items: + description: Condition defines an observation of a Cluster API resource operational state. properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part - of an object. TODO: this design is not final and this field - is subject to change in the future.' + lastTransitionTime: + description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + message: + description: A human readable message indicating details about the transition. This field may be empty. type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + reason: + description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + severity: + description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + status: + description: Status of the condition, one of True, False, Unknown. type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. type: string + required: + - lastTransitionTime + - status + - type type: object - x-kubernetes-map-type: atomic - metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' - properties: - annotations: - additionalProperties: - type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - http://kubernetes.io/docs/user-guide/annotations' - type: object - labels: - additionalProperties: - type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. May - match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' - type: object - type: object - nodeDeletionTimeout: - description: NodeDeletionTimeout defines how long the machine - controller will attempt to delete the Node that the Machine - hosts after the Machine is marked for deletion. A duration of - 0 will retry deletion indefinitely. If no value is provided, - the default value for this property of the Machine resource - will be used. - type: string - nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of time that - the controller will spend on draining a controlplane node The - default value is 0, meaning that the node can be drained without - any time limitations. NOTE: NodeDrainTimeout is different from - `kubectl drain --timeout`' - type: string - nodeVolumeDetachTimeout: - description: NodeVolumeDetachTimeout is the total amount of time - that the controller will spend on waiting for all volumes to - be detached. The default value is 0, meaning that the volumes - can be detached without any time limitations. - type: string - required: - - infrastructureRef - type: object - remediationStrategy: - description: The RemediationStrategy that controls how control plane - machine remediation happens. - properties: - maxRetry: - description: "MaxRetry is the Max number of retries while attempting - to remediate an unhealthy machine. A retry happens when a machine - that was created as a replacement for an unhealthy machine also - fails. For example, given a control plane with three machines - M1, M2, M3: \n M1 become unhealthy; remediation happens, and - M1-1 is created as a replacement. If M1-1 (replacement of M1) - has problems while bootstrapping it will become unhealthy, and - then be remediated; such operation is considered a retry, remediation-retry - #1. If M1-2 (replacement of M1-1) becomes unhealthy, remediation-retry - #2 will happen, etc. \n A retry could happen only after RetryPeriod - from the previous retry. If a machine is marked as unhealthy - after MinHealthyPeriod from the previous remediation expired, - this is not considered a retry anymore because the new issue - is assumed unrelated from the previous one. \n If not set, the - remedation will be retried infinitely." - format: int32 - type: integer - minHealthyPeriod: - description: "MinHealthyPeriod defines the duration after which - KCP will consider any failure to a machine unrelated from the - previous one. In this case the remediation is not considered - a retry anymore, and thus the retry counter restarts from 0. - For example, assuming MinHealthyPeriod is set to 1h (default) - \n M1 become unhealthy; remediation happens, and M1-1 is created - as a replacement. If M1-1 (replacement of M1) has problems within - the 1hr after the creation, also this machine will be remediated - and this operation is considered a retry - a problem related - to the original issue happened to M1 -. \n If instead the problem - on M1-1 is happening after MinHealthyPeriod expired, e.g. four - days after m1-1 has been created as a remediation of M1, the - problem on M1-1 is considered unrelated to the original issue - happened to M1. \n If not set, this value is defaulted to 1h." - type: string - retryPeriod: - description: "RetryPeriod is the duration that KCP should wait - before remediating a machine being created as a replacement - for an unhealthy machine (a retry). \n If not set, a retry will - happen immediately." - type: string - type: object - replicas: - description: Number of desired machines. Defaults to 1. When stacked - etcd is used only odd numbers are permitted, as per [etcd best practice](https://etcd.io/docs/v3.3.12/faq/#why-an-odd-number-of-cluster-members). - This is a pointer to distinguish between explicit zero and not specified. - format: int32 - type: integer - rolloutAfter: - description: 'RolloutAfter is a field to indicate a rollout should - be performed after the specified time even if no changes have been - made to the KubeadmControlPlane. Example: In the YAML the time can - be specified in the RFC3339 format. To specify the rolloutAfter - target as March 9, 2023, at 9 am UTC use "2023-03-09T09:00:00Z".' - format: date-time - type: string - rolloutBefore: - description: RolloutBefore is a field to indicate a rollout should - be performed if the specified criteria is met. - properties: - certificatesExpiryDays: - description: CertificatesExpiryDays indicates a rollout needs - to be performed if the certificates of the machine will expire - within the specified days. - format: int32 - type: integer - type: object - rolloutStrategy: - default: - rollingUpdate: - maxSurge: 1 - type: RollingUpdate - description: The RolloutStrategy to use to replace control plane machines - with new ones. - properties: - rollingUpdate: - description: Rolling update config params. Present only if RolloutStrategyType - = RollingUpdate. - properties: - maxSurge: - anyOf: - - type: integer - - type: string - description: 'The maximum number of control planes that can - be scheduled above or under the desired number of control - planes. Value can be an absolute number 1 or 0. Defaults - to 1. Example: when this is set to 1, the control plane - can be scaled up immediately when the rolling update starts.' - x-kubernetes-int-or-string: true - type: object - type: - description: Type of rollout. Currently the only supported strategy - is "RollingUpdate". Default is RollingUpdate. - type: string - type: object - version: - description: 'Version defines the desired Kubernetes version. Please - note that if kubeadmConfigSpec.ClusterConfiguration.imageRepository - is not set we don''t allow upgrades to versions >= v1.22.0 for which - kubeadm uses the old registry (k8s.gcr.io). Please use a newer patch - version with the new registry instead. The default registries of - kubeadm are: * registry.k8s.io (new registry): >= v1.22.17, >= v1.23.15, - >= v1.24.9, >= v1.25.0 * k8s.gcr.io (old registry): all older versions' - type: string - required: - - kubeadmConfigSpec - - machineTemplate - - version - type: object - status: - description: KubeadmControlPlaneStatus defines the observed state of KubeadmControlPlane. - properties: - conditions: - description: Conditions defines current service state of the KubeadmControlPlane. - items: - description: Condition defines an observation of a Cluster API resource - operational state. + type: array + failureMessage: + description: ErrorMessage indicates that there is a terminal problem reconciling the state, and will be set to a descriptive error message. + type: string + failureReason: + description: FailureReason indicates that there is a terminal problem reconciling the state, and will be set to a token value suitable for programmatic interpretation. + type: string + initialized: + description: Initialized denotes whether or not the control plane has the uploaded kubeadm-config configmap. + type: boolean + lastRemediation: + description: LastRemediation stores info about last remediation performed. properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + machine: + description: Machine is the machine name of the latest machine being remediated. type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + retryCount: + description: RetryCount used to keep track of remediation retry for the last remediated machine. A retry happens when a machine that was created as a replacement for an unhealthy machine also fails. + format: int32 + type: integer + timestamp: + description: Timestamp is when last remediation happened. It is represented in RFC3339 form and is in UTC. + format: date-time type: string required: - - lastTransitionTime - - status - - type + - machine + - retryCount + - timestamp type: object - type: array - failureMessage: - description: ErrorMessage indicates that there is a terminal problem - reconciling the state, and will be set to a descriptive error message. - type: string - failureReason: - description: FailureReason indicates that there is a terminal problem - reconciling the state, and will be set to a token value suitable - for programmatic interpretation. - type: string - initialized: - description: Initialized denotes whether or not the control plane - has the uploaded kubeadm-config configmap. - type: boolean - lastRemediation: - description: LastRemediation stores info about last remediation performed. - properties: - machine: - description: Machine is the machine name of the latest machine - being remediated. - type: string - retryCount: - description: RetryCount used to keep track of remediation retry - for the last remediated machine. A retry happens when a machine - that was created as a replacement for an unhealthy machine also - fails. - format: int32 - type: integer - timestamp: - description: Timestamp is when last remediation happened. It is - represented in RFC3339 form and is in UTC. - format: date-time - type: string - required: - - machine - - retryCount - - timestamp - type: object - observedGeneration: - description: ObservedGeneration is the latest generation observed - by the controller. - format: int64 - type: integer - ready: - description: Ready denotes that the KubeadmControlPlane API Server - is ready to receive requests. - type: boolean - readyReplicas: - description: Total number of fully running and ready control plane - machines. - format: int32 - type: integer - replicas: - description: Total number of non-terminated machines targeted by this - control plane (their labels match the selector). - format: int32 - type: integer - selector: - description: 'Selector is the label selector in string format to avoid - introspection by clients, and is used to provide the CRD-based integration - for the scale subresource and additional integrations for things - like kubectl describe.. The string will be in the same format as - the query-param syntax. More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors' - type: string - unavailableReplicas: - description: Total number of unavailable machines targeted by this - control plane. This is the total number of machines that are still - required for the deployment to have 100% available capacity. They - may either be machines that are running but not yet ready or machines - that still have not been created. - format: int32 - type: integer - updatedReplicas: - description: Total number of non-terminated machines targeted by this - control plane that have the desired template spec. - format: int32 - type: integer - version: - description: Version represents the minimum Kubernetes version for - the control plane machines in the cluster. - type: string - type: object - type: object - served: true - storage: true - subresources: - scale: - labelSelectorPath: .status.selector - specReplicasPath: .spec.replicas - statusReplicasPath: .status.replicas - status: {} + observedGeneration: + description: ObservedGeneration is the latest generation observed by the controller. + format: int64 + type: integer + ready: + description: Ready denotes that the KubeadmControlPlane API Server is ready to receive requests. + type: boolean + readyReplicas: + description: Total number of fully running and ready control plane machines. + format: int32 + type: integer + replicas: + description: Total number of non-terminated machines targeted by this control plane (their labels match the selector). + format: int32 + type: integer + selector: + description: 'Selector is the label selector in string format to avoid introspection by clients, and is used to provide the CRD-based integration for the scale subresource and additional integrations for things like kubectl describe.. The string will be in the same format as the query-param syntax. More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors' + type: string + unavailableReplicas: + description: Total number of unavailable machines targeted by this control plane. This is the total number of machines that are still required for the deployment to have 100% available capacity. They may either be machines that are running but not yet ready or machines that still have not been created. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated machines targeted by this control plane that have the desired template spec. + format: int32 + type: integer + version: + description: Version represents the minimum Kubernetes version for the control plane machines in the cluster. + type: string + type: object + type: object + served: true + storage: true + subresources: + scale: + labelSelectorPath: .status.selector + specReplicasPath: .spec.replicas + statusReplicasPath: .status.replicas + status: {} status: acceptedNames: kind: "" @@ -3927,2533 +2699,1593 @@ spec: namespace: capi-kubeadm-control-plane-system path: /convert conversionReviewVersions: - - v1 - - v1beta1 + - v1 + - v1beta1 group: controlplane.cluster.x-k8s.io names: categories: - - cluster-api + - cluster-api kind: KubeadmControlPlaneTemplate listKind: KubeadmControlPlaneTemplateList plural: kubeadmcontrolplanetemplates singular: kubeadmcontrolplanetemplate scope: Namespaced versions: - - additionalPrinterColumns: - - description: Time duration since creation of KubeadmControlPlaneTemplate - jsonPath: .metadata.creationTimestamp - name: Age - type: date - deprecated: true - name: v1alpha4 - schema: - openAPIV3Schema: - description: "KubeadmControlPlaneTemplate is the Schema for the kubeadmcontrolplanetemplates - API. \n Deprecated: This type will be removed in one of the next releases." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KubeadmControlPlaneTemplateSpec defines the desired state - of KubeadmControlPlaneTemplate. - properties: - template: - description: KubeadmControlPlaneTemplateResource describes the data - needed to create a KubeadmControlPlane from a template. - properties: - spec: - description: KubeadmControlPlaneSpec defines the desired state - of KubeadmControlPlane. - properties: - kubeadmConfigSpec: - description: KubeadmConfigSpec is a KubeadmConfigSpec to use - for initializing and joining machines to the control plane. - properties: - clusterConfiguration: - description: ClusterConfiguration along with InitConfiguration - are the configurations necessary for the init command - properties: - apiServer: - description: APIServer contains extra settings for - the API server control plane component - properties: - certSANs: - description: CertSANs sets extra Subject Alternative - Names for the API Server signing cert. - items: - type: string - type: array - extraArgs: - additionalProperties: + - additionalPrinterColumns: + - description: Time duration since creation of KubeadmControlPlaneTemplate + jsonPath: .metadata.creationTimestamp + name: Age + type: date + deprecated: true + name: v1alpha4 + schema: + openAPIV3Schema: + description: "KubeadmControlPlaneTemplate is the Schema for the kubeadmcontrolplanetemplates API. \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KubeadmControlPlaneTemplateSpec defines the desired state of KubeadmControlPlaneTemplate. + properties: + template: + description: KubeadmControlPlaneTemplateResource describes the data needed to create a KubeadmControlPlane from a template. + properties: + spec: + description: KubeadmControlPlaneSpec defines the desired state of KubeadmControlPlane. + properties: + kubeadmConfigSpec: + description: KubeadmConfigSpec is a KubeadmConfigSpec to use for initializing and joining machines to the control plane. + properties: + clusterConfiguration: + description: ClusterConfiguration along with InitConfiguration are the configurations necessary for the init command + properties: + apiServer: + description: APIServer contains extra settings for the API server control plane component + properties: + certSANs: + description: CertSANs sets extra Subject Alternative Names for the API Server signing cert. + items: + type: string + type: array + extraArgs: + additionalProperties: + type: string + description: 'ExtraArgs is an extra set of flags to pass to the control plane component. TODO: This is temporary and ideally we would like to switch all components to use ComponentConfig + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. + items: + description: HostPathMount contains elements describing volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host that will be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the pod where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + timeoutForControlPlane: + description: TimeoutForControlPlane controls the timeout that we use for API server to appear type: string - description: 'ExtraArgs is an extra set of flags - to pass to the control plane component. TODO: - This is temporary and ideally we would like - to switch all components to use ComponentConfig - + ConfigMaps.' - type: object - extraVolumes: - description: ExtraVolumes is an extra set of host - volumes, mounted to the control plane component. - items: - description: HostPathMount contains elements - describing volumes that are mounted from the - host. - properties: - hostPath: - description: HostPath is the path in the - host that will be mounted inside the pod. - type: string - mountPath: - description: MountPath is the path inside - the pod where hostPath will be mounted. - type: string - name: - description: Name of the volume inside the - pod template. - type: string - pathType: - description: PathType is the type of the - HostPath. - type: string - readOnly: - description: ReadOnly controls write access - to the volume - type: boolean - required: - - hostPath - - mountPath - - name + type: object + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + certificatesDir: + description: 'CertificatesDir specifies where to store or look for all required certificates. NB: if not provided, this will default to `/etc/kubernetes/pki`' + type: string + clusterName: + description: The cluster name + type: string + controlPlaneEndpoint: + description: 'ControlPlaneEndpoint sets a stable IP address or DNS name for the control plane; it can be a valid IP address or a RFC-1123 DNS subdomain, both with optional TCP port. In case the ControlPlaneEndpoint is not specified, the AdvertiseAddress + BindPort are used; in case the ControlPlaneEndpoint is specified but without a TCP port, the BindPort is used. Possible usages are: e.g. In a cluster with more than one control plane instances, this field should be assigned the address of the external load balancer in front of the control plane instances. e.g. in environments with enforced node recycling, the ControlPlaneEndpoint could be used for assigning a stable DNS to the control plane. NB: This value defaults to the first value in the Cluster object status.apiEndpoints array.' + type: string + controllerManager: + description: ControllerManager contains extra settings for the controller manager control plane component + properties: + extraArgs: + additionalProperties: + type: string + description: 'ExtraArgs is an extra set of flags to pass to the control plane component. TODO: This is temporary and ideally we would like to switch all components to use ComponentConfig + ConfigMaps.' type: object - type: array - timeoutForControlPlane: - description: TimeoutForControlPlane controls the - timeout that we use for API server to appear - type: string - type: object - apiVersion: - description: 'APIVersion defines the versioned schema - of this representation of an object. Servers should - convert recognized schemas to the latest internal - value, and may reject unrecognized values. More - info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - certificatesDir: - description: 'CertificatesDir specifies where to store - or look for all required certificates. NB: if not - provided, this will default to `/etc/kubernetes/pki`' - type: string - clusterName: - description: The cluster name - type: string - controlPlaneEndpoint: - description: 'ControlPlaneEndpoint sets a stable IP - address or DNS name for the control plane; it can - be a valid IP address or a RFC-1123 DNS subdomain, - both with optional TCP port. In case the ControlPlaneEndpoint - is not specified, the AdvertiseAddress + BindPort - are used; in case the ControlPlaneEndpoint is specified - but without a TCP port, the BindPort is used. Possible - usages are: e.g. In a cluster with more than one - control plane instances, this field should be assigned - the address of the external load balancer in front - of the control plane instances. e.g. in environments - with enforced node recycling, the ControlPlaneEndpoint - could be used for assigning a stable DNS to the - control plane. NB: This value defaults to the first - value in the Cluster object status.apiEndpoints - array.' - type: string - controllerManager: - description: ControllerManager contains extra settings - for the controller manager control plane component - properties: - extraArgs: - additionalProperties: + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. + items: + description: HostPathMount contains elements describing volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host that will be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the pod where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + type: object + dns: + description: DNS defines the options for the DNS add-on installed in the cluster. + properties: + imageRepository: + description: ImageRepository sets the container registry to pull images from. if not set, the ImageRepository defined in ClusterConfiguration will be used instead. + type: string + imageTag: + description: ImageTag allows to specify a tag for the image. In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. type: string - description: 'ExtraArgs is an extra set of flags - to pass to the control plane component. TODO: - This is temporary and ideally we would like - to switch all components to use ComponentConfig - + ConfigMaps.' - type: object - extraVolumes: - description: ExtraVolumes is an extra set of host - volumes, mounted to the control plane component. - items: - description: HostPathMount contains elements - describing volumes that are mounted from the - host. + type: object + etcd: + description: 'Etcd holds configuration for etcd. NB: This value defaults to a Local (stacked) etcd' + properties: + external: + description: External describes how to connect to an external etcd cluster Local and External are mutually exclusive properties: - hostPath: - description: HostPath is the path in the - host that will be mounted inside the pod. + caFile: + description: CAFile is an SSL Certificate Authority file used to secure etcd communication. Required if using a TLS connection. type: string - mountPath: - description: MountPath is the path inside - the pod where hostPath will be mounted. + certFile: + description: CertFile is an SSL certification file used to secure etcd communication. Required if using a TLS connection. type: string - name: - description: Name of the volume inside the - pod template. + endpoints: + description: Endpoints of etcd members. Required for ExternalEtcd. + items: + type: string + type: array + keyFile: + description: KeyFile is an SSL key file used to secure etcd communication. Required if using a TLS connection. type: string - pathType: - description: PathType is the type of the - HostPath. - type: string - readOnly: - description: ReadOnly controls write access - to the volume - type: boolean required: - - hostPath - - mountPath - - name + - caFile + - certFile + - endpoints + - keyFile type: object - type: array - type: object - dns: - description: DNS defines the options for the DNS add-on - installed in the cluster. - properties: - imageRepository: - description: ImageRepository sets the container - registry to pull images from. if not set, the - ImageRepository defined in ClusterConfiguration - will be used instead. - type: string - imageTag: - description: ImageTag allows to specify a tag - for the image. In case this value is set, kubeadm - does not change automatically the version of - the above components during upgrades. - type: string - type: object - etcd: - description: 'Etcd holds configuration for etcd. NB: - This value defaults to a Local (stacked) etcd' - properties: - external: - description: External describes how to connect - to an external etcd cluster Local and External - are mutually exclusive - properties: - caFile: - description: CAFile is an SSL Certificate - Authority file used to secure etcd communication. - Required if using a TLS connection. + local: + description: Local provides configuration knobs for configuring the local etcd instance Local and External are mutually exclusive + properties: + dataDir: + description: DataDir is the directory etcd will place its data. Defaults to "/var/lib/etcd". + type: string + extraArgs: + additionalProperties: + type: string + description: ExtraArgs are extra arguments provided to the etcd binary when run inside a static pod. + type: object + imageRepository: + description: ImageRepository sets the container registry to pull images from. if not set, the ImageRepository defined in ClusterConfiguration will be used instead. + type: string + imageTag: + description: ImageTag allows to specify a tag for the image. In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. + type: string + peerCertSANs: + description: PeerCertSANs sets extra Subject Alternative Names for the etcd peer signing cert. + items: + type: string + type: array + serverCertSANs: + description: ServerCertSANs sets extra Subject Alternative Names for the etcd server signing cert. + items: + type: string + type: array + type: object + type: object + featureGates: + additionalProperties: + type: boolean + description: FeatureGates enabled by the user. + type: object + imageRepository: + description: ImageRepository sets the container registry to pull images from. If empty, `registry.k8s.io` will be used by default; in case of kubernetes version is a CI build (kubernetes version starts with `ci/` or `ci-cross/`) `gcr.io/k8s-staging-ci-images` will be used as a default for control plane components and for kube-proxy, while `registry.k8s.io` will be used for all the other images. + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + kubernetesVersion: + description: 'KubernetesVersion is the target version of the control plane. NB: This value defaults to the Machine object spec.version' + type: string + networking: + description: 'Networking holds configuration for the networking topology of the cluster. NB: This value defaults to the Cluster object spec.clusterNetwork.' + properties: + dnsDomain: + description: DNSDomain is the dns domain used by k8s services. Defaults to "cluster.local". + type: string + podSubnet: + description: PodSubnet is the subnet used by pods. If unset, the API server will not allocate CIDR ranges for every node. Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.services.cidrBlocks if that is set + type: string + serviceSubnet: + description: ServiceSubnet is the subnet used by k8s services. Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.pods.cidrBlocks, or to "10.96.0.0/12" if that's unset. + type: string + type: object + scheduler: + description: Scheduler contains extra settings for the scheduler control plane component + properties: + extraArgs: + additionalProperties: type: string - certFile: - description: CertFile is an SSL certification - file used to secure etcd communication. - Required if using a TLS connection. + description: 'ExtraArgs is an extra set of flags to pass to the control plane component. TODO: This is temporary and ideally we would like to switch all components to use ComponentConfig + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. + items: + description: HostPathMount contains elements describing volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host that will be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the pod where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + type: object + type: object + diskSetup: + description: DiskSetup specifies options for the creation of partition tables and file systems on devices. + properties: + filesystems: + description: Filesystems specifies the list of file systems to setup. + items: + description: Filesystem defines the file systems to be created. + properties: + device: + description: Device specifies the device name type: string - endpoints: - description: Endpoints of etcd members. Required - for ExternalEtcd. + extraOpts: + description: ExtraOpts defined extra options to add to the command for creating the file system. items: type: string type: array - keyFile: - description: KeyFile is an SSL key file used - to secure etcd communication. Required if - using a TLS connection. + filesystem: + description: Filesystem specifies the file system type. + type: string + label: + description: Label specifies the file system label to be used. If set to None, no label is used. + type: string + overwrite: + description: Overwrite defines whether or not to overwrite any existing filesystem. If true, any pre-existing file system will be destroyed. Use with Caution. + type: boolean + partition: + description: 'Partition specifies the partition to use. The valid options are: "auto|any", "auto", "any", "none", and , where NUM is the actual partition number.' + type: string + replaceFS: + description: 'ReplaceFS is a special directive, used for Microsoft Azure that instructs cloud-init to replace a file system of . NOTE: unless you define a label, this requires the use of the ''any'' partition directive.' type: string required: - - caFile - - certFile - - endpoints - - keyFile + - device + - filesystem + - label type: object - local: - description: Local provides configuration knobs - for configuring the local etcd instance Local - and External are mutually exclusive + type: array + partitions: + description: Partitions specifies the list of the partitions to setup. + items: + description: Partition defines how to create and layout a partition. properties: - dataDir: - description: DataDir is the directory etcd - will place its data. Defaults to "/var/lib/etcd". + device: + description: Device is the name of the device. type: string - extraArgs: - additionalProperties: - type: string - description: ExtraArgs are extra arguments - provided to the etcd binary when run inside - a static pod. + layout: + description: Layout specifies the device layout. If it is true, a single partition will be created for the entire device. When layout is false, it means don't partition or ignore existing partitioning. + type: boolean + overwrite: + description: Overwrite describes whether to skip checks and create the partition if a partition or filesystem is found on the device. Use with caution. Default is 'false'. + type: boolean + tableType: + description: 'TableType specifies the tupe of partition table. The following are supported: ''mbr'': default and setups a MS-DOS partition table ''gpt'': setups a GPT partition table' + type: string + required: + - device + - layout + type: object + type: array + type: object + files: + description: Files specifies extra files to be passed to user_data upon creation. + items: + description: File defines the input for generating write_files in cloud-init. + properties: + content: + description: Content is the actual content of the file. + type: string + contentFrom: + description: ContentFrom is a referenced source of content to populate the file. + properties: + secret: + description: Secret represents a secret that should populate this file. + properties: + key: + description: Key is the key in the secret's data map for this value. + type: string + name: + description: Name of the secret in the KubeadmBootstrapConfig's namespace to use. + type: string + required: + - key + - name type: object - imageRepository: - description: ImageRepository sets the container - registry to pull images from. if not set, - the ImageRepository defined in ClusterConfiguration - will be used instead. + required: + - secret + type: object + encoding: + description: Encoding specifies the encoding of the file contents. + enum: + - base64 + - gzip + - gzip+base64 + type: string + owner: + description: Owner specifies the ownership of the file, e.g. "root:root". + type: string + path: + description: Path specifies the full path on disk where to store the file. + type: string + permissions: + description: Permissions specifies the permissions to assign to the file, e.g. "0640". + type: string + required: + - path + type: object + type: array + format: + description: Format specifies the output format of the bootstrap data + enum: + - cloud-config + type: string + initConfiguration: + description: InitConfiguration along with ClusterConfiguration are the configurations necessary for the init command + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + bootstrapTokens: + description: BootstrapTokens is respected at `kubeadm init` time and describes a set of Bootstrap Tokens to create. This information IS NOT uploaded to the kubeadm cluster configmap, partly because of its sensitive nature + items: + description: BootstrapToken describes one bootstrap token, stored as a Secret in the cluster. + properties: + description: + description: Description sets a human-friendly message why this token exists and what it's used for, so other administrators can know its purpose. type: string - imageTag: - description: ImageTag allows to specify a - tag for the image. In case this value is - set, kubeadm does not change automatically - the version of the above components during - upgrades. + expires: + description: Expires specifies the timestamp when this token expires. Defaults to being set dynamically at runtime based on the TTL. Expires and TTL are mutually exclusive. + format: date-time type: string - peerCertSANs: - description: PeerCertSANs sets extra Subject - Alternative Names for the etcd peer signing - cert. + groups: + description: Groups specifies the extra groups that this token will authenticate as when/if used for authentication items: type: string type: array - serverCertSANs: - description: ServerCertSANs sets extra Subject - Alternative Names for the etcd server signing - cert. + token: + description: Token is used for establishing bidirectional trust between nodes and control-planes. Used for joining nodes in the cluster. + type: string + ttl: + description: TTL defines the time to live for this token. Defaults to 24h. Expires and TTL are mutually exclusive. + type: string + usages: + description: Usages describes the ways in which this token can be used. Can by default be used for establishing bidirectional trust, but that can be changed here. items: type: string type: array + required: + - token type: object - type: object - featureGates: - additionalProperties: - type: boolean - description: FeatureGates enabled by the user. - type: object - imageRepository: - description: ImageRepository sets the container registry - to pull images from. If empty, `registry.k8s.io` - will be used by default; in case of kubernetes version - is a CI build (kubernetes version starts with `ci/` - or `ci-cross/`) `gcr.io/k8s-staging-ci-images` will - be used as a default for control plane components - and for kube-proxy, while `registry.k8s.io` will - be used for all the other images. - type: string - kind: - description: 'Kind is a string value representing - the REST resource this object represents. Servers - may infer this from the endpoint the client submits - requests to. Cannot be updated. In CamelCase. More - info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - kubernetesVersion: - description: 'KubernetesVersion is the target version - of the control plane. NB: This value defaults to - the Machine object spec.version' - type: string - networking: - description: 'Networking holds configuration for the - networking topology of the cluster. NB: This value - defaults to the Cluster object spec.clusterNetwork.' - properties: - dnsDomain: - description: DNSDomain is the dns domain used - by k8s services. Defaults to "cluster.local". - type: string - podSubnet: - description: PodSubnet is the subnet used by pods. - If unset, the API server will not allocate CIDR - ranges for every node. Defaults to a comma-delimited - string of the Cluster object's spec.clusterNetwork.services.cidrBlocks - if that is set - type: string - serviceSubnet: - description: ServiceSubnet is the subnet used - by k8s services. Defaults to a comma-delimited - string of the Cluster object's spec.clusterNetwork.pods.cidrBlocks, - or to "10.96.0.0/12" if that's unset. - type: string - type: object - scheduler: - description: Scheduler contains extra settings for - the scheduler control plane component - properties: - extraArgs: - additionalProperties: + type: array + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + localAPIEndpoint: + description: LocalAPIEndpoint represents the endpoint of the API server instance that's deployed on this control plane node In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint in the sense that ControlPlaneEndpoint is the global endpoint for the cluster, which then loadbalances the requests to each individual API server. This configuration object lets you customize what IP/DNS name and port the local API server advertises it's accessible on. By default, kubeadm tries to auto-detect the IP of the default interface and use that, but in case that process fails you may set the desired value here. + properties: + advertiseAddress: + description: AdvertiseAddress sets the IP address for the API server to advertise. type: string - description: 'ExtraArgs is an extra set of flags - to pass to the control plane component. TODO: - This is temporary and ideally we would like - to switch all components to use ComponentConfig - + ConfigMaps.' - type: object - extraVolumes: - description: ExtraVolumes is an extra set of host - volumes, mounted to the control plane component. - items: - description: HostPathMount contains elements - describing volumes that are mounted from the - host. - properties: - hostPath: - description: HostPath is the path in the - host that will be mounted inside the pod. - type: string - mountPath: - description: MountPath is the path inside - the pod where hostPath will be mounted. - type: string - name: - description: Name of the volume inside the - pod template. - type: string - pathType: - description: PathType is the type of the - HostPath. - type: string - readOnly: - description: ReadOnly controls write access - to the volume - type: boolean - required: - - hostPath - - mountPath - - name - type: object - type: array - type: object - type: object - diskSetup: - description: DiskSetup specifies options for the creation - of partition tables and file systems on devices. - properties: - filesystems: - description: Filesystems specifies the list of file - systems to setup. - items: - description: Filesystem defines the file systems - to be created. + bindPort: + description: BindPort sets the secure port for the API Server to bind to. Defaults to 6443. + format: int32 + type: integer + type: object + nodeRegistration: + description: NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. When used in the context of control plane nodes, NodeRegistration should remain consistent across both InitConfiguration and JoinConfiguration properties: - device: - description: Device specifies the device name + criSocket: + description: CRISocket is used to retrieve container runtime info. This information will be annotated to the Node API object, for later re-use type: string - extraOpts: - description: ExtraOpts defined extra options - to add to the command for creating the file - system. + ignorePreflightErrors: + description: IgnorePreflightErrors provides a slice of pre-flight errors to be ignored when the current node is registered. items: type: string type: array - filesystem: - description: Filesystem specifies the file system - type. - type: string - label: - description: Label specifies the file system - label to be used. If set to None, no label - is used. - type: string - overwrite: - description: Overwrite defines whether or not - to overwrite any existing filesystem. If true, - any pre-existing file system will be destroyed. - Use with Caution. - type: boolean - partition: - description: 'Partition specifies the partition - to use. The valid options are: "auto|any", - "auto", "any", "none", and , where NUM - is the actual partition number.' - type: string - replaceFS: - description: 'ReplaceFS is a special directive, - used for Microsoft Azure that instructs cloud-init - to replace a file system of . NOTE: - unless you define a label, this requires the - use of the ''any'' partition directive.' - type: string - required: - - device - - filesystem - - label - type: object - type: array - partitions: - description: Partitions specifies the list of the - partitions to setup. - items: - description: Partition defines how to create and - layout a partition. - properties: - device: - description: Device is the name of the device. - type: string - layout: - description: Layout specifies the device layout. - If it is true, a single partition will be - created for the entire device. When layout - is false, it means don't partition or ignore - existing partitioning. - type: boolean - overwrite: - description: Overwrite describes whether to - skip checks and create the partition if a - partition or filesystem is found on the device. - Use with caution. Default is 'false'. - type: boolean - tableType: - description: 'TableType specifies the tupe of - partition table. The following are supported: - ''mbr'': default and setups a MS-DOS partition - table ''gpt'': setups a GPT partition table' + kubeletExtraArgs: + additionalProperties: + type: string + description: KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. + type: object + name: + description: Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. This field is also used in the CommonName field of the kubelet's client certificate to the API server. Defaults to the hostname of the node if not provided. type: string - required: - - device - - layout + taints: + description: 'Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. If you don''t want to taint your control-plane node, set this field to an empty slice, i.e. `taints: {}` in the YAML file. This field is solely used for Node registration.' + items: + description: The node this Taint is attached to has the "effect" on any pod that does not tolerate the Taint. + properties: + effect: + description: Required. The effect of the taint on pods that do not tolerate the taint. Valid effects are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Required. The taint key to be applied to a node. + type: string + timeAdded: + description: TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints. + format: date-time + type: string + value: + description: The taint value corresponding to the taint key. + type: string + required: + - effect + - key + type: object + type: array type: object - type: array - type: object - files: - description: Files specifies extra files to be passed - to user_data upon creation. - items: - description: File defines the input for generating write_files - in cloud-init. + type: object + joinConfiguration: + description: JoinConfiguration is the kubeadm configuration for the join command properties: - content: - description: Content is the actual content of the - file. + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string - contentFrom: - description: ContentFrom is a referenced source - of content to populate the file. + caCertPath: + description: 'CACertPath is the path to the SSL certificate authority used to secure comunications between node and control-plane. Defaults to "/etc/kubernetes/pki/ca.crt". TODO: revisit when there is defaulting from k/k' + type: string + controlPlane: + description: ControlPlane defines the additional control plane instance to be deployed on the joining node. If nil, no additional control plane instance will be deployed. + properties: + localAPIEndpoint: + description: LocalAPIEndpoint represents the endpoint of the API server instance to be deployed on this node. + properties: + advertiseAddress: + description: AdvertiseAddress sets the IP address for the API server to advertise. + type: string + bindPort: + description: BindPort sets the secure port for the API Server to bind to. Defaults to 6443. + format: int32 + type: integer + type: object + type: object + discovery: + description: 'Discovery specifies the options for the kubelet to use during the TLS Bootstrap process TODO: revisit when there is defaulting from k/k' properties: - secret: - description: Secret represents a secret that - should populate this file. + bootstrapToken: + description: BootstrapToken is used to set the options for bootstrap token based discovery BootstrapToken and File are mutually exclusive properties: - key: - description: Key is the key in the secret's - data map for this value. + apiServerEndpoint: + description: APIServerEndpoint is an IP or domain name to the API server from which info will be fetched. type: string - name: - description: Name of the secret in the KubeadmBootstrapConfig's - namespace to use. + caCertHashes: + description: 'CACertHashes specifies a set of public key pins to verify when token-based discovery is used. The root CA found during discovery must match one of these values. Specifying an empty set disables root CA pinning, which can be unsafe. Each hash is specified as ":", where the only currently supported type is "sha256". This is a hex-encoded SHA-256 hash of the Subject Public Key Info (SPKI) object in DER-encoded ASN.1. These hashes can be calculated using, for example, OpenSSL: openssl x509 -pubkey -in ca.crt openssl rsa -pubin -outform der 2>&/dev/null | openssl dgst -sha256 -hex' + items: + type: string + type: array + token: + description: Token is a token used to validate cluster information fetched from the control-plane. + type: string + unsafeSkipCAVerification: + description: UnsafeSkipCAVerification allows token-based discovery without CA verification via CACertHashes. This can weaken the security of kubeadm since other nodes can impersonate the control-plane. + type: boolean + required: + - token + type: object + file: + description: File is used to specify a file or URL to a kubeconfig file from which to load cluster information BootstrapToken and File are mutually exclusive + properties: + kubeConfigPath: + description: KubeConfigPath is used to specify the actual file path or URL to the kubeconfig file from which to load cluster information type: string required: - - key - - name + - kubeConfigPath type: object - required: - - secret + timeout: + description: Timeout modifies the discovery timeout + type: string + tlsBootstrapToken: + description: TLSBootstrapToken is a token used for TLS bootstrapping. If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, but can be overridden. If .File is set, this field **must be set** in case the KubeConfigFile does not contain any other authentication information + type: string type: object - encoding: - description: Encoding specifies the encoding of - the file contents. - enum: - - base64 - - gzip - - gzip+base64 - type: string - owner: - description: Owner specifies the ownership of the - file, e.g. "root:root". - type: string - path: - description: Path specifies the full path on disk - where to store the file. - type: string - permissions: - description: Permissions specifies the permissions - to assign to the file, e.g. "0640". + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - required: - - path - type: object - type: array - format: - description: Format specifies the output format of the - bootstrap data - enum: - - cloud-config - type: string - initConfiguration: - description: InitConfiguration along with ClusterConfiguration - are the configurations necessary for the init command - properties: - apiVersion: - description: 'APIVersion defines the versioned schema - of this representation of an object. Servers should - convert recognized schemas to the latest internal - value, and may reject unrecognized values. More - info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - bootstrapTokens: - description: BootstrapTokens is respected at `kubeadm - init` time and describes a set of Bootstrap Tokens - to create. This information IS NOT uploaded to the - kubeadm cluster configmap, partly because of its - sensitive nature - items: - description: BootstrapToken describes one bootstrap - token, stored as a Secret in the cluster. + nodeRegistration: + description: NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. When used in the context of control plane nodes, NodeRegistration should remain consistent across both InitConfiguration and JoinConfiguration properties: - description: - description: Description sets a human-friendly - message why this token exists and what it's - used for, so other administrators can know - its purpose. + criSocket: + description: CRISocket is used to retrieve container runtime info. This information will be annotated to the Node API object, for later re-use type: string - expires: - description: Expires specifies the timestamp - when this token expires. Defaults to being - set dynamically at runtime based on the TTL. - Expires and TTL are mutually exclusive. - format: date-time - type: string - groups: - description: Groups specifies the extra groups - that this token will authenticate as when/if - used for authentication + ignorePreflightErrors: + description: IgnorePreflightErrors provides a slice of pre-flight errors to be ignored when the current node is registered. items: type: string type: array - token: - description: Token is used for establishing - bidirectional trust between nodes and control-planes. - Used for joining nodes in the cluster. - type: string - ttl: - description: TTL defines the time to live for - this token. Defaults to 24h. Expires and TTL - are mutually exclusive. + kubeletExtraArgs: + additionalProperties: + type: string + description: KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. + type: object + name: + description: Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. This field is also used in the CommonName field of the kubelet's client certificate to the API server. Defaults to the hostname of the node if not provided. type: string - usages: - description: Usages describes the ways in which - this token can be used. Can by default be - used for establishing bidirectional trust, - but that can be changed here. + taints: + description: 'Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. If you don''t want to taint your control-plane node, set this field to an empty slice, i.e. `taints: {}` in the YAML file. This field is solely used for Node registration.' items: - type: string + description: The node this Taint is attached to has the "effect" on any pod that does not tolerate the Taint. + properties: + effect: + description: Required. The effect of the taint on pods that do not tolerate the taint. Valid effects are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Required. The taint key to be applied to a node. + type: string + timeAdded: + description: TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints. + format: date-time + type: string + value: + description: The taint value corresponding to the taint key. + type: string + required: + - effect + - key + type: object type: array - required: - - token type: object + type: object + mounts: + description: Mounts specifies a list of mount points to be setup. + items: + description: MountPoints defines input for generated mounts in cloud-init. + items: + type: string type: array - kind: - description: 'Kind is a string value representing - the REST resource this object represents. Servers - may infer this from the endpoint the client submits - requests to. Cannot be updated. In CamelCase. More - info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: array + ntp: + description: NTP specifies NTP configuration + properties: + enabled: + description: Enabled specifies whether NTP should be enabled + type: boolean + servers: + description: Servers specifies which NTP servers to use + items: + type: string + type: array + type: object + postKubeadmCommands: + description: PostKubeadmCommands specifies extra commands to run after kubeadm runs + items: + type: string + type: array + preKubeadmCommands: + description: PreKubeadmCommands specifies extra commands to run before kubeadm runs + items: type: string - localAPIEndpoint: - description: LocalAPIEndpoint represents the endpoint - of the API server instance that's deployed on this - control plane node In HA setups, this differs from - ClusterConfiguration.ControlPlaneEndpoint in the - sense that ControlPlaneEndpoint is the global endpoint - for the cluster, which then loadbalances the requests - to each individual API server. This configuration - object lets you customize what IP/DNS name and port - the local API server advertises it's accessible - on. By default, kubeadm tries to auto-detect the - IP of the default interface and use that, but in - case that process fails you may set the desired - value here. + type: array + useExperimentalRetryJoin: + description: "UseExperimentalRetryJoin replaces a basic kubeadm command with a shell script with retries for joins. \n This is meant to be an experimental temporary workaround on some environments where joins fail due to timing (and other issues). The long term goal is to add retries to kubeadm proper and use that functionality. \n This will add about 40KB to userdata \n For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055." + type: boolean + users: + description: Users specifies extra users to add + items: + description: User defines the input for a generated user in cloud-init. properties: - advertiseAddress: - description: AdvertiseAddress sets the IP address - for the API server to advertise. + gecos: + description: Gecos specifies the gecos to use for the user type: string - bindPort: - description: BindPort sets the secure port for - the API Server to bind to. Defaults to 6443. - format: int32 - type: integer - type: object - nodeRegistration: - description: NodeRegistration holds fields that relate - to registering the new control-plane node to the - cluster. When used in the context of control plane - nodes, NodeRegistration should remain consistent - across both InitConfiguration and JoinConfiguration - properties: - criSocket: - description: CRISocket is used to retrieve container - runtime info. This information will be annotated - to the Node API object, for later re-use + groups: + description: Groups specifies the additional groups for the user type: string - ignorePreflightErrors: - description: IgnorePreflightErrors provides a - slice of pre-flight errors to be ignored when - the current node is registered. - items: - type: string - type: array - kubeletExtraArgs: - additionalProperties: - type: string - description: KubeletExtraArgs passes through extra - arguments to the kubelet. The arguments here - are passed to the kubelet command line via the - environment file kubeadm writes at runtime for - the kubelet to source. This overrides the generic - base-level configuration in the kubelet-config-1.X - ConfigMap Flags have higher priority when parsing. - These values are local and specific to the node - kubeadm is executing on. - type: object + homeDir: + description: HomeDir specifies the home directory to use for the user + type: string + inactive: + description: Inactive specifies whether to mark the user as inactive + type: boolean + lockPassword: + description: LockPassword specifies if password login should be disabled + type: boolean name: - description: Name is the `.Metadata.Name` field - of the Node API object that will be created - in this `kubeadm init` or `kubeadm join` operation. - This field is also used in the CommonName field - of the kubelet's client certificate to the API - server. Defaults to the hostname of the node - if not provided. + description: Name specifies the user name type: string - taints: - description: 'Taints specifies the taints the - Node API object should be registered with. If - this field is unset, i.e. nil, in the `kubeadm - init` process it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. - If you don''t want to taint your control-plane - node, set this field to an empty slice, i.e. - `taints: {}` in the YAML file. This field is - solely used for Node registration.' - items: - description: The node this Taint is attached - to has the "effect" on any pod that does not - tolerate the Taint. - properties: - effect: - description: Required. The effect of the - taint on pods that do not tolerate the - taint. Valid effects are NoSchedule, PreferNoSchedule - and NoExecute. - type: string - key: - description: Required. The taint key to - be applied to a node. - type: string - timeAdded: - description: TimeAdded represents the time - at which the taint was added. It is only - written for NoExecute taints. - format: date-time - type: string - value: - description: The taint value corresponding - to the taint key. - type: string - required: - - effect - - key - type: object - type: array - type: object - type: object - joinConfiguration: - description: JoinConfiguration is the kubeadm configuration - for the join command - properties: - apiVersion: - description: 'APIVersion defines the versioned schema - of this representation of an object. Servers should - convert recognized schemas to the latest internal - value, and may reject unrecognized values. More - info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - caCertPath: - description: 'CACertPath is the path to the SSL certificate - authority used to secure comunications between node - and control-plane. Defaults to "/etc/kubernetes/pki/ca.crt". - TODO: revisit when there is defaulting from k/k' - type: string - controlPlane: - description: ControlPlane defines the additional control - plane instance to be deployed on the joining node. - If nil, no additional control plane instance will - be deployed. - properties: - localAPIEndpoint: - description: LocalAPIEndpoint represents the endpoint - of the API server instance to be deployed on - this node. - properties: - advertiseAddress: - description: AdvertiseAddress sets the IP - address for the API server to advertise. - type: string - bindPort: - description: BindPort sets the secure port - for the API Server to bind to. Defaults - to 6443. - format: int32 - type: integer - type: object - type: object - discovery: - description: 'Discovery specifies the options for - the kubelet to use during the TLS Bootstrap process - TODO: revisit when there is defaulting from k/k' - properties: - bootstrapToken: - description: BootstrapToken is used to set the - options for bootstrap token based discovery - BootstrapToken and File are mutually exclusive - properties: - apiServerEndpoint: - description: APIServerEndpoint is an IP or - domain name to the API server from which - info will be fetched. - type: string - caCertHashes: - description: 'CACertHashes specifies a set - of public key pins to verify when token-based - discovery is used. The root CA found during - discovery must match one of these values. - Specifying an empty set disables root CA - pinning, which can be unsafe. Each hash - is specified as ":", where - the only currently supported type is "sha256". - This is a hex-encoded SHA-256 hash of the - Subject Public Key Info (SPKI) object in - DER-encoded ASN.1. These hashes can be calculated - using, for example, OpenSSL: openssl x509 - -pubkey -in ca.crt openssl rsa -pubin -outform - der 2>&/dev/null | openssl dgst -sha256 - -hex' - items: - type: string - type: array - token: - description: Token is a token used to validate - cluster information fetched from the control-plane. - type: string - unsafeSkipCAVerification: - description: UnsafeSkipCAVerification allows - token-based discovery without CA verification - via CACertHashes. This can weaken the security - of kubeadm since other nodes can impersonate - the control-plane. - type: boolean - required: - - token - type: object - file: - description: File is used to specify a file or - URL to a kubeconfig file from which to load - cluster information BootstrapToken and File - are mutually exclusive - properties: - kubeConfigPath: - description: KubeConfigPath is used to specify - the actual file path or URL to the kubeconfig - file from which to load cluster information - type: string - required: - - kubeConfigPath - type: object - timeout: - description: Timeout modifies the discovery timeout + passwd: + description: Passwd specifies a hashed password for the user type: string - tlsBootstrapToken: - description: TLSBootstrapToken is a token used - for TLS bootstrapping. If .BootstrapToken is - set, this field is defaulted to .BootstrapToken.Token, - but can be overridden. If .File is set, this - field **must be set** in case the KubeConfigFile - does not contain any other authentication information + primaryGroup: + description: PrimaryGroup specifies the primary group for the user type: string - type: object - kind: - description: 'Kind is a string value representing - the REST resource this object represents. Servers - may infer this from the endpoint the client submits - requests to. Cannot be updated. In CamelCase. More - info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - nodeRegistration: - description: NodeRegistration holds fields that relate - to registering the new control-plane node to the - cluster. When used in the context of control plane - nodes, NodeRegistration should remain consistent - across both InitConfiguration and JoinConfiguration - properties: - criSocket: - description: CRISocket is used to retrieve container - runtime info. This information will be annotated - to the Node API object, for later re-use + shell: + description: Shell specifies the user's shell type: string - ignorePreflightErrors: - description: IgnorePreflightErrors provides a - slice of pre-flight errors to be ignored when - the current node is registered. + sshAuthorizedKeys: + description: SSHAuthorizedKeys specifies a list of ssh authorized keys for the user items: type: string type: array - kubeletExtraArgs: - additionalProperties: - type: string - description: KubeletExtraArgs passes through extra - arguments to the kubelet. The arguments here - are passed to the kubelet command line via the - environment file kubeadm writes at runtime for - the kubelet to source. This overrides the generic - base-level configuration in the kubelet-config-1.X - ConfigMap Flags have higher priority when parsing. - These values are local and specific to the node - kubeadm is executing on. - type: object - name: - description: Name is the `.Metadata.Name` field - of the Node API object that will be created - in this `kubeadm init` or `kubeadm join` operation. - This field is also used in the CommonName field - of the kubelet's client certificate to the API - server. Defaults to the hostname of the node - if not provided. + sudo: + description: Sudo specifies a sudo role for the user type: string - taints: - description: 'Taints specifies the taints the - Node API object should be registered with. If - this field is unset, i.e. nil, in the `kubeadm - init` process it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. - If you don''t want to taint your control-plane - node, set this field to an empty slice, i.e. - `taints: {}` in the YAML file. This field is - solely used for Node registration.' - items: - description: The node this Taint is attached - to has the "effect" on any pod that does not - tolerate the Taint. - properties: - effect: - description: Required. The effect of the - taint on pods that do not tolerate the - taint. Valid effects are NoSchedule, PreferNoSchedule - and NoExecute. - type: string - key: - description: Required. The taint key to - be applied to a node. - type: string - timeAdded: - description: TimeAdded represents the time - at which the taint was added. It is only - written for NoExecute taints. - format: date-time - type: string - value: - description: The taint value corresponding - to the taint key. - type: string - required: - - effect - - key - type: object - type: array - type: object - type: object - mounts: - description: Mounts specifies a list of mount points to - be setup. - items: - description: MountPoints defines input for generated - mounts in cloud-init. - items: - type: string - type: array - type: array - ntp: - description: NTP specifies NTP configuration - properties: - enabled: - description: Enabled specifies whether NTP should - be enabled - type: boolean - servers: - description: Servers specifies which NTP servers to - use - items: - type: string - type: array - type: object - postKubeadmCommands: - description: PostKubeadmCommands specifies extra commands - to run after kubeadm runs - items: - type: string - type: array - preKubeadmCommands: - description: PreKubeadmCommands specifies extra commands - to run before kubeadm runs - items: - type: string - type: array - useExperimentalRetryJoin: - description: "UseExperimentalRetryJoin replaces a basic - kubeadm command with a shell script with retries for - joins. \n This is meant to be an experimental temporary - workaround on some environments where joins fail due - to timing (and other issues). The long term goal is - to add retries to kubeadm proper and use that functionality. - \n This will add about 40KB to userdata \n For more - information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055." - type: boolean - users: - description: Users specifies extra users to add - items: - description: User defines the input for a generated - user in cloud-init. + required: + - name + type: object + type: array + verbosity: + description: Verbosity is the number for the kubeadm log level verbosity. It overrides the `--v` flag in kubeadm commands. + format: int32 + type: integer + type: object + machineTemplate: + description: MachineTemplate contains information about how machines should be shaped when creating or updating a control plane. + properties: + infrastructureRef: + description: InfrastructureRef is a required reference to a custom resource offered by an infrastructure provider. properties: - gecos: - description: Gecos specifies the gecos to use for - the user + apiVersion: + description: API version of the referent. type: string - groups: - description: Groups specifies the additional groups - for the user + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' type: string - homeDir: - description: HomeDir specifies the home directory - to use for the user + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - inactive: - description: Inactive specifies whether to mark - the user as inactive - type: boolean - lockPassword: - description: LockPassword specifies if password - login should be disabled - type: boolean name: - description: Name specifies the user name + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - passwd: - description: Passwd specifies a hashed password - for the user + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string - primaryGroup: - description: PrimaryGroup specifies the primary - group for the user + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' type: string - shell: - description: Shell specifies the user's shell + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string - sshAuthorizedKeys: - description: SSHAuthorizedKeys specifies a list - of ssh authorized keys for the user - items: + type: object + x-kubernetes-map-type: atomic + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + properties: + annotations: + additionalProperties: type: string - type: array - sudo: - description: Sudo specifies a sudo role for the - user - type: string - required: - - name + description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object type: object - type: array - verbosity: - description: Verbosity is the number for the kubeadm log - level verbosity. It overrides the `--v` flag in kubeadm - commands. - format: int32 - type: integer - type: object - machineTemplate: - description: MachineTemplate contains information about how - machines should be shaped when creating or updating a control - plane. - properties: - infrastructureRef: - description: InfrastructureRef is a required reference - to a custom resource offered by an infrastructure provider. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object - instead of an entire object, this string should - contain a valid JSON/Go field access statement, - such as desiredState.manifest.containers[2]. For - example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container - that triggered the event) or if no container name - is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only - to have some well-defined way of referencing a part - of an object. TODO: this design is not final and - this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this - reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - metadata: - description: 'Standard object''s metadata. More info: - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' - properties: - annotations: - additionalProperties: - type: string - description: 'Annotations is an unstructured key value - map stored with a resource that may be set by external - tools to store and retrieve arbitrary metadata. - They are not queryable and should be preserved when - modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' - type: object - labels: - additionalProperties: - type: string - description: 'Map of string keys and values that can - be used to organize and categorize (scope and select) - objects. May match selectors of replication controllers - and services. More info: http://kubernetes.io/docs/user-guide/labels' - type: object - type: object - nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of - time that the controller will spend on draining a controlplane - node The default value is 0, meaning that the node can - be drained without any time limitations. NOTE: NodeDrainTimeout - is different from `kubectl drain --timeout`' - type: string - required: - - infrastructureRef - type: object - replicas: - description: Number of desired machines. Defaults to 1. When - stacked etcd is used only odd numbers are permitted, as - per [etcd best practice](https://etcd.io/docs/v3.3.12/faq/#why-an-odd-number-of-cluster-members). - This is a pointer to distinguish between explicit zero and - not specified. - format: int32 - type: integer - rolloutAfter: - description: RolloutAfter is a field to indicate a rollout - should be performed after the specified time even if no - changes have been made to the KubeadmControlPlane. - format: date-time - type: string - rolloutStrategy: - default: - rollingUpdate: - maxSurge: 1 - type: RollingUpdate - description: The RolloutStrategy to use to replace control - plane machines with new ones. - properties: - rollingUpdate: - description: Rolling update config params. Present only - if RolloutStrategyType = RollingUpdate. - properties: - maxSurge: - anyOf: - - type: integer - - type: string - description: 'The maximum number of control planes - that can be scheduled above or under the desired - number of control planes. Value can be an absolute - number 1 or 0. Defaults to 1. Example: when this - is set to 1, the control plane can be scaled up - immediately when the rolling update starts.' - x-kubernetes-int-or-string: true - type: object - type: - description: Type of rollout. Currently the only supported - strategy is "RollingUpdate". Default is RollingUpdate. - type: string - type: object - version: - description: Version defines the desired Kubernetes version. - type: string - required: - - kubeadmConfigSpec - - machineTemplate - - version - type: object - required: - - spec - type: object - required: - - template - type: object - type: object - served: false - storage: false - subresources: {} - - additionalPrinterColumns: - - description: Time duration since creation of KubeadmControlPlaneTemplate - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: KubeadmControlPlaneTemplate is the Schema for the kubeadmcontrolplanetemplates - API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: KubeadmControlPlaneTemplateSpec defines the desired state - of KubeadmControlPlaneTemplate. - properties: - template: - description: KubeadmControlPlaneTemplateResource describes the data - needed to create a KubeadmControlPlane from a template. - properties: - metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' - properties: - annotations: - additionalProperties: + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time that the controller will spend on draining a controlplane node The default value is 0, meaning that the node can be drained without any time limitations. NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`' + type: string + required: + - infrastructureRef + type: object + replicas: + description: Number of desired machines. Defaults to 1. When stacked etcd is used only odd numbers are permitted, as per [etcd best practice](https://etcd.io/docs/v3.3.12/faq/#why-an-odd-number-of-cluster-members). This is a pointer to distinguish between explicit zero and not specified. + format: int32 + type: integer + rolloutAfter: + description: RolloutAfter is a field to indicate a rollout should be performed after the specified time even if no changes have been made to the KubeadmControlPlane. + format: date-time type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - http://kubernetes.io/docs/user-guide/annotations' - type: object - labels: - additionalProperties: + rolloutStrategy: + default: + rollingUpdate: + maxSurge: 1 + type: RollingUpdate + description: The RolloutStrategy to use to replace control plane machines with new ones. + properties: + rollingUpdate: + description: Rolling update config params. Present only if RolloutStrategyType = RollingUpdate. + properties: + maxSurge: + anyOf: + - type: integer + - type: string + description: 'The maximum number of control planes that can be scheduled above or under the desired number of control planes. Value can be an absolute number 1 or 0. Defaults to 1. Example: when this is set to 1, the control plane can be scaled up immediately when the rolling update starts.' + x-kubernetes-int-or-string: true + type: object + type: + description: Type of rollout. Currently the only supported strategy is "RollingUpdate". Default is RollingUpdate. + type: string + type: object + version: + description: Version defines the desired Kubernetes version. type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. May - match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' - type: object - type: object - spec: - description: 'KubeadmControlPlaneTemplateResourceSpec defines - the desired state of KubeadmControlPlane. NOTE: KubeadmControlPlaneTemplateResourceSpec - is similar to KubeadmControlPlaneSpec but omits Replicas and - Version fields. These fields do not make sense on the KubeadmControlPlaneTemplate, - because they are calculated by the Cluster topology reconciler - during reconciliation and thus cannot be configured on the KubeadmControlPlaneTemplate.' - properties: - kubeadmConfigSpec: - description: KubeadmConfigSpec is a KubeadmConfigSpec to use - for initializing and joining machines to the control plane. - properties: - clusterConfiguration: - description: ClusterConfiguration along with InitConfiguration - are the configurations necessary for the init command - properties: - apiServer: - description: APIServer contains extra settings for - the API server control plane component - properties: - certSANs: - description: CertSANs sets extra Subject Alternative - Names for the API Server signing cert. - items: + required: + - kubeadmConfigSpec + - machineTemplate + - version + type: object + required: + - spec + type: object + required: + - template + type: object + type: object + served: false + storage: false + subresources: {} + - additionalPrinterColumns: + - description: Time duration since creation of KubeadmControlPlaneTemplate + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: KubeadmControlPlaneTemplate is the Schema for the kubeadmcontrolplanetemplates API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: KubeadmControlPlaneTemplateSpec defines the desired state of KubeadmControlPlaneTemplate. + properties: + template: + description: KubeadmControlPlaneTemplateResource describes the data needed to create a KubeadmControlPlane from a template. + properties: + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: 'KubeadmControlPlaneTemplateResourceSpec defines the desired state of KubeadmControlPlane. NOTE: KubeadmControlPlaneTemplateResourceSpec is similar to KubeadmControlPlaneSpec but omits Replicas and Version fields. These fields do not make sense on the KubeadmControlPlaneTemplate, because they are calculated by the Cluster topology reconciler during reconciliation and thus cannot be configured on the KubeadmControlPlaneTemplate.' + properties: + kubeadmConfigSpec: + description: KubeadmConfigSpec is a KubeadmConfigSpec to use for initializing and joining machines to the control plane. + properties: + clusterConfiguration: + description: ClusterConfiguration along with InitConfiguration are the configurations necessary for the init command + properties: + apiServer: + description: APIServer contains extra settings for the API server control plane component + properties: + certSANs: + description: CertSANs sets extra Subject Alternative Names for the API Server signing cert. + items: + type: string + type: array + extraArgs: + additionalProperties: + type: string + description: 'ExtraArgs is an extra set of flags to pass to the control plane component. TODO: This is temporary and ideally we would like to switch all components to use ComponentConfig + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. + items: + description: HostPathMount contains elements describing volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host that will be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the pod where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + timeoutForControlPlane: + description: TimeoutForControlPlane controls the timeout that we use for API server to appear type: string - type: array - extraArgs: - additionalProperties: + type: object + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + certificatesDir: + description: 'CertificatesDir specifies where to store or look for all required certificates. NB: if not provided, this will default to `/etc/kubernetes/pki`' + type: string + clusterName: + description: The cluster name + type: string + controlPlaneEndpoint: + description: 'ControlPlaneEndpoint sets a stable IP address or DNS name for the control plane; it can be a valid IP address or a RFC-1123 DNS subdomain, both with optional TCP port. In case the ControlPlaneEndpoint is not specified, the AdvertiseAddress + BindPort are used; in case the ControlPlaneEndpoint is specified but without a TCP port, the BindPort is used. Possible usages are: e.g. In a cluster with more than one control plane instances, this field should be assigned the address of the external load balancer in front of the control plane instances. e.g. in environments with enforced node recycling, the ControlPlaneEndpoint could be used for assigning a stable DNS to the control plane. NB: This value defaults to the first value in the Cluster object status.apiEndpoints array.' + type: string + controllerManager: + description: ControllerManager contains extra settings for the controller manager control plane component + properties: + extraArgs: + additionalProperties: + type: string + description: 'ExtraArgs is an extra set of flags to pass to the control plane component. TODO: This is temporary and ideally we would like to switch all components to use ComponentConfig + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. + items: + description: HostPathMount contains elements describing volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host that will be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the pod where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + type: object + dns: + description: DNS defines the options for the DNS add-on installed in the cluster. + properties: + imageRepository: + description: ImageRepository sets the container registry to pull images from. if not set, the ImageRepository defined in ClusterConfiguration will be used instead. type: string - description: 'ExtraArgs is an extra set of flags - to pass to the control plane component. TODO: - This is temporary and ideally we would like - to switch all components to use ComponentConfig - + ConfigMaps.' - type: object - extraVolumes: - description: ExtraVolumes is an extra set of host - volumes, mounted to the control plane component. - items: - description: HostPathMount contains elements - describing volumes that are mounted from the - host. + imageTag: + description: ImageTag allows to specify a tag for the image. In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. + type: string + type: object + etcd: + description: 'Etcd holds configuration for etcd. NB: This value defaults to a Local (stacked) etcd' + properties: + external: + description: External describes how to connect to an external etcd cluster Local and External are mutually exclusive properties: - hostPath: - description: HostPath is the path in the - host that will be mounted inside the pod. - type: string - mountPath: - description: MountPath is the path inside - the pod where hostPath will be mounted. + caFile: + description: CAFile is an SSL Certificate Authority file used to secure etcd communication. Required if using a TLS connection. type: string - name: - description: Name of the volume inside the - pod template. + certFile: + description: CertFile is an SSL certification file used to secure etcd communication. Required if using a TLS connection. type: string - pathType: - description: PathType is the type of the - HostPath. + endpoints: + description: Endpoints of etcd members. Required for ExternalEtcd. + items: + type: string + type: array + keyFile: + description: KeyFile is an SSL key file used to secure etcd communication. Required if using a TLS connection. type: string - readOnly: - description: ReadOnly controls write access - to the volume - type: boolean required: - - hostPath - - mountPath - - name + - caFile + - certFile + - endpoints + - keyFile type: object - type: array - timeoutForControlPlane: - description: TimeoutForControlPlane controls the - timeout that we use for API server to appear - type: string - type: object - apiVersion: - description: 'APIVersion defines the versioned schema - of this representation of an object. Servers should - convert recognized schemas to the latest internal - value, and may reject unrecognized values. More - info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - certificatesDir: - description: 'CertificatesDir specifies where to store - or look for all required certificates. NB: if not - provided, this will default to `/etc/kubernetes/pki`' - type: string - clusterName: - description: The cluster name - type: string - controlPlaneEndpoint: - description: 'ControlPlaneEndpoint sets a stable IP - address or DNS name for the control plane; it can - be a valid IP address or a RFC-1123 DNS subdomain, - both with optional TCP port. In case the ControlPlaneEndpoint - is not specified, the AdvertiseAddress + BindPort - are used; in case the ControlPlaneEndpoint is specified - but without a TCP port, the BindPort is used. Possible - usages are: e.g. In a cluster with more than one - control plane instances, this field should be assigned - the address of the external load balancer in front - of the control plane instances. e.g. in environments - with enforced node recycling, the ControlPlaneEndpoint - could be used for assigning a stable DNS to the - control plane. NB: This value defaults to the first - value in the Cluster object status.apiEndpoints - array.' - type: string - controllerManager: - description: ControllerManager contains extra settings - for the controller manager control plane component - properties: - extraArgs: - additionalProperties: - type: string - description: 'ExtraArgs is an extra set of flags - to pass to the control plane component. TODO: - This is temporary and ideally we would like - to switch all components to use ComponentConfig - + ConfigMaps.' - type: object - extraVolumes: - description: ExtraVolumes is an extra set of host - volumes, mounted to the control plane component. - items: - description: HostPathMount contains elements - describing volumes that are mounted from the - host. + local: + description: Local provides configuration knobs for configuring the local etcd instance Local and External are mutually exclusive properties: - hostPath: - description: HostPath is the path in the - host that will be mounted inside the pod. + dataDir: + description: DataDir is the directory etcd will place its data. Defaults to "/var/lib/etcd". type: string - mountPath: - description: MountPath is the path inside - the pod where hostPath will be mounted. + extraArgs: + additionalProperties: + type: string + description: ExtraArgs are extra arguments provided to the etcd binary when run inside a static pod. + type: object + imageRepository: + description: ImageRepository sets the container registry to pull images from. if not set, the ImageRepository defined in ClusterConfiguration will be used instead. type: string - name: - description: Name of the volume inside the - pod template. + imageTag: + description: ImageTag allows to specify a tag for the image. In case this value is set, kubeadm does not change automatically the version of the above components during upgrades. type: string - pathType: - description: PathType is the type of the - HostPath. - type: string - readOnly: - description: ReadOnly controls write access - to the volume - type: boolean - required: - - hostPath - - mountPath - - name + peerCertSANs: + description: PeerCertSANs sets extra Subject Alternative Names for the etcd peer signing cert. + items: + type: string + type: array + serverCertSANs: + description: ServerCertSANs sets extra Subject Alternative Names for the etcd server signing cert. + items: + type: string + type: array type: object - type: array - type: object - dns: - description: DNS defines the options for the DNS add-on - installed in the cluster. - properties: - imageRepository: - description: ImageRepository sets the container - registry to pull images from. if not set, the - ImageRepository defined in ClusterConfiguration - will be used instead. - type: string - imageTag: - description: ImageTag allows to specify a tag - for the image. In case this value is set, kubeadm - does not change automatically the version of - the above components during upgrades. - type: string - type: object - etcd: - description: 'Etcd holds configuration for etcd. NB: - This value defaults to a Local (stacked) etcd' - properties: - external: - description: External describes how to connect - to an external etcd cluster Local and External - are mutually exclusive - properties: - caFile: - description: CAFile is an SSL Certificate - Authority file used to secure etcd communication. - Required if using a TLS connection. + type: object + featureGates: + additionalProperties: + type: boolean + description: FeatureGates enabled by the user. + type: object + imageRepository: + description: 'ImageRepository sets the container registry to pull images from. * If not set, the default registry of kubeadm will be used, i.e. * registry.k8s.io (new registry): >= v1.22.17, >= v1.23.15, >= v1.24.9, >= v1.25.0 * k8s.gcr.io (old registry): all older versions Please note that when imageRepository is not set we don''t allow upgrades to versions >= v1.22.0 which use the old registry (k8s.gcr.io). Please use a newer patch version with the new registry instead (i.e. >= v1.22.17, >= v1.23.15, >= v1.24.9, >= v1.25.0). * If the version is a CI build (kubernetes version starts with `ci/` or `ci-cross/`) `gcr.io/k8s-staging-ci-images` will be used as a default for control plane components and for kube-proxy, while `registry.k8s.io` will be used for all the other images.' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + kubernetesVersion: + description: 'KubernetesVersion is the target version of the control plane. NB: This value defaults to the Machine object spec.version' + type: string + networking: + description: 'Networking holds configuration for the networking topology of the cluster. NB: This value defaults to the Cluster object spec.clusterNetwork.' + properties: + dnsDomain: + description: DNSDomain is the dns domain used by k8s services. Defaults to "cluster.local". + type: string + podSubnet: + description: PodSubnet is the subnet used by pods. If unset, the API server will not allocate CIDR ranges for every node. Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.services.cidrBlocks if that is set + type: string + serviceSubnet: + description: ServiceSubnet is the subnet used by k8s services. Defaults to a comma-delimited string of the Cluster object's spec.clusterNetwork.pods.cidrBlocks, or to "10.96.0.0/12" if that's unset. + type: string + type: object + scheduler: + description: Scheduler contains extra settings for the scheduler control plane component + properties: + extraArgs: + additionalProperties: type: string - certFile: - description: CertFile is an SSL certification - file used to secure etcd communication. - Required if using a TLS connection. + description: 'ExtraArgs is an extra set of flags to pass to the control plane component. TODO: This is temporary and ideally we would like to switch all components to use ComponentConfig + ConfigMaps.' + type: object + extraVolumes: + description: ExtraVolumes is an extra set of host volumes, mounted to the control plane component. + items: + description: HostPathMount contains elements describing volumes that are mounted from the host. + properties: + hostPath: + description: HostPath is the path in the host that will be mounted inside the pod. + type: string + mountPath: + description: MountPath is the path inside the pod where hostPath will be mounted. + type: string + name: + description: Name of the volume inside the pod template. + type: string + pathType: + description: PathType is the type of the HostPath. + type: string + readOnly: + description: ReadOnly controls write access to the volume + type: boolean + required: + - hostPath + - mountPath + - name + type: object + type: array + type: object + type: object + diskSetup: + description: DiskSetup specifies options for the creation of partition tables and file systems on devices. + properties: + filesystems: + description: Filesystems specifies the list of file systems to setup. + items: + description: Filesystem defines the file systems to be created. + properties: + device: + description: Device specifies the device name type: string - endpoints: - description: Endpoints of etcd members. Required - for ExternalEtcd. + extraOpts: + description: ExtraOpts defined extra options to add to the command for creating the file system. items: type: string type: array - keyFile: - description: KeyFile is an SSL key file used - to secure etcd communication. Required if - using a TLS connection. + filesystem: + description: Filesystem specifies the file system type. + type: string + label: + description: Label specifies the file system label to be used. If set to None, no label is used. + type: string + overwrite: + description: Overwrite defines whether or not to overwrite any existing filesystem. If true, any pre-existing file system will be destroyed. Use with Caution. + type: boolean + partition: + description: 'Partition specifies the partition to use. The valid options are: "auto|any", "auto", "any", "none", and , where NUM is the actual partition number.' + type: string + replaceFS: + description: 'ReplaceFS is a special directive, used for Microsoft Azure that instructs cloud-init to replace a file system of . NOTE: unless you define a label, this requires the use of the ''any'' partition directive.' type: string required: - - caFile - - certFile - - endpoints - - keyFile + - device + - filesystem + - label type: object - local: - description: Local provides configuration knobs - for configuring the local etcd instance Local - and External are mutually exclusive + type: array + partitions: + description: Partitions specifies the list of the partitions to setup. + items: + description: Partition defines how to create and layout a partition. properties: - dataDir: - description: DataDir is the directory etcd - will place its data. Defaults to "/var/lib/etcd". + device: + description: Device is the name of the device. type: string - extraArgs: - additionalProperties: - type: string - description: ExtraArgs are extra arguments - provided to the etcd binary when run inside - a static pod. + layout: + description: Layout specifies the device layout. If it is true, a single partition will be created for the entire device. When layout is false, it means don't partition or ignore existing partitioning. + type: boolean + overwrite: + description: Overwrite describes whether to skip checks and create the partition if a partition or filesystem is found on the device. Use with caution. Default is 'false'. + type: boolean + tableType: + description: 'TableType specifies the tupe of partition table. The following are supported: ''mbr'': default and setups a MS-DOS partition table ''gpt'': setups a GPT partition table' + type: string + required: + - device + - layout + type: object + type: array + type: object + files: + description: Files specifies extra files to be passed to user_data upon creation. + items: + description: File defines the input for generating write_files in cloud-init. + properties: + append: + description: Append specifies whether to append Content to existing file if Path exists. + type: boolean + content: + description: Content is the actual content of the file. + type: string + contentFrom: + description: ContentFrom is a referenced source of content to populate the file. + properties: + secret: + description: Secret represents a secret that should populate this file. + properties: + key: + description: Key is the key in the secret's data map for this value. + type: string + name: + description: Name of the secret in the KubeadmBootstrapConfig's namespace to use. + type: string + required: + - key + - name type: object - imageRepository: - description: ImageRepository sets the container - registry to pull images from. if not set, - the ImageRepository defined in ClusterConfiguration - will be used instead. + required: + - secret + type: object + encoding: + description: Encoding specifies the encoding of the file contents. + enum: + - base64 + - gzip + - gzip+base64 + type: string + owner: + description: Owner specifies the ownership of the file, e.g. "root:root". + type: string + path: + description: Path specifies the full path on disk where to store the file. + type: string + permissions: + description: Permissions specifies the permissions to assign to the file, e.g. "0640". + type: string + required: + - path + type: object + type: array + format: + description: Format specifies the output format of the bootstrap data + enum: + - cloud-config + - ignition + type: string + ignition: + description: Ignition contains Ignition specific configuration. + properties: + containerLinuxConfig: + description: ContainerLinuxConfig contains CLC specific configuration. + properties: + additionalConfig: + description: "AdditionalConfig contains additional configuration to be merged with the Ignition configuration generated by the bootstrapper controller. More info: https://coreos.github.io/ignition/operator-notes/#config-merging \n The data format is documented here: https://kinvolk.io/docs/flatcar-container-linux/latest/provisioning/cl-config/" + type: string + strict: + description: Strict controls if AdditionalConfig should be strictly parsed. If so, warnings are treated as errors. + type: boolean + type: object + type: object + initConfiguration: + description: InitConfiguration along with ClusterConfiguration are the configurations necessary for the init command + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + bootstrapTokens: + description: BootstrapTokens is respected at `kubeadm init` time and describes a set of Bootstrap Tokens to create. This information IS NOT uploaded to the kubeadm cluster configmap, partly because of its sensitive nature + items: + description: BootstrapToken describes one bootstrap token, stored as a Secret in the cluster. + properties: + description: + description: Description sets a human-friendly message why this token exists and what it's used for, so other administrators can know its purpose. type: string - imageTag: - description: ImageTag allows to specify a - tag for the image. In case this value is - set, kubeadm does not change automatically - the version of the above components during - upgrades. + expires: + description: Expires specifies the timestamp when this token expires. Defaults to being set dynamically at runtime based on the TTL. Expires and TTL are mutually exclusive. + format: date-time type: string - peerCertSANs: - description: PeerCertSANs sets extra Subject - Alternative Names for the etcd peer signing - cert. + groups: + description: Groups specifies the extra groups that this token will authenticate as when/if used for authentication items: type: string type: array - serverCertSANs: - description: ServerCertSANs sets extra Subject - Alternative Names for the etcd server signing - cert. + token: + description: Token is used for establishing bidirectional trust between nodes and control-planes. Used for joining nodes in the cluster. + type: string + ttl: + description: TTL defines the time to live for this token. Defaults to 24h. Expires and TTL are mutually exclusive. + type: string + usages: + description: Usages describes the ways in which this token can be used. Can by default be used for establishing bidirectional trust, but that can be changed here. items: type: string type: array + required: + - token type: object - type: object - featureGates: - additionalProperties: - type: boolean - description: FeatureGates enabled by the user. - type: object - imageRepository: - description: 'ImageRepository sets the container registry - to pull images from. * If not set, the default registry - of kubeadm will be used, i.e. * registry.k8s.io - (new registry): >= v1.22.17, >= v1.23.15, >= v1.24.9, - >= v1.25.0 * k8s.gcr.io (old registry): all older - versions Please note that when imageRepository is - not set we don''t allow upgrades to versions >= - v1.22.0 which use the old registry (k8s.gcr.io). - Please use a newer patch version with the new registry - instead (i.e. >= v1.22.17, >= v1.23.15, >= v1.24.9, - >= v1.25.0). * If the version is a CI build (kubernetes - version starts with `ci/` or `ci-cross/`) `gcr.io/k8s-staging-ci-images` - will be used as a default for control plane components - and for kube-proxy, while `registry.k8s.io` will - be used for all the other images.' - type: string - kind: - description: 'Kind is a string value representing - the REST resource this object represents. Servers - may infer this from the endpoint the client submits - requests to. Cannot be updated. In CamelCase. More - info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - kubernetesVersion: - description: 'KubernetesVersion is the target version - of the control plane. NB: This value defaults to - the Machine object spec.version' - type: string - networking: - description: 'Networking holds configuration for the - networking topology of the cluster. NB: This value - defaults to the Cluster object spec.clusterNetwork.' - properties: - dnsDomain: - description: DNSDomain is the dns domain used - by k8s services. Defaults to "cluster.local". - type: string - podSubnet: - description: PodSubnet is the subnet used by pods. - If unset, the API server will not allocate CIDR - ranges for every node. Defaults to a comma-delimited - string of the Cluster object's spec.clusterNetwork.services.cidrBlocks - if that is set - type: string - serviceSubnet: - description: ServiceSubnet is the subnet used - by k8s services. Defaults to a comma-delimited - string of the Cluster object's spec.clusterNetwork.pods.cidrBlocks, - or to "10.96.0.0/12" if that's unset. - type: string - type: object - scheduler: - description: Scheduler contains extra settings for - the scheduler control plane component - properties: - extraArgs: - additionalProperties: + type: array + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + localAPIEndpoint: + description: LocalAPIEndpoint represents the endpoint of the API server instance that's deployed on this control plane node In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint in the sense that ControlPlaneEndpoint is the global endpoint for the cluster, which then loadbalances the requests to each individual API server. This configuration object lets you customize what IP/DNS name and port the local API server advertises it's accessible on. By default, kubeadm tries to auto-detect the IP of the default interface and use that, but in case that process fails you may set the desired value here. + properties: + advertiseAddress: + description: AdvertiseAddress sets the IP address for the API server to advertise. type: string - description: 'ExtraArgs is an extra set of flags - to pass to the control plane component. TODO: - This is temporary and ideally we would like - to switch all components to use ComponentConfig - + ConfigMaps.' - type: object - extraVolumes: - description: ExtraVolumes is an extra set of host - volumes, mounted to the control plane component. - items: - description: HostPathMount contains elements - describing volumes that are mounted from the - host. - properties: - hostPath: - description: HostPath is the path in the - host that will be mounted inside the pod. - type: string - mountPath: - description: MountPath is the path inside - the pod where hostPath will be mounted. - type: string - name: - description: Name of the volume inside the - pod template. - type: string - pathType: - description: PathType is the type of the - HostPath. - type: string - readOnly: - description: ReadOnly controls write access - to the volume - type: boolean - required: - - hostPath - - mountPath - - name - type: object - type: array - type: object - type: object - diskSetup: - description: DiskSetup specifies options for the creation - of partition tables and file systems on devices. - properties: - filesystems: - description: Filesystems specifies the list of file - systems to setup. - items: - description: Filesystem defines the file systems - to be created. + bindPort: + description: BindPort sets the secure port for the API Server to bind to. Defaults to 6443. + format: int32 + type: integer + type: object + nodeRegistration: + description: NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. When used in the context of control plane nodes, NodeRegistration should remain consistent across both InitConfiguration and JoinConfiguration properties: - device: - description: Device specifies the device name + criSocket: + description: CRISocket is used to retrieve container runtime info. This information will be annotated to the Node API object, for later re-use type: string - extraOpts: - description: ExtraOpts defined extra options - to add to the command for creating the file - system. + ignorePreflightErrors: + description: IgnorePreflightErrors provides a slice of pre-flight errors to be ignored when the current node is registered. items: type: string type: array - filesystem: - description: Filesystem specifies the file system - type. + imagePullPolicy: + description: ImagePullPolicy specifies the policy for image pulling during kubeadm "init" and "join" operations. The value of this field must be one of "Always", "IfNotPresent" or "Never". Defaults to "IfNotPresent". This can be used only with Kubernetes version equal to 1.22 and later. + enum: + - Always + - IfNotPresent + - Never type: string - label: - description: Label specifies the file system - label to be used. If set to None, no label - is used. - type: string - overwrite: - description: Overwrite defines whether or not - to overwrite any existing filesystem. If true, - any pre-existing file system will be destroyed. - Use with Caution. - type: boolean - partition: - description: 'Partition specifies the partition - to use. The valid options are: "auto|any", - "auto", "any", "none", and , where NUM - is the actual partition number.' - type: string - replaceFS: - description: 'ReplaceFS is a special directive, - used for Microsoft Azure that instructs cloud-init - to replace a file system of . NOTE: - unless you define a label, this requires the - use of the ''any'' partition directive.' + kubeletExtraArgs: + additionalProperties: + type: string + description: KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. + type: object + name: + description: Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. This field is also used in the CommonName field of the kubelet's client certificate to the API server. Defaults to the hostname of the node if not provided. type: string - required: - - device - - filesystem - - label + taints: + description: 'Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. If you don''t want to taint your control-plane node, set this field to an empty slice, i.e. `taints: []` in the YAML file. This field is solely used for Node registration.' + items: + description: The node this Taint is attached to has the "effect" on any pod that does not tolerate the Taint. + properties: + effect: + description: Required. The effect of the taint on pods that do not tolerate the taint. Valid effects are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Required. The taint key to be applied to a node. + type: string + timeAdded: + description: TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints. + format: date-time + type: string + value: + description: The taint value corresponding to the taint key. + type: string + required: + - effect + - key + type: object + type: array type: object - type: array - partitions: - description: Partitions specifies the list of the - partitions to setup. - items: - description: Partition defines how to create and - layout a partition. + patches: + description: Patches contains options related to applying patches to components deployed by kubeadm during "kubeadm init". The minimum kubernetes version needed to support Patches is v1.22 properties: - device: - description: Device is the name of the device. - type: string - layout: - description: Layout specifies the device layout. - If it is true, a single partition will be - created for the entire device. When layout - is false, it means don't partition or ignore - existing partitioning. - type: boolean - overwrite: - description: Overwrite describes whether to - skip checks and create the partition if a - partition or filesystem is found on the device. - Use with caution. Default is 'false'. - type: boolean - tableType: - description: 'TableType specifies the tupe of - partition table. The following are supported: - ''mbr'': default and setups a MS-DOS partition - table ''gpt'': setups a GPT partition table' + directory: + description: Directory is a path to a directory that contains files named "target[suffix][+patchtype].extension". For example, "kube-apiserver0+merge.yaml" or just "etcd.json". "target" can be one of "kube-apiserver", "kube-controller-manager", "kube-scheduler", "etcd". "patchtype" can be one of "strategic" "merge" or "json" and they match the patch formats supported by kubectl. The default "patchtype" is "strategic". "extension" must be either "json" or "yaml". "suffix" is an optional string that can be used to determine which patches are applied first alpha-numerically. These files can be written into the target directory via KubeadmConfig.Files which specifies additional files to be created on the machine, either with content inline or by referencing a secret. type: string - required: - - device - - layout type: object - type: array - type: object - files: - description: Files specifies extra files to be passed - to user_data upon creation. - items: - description: File defines the input for generating write_files - in cloud-init. + skipPhases: + description: SkipPhases is a list of phases to skip during command execution. The list of phases can be obtained with the "kubeadm init --help" command. This option takes effect only on Kubernetes >=1.22.0. + items: + type: string + type: array + type: object + joinConfiguration: + description: JoinConfiguration is the kubeadm configuration for the join command properties: - append: - description: Append specifies whether to append - Content to existing file if Path exists. - type: boolean - content: - description: Content is the actual content of the - file. + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + caCertPath: + description: 'CACertPath is the path to the SSL certificate authority used to secure comunications between node and control-plane. Defaults to "/etc/kubernetes/pki/ca.crt". TODO: revisit when there is defaulting from k/k' type: string - contentFrom: - description: ContentFrom is a referenced source - of content to populate the file. + controlPlane: + description: ControlPlane defines the additional control plane instance to be deployed on the joining node. If nil, no additional control plane instance will be deployed. + properties: + localAPIEndpoint: + description: LocalAPIEndpoint represents the endpoint of the API server instance to be deployed on this node. + properties: + advertiseAddress: + description: AdvertiseAddress sets the IP address for the API server to advertise. + type: string + bindPort: + description: BindPort sets the secure port for the API Server to bind to. Defaults to 6443. + format: int32 + type: integer + type: object + type: object + discovery: + description: 'Discovery specifies the options for the kubelet to use during the TLS Bootstrap process TODO: revisit when there is defaulting from k/k' properties: - secret: - description: Secret represents a secret that - should populate this file. + bootstrapToken: + description: BootstrapToken is used to set the options for bootstrap token based discovery BootstrapToken and File are mutually exclusive + properties: + apiServerEndpoint: + description: APIServerEndpoint is an IP or domain name to the API server from which info will be fetched. + type: string + caCertHashes: + description: 'CACertHashes specifies a set of public key pins to verify when token-based discovery is used. The root CA found during discovery must match one of these values. Specifying an empty set disables root CA pinning, which can be unsafe. Each hash is specified as ":", where the only currently supported type is "sha256". This is a hex-encoded SHA-256 hash of the Subject Public Key Info (SPKI) object in DER-encoded ASN.1. These hashes can be calculated using, for example, OpenSSL: openssl x509 -pubkey -in ca.crt openssl rsa -pubin -outform der 2>&/dev/null | openssl dgst -sha256 -hex' + items: + type: string + type: array + token: + description: Token is a token used to validate cluster information fetched from the control-plane. + type: string + unsafeSkipCAVerification: + description: UnsafeSkipCAVerification allows token-based discovery without CA verification via CACertHashes. This can weaken the security of kubeadm since other nodes can impersonate the control-plane. + type: boolean + required: + - token + type: object + file: + description: File is used to specify a file or URL to a kubeconfig file from which to load cluster information BootstrapToken and File are mutually exclusive properties: - key: - description: Key is the key in the secret's - data map for this value. - type: string - name: - description: Name of the secret in the KubeadmBootstrapConfig's - namespace to use. + kubeConfigPath: + description: KubeConfigPath is used to specify the actual file path or URL to the kubeconfig file from which to load cluster information type: string required: - - key - - name + - kubeConfigPath type: object - required: - - secret + timeout: + description: Timeout modifies the discovery timeout + type: string + tlsBootstrapToken: + description: TLSBootstrapToken is a token used for TLS bootstrapping. If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token, but can be overridden. If .File is set, this field **must be set** in case the KubeConfigFile does not contain any other authentication information + type: string type: object - encoding: - description: Encoding specifies the encoding of - the file contents. - enum: - - base64 - - gzip - - gzip+base64 + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - owner: - description: Owner specifies the ownership of the - file, e.g. "root:root". - type: string - path: - description: Path specifies the full path on disk - where to store the file. - type: string - permissions: - description: Permissions specifies the permissions - to assign to the file, e.g. "0640". - type: string - required: - - path - type: object - type: array - format: - description: Format specifies the output format of the - bootstrap data - enum: - - cloud-config - - ignition - type: string - ignition: - description: Ignition contains Ignition specific configuration. - properties: - containerLinuxConfig: - description: ContainerLinuxConfig contains CLC specific - configuration. - properties: - additionalConfig: - description: "AdditionalConfig contains additional - configuration to be merged with the Ignition - configuration generated by the bootstrapper - controller. More info: https://coreos.github.io/ignition/operator-notes/#config-merging - \n The data format is documented here: https://kinvolk.io/docs/flatcar-container-linux/latest/provisioning/cl-config/" - type: string - strict: - description: Strict controls if AdditionalConfig - should be strictly parsed. If so, warnings are - treated as errors. - type: boolean - type: object - type: object - initConfiguration: - description: InitConfiguration along with ClusterConfiguration - are the configurations necessary for the init command - properties: - apiVersion: - description: 'APIVersion defines the versioned schema - of this representation of an object. Servers should - convert recognized schemas to the latest internal - value, and may reject unrecognized values. More - info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - bootstrapTokens: - description: BootstrapTokens is respected at `kubeadm - init` time and describes a set of Bootstrap Tokens - to create. This information IS NOT uploaded to the - kubeadm cluster configmap, partly because of its - sensitive nature - items: - description: BootstrapToken describes one bootstrap - token, stored as a Secret in the cluster. + nodeRegistration: + description: NodeRegistration holds fields that relate to registering the new control-plane node to the cluster. When used in the context of control plane nodes, NodeRegistration should remain consistent across both InitConfiguration and JoinConfiguration properties: - description: - description: Description sets a human-friendly - message why this token exists and what it's - used for, so other administrators can know - its purpose. - type: string - expires: - description: Expires specifies the timestamp - when this token expires. Defaults to being - set dynamically at runtime based on the TTL. - Expires and TTL are mutually exclusive. - format: date-time + criSocket: + description: CRISocket is used to retrieve container runtime info. This information will be annotated to the Node API object, for later re-use type: string - groups: - description: Groups specifies the extra groups - that this token will authenticate as when/if - used for authentication + ignorePreflightErrors: + description: IgnorePreflightErrors provides a slice of pre-flight errors to be ignored when the current node is registered. items: type: string type: array - token: - description: Token is used for establishing - bidirectional trust between nodes and control-planes. - Used for joining nodes in the cluster. + imagePullPolicy: + description: ImagePullPolicy specifies the policy for image pulling during kubeadm "init" and "join" operations. The value of this field must be one of "Always", "IfNotPresent" or "Never". Defaults to "IfNotPresent". This can be used only with Kubernetes version equal to 1.22 and later. + enum: + - Always + - IfNotPresent + - Never type: string - ttl: - description: TTL defines the time to live for - this token. Defaults to 24h. Expires and TTL - are mutually exclusive. + kubeletExtraArgs: + additionalProperties: + type: string + description: KubeletExtraArgs passes through extra arguments to the kubelet. The arguments here are passed to the kubelet command line via the environment file kubeadm writes at runtime for the kubelet to source. This overrides the generic base-level configuration in the kubelet-config-1.X ConfigMap Flags have higher priority when parsing. These values are local and specific to the node kubeadm is executing on. + type: object + name: + description: Name is the `.Metadata.Name` field of the Node API object that will be created in this `kubeadm init` or `kubeadm join` operation. This field is also used in the CommonName field of the kubelet's client certificate to the API server. Defaults to the hostname of the node if not provided. type: string - usages: - description: Usages describes the ways in which - this token can be used. Can by default be - used for establishing bidirectional trust, - but that can be changed here. + taints: + description: 'Taints specifies the taints the Node API object should be registered with. If this field is unset, i.e. nil, in the `kubeadm init` process it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. If you don''t want to taint your control-plane node, set this field to an empty slice, i.e. `taints: []` in the YAML file. This field is solely used for Node registration.' items: - type: string + description: The node this Taint is attached to has the "effect" on any pod that does not tolerate the Taint. + properties: + effect: + description: Required. The effect of the taint on pods that do not tolerate the taint. Valid effects are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Required. The taint key to be applied to a node. + type: string + timeAdded: + description: TimeAdded represents the time at which the taint was added. It is only written for NoExecute taints. + format: date-time + type: string + value: + description: The taint value corresponding to the taint key. + type: string + required: + - effect + - key + type: object type: array - required: - - token type: object + patches: + description: Patches contains options related to applying patches to components deployed by kubeadm during "kubeadm join". The minimum kubernetes version needed to support Patches is v1.22 + properties: + directory: + description: Directory is a path to a directory that contains files named "target[suffix][+patchtype].extension". For example, "kube-apiserver0+merge.yaml" or just "etcd.json". "target" can be one of "kube-apiserver", "kube-controller-manager", "kube-scheduler", "etcd". "patchtype" can be one of "strategic" "merge" or "json" and they match the patch formats supported by kubectl. The default "patchtype" is "strategic". "extension" must be either "json" or "yaml". "suffix" is an optional string that can be used to determine which patches are applied first alpha-numerically. These files can be written into the target directory via KubeadmConfig.Files which specifies additional files to be created on the machine, either with content inline or by referencing a secret. + type: string + type: object + skipPhases: + description: SkipPhases is a list of phases to skip during command execution. The list of phases can be obtained with the "kubeadm init --help" command. This option takes effect only on Kubernetes >=1.22.0. + items: + type: string + type: array + type: object + mounts: + description: Mounts specifies a list of mount points to be setup. + items: + description: MountPoints defines input for generated mounts in cloud-init. + items: + type: string type: array - kind: - description: 'Kind is a string value representing - the REST resource this object represents. Servers - may infer this from the endpoint the client submits - requests to. Cannot be updated. In CamelCase. More - info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: array + ntp: + description: NTP specifies NTP configuration + properties: + enabled: + description: Enabled specifies whether NTP should be enabled + type: boolean + servers: + description: Servers specifies which NTP servers to use + items: + type: string + type: array + type: object + postKubeadmCommands: + description: PostKubeadmCommands specifies extra commands to run after kubeadm runs + items: type: string - localAPIEndpoint: - description: LocalAPIEndpoint represents the endpoint - of the API server instance that's deployed on this - control plane node In HA setups, this differs from - ClusterConfiguration.ControlPlaneEndpoint in the - sense that ControlPlaneEndpoint is the global endpoint - for the cluster, which then loadbalances the requests - to each individual API server. This configuration - object lets you customize what IP/DNS name and port - the local API server advertises it's accessible - on. By default, kubeadm tries to auto-detect the - IP of the default interface and use that, but in - case that process fails you may set the desired - value here. + type: array + preKubeadmCommands: + description: PreKubeadmCommands specifies extra commands to run before kubeadm runs + items: + type: string + type: array + useExperimentalRetryJoin: + description: "UseExperimentalRetryJoin replaces a basic kubeadm command with a shell script with retries for joins. \n This is meant to be an experimental temporary workaround on some environments where joins fail due to timing (and other issues). The long term goal is to add retries to kubeadm proper and use that functionality. \n This will add about 40KB to userdata \n For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055. \n Deprecated: This experimental fix is no longer needed and this field will be removed in a future release. When removing also remove from staticcheck exclude-rules for SA1019 in golangci.yml" + type: boolean + users: + description: Users specifies extra users to add + items: + description: User defines the input for a generated user in cloud-init. properties: - advertiseAddress: - description: AdvertiseAddress sets the IP address - for the API server to advertise. + gecos: + description: Gecos specifies the gecos to use for the user type: string - bindPort: - description: BindPort sets the secure port for - the API Server to bind to. Defaults to 6443. - format: int32 - type: integer - type: object - nodeRegistration: - description: NodeRegistration holds fields that relate - to registering the new control-plane node to the - cluster. When used in the context of control plane - nodes, NodeRegistration should remain consistent - across both InitConfiguration and JoinConfiguration - properties: - criSocket: - description: CRISocket is used to retrieve container - runtime info. This information will be annotated - to the Node API object, for later re-use + groups: + description: Groups specifies the additional groups for the user type: string - ignorePreflightErrors: - description: IgnorePreflightErrors provides a - slice of pre-flight errors to be ignored when - the current node is registered. - items: - type: string - type: array - imagePullPolicy: - description: ImagePullPolicy specifies the policy - for image pulling during kubeadm "init" and - "join" operations. The value of this field must - be one of "Always", "IfNotPresent" or "Never". - Defaults to "IfNotPresent". This can be used - only with Kubernetes version equal to 1.22 and - later. - enum: - - Always - - IfNotPresent - - Never + homeDir: + description: HomeDir specifies the home directory to use for the user type: string - kubeletExtraArgs: - additionalProperties: - type: string - description: KubeletExtraArgs passes through extra - arguments to the kubelet. The arguments here - are passed to the kubelet command line via the - environment file kubeadm writes at runtime for - the kubelet to source. This overrides the generic - base-level configuration in the kubelet-config-1.X - ConfigMap Flags have higher priority when parsing. - These values are local and specific to the node - kubeadm is executing on. - type: object + inactive: + description: Inactive specifies whether to mark the user as inactive + type: boolean + lockPassword: + description: LockPassword specifies if password login should be disabled + type: boolean name: - description: Name is the `.Metadata.Name` field - of the Node API object that will be created - in this `kubeadm init` or `kubeadm join` operation. - This field is also used in the CommonName field - of the kubelet's client certificate to the API - server. Defaults to the hostname of the node - if not provided. + description: Name specifies the user name type: string - taints: - description: 'Taints specifies the taints the - Node API object should be registered with. If - this field is unset, i.e. nil, in the `kubeadm - init` process it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. - If you don''t want to taint your control-plane - node, set this field to an empty slice, i.e. - `taints: []` in the YAML file. This field is - solely used for Node registration.' - items: - description: The node this Taint is attached - to has the "effect" on any pod that does not - tolerate the Taint. - properties: - effect: - description: Required. The effect of the - taint on pods that do not tolerate the - taint. Valid effects are NoSchedule, PreferNoSchedule - and NoExecute. - type: string - key: - description: Required. The taint key to - be applied to a node. - type: string - timeAdded: - description: TimeAdded represents the time - at which the taint was added. It is only - written for NoExecute taints. - format: date-time - type: string - value: - description: The taint value corresponding - to the taint key. - type: string - required: - - effect - - key - type: object - type: array - type: object - patches: - description: Patches contains options related to applying - patches to components deployed by kubeadm during - "kubeadm init". The minimum kubernetes version needed - to support Patches is v1.22 - properties: - directory: - description: Directory is a path to a directory - that contains files named "target[suffix][+patchtype].extension". - For example, "kube-apiserver0+merge.yaml" or - just "etcd.json". "target" can be one of "kube-apiserver", - "kube-controller-manager", "kube-scheduler", - "etcd". "patchtype" can be one of "strategic" - "merge" or "json" and they match the patch formats - supported by kubectl. The default "patchtype" - is "strategic". "extension" must be either "json" - or "yaml". "suffix" is an optional string that - can be used to determine which patches are applied - first alpha-numerically. These files can be - written into the target directory via KubeadmConfig.Files - which specifies additional files to be created - on the machine, either with content inline or - by referencing a secret. + passwd: + description: Passwd specifies a hashed password for the user type: string - type: object - skipPhases: - description: SkipPhases is a list of phases to skip - during command execution. The list of phases can - be obtained with the "kubeadm init --help" command. - This option takes effect only on Kubernetes >=1.22.0. - items: - type: string - type: array - type: object - joinConfiguration: - description: JoinConfiguration is the kubeadm configuration - for the join command - properties: - apiVersion: - description: 'APIVersion defines the versioned schema - of this representation of an object. Servers should - convert recognized schemas to the latest internal - value, and may reject unrecognized values. More - info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - caCertPath: - description: 'CACertPath is the path to the SSL certificate - authority used to secure comunications between node - and control-plane. Defaults to "/etc/kubernetes/pki/ca.crt". - TODO: revisit when there is defaulting from k/k' - type: string - controlPlane: - description: ControlPlane defines the additional control - plane instance to be deployed on the joining node. - If nil, no additional control plane instance will - be deployed. - properties: - localAPIEndpoint: - description: LocalAPIEndpoint represents the endpoint - of the API server instance to be deployed on - this node. + passwdFrom: + description: PasswdFrom is a referenced source of passwd to populate the passwd. properties: - advertiseAddress: - description: AdvertiseAddress sets the IP - address for the API server to advertise. - type: string - bindPort: - description: BindPort sets the secure port - for the API Server to bind to. Defaults - to 6443. - format: int32 - type: integer - type: object - type: object - discovery: - description: 'Discovery specifies the options for - the kubelet to use during the TLS Bootstrap process - TODO: revisit when there is defaulting from k/k' - properties: - bootstrapToken: - description: BootstrapToken is used to set the - options for bootstrap token based discovery - BootstrapToken and File are mutually exclusive - properties: - apiServerEndpoint: - description: APIServerEndpoint is an IP or - domain name to the API server from which - info will be fetched. - type: string - caCertHashes: - description: 'CACertHashes specifies a set - of public key pins to verify when token-based - discovery is used. The root CA found during - discovery must match one of these values. - Specifying an empty set disables root CA - pinning, which can be unsafe. Each hash - is specified as ":", where - the only currently supported type is "sha256". - This is a hex-encoded SHA-256 hash of the - Subject Public Key Info (SPKI) object in - DER-encoded ASN.1. These hashes can be calculated - using, for example, OpenSSL: openssl x509 - -pubkey -in ca.crt openssl rsa -pubin -outform - der 2>&/dev/null | openssl dgst -sha256 - -hex' - items: - type: string - type: array - token: - description: Token is a token used to validate - cluster information fetched from the control-plane. - type: string - unsafeSkipCAVerification: - description: UnsafeSkipCAVerification allows - token-based discovery without CA verification - via CACertHashes. This can weaken the security - of kubeadm since other nodes can impersonate - the control-plane. - type: boolean - required: - - token - type: object - file: - description: File is used to specify a file or - URL to a kubeconfig file from which to load - cluster information BootstrapToken and File - are mutually exclusive - properties: - kubeConfigPath: - description: KubeConfigPath is used to specify - the actual file path or URL to the kubeconfig - file from which to load cluster information - type: string + secret: + description: Secret represents a secret that should populate this password. + properties: + key: + description: Key is the key in the secret's data map for this value. + type: string + name: + description: Name of the secret in the KubeadmBootstrapConfig's namespace to use. + type: string + required: + - key + - name + type: object required: - - kubeConfigPath + - secret type: object - timeout: - description: Timeout modifies the discovery timeout - type: string - tlsBootstrapToken: - description: TLSBootstrapToken is a token used - for TLS bootstrapping. If .BootstrapToken is - set, this field is defaulted to .BootstrapToken.Token, - but can be overridden. If .File is set, this - field **must be set** in case the KubeConfigFile - does not contain any other authentication information + primaryGroup: + description: PrimaryGroup specifies the primary group for the user type: string - type: object - kind: - description: 'Kind is a string value representing - the REST resource this object represents. Servers - may infer this from the endpoint the client submits - requests to. Cannot be updated. In CamelCase. More - info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - nodeRegistration: - description: NodeRegistration holds fields that relate - to registering the new control-plane node to the - cluster. When used in the context of control plane - nodes, NodeRegistration should remain consistent - across both InitConfiguration and JoinConfiguration - properties: - criSocket: - description: CRISocket is used to retrieve container - runtime info. This information will be annotated - to the Node API object, for later re-use + shell: + description: Shell specifies the user's shell type: string - ignorePreflightErrors: - description: IgnorePreflightErrors provides a - slice of pre-flight errors to be ignored when - the current node is registered. + sshAuthorizedKeys: + description: SSHAuthorizedKeys specifies a list of ssh authorized keys for the user items: type: string type: array - imagePullPolicy: - description: ImagePullPolicy specifies the policy - for image pulling during kubeadm "init" and - "join" operations. The value of this field must - be one of "Always", "IfNotPresent" or "Never". - Defaults to "IfNotPresent". This can be used - only with Kubernetes version equal to 1.22 and - later. - enum: - - Always - - IfNotPresent - - Never - type: string - kubeletExtraArgs: - additionalProperties: - type: string - description: KubeletExtraArgs passes through extra - arguments to the kubelet. The arguments here - are passed to the kubelet command line via the - environment file kubeadm writes at runtime for - the kubelet to source. This overrides the generic - base-level configuration in the kubelet-config-1.X - ConfigMap Flags have higher priority when parsing. - These values are local and specific to the node - kubeadm is executing on. - type: object - name: - description: Name is the `.Metadata.Name` field - of the Node API object that will be created - in this `kubeadm init` or `kubeadm join` operation. - This field is also used in the CommonName field - of the kubelet's client certificate to the API - server. Defaults to the hostname of the node - if not provided. - type: string - taints: - description: 'Taints specifies the taints the - Node API object should be registered with. If - this field is unset, i.e. nil, in the `kubeadm - init` process it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}. - If you don''t want to taint your control-plane - node, set this field to an empty slice, i.e. - `taints: []` in the YAML file. This field is - solely used for Node registration.' - items: - description: The node this Taint is attached - to has the "effect" on any pod that does not - tolerate the Taint. - properties: - effect: - description: Required. The effect of the - taint on pods that do not tolerate the - taint. Valid effects are NoSchedule, PreferNoSchedule - and NoExecute. - type: string - key: - description: Required. The taint key to - be applied to a node. - type: string - timeAdded: - description: TimeAdded represents the time - at which the taint was added. It is only - written for NoExecute taints. - format: date-time - type: string - value: - description: The taint value corresponding - to the taint key. - type: string - required: - - effect - - key - type: object - type: array - type: object - patches: - description: Patches contains options related to applying - patches to components deployed by kubeadm during - "kubeadm join". The minimum kubernetes version needed - to support Patches is v1.22 - properties: - directory: - description: Directory is a path to a directory - that contains files named "target[suffix][+patchtype].extension". - For example, "kube-apiserver0+merge.yaml" or - just "etcd.json". "target" can be one of "kube-apiserver", - "kube-controller-manager", "kube-scheduler", - "etcd". "patchtype" can be one of "strategic" - "merge" or "json" and they match the patch formats - supported by kubectl. The default "patchtype" - is "strategic". "extension" must be either "json" - or "yaml". "suffix" is an optional string that - can be used to determine which patches are applied - first alpha-numerically. These files can be - written into the target directory via KubeadmConfig.Files - which specifies additional files to be created - on the machine, either with content inline or - by referencing a secret. + sudo: + description: Sudo specifies a sudo role for the user type: string + required: + - name type: object - skipPhases: - description: SkipPhases is a list of phases to skip - during command execution. The list of phases can - be obtained with the "kubeadm init --help" command. - This option takes effect only on Kubernetes >=1.22.0. - items: - type: string - type: array - type: object - mounts: - description: Mounts specifies a list of mount points to - be setup. - items: - description: MountPoints defines input for generated - mounts in cloud-init. - items: - type: string type: array - type: array - ntp: - description: NTP specifies NTP configuration - properties: - enabled: - description: Enabled specifies whether NTP should - be enabled - type: boolean - servers: - description: Servers specifies which NTP servers to - use - items: - type: string - type: array - type: object - postKubeadmCommands: - description: PostKubeadmCommands specifies extra commands - to run after kubeadm runs - items: - type: string - type: array - preKubeadmCommands: - description: PreKubeadmCommands specifies extra commands - to run before kubeadm runs - items: - type: string - type: array - useExperimentalRetryJoin: - description: "UseExperimentalRetryJoin replaces a basic - kubeadm command with a shell script with retries for - joins. \n This is meant to be an experimental temporary - workaround on some environments where joins fail due - to timing (and other issues). The long term goal is - to add retries to kubeadm proper and use that functionality. - \n This will add about 40KB to userdata \n For more - information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055. - \n Deprecated: This experimental fix is no longer needed - and this field will be removed in a future release. - When removing also remove from staticcheck exclude-rules - for SA1019 in golangci.yml" - type: boolean - users: - description: Users specifies extra users to add - items: - description: User defines the input for a generated - user in cloud-init. + verbosity: + description: Verbosity is the number for the kubeadm log level verbosity. It overrides the `--v` flag in kubeadm commands. + format: int32 + type: integer + type: object + machineTemplate: + description: MachineTemplate contains information about how machines should be shaped when creating or updating a control plane. + properties: + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' properties: - gecos: - description: Gecos specifies the gecos to use for - the user - type: string - groups: - description: Groups specifies the additional groups - for the user - type: string - homeDir: - description: HomeDir specifies the home directory - to use for the user - type: string - inactive: - description: Inactive specifies whether to mark - the user as inactive - type: boolean - lockPassword: - description: LockPassword specifies if password - login should be disabled - type: boolean - name: - description: Name specifies the user name - type: string - passwd: - description: Passwd specifies a hashed password - for the user - type: string - passwdFrom: - description: PasswdFrom is a referenced source of - passwd to populate the passwd. - properties: - secret: - description: Secret represents a secret that - should populate this password. - properties: - key: - description: Key is the key in the secret's - data map for this value. - type: string - name: - description: Name of the secret in the KubeadmBootstrapConfig's - namespace to use. - type: string - required: - - key - - name - type: object - required: - - secret + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' type: object - primaryGroup: - description: PrimaryGroup specifies the primary - group for the user - type: string - shell: - description: Shell specifies the user's shell - type: string - sshAuthorizedKeys: - description: SSHAuthorizedKeys specifies a list - of ssh authorized keys for the user - items: + labels: + additionalProperties: type: string - type: array - sudo: - description: Sudo specifies a sudo role for the - user - type: string - required: - - name + description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object type: object - type: array - verbosity: - description: Verbosity is the number for the kubeadm log - level verbosity. It overrides the `--v` flag in kubeadm - commands. - format: int32 - type: integer - type: object - machineTemplate: - description: MachineTemplate contains information about how - machines should be shaped when creating or updating a control - plane. - properties: - metadata: - description: 'Standard object''s metadata. More info: - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' - properties: - annotations: - additionalProperties: - type: string - description: 'Annotations is an unstructured key value - map stored with a resource that may be set by external - tools to store and retrieve arbitrary metadata. - They are not queryable and should be preserved when - modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' - type: object - labels: - additionalProperties: - type: string - description: 'Map of string keys and values that can - be used to organize and categorize (scope and select) - objects. May match selectors of replication controllers - and services. More info: http://kubernetes.io/docs/user-guide/labels' - type: object - type: object - nodeDeletionTimeout: - description: NodeDeletionTimeout defines how long the - machine controller will attempt to delete the Node that - the Machine hosts after the Machine is marked for deletion. - A duration of 0 will retry deletion indefinitely. If - no value is provided, the default value for this property - of the Machine resource will be used. - type: string - nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of - time that the controller will spend on draining a controlplane - node The default value is 0, meaning that the node can - be drained without any time limitations. NOTE: NodeDrainTimeout - is different from `kubectl drain --timeout`' - type: string - nodeVolumeDetachTimeout: - description: NodeVolumeDetachTimeout is the total amount - of time that the controller will spend on waiting for - all volumes to be detached. The default value is 0, - meaning that the volumes can be detached without any - time limitations. - type: string - type: object - remediationStrategy: - description: The RemediationStrategy that controls how control - plane machine remediation happens. - properties: - maxRetry: - description: "MaxRetry is the Max number of retries while - attempting to remediate an unhealthy machine. A retry - happens when a machine that was created as a replacement - for an unhealthy machine also fails. For example, given - a control plane with three machines M1, M2, M3: \n M1 - become unhealthy; remediation happens, and M1-1 is created - as a replacement. If M1-1 (replacement of M1) has problems - while bootstrapping it will become unhealthy, and then - be remediated; such operation is considered a retry, - remediation-retry #1. If M1-2 (replacement of M1-1) - becomes unhealthy, remediation-retry #2 will happen, - etc. \n A retry could happen only after RetryPeriod - from the previous retry. If a machine is marked as unhealthy - after MinHealthyPeriod from the previous remediation - expired, this is not considered a retry anymore because - the new issue is assumed unrelated from the previous - one. \n If not set, the remedation will be retried infinitely." - format: int32 - type: integer - minHealthyPeriod: - description: "MinHealthyPeriod defines the duration after - which KCP will consider any failure to a machine unrelated - from the previous one. In this case the remediation - is not considered a retry anymore, and thus the retry - counter restarts from 0. For example, assuming MinHealthyPeriod - is set to 1h (default) \n M1 become unhealthy; remediation - happens, and M1-1 is created as a replacement. If M1-1 - (replacement of M1) has problems within the 1hr after - the creation, also this machine will be remediated and - this operation is considered a retry - a problem related - to the original issue happened to M1 -. \n If instead - the problem on M1-1 is happening after MinHealthyPeriod - expired, e.g. four days after m1-1 has been created - as a remediation of M1, the problem on M1-1 is considered - unrelated to the original issue happened to M1. \n If - not set, this value is defaulted to 1h." - type: string - retryPeriod: - description: "RetryPeriod is the duration that KCP should - wait before remediating a machine being created as a - replacement for an unhealthy machine (a retry). \n If - not set, a retry will happen immediately." - type: string - type: object - rolloutAfter: - description: RolloutAfter is a field to indicate a rollout - should be performed after the specified time even if no - changes have been made to the KubeadmControlPlane. - format: date-time - type: string - rolloutBefore: - description: RolloutBefore is a field to indicate a rollout - should be performed if the specified criteria is met. - properties: - certificatesExpiryDays: - description: CertificatesExpiryDays indicates a rollout - needs to be performed if the certificates of the machine - will expire within the specified days. - format: int32 - type: integer - type: object - rolloutStrategy: - default: - rollingUpdate: - maxSurge: 1 - type: RollingUpdate - description: The RolloutStrategy to use to replace control - plane machines with new ones. - properties: - rollingUpdate: - description: Rolling update config params. Present only - if RolloutStrategyType = RollingUpdate. - properties: - maxSurge: - anyOf: - - type: integer - - type: string - description: 'The maximum number of control planes - that can be scheduled above or under the desired - number of control planes. Value can be an absolute - number 1 or 0. Defaults to 1. Example: when this - is set to 1, the control plane can be scaled up - immediately when the rolling update starts.' - x-kubernetes-int-or-string: true - type: object - type: - description: Type of rollout. Currently the only supported - strategy is "RollingUpdate". Default is RollingUpdate. - type: string - type: object - required: - - kubeadmConfigSpec - type: object - required: - - spec - type: object - required: - - template - type: object - type: object - served: true - storage: true - subresources: {} + nodeDeletionTimeout: + description: NodeDeletionTimeout defines how long the machine controller will attempt to delete the Node that the Machine hosts after the Machine is marked for deletion. A duration of 0 will retry deletion indefinitely. If no value is provided, the default value for this property of the Machine resource will be used. + type: string + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time that the controller will spend on draining a controlplane node The default value is 0, meaning that the node can be drained without any time limitations. NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`' + type: string + nodeVolumeDetachTimeout: + description: NodeVolumeDetachTimeout is the total amount of time that the controller will spend on waiting for all volumes to be detached. The default value is 0, meaning that the volumes can be detached without any time limitations. + type: string + type: object + remediationStrategy: + description: The RemediationStrategy that controls how control plane machine remediation happens. + properties: + maxRetry: + description: "MaxRetry is the Max number of retries while attempting to remediate an unhealthy machine. A retry happens when a machine that was created as a replacement for an unhealthy machine also fails. For example, given a control plane with three machines M1, M2, M3: \n M1 become unhealthy; remediation happens, and M1-1 is created as a replacement. If M1-1 (replacement of M1) has problems while bootstrapping it will become unhealthy, and then be remediated; such operation is considered a retry, remediation-retry #1. If M1-2 (replacement of M1-1) becomes unhealthy, remediation-retry #2 will happen, etc. \n A retry could happen only after RetryPeriod from the previous retry. If a machine is marked as unhealthy after MinHealthyPeriod from the previous remediation expired, this is not considered a retry anymore because the new issue is assumed unrelated from the previous one. \n If not set, the remedation will be retried infinitely." + format: int32 + type: integer + minHealthyPeriod: + description: "MinHealthyPeriod defines the duration after which KCP will consider any failure to a machine unrelated from the previous one. In this case the remediation is not considered a retry anymore, and thus the retry counter restarts from 0. For example, assuming MinHealthyPeriod is set to 1h (default) \n M1 become unhealthy; remediation happens, and M1-1 is created as a replacement. If M1-1 (replacement of M1) has problems within the 1hr after the creation, also this machine will be remediated and this operation is considered a retry - a problem related to the original issue happened to M1 -. \n If instead the problem on M1-1 is happening after MinHealthyPeriod expired, e.g. four days after m1-1 has been created as a remediation of M1, the problem on M1-1 is considered unrelated to the original issue happened to M1. \n If not set, this value is defaulted to 1h." + type: string + retryPeriod: + description: "RetryPeriod is the duration that KCP should wait before remediating a machine being created as a replacement for an unhealthy machine (a retry). \n If not set, a retry will happen immediately." + type: string + type: object + rolloutAfter: + description: RolloutAfter is a field to indicate a rollout should be performed after the specified time even if no changes have been made to the KubeadmControlPlane. + format: date-time + type: string + rolloutBefore: + description: RolloutBefore is a field to indicate a rollout should be performed if the specified criteria is met. + properties: + certificatesExpiryDays: + description: CertificatesExpiryDays indicates a rollout needs to be performed if the certificates of the machine will expire within the specified days. + format: int32 + type: integer + type: object + rolloutStrategy: + default: + rollingUpdate: + maxSurge: 1 + type: RollingUpdate + description: The RolloutStrategy to use to replace control plane machines with new ones. + properties: + rollingUpdate: + description: Rolling update config params. Present only if RolloutStrategyType = RollingUpdate. + properties: + maxSurge: + anyOf: + - type: integer + - type: string + description: 'The maximum number of control planes that can be scheduled above or under the desired number of control planes. Value can be an absolute number 1 or 0. Defaults to 1. Example: when this is set to 1, the control plane can be scaled up immediately when the rolling update starts.' + x-kubernetes-int-or-string: true + type: object + type: + description: Type of rollout. Currently the only supported strategy is "RollingUpdate". Default is RollingUpdate. + type: string + type: object + required: + - kubeadmConfigSpec + type: object + required: + - spec + type: object + required: + - template + type: object + type: object + served: true + storage: true + subresources: {} status: acceptedNames: kind: "" @@ -6479,29 +4311,29 @@ metadata: name: capi-kubeadm-control-plane-leader-election-role namespace: capi-kubeadm-control-plane-system rules: -- apiGroups: - - "" - resources: - - events - verbs: - - create -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete --- aggregationRule: clusterRoleSelectors: - - matchLabels: - kubeadm.controlplane.cluster.x-k8s.io/aggregate-to-manager: "true" + - matchLabels: + kubeadm.controlplane.cluster.x-k8s.io/aggregate-to-manager: "true" apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: @@ -6520,83 +4352,83 @@ metadata: kubeadm.controlplane.cluster.x-k8s.io/aggregate-to-manager: "true" name: capi-kubeadm-control-plane-manager-role rules: -- apiGroups: - - apiextensions.k8s.io - resources: - - customresourcedefinitions - verbs: - - get - - list - - watch -- apiGroups: - - authentication.k8s.io - resources: - - tokenreviews - verbs: - - create -- apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create -- apiGroups: - - bootstrap.cluster.x-k8s.io - - controlplane.cluster.x-k8s.io - - infrastructure.cluster.x-k8s.io - resources: - - '*' - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - cluster.x-k8s.io - resources: - - clusters - - clusters/status - verbs: - - get - - list - - watch -- apiGroups: - - cluster.x-k8s.io - resources: - - machines - - machines/status - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - "" - resources: - - events - verbs: - - create - - get - - list - - patch - - watch -- apiGroups: - - "" - resources: - - secrets - verbs: - - create - - get - - list - - patch - - update - - watch + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - get + - list + - watch + - apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create + - apiGroups: + - bootstrap.cluster.x-k8s.io + - controlplane.cluster.x-k8s.io + - infrastructure.cluster.x-k8s.io + resources: + - '*' + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - cluster.x-k8s.io + resources: + - clusters + - clusters/status + verbs: + - get + - list + - watch + - apiGroups: + - cluster.x-k8s.io + resources: + - machines + - machines/status + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - create + - get + - list + - patch + - watch + - apiGroups: + - "" + resources: + - secrets + verbs: + - create + - get + - list + - patch + - update + - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding @@ -6612,9 +4444,9 @@ roleRef: kind: Role name: capi-kubeadm-control-plane-leader-election-role subjects: -- kind: ServiceAccount - name: capi-kubeadm-control-plane-manager - namespace: capi-kubeadm-control-plane-system + - kind: ServiceAccount + name: capi-kubeadm-control-plane-manager + namespace: capi-kubeadm-control-plane-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding @@ -6629,9 +4461,9 @@ roleRef: kind: ClusterRole name: capi-kubeadm-control-plane-aggregated-manager-role subjects: -- kind: ServiceAccount - name: capi-kubeadm-control-plane-manager - namespace: capi-kubeadm-control-plane-system + - kind: ServiceAccount + name: capi-kubeadm-control-plane-manager + namespace: capi-kubeadm-control-plane-system --- apiVersion: v1 kind: Service @@ -6643,8 +4475,8 @@ metadata: namespace: capi-kubeadm-control-plane-system spec: ports: - - port: 443 - targetPort: webhook-server + - port: 443 + targetPort: webhook-server selector: cluster.x-k8s.io/provider: control-plane-kubeadm --- @@ -6673,60 +4505,60 @@ spec: control-plane: controller-manager spec: containers: - - args: - - --leader-elect - - --diagnostics-address=:8443 - - --insecure-diagnostics=false - - --feature-gates=ClusterTopology=true,KubeadmBootstrapFormatIgnition=false - command: - - /manager - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_UID - valueFrom: - fieldRef: - fieldPath: metadata.uid - image: registry.k8s.io/cluster-api/kubeadm-control-plane-controller:v1.6.2 - imagePullPolicy: IfNotPresent - livenessProbe: - httpGet: - path: /healthz - port: healthz - name: manager - ports: - - containerPort: 9443 - name: webhook-server - protocol: TCP - - containerPort: 9440 - name: healthz - protocol: TCP - - containerPort: 8443 - name: metrics - protocol: TCP - readinessProbe: - httpGet: - path: /readyz - port: healthz - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - privileged: false - runAsGroup: 65532 - runAsUser: 65532 - volumeMounts: - - mountPath: /tmp/k8s-webhook-server/serving-certs - name: cert - readOnly: true + - args: + - --leader-elect + - --diagnostics-address=:8443 + - --insecure-diagnostics=false + - --feature-gates=ClusterTopology=true,KubeadmBootstrapFormatIgnition=false + command: + - /manager + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_UID + valueFrom: + fieldRef: + fieldPath: metadata.uid + image: registry.k8s.io/cluster-api/kubeadm-control-plane-controller:v1.6.2 + imagePullPolicy: IfNotPresent + livenessProbe: + httpGet: + path: /healthz + port: healthz + name: manager + ports: + - containerPort: 9443 + name: webhook-server + protocol: TCP + - containerPort: 9440 + name: healthz + protocol: TCP + - containerPort: 8443 + name: metrics + protocol: TCP + readinessProbe: + httpGet: + path: /readyz + port: healthz + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + privileged: false + runAsGroup: 65532 + runAsUser: 65532 + volumeMounts: + - mountPath: /tmp/k8s-webhook-server/serving-certs + name: cert + readOnly: true securityContext: runAsNonRoot: true seccompProfile: @@ -6734,14 +4566,14 @@ spec: serviceAccountName: capi-kubeadm-control-plane-manager terminationGracePeriodSeconds: 10 tolerations: - - effect: NoSchedule - key: node-role.kubernetes.io/master - - effect: NoSchedule - key: node-role.kubernetes.io/control-plane + - effect: NoSchedule + key: node-role.kubernetes.io/master + - effect: NoSchedule + key: node-role.kubernetes.io/control-plane volumes: - - name: cert - secret: - secretName: capi-kubeadm-control-plane-webhook-service-cert + - name: cert + secret: + secretName: capi-kubeadm-control-plane-webhook-service-cert status: {} --- apiVersion: cert-manager.io/v1 @@ -6754,15 +4586,15 @@ metadata: namespace: capi-kubeadm-control-plane-system spec: dnsNames: - - capi-kubeadm-control-plane-webhook-service.capi-kubeadm-control-plane-system.svc - - capi-kubeadm-control-plane-webhook-service.capi-kubeadm-control-plane-system.svc.cluster.local + - capi-kubeadm-control-plane-webhook-service.capi-kubeadm-control-plane-system.svc + - capi-kubeadm-control-plane-webhook-service.capi-kubeadm-control-plane-system.svc.cluster.local issuerRef: kind: Issuer name: capi-kubeadm-control-plane-selfsigned-issuer secretName: capi-kubeadm-control-plane-webhook-service-cert subject: organizations: - - k8s-sig-cluster-lifecycle + - k8s-sig-cluster-lifecycle --- apiVersion: cert-manager.io/v1 kind: Issuer @@ -6786,49 +4618,49 @@ metadata: clusterctl.cluster.x-k8s.io: "" name: capi-kubeadm-control-plane-mutating-webhook-configuration webhooks: -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: capi-kubeadm-control-plane-webhook-service - namespace: capi-kubeadm-control-plane-system - path: /mutate-controlplane-cluster-x-k8s-io-v1beta1-kubeadmcontrolplane - failurePolicy: Fail - matchPolicy: Equivalent - name: default.kubeadmcontrolplane.controlplane.cluster.x-k8s.io - rules: - - apiGroups: - - controlplane.cluster.x-k8s.io - apiVersions: - - v1beta1 - operations: - - CREATE - - UPDATE - resources: - - kubeadmcontrolplanes - sideEffects: None -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: capi-kubeadm-control-plane-webhook-service - namespace: capi-kubeadm-control-plane-system - path: /mutate-controlplane-cluster-x-k8s-io-v1beta1-kubeadmcontrolplanetemplate - failurePolicy: Fail - name: default.kubeadmcontrolplanetemplate.controlplane.cluster.x-k8s.io - rules: - - apiGroups: - - controlplane.cluster.x-k8s.io - apiVersions: - - v1beta1 - operations: - - CREATE - - UPDATE - resources: - - kubeadmcontrolplanetemplates - sideEffects: None + - admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-kubeadm-control-plane-webhook-service + namespace: capi-kubeadm-control-plane-system + path: /mutate-controlplane-cluster-x-k8s-io-v1beta1-kubeadmcontrolplane + failurePolicy: Fail + matchPolicy: Equivalent + name: default.kubeadmcontrolplane.controlplane.cluster.x-k8s.io + rules: + - apiGroups: + - controlplane.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - kubeadmcontrolplanes + sideEffects: None + - admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-kubeadm-control-plane-webhook-service + namespace: capi-kubeadm-control-plane-system + path: /mutate-controlplane-cluster-x-k8s-io-v1beta1-kubeadmcontrolplanetemplate + failurePolicy: Fail + name: default.kubeadmcontrolplanetemplate.controlplane.cluster.x-k8s.io + rules: + - apiGroups: + - controlplane.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - kubeadmcontrolplanetemplates + sideEffects: None --- apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration @@ -6841,67 +4673,67 @@ metadata: clusterctl.cluster.x-k8s.io: "" name: capi-kubeadm-control-plane-validating-webhook-configuration webhooks: -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: capi-kubeadm-control-plane-webhook-service - namespace: capi-kubeadm-control-plane-system - path: /validate-scale-controlplane-cluster-x-k8s-io-v1beta1-kubeadmcontrolplane - failurePolicy: Fail - matchPolicy: Equivalent - name: validation-scale.kubeadmcontrolplane.controlplane.cluster.x-k8s.io - rules: - - apiGroups: - - controlplane.cluster.x-k8s.io - apiVersions: - - v1beta1 - operations: - - UPDATE - resources: - - kubeadmcontrolplanes/scale - sideEffects: None -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: capi-kubeadm-control-plane-webhook-service - namespace: capi-kubeadm-control-plane-system - path: /validate-controlplane-cluster-x-k8s-io-v1beta1-kubeadmcontrolplane - failurePolicy: Fail - matchPolicy: Equivalent - name: validation.kubeadmcontrolplane.controlplane.cluster.x-k8s.io - rules: - - apiGroups: - - controlplane.cluster.x-k8s.io - apiVersions: - - v1beta1 - operations: - - CREATE - - UPDATE - resources: - - kubeadmcontrolplanes - sideEffects: None -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: capi-kubeadm-control-plane-webhook-service - namespace: capi-kubeadm-control-plane-system - path: /validate-controlplane-cluster-x-k8s-io-v1beta1-kubeadmcontrolplanetemplate - failurePolicy: Fail - name: validation.kubeadmcontrolplanetemplate.controlplane.cluster.x-k8s.io - rules: - - apiGroups: - - controlplane.cluster.x-k8s.io - apiVersions: - - v1beta1 - operations: - - CREATE - - UPDATE - resources: - - kubeadmcontrolplanetemplates - sideEffects: None + - admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-kubeadm-control-plane-webhook-service + namespace: capi-kubeadm-control-plane-system + path: /validate-scale-controlplane-cluster-x-k8s-io-v1beta1-kubeadmcontrolplane + failurePolicy: Fail + matchPolicy: Equivalent + name: validation-scale.kubeadmcontrolplane.controlplane.cluster.x-k8s.io + rules: + - apiGroups: + - controlplane.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - UPDATE + resources: + - kubeadmcontrolplanes/scale + sideEffects: None + - admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-kubeadm-control-plane-webhook-service + namespace: capi-kubeadm-control-plane-system + path: /validate-controlplane-cluster-x-k8s-io-v1beta1-kubeadmcontrolplane + failurePolicy: Fail + matchPolicy: Equivalent + name: validation.kubeadmcontrolplane.controlplane.cluster.x-k8s.io + rules: + - apiGroups: + - controlplane.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - kubeadmcontrolplanes + sideEffects: None + - admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-kubeadm-control-plane-webhook-service + namespace: capi-kubeadm-control-plane-system + path: /validate-controlplane-cluster-x-k8s-io-v1beta1-kubeadmcontrolplanetemplate + failurePolicy: Fail + name: validation.kubeadmcontrolplanetemplate.controlplane.cluster.x-k8s.io + rules: + - apiGroups: + - controlplane.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - kubeadmcontrolplanetemplates + sideEffects: None diff --git a/infra/capi/cluster-capi/cluster-api-core.yaml b/infra/capi/cluster-capi/cluster-api-core.yaml index 76d6a15..8744053 100644 --- a/infra/capi/cluster-capi/cluster-api-core.yaml +++ b/infra/capi/cluster-capi/cluster-api-core.yaml @@ -29,2224 +29,1192 @@ spec: namespace: capi-system path: /convert conversionReviewVersions: - - v1 - - v1beta1 + - v1 + - v1beta1 group: cluster.x-k8s.io names: categories: - - cluster-api + - cluster-api kind: ClusterClass listKind: ClusterClassList plural: clusterclasses shortNames: - - cc + - cc singular: clusterclass scope: Namespaced versions: - - additionalPrinterColumns: - - description: Time duration since creation of ClusterClass - jsonPath: .metadata.creationTimestamp - name: Age - type: date - deprecated: true - name: v1alpha4 - schema: - openAPIV3Schema: - description: "ClusterClass is a template which can be used to create managed - topologies. \n Deprecated: This type will be removed in one of the next - releases." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ClusterClassSpec describes the desired state of the ClusterClass. - properties: - controlPlane: - description: ControlPlane is a reference to a local struct that holds - the details for provisioning the Control Plane for the Cluster. - properties: - machineInfrastructure: - description: "MachineTemplate defines the metadata and infrastructure - information for control plane machines. \n This field is supported - if and only if the control plane provider template referenced - above is Machine based and supports setting replicas." - properties: - ref: - description: Ref is a required reference to a custom resource - offered by a provider. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that - triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this - pod). This syntax is chosen only to have some well-defined - way of referencing a part of an object. TODO: this design - is not final and this field is subject to change in - the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - required: - - ref - type: object - metadata: - description: "Metadata is the metadata applied to the machines - of the ControlPlane. At runtime this metadata is merged with - the corresponding metadata from the topology. \n This field - is supported if and only if the control plane provider template - referenced is Machine based." - properties: - annotations: - additionalProperties: - type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - http://kubernetes.io/docs/user-guide/annotations' - type: object - labels: - additionalProperties: - type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. May - match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' - type: object - type: object - ref: - description: Ref is a required reference to a custom resource - offered by a provider. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part - of an object. TODO: this design is not final and this field - is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - required: - - ref - type: object - infrastructure: - description: Infrastructure is a reference to a provider-specific - template that holds the details for provisioning infrastructure - specific cluster for the underlying provider. The underlying provider - is responsible for the implementation of the template to an infrastructure - cluster. - properties: - ref: - description: Ref is a required reference to a custom resource - offered by a provider. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part - of an object. TODO: this design is not final and this field - is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - required: - - ref - type: object - workers: - description: Workers describes the worker nodes for the cluster. It - is a collection of node types which can be used to create the worker - nodes of the cluster. - properties: - machineDeployments: - description: MachineDeployments is a list of machine deployment - classes that can be used to create a set of worker nodes. - items: - description: MachineDeploymentClass serves as a template to - define a set of worker nodes of the cluster provisioned using - the `ClusterClass`. + - additionalPrinterColumns: + - description: Time duration since creation of ClusterClass + jsonPath: .metadata.creationTimestamp + name: Age + type: date + deprecated: true + name: v1alpha4 + schema: + openAPIV3Schema: + description: "ClusterClass is a template which can be used to create managed topologies. \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ClusterClassSpec describes the desired state of the ClusterClass. + properties: + controlPlane: + description: ControlPlane is a reference to a local struct that holds the details for provisioning the Control Plane for the Cluster. + properties: + machineInfrastructure: + description: "MachineTemplate defines the metadata and infrastructure information for control plane machines. \n This field is supported if and only if the control plane provider template referenced above is Machine based and supports setting replicas." properties: - class: - description: Class denotes a type of worker node present - in the cluster, this name MUST be unique within a ClusterClass - and can be referenced in the Cluster to create a managed - MachineDeployment. - type: string - template: - description: Template is a local struct containing a collection - of templates for creation of MachineDeployment objects - representing a set of worker nodes. - properties: - bootstrap: - description: Bootstrap contains the bootstrap template - reference to be used for the creation of worker Machines. - properties: - ref: - description: Ref is a required reference to a custom - resource offered by a provider. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an - object instead of an entire object, this string - should contain a valid JSON/Go field access - statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to - a container within a pod, this would take - on a value like: "spec.containers{name}" (where - "name" refers to the name of the container - that triggered the event) or if no container - name is specified "spec.containers[2]" (container - with index 2 in this pod). This syntax is - chosen only to have some well-defined way - of referencing a part of an object. TODO: - this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which - this reference is made, if any. More info: - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - required: - - ref - type: object - infrastructure: - description: Infrastructure contains the infrastructure - template reference to be used for the creation of - worker Machines. - properties: - ref: - description: Ref is a required reference to a custom - resource offered by a provider. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an - object instead of an entire object, this string - should contain a valid JSON/Go field access - statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to - a container within a pod, this would take - on a value like: "spec.containers{name}" (where - "name" refers to the name of the container - that triggered the event) or if no container - name is specified "spec.containers[2]" (container - with index 2 in this pod). This syntax is - chosen only to have some well-defined way - of referencing a part of an object. TODO: - this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which - this reference is made, if any. More info: - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - required: - - ref - type: object - metadata: - description: Metadata is the metadata applied to the - machines of the MachineDeployment. At runtime this - metadata is merged with the corresponding metadata - from the topology. - properties: - annotations: - additionalProperties: - type: string - description: 'Annotations is an unstructured key - value map stored with a resource that may be set - by external tools to store and retrieve arbitrary - metadata. They are not queryable and should be - preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' - type: object - labels: - additionalProperties: - type: string - description: 'Map of string keys and values that - can be used to organize and categorize (scope - and select) objects. May match selectors of replication - controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' - type: object - type: object - required: - - bootstrap - - infrastructure - type: object - required: - - class - - template - type: object - type: array - type: object - type: object - type: object - served: false - storage: false - subresources: {} - - additionalPrinterColumns: - - description: Time duration since creation of ClusterClass - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: ClusterClass is a template which can be used to create managed - topologies. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ClusterClassSpec describes the desired state of the ClusterClass. - properties: - controlPlane: - description: ControlPlane is a reference to a local struct that holds - the details for provisioning the Control Plane for the Cluster. - properties: - machineHealthCheck: - description: MachineHealthCheck defines a MachineHealthCheck for - this ControlPlaneClass. This field is supported if and only - if the ControlPlane provider template referenced above is Machine - based and supports setting replicas. - properties: - maxUnhealthy: - anyOf: - - type: integer - - type: string - description: Any further remediation is only allowed if at - most "MaxUnhealthy" machines selected by "selector" are - not healthy. - x-kubernetes-int-or-string: true - nodeStartupTimeout: - description: Machines older than this duration without a node - will be considered to have failed and will be remediated. - If you wish to disable this feature, set the value explicitly - to 0. - type: string - remediationTemplate: - description: "RemediationTemplate is a reference to a remediation - template provided by an infrastructure provider. \n This - field is completely optional, when filled, the MachineHealthCheck - controller creates a new object from the template referenced - and hands off remediation of the machine to a controller - that lives outside of Cluster API." - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that - triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this - pod). This syntax is chosen only to have some well-defined - way of referencing a part of an object. TODO: this design - is not final and this field is subject to change in - the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - unhealthyConditions: - description: UnhealthyConditions contains a list of the conditions - that determine whether a node is considered unhealthy. The - conditions are combined in a logical OR, i.e. if any of - the conditions is met, the node is unhealthy. - items: - description: UnhealthyCondition represents a Node condition - type and value with a timeout specified as a duration. When - the named condition has been in the given status for at - least the timeout value, a node is considered unhealthy. + ref: + description: Ref is a required reference to a custom resource offered by a provider. properties: - status: - minLength: 1 + apiVersion: + description: API version of the referent. type: string - timeout: + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' type: string - type: - minLength: 1 + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string - required: - - status - - timeout - - type type: object - type: array - unhealthyRange: - description: 'Any further remediation is only allowed if the - number of machines selected by "selector" as not healthy - is within the range of "UnhealthyRange". Takes precedence - over MaxUnhealthy. Eg. "[3-5]" - This means that remediation - will be allowed only when: (a) there are at least 3 unhealthy - machines (and) (b) there are at most 5 unhealthy machines' - pattern: ^\[[0-9]+-[0-9]+\]$ - type: string - type: object - machineInfrastructure: - description: "MachineInfrastructure defines the metadata and infrastructure - information for control plane machines. \n This field is supported - if and only if the control plane provider template referenced - above is Machine based and supports setting replicas." - properties: - ref: - description: Ref is a required reference to a custom resource - offered by a provider. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that - triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this - pod). This syntax is chosen only to have some well-defined - way of referencing a part of an object. TODO: this design - is not final and this field is subject to change in - the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + x-kubernetes-map-type: atomic + required: + - ref + type: object + metadata: + description: "Metadata is the metadata applied to the machines of the ControlPlane. At runtime this metadata is merged with the corresponding metadata from the topology. \n This field is supported if and only if the control plane provider template referenced is Machine based." + properties: + annotations: + additionalProperties: type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: type: string - type: object - x-kubernetes-map-type: atomic - required: + description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + ref: + description: Ref is a required reference to a custom resource offered by a provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: - ref - type: object - metadata: - description: "Metadata is the metadata applied to the ControlPlane - and the Machines of the ControlPlane if the ControlPlaneTemplate - referenced is machine based. If not, it is applied only to the - ControlPlane. At runtime this metadata is merged with the corresponding - metadata from the topology. \n This field is supported if and - only if the control plane provider template referenced is Machine - based." - properties: - annotations: - additionalProperties: + type: object + infrastructure: + description: Infrastructure is a reference to a provider-specific template that holds the details for provisioning infrastructure specific cluster for the underlying provider. The underlying provider is responsible for the implementation of the template to an infrastructure cluster. + properties: + ref: + description: Ref is a required reference to a custom resource offered by a provider. + properties: + apiVersion: + description: API version of the referent. type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - http://kubernetes.io/docs/user-guide/annotations' - type: object - labels: - additionalProperties: + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. May - match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' - type: object - type: object - namingStrategy: - description: NamingStrategy allows changing the naming pattern - used when creating the control plane provider object. - properties: - template: - description: 'Template defines the template to use for generating - the name of the ControlPlane object. If not defined, it - will fallback to `{{ .cluster.name }}-{{ .random }}`. If - the templated string exceeds 63 characters, it will be trimmed - to 58 characters and will get concatenated with a random - suffix of length 5. The templating mechanism provides the - following arguments: * `.cluster.name`: The name of the - cluster object. * `.random`: A random alphanumeric string, - without vowels, of length 5.' - type: string - type: object - nodeDeletionTimeout: - description: 'NodeDeletionTimeout defines how long the controller - will attempt to delete the Node that the Machine hosts after - the Machine is marked for deletion. A duration of 0 will retry - deletion indefinitely. Defaults to 10 seconds. NOTE: This value - can be overridden while defining a Cluster.Topology.' - type: string - nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of time that - the controller will spend on draining a node. The default value - is 0, meaning that the node can be drained without any time - limitations. NOTE: NodeDrainTimeout is different from `kubectl - drain --timeout` NOTE: This value can be overridden while defining - a Cluster.Topology.' - type: string - nodeVolumeDetachTimeout: - description: 'NodeVolumeDetachTimeout is the total amount of time - that the controller will spend on waiting for all volumes to - be detached. The default value is 0, meaning that the volumes - can be detached without any time limitations. NOTE: This value - can be overridden while defining a Cluster.Topology.' - type: string - ref: - description: Ref is a required reference to a custom resource - offered by a provider. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part - of an object. TODO: this design is not final and this field - is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - required: - - ref - type: object - infrastructure: - description: Infrastructure is a reference to a provider-specific - template that holds the details for provisioning infrastructure - specific cluster for the underlying provider. The underlying provider - is responsible for the implementation of the template to an infrastructure - cluster. - properties: - ref: - description: Ref is a required reference to a custom resource - offered by a provider. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part - of an object. TODO: this design is not final and this field - is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - required: - - ref - type: object - patches: - description: 'Patches defines the patches which are applied to customize - referenced templates of a ClusterClass. Note: Patches will be applied - in the order of the array.' - items: - description: ClusterClassPatch defines a patch which is applied - to customize the referenced templates. + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - ref + type: object + workers: + description: Workers describes the worker nodes for the cluster. It is a collection of node types which can be used to create the worker nodes of the cluster. properties: - definitions: - description: 'Definitions define inline patches. Note: Patches - will be applied in the order of the array. Note: Exactly one - of Definitions or External must be set.' + machineDeployments: + description: MachineDeployments is a list of machine deployment classes that can be used to create a set of worker nodes. items: - description: PatchDefinition defines a patch which is applied - to customize the referenced templates. + description: MachineDeploymentClass serves as a template to define a set of worker nodes of the cluster provisioned using the `ClusterClass`. properties: - jsonPatches: - description: 'JSONPatches defines the patches which should - be applied on the templates matching the selector. Note: - Patches will be applied in the order of the array.' - items: - description: JSONPatch defines a JSON patch. - properties: - op: - description: 'Op defines the operation of the patch. - Note: Only `add`, `replace` and `remove` are supported.' - type: string - path: - description: 'Path defines the path of the patch. - Note: Only the spec of a template can be patched, - thus the path has to start with /spec/. Note: - For now the only allowed array modifications are - `append` and `prepend`, i.e.: * for op: `add`: - only index 0 (prepend) and - (append) are allowed - * for op: `replace` or `remove`: no indexes are - allowed' - type: string - value: - description: 'Value defines the value of the patch. - Note: Either Value or ValueFrom is required for - add and replace operations. Only one of them is - allowed to be set at the same time. Note: We have - to use apiextensionsv1.JSON instead of our JSON - type, because controller-tools has a hard-coded - schema for apiextensionsv1.JSON which cannot be - produced by another type (unset type field). Ref: - https://github.com/kubernetes-sigs/controller-tools/blob/d0e03a142d0ecdd5491593e941ee1d6b5d91dba6/pkg/crd/known_types.go#L106-L111' - x-kubernetes-preserve-unknown-fields: true - valueFrom: - description: 'ValueFrom defines the value of the - patch. Note: Either Value or ValueFrom is required - for add and replace operations. Only one of them - is allowed to be set at the same time.' - properties: - template: - description: 'Template is the Go template to - be used to calculate the value. A template - can reference variables defined in .spec.variables - and builtin variables. Note: The template - must evaluate to a valid YAML or JSON value.' - type: string - variable: - description: Variable is the variable to be - used as value. Variable can be one of the - variables defined in .spec.variables or a - builtin variable. - type: string - type: object - required: - - op - - path - type: object - type: array - selector: - description: Selector defines on which templates the patch - should be applied. + class: + description: Class denotes a type of worker node present in the cluster, this name MUST be unique within a ClusterClass and can be referenced in the Cluster to create a managed MachineDeployment. + type: string + template: + description: Template is a local struct containing a collection of templates for creation of MachineDeployment objects representing a set of worker nodes. properties: - apiVersion: - description: APIVersion filters templates by apiVersion. - type: string - kind: - description: Kind filters templates by kind. - type: string - matchResources: - description: MatchResources selects templates based - on where they are referenced. + bootstrap: + description: Bootstrap contains the bootstrap template reference to be used for the creation of worker Machines. properties: - controlPlane: - description: 'ControlPlane selects templates referenced - in .spec.ControlPlane. Note: this will match - the controlPlane and also the controlPlane machineInfrastructure - (depending on the kind and apiVersion).' - type: boolean - infrastructureCluster: - description: InfrastructureCluster selects templates - referenced in .spec.infrastructure. - type: boolean - machineDeploymentClass: - description: MachineDeploymentClass selects templates - referenced in specific MachineDeploymentClasses - in .spec.workers.machineDeployments. + ref: + description: Ref is a required reference to a custom resource offered by a provider. properties: - names: - description: Names selects templates by class - names. - items: - type: string - type: array + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string type: object - machinePoolClass: - description: MachinePoolClass selects templates - referenced in specific MachinePoolClasses in - .spec.workers.machinePools. + x-kubernetes-map-type: atomic + required: + - ref + type: object + infrastructure: + description: Infrastructure contains the infrastructure template reference to be used for the creation of worker Machines. + properties: + ref: + description: Ref is a required reference to a custom resource offered by a provider. properties: - names: - description: Names selects templates by class - names. - items: - type: string - type: array + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - ref + type: object + metadata: + description: Metadata is the metadata applied to the machines of the MachineDeployment. At runtime this metadata is merged with the corresponding metadata from the topology. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' type: object type: object required: - - apiVersion - - kind - - matchResources + - bootstrap + - infrastructure type: object required: - - jsonPatches - - selector + - class + - template type: object type: array - description: - description: Description is a human-readable description of - this patch. - type: string - enabledIf: - description: EnabledIf is a Go template to be used to calculate - if a patch should be enabled. It can reference variables defined - in .spec.variables and builtin variables. The patch will be - enabled if the template evaluates to `true`, otherwise it - will be disabled. If EnabledIf is not set, the patch will - be enabled per default. - type: string - external: - description: 'External defines an external patch. Note: Exactly - one of Definitions or External must be set.' + type: object + type: object + type: object + served: false + storage: false + subresources: {} + - additionalPrinterColumns: + - description: Time duration since creation of ClusterClass + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: ClusterClass is a template which can be used to create managed topologies. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ClusterClassSpec describes the desired state of the ClusterClass. + properties: + controlPlane: + description: ControlPlane is a reference to a local struct that holds the details for provisioning the Control Plane for the Cluster. + properties: + machineHealthCheck: + description: MachineHealthCheck defines a MachineHealthCheck for this ControlPlaneClass. This field is supported if and only if the ControlPlane provider template referenced above is Machine based and supports setting replicas. properties: - discoverVariablesExtension: - description: DiscoverVariablesExtension references an extension - which is called to discover variables. - type: string - generateExtension: - description: GenerateExtension references an extension which - is called to generate patches. + maxUnhealthy: + anyOf: + - type: integer + - type: string + description: Any further remediation is only allowed if at most "MaxUnhealthy" machines selected by "selector" are not healthy. + x-kubernetes-int-or-string: true + nodeStartupTimeout: + description: Machines older than this duration without a node will be considered to have failed and will be remediated. If you wish to disable this feature, set the value explicitly to 0. type: string - settings: - additionalProperties: - type: string - description: Settings defines key value pairs to be passed - to the extensions. Values defined here take precedence - over the values defined in the corresponding ExtensionConfig. + remediationTemplate: + description: "RemediationTemplate is a reference to a remediation template provided by an infrastructure provider. \n This field is completely optional, when filled, the MachineHealthCheck controller creates a new object from the template referenced and hands off remediation of the machine to a controller that lives outside of Cluster API." + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string type: object - validateExtension: - description: ValidateExtension references an extension which - is called to validate the topology. + x-kubernetes-map-type: atomic + unhealthyConditions: + description: UnhealthyConditions contains a list of the conditions that determine whether a node is considered unhealthy. The conditions are combined in a logical OR, i.e. if any of the conditions is met, the node is unhealthy. + items: + description: UnhealthyCondition represents a Node condition type and value with a timeout specified as a duration. When the named condition has been in the given status for at least the timeout value, a node is considered unhealthy. + properties: + status: + minLength: 1 + type: string + timeout: + type: string + type: + minLength: 1 + type: string + required: + - status + - timeout + - type + type: object + type: array + unhealthyRange: + description: 'Any further remediation is only allowed if the number of machines selected by "selector" as not healthy is within the range of "UnhealthyRange". Takes precedence over MaxUnhealthy. Eg. "[3-5]" - This means that remediation will be allowed only when: (a) there are at least 3 unhealthy machines (and) (b) there are at most 5 unhealthy machines' + pattern: ^\[[0-9]+-[0-9]+\]$ type: string type: object - name: - description: Name of the patch. - type: string - required: - - name - type: object - type: array - variables: - description: Variables defines the variables which can be configured - in the Cluster topology and are then used in patches. - items: - description: ClusterClassVariable defines a variable which can be - configured in the Cluster topology and used in patches. - properties: - name: - description: Name of the variable. - type: string - required: - description: 'Required specifies if the variable is required. - Note: this applies to the variable as a whole and thus the - top-level object defined in the schema. If nested fields are - required, this will be specified inside the schema.' - type: boolean - schema: - description: Schema defines the schema of the variable. + machineInfrastructure: + description: "MachineInfrastructure defines the metadata and infrastructure information for control plane machines. \n This field is supported if and only if the control plane provider template referenced above is Machine based and supports setting replicas." properties: - openAPIV3Schema: - description: OpenAPIV3Schema defines the schema of a variable - via OpenAPI v3 schema. The schema is a subset of the schema - used in Kubernetes CRDs. + ref: + description: Ref is a required reference to a custom resource offered by a provider. properties: - additionalProperties: - description: 'AdditionalProperties specifies the schema - of values in a map (keys are always strings). NOTE: - Can only be set if type is object. NOTE: AdditionalProperties - is mutually exclusive with Properties. NOTE: This - field uses PreserveUnknownFields and Schemaless, because - recursive validation is not possible.' - x-kubernetes-preserve-unknown-fields: true - default: - description: 'Default is the default value of the variable. - NOTE: Can be set for all types.' - x-kubernetes-preserve-unknown-fields: true - description: - description: Description is a human-readable description - of this variable. + apiVersion: + description: API version of the referent. type: string - enum: - description: 'Enum is the list of valid values of the - variable. NOTE: Can be set for all types.' - items: - x-kubernetes-preserve-unknown-fields: true - type: array - example: - description: Example is an example for this variable. - x-kubernetes-preserve-unknown-fields: true - exclusiveMaximum: - description: 'ExclusiveMaximum specifies if the Maximum - is exclusive. NOTE: Can only be set if type is integer - or number.' - type: boolean - exclusiveMinimum: - description: 'ExclusiveMinimum specifies if the Minimum - is exclusive. NOTE: Can only be set if type is integer - or number.' - type: boolean - format: - description: 'Format is an OpenAPI v3 format string. - Unknown formats are ignored. For a list of supported - formats please see: (of the k8s.io/apiextensions-apiserver - version we''re currently using) https://github.com/kubernetes/apiextensions-apiserver/blob/master/pkg/apiserver/validation/formats.go - NOTE: Can only be set if type is string.' + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' type: string - items: - description: 'Items specifies fields of an array. NOTE: - Can only be set if type is array. NOTE: This field - uses PreserveUnknownFields and Schemaless, because - recursive validation is not possible.' - x-kubernetes-preserve-unknown-fields: true - maxItems: - description: 'MaxItems is the max length of an array - variable. NOTE: Can only be set if type is array.' - format: int64 - type: integer - maxLength: - description: 'MaxLength is the max length of a string - variable. NOTE: Can only be set if type is string.' - format: int64 - type: integer - maximum: - description: 'Maximum is the maximum of an integer or - number variable. If ExclusiveMaximum is false, the - variable is valid if it is lower than, or equal to, - the value of Maximum. If ExclusiveMaximum is true, - the variable is valid if it is strictly lower than - the value of Maximum. NOTE: Can only be set if type - is integer or number.' - format: int64 - type: integer - minItems: - description: 'MinItems is the min length of an array - variable. NOTE: Can only be set if type is array.' - format: int64 - type: integer - minLength: - description: 'MinLength is the min length of a string - variable. NOTE: Can only be set if type is string.' - format: int64 - type: integer - minimum: - description: 'Minimum is the minimum of an integer or - number variable. If ExclusiveMinimum is false, the - variable is valid if it is greater than, or equal - to, the value of Minimum. If ExclusiveMinimum is true, - the variable is valid if it is strictly greater than - the value of Minimum. NOTE: Can only be set if type - is integer or number.' - format: int64 - type: integer - pattern: - description: 'Pattern is the regex which a string variable - must match. NOTE: Can only be set if type is string.' + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - properties: - description: 'Properties specifies fields of an object. - NOTE: Can only be set if type is object. NOTE: Properties - is mutually exclusive with AdditionalProperties. NOTE: - This field uses PreserveUnknownFields and Schemaless, - because recursive validation is not possible.' - x-kubernetes-preserve-unknown-fields: true - required: - description: 'Required specifies which fields of an - object are required. NOTE: Can only be set if type - is object.' - items: - type: string - type: array - type: - description: 'Type is the type of the variable. Valid - values are: object, array, string, integer, number - or boolean.' + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string - uniqueItems: - description: 'UniqueItems specifies if items in an array - must be unique. NOTE: Can only be set if type is array.' - type: boolean - x-kubernetes-preserve-unknown-fields: - description: XPreserveUnknownFields allows setting fields - in a variable object which are not defined in the - variable schema. This affects fields recursively, - except if nested properties or additionalProperties - are specified in the schema. - type: boolean - required: - - type type: object + x-kubernetes-map-type: atomic required: - - openAPIV3Schema + - ref + type: object + metadata: + description: "Metadata is the metadata applied to the ControlPlane and the Machines of the ControlPlane if the ControlPlaneTemplate referenced is machine based. If not, it is applied only to the ControlPlane. At runtime this metadata is merged with the corresponding metadata from the topology. \n This field is supported if and only if the control plane provider template referenced is Machine based." + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + namingStrategy: + description: NamingStrategy allows changing the naming pattern used when creating the control plane provider object. + properties: + template: + description: 'Template defines the template to use for generating the name of the ControlPlane object. If not defined, it will fallback to `{{ .cluster.name }}-{{ .random }}`. If the templated string exceeds 63 characters, it will be trimmed to 58 characters and will get concatenated with a random suffix of length 5. The templating mechanism provides the following arguments: * `.cluster.name`: The name of the cluster object. * `.random`: A random alphanumeric string, without vowels, of length 5.' + type: string + type: object + nodeDeletionTimeout: + description: 'NodeDeletionTimeout defines how long the controller will attempt to delete the Node that the Machine hosts after the Machine is marked for deletion. A duration of 0 will retry deletion indefinitely. Defaults to 10 seconds. NOTE: This value can be overridden while defining a Cluster.Topology.' + type: string + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. The default value is 0, meaning that the node can be drained without any time limitations. NOTE: NodeDrainTimeout is different from `kubectl drain --timeout` NOTE: This value can be overridden while defining a Cluster.Topology.' + type: string + nodeVolumeDetachTimeout: + description: 'NodeVolumeDetachTimeout is the total amount of time that the controller will spend on waiting for all volumes to be detached. The default value is 0, meaning that the volumes can be detached without any time limitations. NOTE: This value can be overridden while defining a Cluster.Topology.' + type: string + ref: + description: Ref is a required reference to a custom resource offered by a provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string type: object + x-kubernetes-map-type: atomic required: - - name - - required - - schema + - ref type: object - type: array - workers: - description: Workers describes the worker nodes for the cluster. It - is a collection of node types which can be used to create the worker - nodes of the cluster. - properties: - machineDeployments: - description: MachineDeployments is a list of machine deployment - classes that can be used to create a set of worker nodes. - items: - description: MachineDeploymentClass serves as a template to - define a set of worker nodes of the cluster provisioned using - the `ClusterClass`. + infrastructure: + description: Infrastructure is a reference to a provider-specific template that holds the details for provisioning infrastructure specific cluster for the underlying provider. The underlying provider is responsible for the implementation of the template to an infrastructure cluster. + properties: + ref: + description: Ref is a required reference to a custom resource offered by a provider. properties: - class: - description: Class denotes a type of worker node present - in the cluster, this name MUST be unique within a ClusterClass - and can be referenced in the Cluster to create a managed - MachineDeployment. + apiVersion: + description: API version of the referent. type: string - failureDomain: - description: 'FailureDomain is the failure domain the machines - will be created in. Must match a key in the FailureDomains - map stored on the cluster object. NOTE: This value can - be overridden while defining a Cluster.Topology using - this MachineDeploymentClass.' + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' type: string - machineHealthCheck: - description: MachineHealthCheck defines a MachineHealthCheck - for this MachineDeploymentClass. + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - ref + type: object + patches: + description: 'Patches defines the patches which are applied to customize referenced templates of a ClusterClass. Note: Patches will be applied in the order of the array.' + items: + description: ClusterClassPatch defines a patch which is applied to customize the referenced templates. + properties: + definitions: + description: 'Definitions define inline patches. Note: Patches will be applied in the order of the array. Note: Exactly one of Definitions or External must be set.' + items: + description: PatchDefinition defines a patch which is applied to customize the referenced templates. properties: - maxUnhealthy: - anyOf: - - type: integer - - type: string - description: Any further remediation is only allowed - if at most "MaxUnhealthy" machines selected by "selector" - are not healthy. - x-kubernetes-int-or-string: true - nodeStartupTimeout: - description: Machines older than this duration without - a node will be considered to have failed and will - be remediated. If you wish to disable this feature, - set the value explicitly to 0. - type: string - remediationTemplate: - description: "RemediationTemplate is a reference to - a remediation template provided by an infrastructure - provider. \n This field is completely optional, when - filled, the MachineHealthCheck controller creates - a new object from the template referenced and hands - off remediation of the machine to a controller that - lives outside of Cluster API." - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object - instead of an entire object, this string should - contain a valid JSON/Go field access statement, - such as desiredState.manifest.containers[2]. For - example, if the object reference is to a container - within a pod, this would take on a value like: - "spec.containers{name}" (where "name" refers to - the name of the container that triggered the event) - or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax - is chosen only to have some well-defined way of - referencing a part of an object. TODO: this design - is not final and this field is subject to change - in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which - this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - unhealthyConditions: - description: UnhealthyConditions contains a list of - the conditions that determine whether a node is considered - unhealthy. The conditions are combined in a logical - OR, i.e. if any of the conditions is met, the node - is unhealthy. + jsonPatches: + description: 'JSONPatches defines the patches which should be applied on the templates matching the selector. Note: Patches will be applied in the order of the array.' items: - description: UnhealthyCondition represents a Node - condition type and value with a timeout specified - as a duration. When the named condition has been - in the given status for at least the timeout value, - a node is considered unhealthy. + description: JSONPatch defines a JSON patch. properties: - status: - minLength: 1 - type: string - timeout: + op: + description: 'Op defines the operation of the patch. Note: Only `add`, `replace` and `remove` are supported.' type: string - type: - minLength: 1 + path: + description: 'Path defines the path of the patch. Note: Only the spec of a template can be patched, thus the path has to start with /spec/. Note: For now the only allowed array modifications are `append` and `prepend`, i.e.: * for op: `add`: only index 0 (prepend) and - (append) are allowed * for op: `replace` or `remove`: no indexes are allowed' type: string + value: + description: 'Value defines the value of the patch. Note: Either Value or ValueFrom is required for add and replace operations. Only one of them is allowed to be set at the same time. Note: We have to use apiextensionsv1.JSON instead of our JSON type, because controller-tools has a hard-coded schema for apiextensionsv1.JSON which cannot be produced by another type (unset type field). Ref: https://github.com/kubernetes-sigs/controller-tools/blob/d0e03a142d0ecdd5491593e941ee1d6b5d91dba6/pkg/crd/known_types.go#L106-L111' + x-kubernetes-preserve-unknown-fields: true + valueFrom: + description: 'ValueFrom defines the value of the patch. Note: Either Value or ValueFrom is required for add and replace operations. Only one of them is allowed to be set at the same time.' + properties: + template: + description: 'Template is the Go template to be used to calculate the value. A template can reference variables defined in .spec.variables and builtin variables. Note: The template must evaluate to a valid YAML or JSON value.' + type: string + variable: + description: Variable is the variable to be used as value. Variable can be one of the variables defined in .spec.variables or a builtin variable. + type: string + type: object required: - - status - - timeout - - type + - op + - path type: object type: array - unhealthyRange: - description: 'Any further remediation is only allowed - if the number of machines selected by "selector" as - not healthy is within the range of "UnhealthyRange". - Takes precedence over MaxUnhealthy. Eg. "[3-5]" - - This means that remediation will be allowed only when: - (a) there are at least 3 unhealthy machines (and) - (b) there are at most 5 unhealthy machines' - pattern: ^\[[0-9]+-[0-9]+\]$ - type: string - type: object - minReadySeconds: - description: 'Minimum number of seconds for which a newly - created machine should be ready. Defaults to 0 (machine - will be considered available as soon as it is ready) NOTE: - This value can be overridden while defining a Cluster.Topology - using this MachineDeploymentClass.' - format: int32 - type: integer - namingStrategy: - description: NamingStrategy allows changing the naming pattern - used when creating the MachineDeployment. - properties: - template: - description: 'Template defines the template to use for - generating the name of the MachineDeployment object. - If not defined, it will fallback to `{{ .cluster.name - }}-{{ .machineDeployment.topologyName }}-{{ .random - }}`. If the templated string exceeds 63 characters, - it will be trimmed to 58 characters and will get concatenated - with a random suffix of length 5. The templating mechanism - provides the following arguments: * `.cluster.name`: - The name of the cluster object. * `.random`: A random - alphanumeric string, without vowels, of length 5. - * `.machineDeployment.topologyName`: The name of the - MachineDeployment topology (Cluster.spec.topology.workers.machineDeployments[].name).' - type: string - type: object - nodeDeletionTimeout: - description: 'NodeDeletionTimeout defines how long the controller - will attempt to delete the Node that the Machine hosts - after the Machine is marked for deletion. A duration of - 0 will retry deletion indefinitely. Defaults to 10 seconds. - NOTE: This value can be overridden while defining a Cluster.Topology - using this MachineDeploymentClass.' - type: string - nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of time - that the controller will spend on draining a node. The - default value is 0, meaning that the node can be drained - without any time limitations. NOTE: NodeDrainTimeout is - different from `kubectl drain --timeout` NOTE: This value - can be overridden while defining a Cluster.Topology using - this MachineDeploymentClass.' - type: string - nodeVolumeDetachTimeout: - description: 'NodeVolumeDetachTimeout is the total amount - of time that the controller will spend on waiting for - all volumes to be detached. The default value is 0, meaning - that the volumes can be detached without any time limitations. - NOTE: This value can be overridden while defining a Cluster.Topology - using this MachineDeploymentClass.' - type: string - strategy: - description: 'The deployment strategy to use to replace - existing machines with new ones. NOTE: This value can - be overridden while defining a Cluster.Topology using - this MachineDeploymentClass.' - properties: - rollingUpdate: - description: Rolling update config params. Present only - if MachineDeploymentStrategyType = RollingUpdate. + selector: + description: Selector defines on which templates the patch should be applied. properties: - deletePolicy: - description: DeletePolicy defines the policy used - by the MachineDeployment to identify nodes to - delete when downscaling. Valid values are "Random, - "Newest", "Oldest" When no value is supplied, - the default DeletePolicy of MachineSet is used - enum: - - Random - - Newest - - Oldest + apiVersion: + description: APIVersion filters templates by apiVersion. type: string - maxSurge: - anyOf: - - type: integer - - type: string - description: 'The maximum number of machines that - can be scheduled above the desired number of machines. - Value can be an absolute number (ex: 5) or a percentage - of desired machines (ex: 10%). This can not be - 0 if MaxUnavailable is 0. Absolute number is calculated - from percentage by rounding up. Defaults to 1. - Example: when this is set to 30%, the new MachineSet - can be scaled up immediately when the rolling - update starts, such that the total number of old - and new machines do not exceed 130% of desired - machines. Once old machines have been killed, - new MachineSet can be scaled up further, ensuring - that total number of machines running at any time - during the update is at most 130% of desired machines.' - x-kubernetes-int-or-string: true - maxUnavailable: - anyOf: - - type: integer - - type: string - description: 'The maximum number of machines that - can be unavailable during the update. Value can - be an absolute number (ex: 5) or a percentage - of desired machines (ex: 10%). Absolute number - is calculated from percentage by rounding down. - This can not be 0 if MaxSurge is 0. Defaults to - 0. Example: when this is set to 30%, the old MachineSet - can be scaled down to 70% of desired machines - immediately when the rolling update starts. Once - new machines are ready, old MachineSet can be - scaled down further, followed by scaling up the - new MachineSet, ensuring that the total number - of machines available at all times during the - update is at least 70% of desired machines.' - x-kubernetes-int-or-string: true - type: object - type: - description: Type of deployment. Allowed values are - RollingUpdate and OnDelete. The default is RollingUpdate. - enum: - - RollingUpdate - - OnDelete - type: string - type: object - template: - description: Template is a local struct containing a collection - of templates for creation of MachineDeployment objects - representing a set of worker nodes. - properties: - bootstrap: - description: Bootstrap contains the bootstrap template - reference to be used for the creation of worker Machines. - properties: - ref: - description: Ref is a required reference to a custom - resource offered by a provider. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an - object instead of an entire object, this string - should contain a valid JSON/Go field access - statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to - a container within a pod, this would take - on a value like: "spec.containers{name}" (where - "name" refers to the name of the container - that triggered the event) or if no container - name is specified "spec.containers[2]" (container - with index 2 in this pod). This syntax is - chosen only to have some well-defined way - of referencing a part of an object. TODO: - this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which - this reference is made, if any. More info: - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - required: - - ref - type: object - infrastructure: - description: Infrastructure contains the infrastructure - template reference to be used for the creation of - worker Machines. - properties: - ref: - description: Ref is a required reference to a custom - resource offered by a provider. + kind: + description: Kind filters templates by kind. + type: string + matchResources: + description: MatchResources selects templates based on where they are referenced. properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an - object instead of an entire object, this string - should contain a valid JSON/Go field access - statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to - a container within a pod, this would take - on a value like: "spec.containers{name}" (where - "name" refers to the name of the container - that triggered the event) or if no container - name is specified "spec.containers[2]" (container - with index 2 in this pod). This syntax is - chosen only to have some well-defined way - of referencing a part of an object. TODO: - this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which - this reference is made, if any. More info: - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string + controlPlane: + description: 'ControlPlane selects templates referenced in .spec.ControlPlane. Note: this will match the controlPlane and also the controlPlane machineInfrastructure (depending on the kind and apiVersion).' + type: boolean + infrastructureCluster: + description: InfrastructureCluster selects templates referenced in .spec.infrastructure. + type: boolean + machineDeploymentClass: + description: MachineDeploymentClass selects templates referenced in specific MachineDeploymentClasses in .spec.workers.machineDeployments. + properties: + names: + description: Names selects templates by class names. + items: + type: string + type: array + type: object + machinePoolClass: + description: MachinePoolClass selects templates referenced in specific MachinePoolClasses in .spec.workers.machinePools. + properties: + names: + description: Names selects templates by class names. + items: + type: string + type: array + type: object type: object - x-kubernetes-map-type: atomic required: - - ref - type: object - metadata: - description: Metadata is the metadata applied to the - MachineDeployment and the machines of the MachineDeployment. - At runtime this metadata is merged with the corresponding - metadata from the topology. - properties: - annotations: - additionalProperties: - type: string - description: 'Annotations is an unstructured key - value map stored with a resource that may be set - by external tools to store and retrieve arbitrary - metadata. They are not queryable and should be - preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' - type: object - labels: - additionalProperties: - type: string - description: 'Map of string keys and values that - can be used to organize and categorize (scope - and select) objects. May match selectors of replication - controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' - type: object + - apiVersion + - kind + - matchResources type: object required: - - bootstrap - - infrastructure + - jsonPatches + - selector type: object - required: - - class - - template - type: object - type: array - machinePools: - description: MachinePools is a list of machine pool classes that - can be used to create a set of worker nodes. - items: - description: MachinePoolClass serves as a template to define - a pool of worker nodes of the cluster provisioned using `ClusterClass`. - properties: - class: - description: Class denotes a type of machine pool present - in the cluster, this name MUST be unique within a ClusterClass - and can be referenced in the Cluster to create a managed - MachinePool. - type: string - failureDomains: - description: 'FailureDomains is the list of failure domains - the MachinePool should be attached to. Must match a key - in the FailureDomains map stored on the cluster object. - NOTE: This value can be overridden while defining a Cluster.Topology - using this MachinePoolClass.' - items: + type: array + description: + description: Description is a human-readable description of this patch. + type: string + enabledIf: + description: EnabledIf is a Go template to be used to calculate if a patch should be enabled. It can reference variables defined in .spec.variables and builtin variables. The patch will be enabled if the template evaluates to `true`, otherwise it will be disabled. If EnabledIf is not set, the patch will be enabled per default. + type: string + external: + description: 'External defines an external patch. Note: Exactly one of Definitions or External must be set.' + properties: + discoverVariablesExtension: + description: DiscoverVariablesExtension references an extension which is called to discover variables. type: string - type: array - minReadySeconds: - description: 'Minimum number of seconds for which a newly - created machine pool should be ready. Defaults to 0 (machine - will be considered available as soon as it is ready) NOTE: - This value can be overridden while defining a Cluster.Topology - using this MachinePoolClass.' - format: int32 - type: integer - namingStrategy: - description: NamingStrategy allows changing the naming pattern - used when creating the MachinePool. - properties: - template: - description: 'Template defines the template to use for - generating the name of the MachinePool object. If - not defined, it will fallback to `{{ .cluster.name - }}-{{ .machinePool.topologyName }}-{{ .random }}`. - If the templated string exceeds 63 characters, it - will be trimmed to 58 characters and will get concatenated - with a random suffix of length 5. The templating mechanism - provides the following arguments: * `.cluster.name`: - The name of the cluster object. * `.random`: A random - alphanumeric string, without vowels, of length 5. - * `.machinePool.topologyName`: The name of the MachinePool - topology (Cluster.spec.topology.workers.machinePools[].name).' + generateExtension: + description: GenerateExtension references an extension which is called to generate patches. + type: string + settings: + additionalProperties: type: string - type: object - nodeDeletionTimeout: - description: 'NodeDeletionTimeout defines how long the controller - will attempt to delete the Node that the Machine hosts - after the Machine Pool is marked for deletion. A duration - of 0 will retry deletion indefinitely. Defaults to 10 - seconds. NOTE: This value can be overridden while defining - a Cluster.Topology using this MachinePoolClass.' - type: string - nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of time - that the controller will spend on draining a node. The - default value is 0, meaning that the node can be drained - without any time limitations. NOTE: NodeDrainTimeout is - different from `kubectl drain --timeout` NOTE: This value - can be overridden while defining a Cluster.Topology using - this MachinePoolClass.' - type: string - nodeVolumeDetachTimeout: - description: 'NodeVolumeDetachTimeout is the total amount - of time that the controller will spend on waiting for - all volumes to be detached. The default value is 0, meaning - that the volumes can be detached without any time limitations. - NOTE: This value can be overridden while defining a Cluster.Topology - using this MachinePoolClass.' - type: string - template: - description: Template is a local struct containing a collection - of templates for creation of MachinePools objects representing - a pool of worker nodes. - properties: - bootstrap: - description: Bootstrap contains the bootstrap template - reference to be used for the creation of the Machines - in the MachinePool. - properties: - ref: - description: Ref is a required reference to a custom - resource offered by a provider. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an - object instead of an entire object, this string - should contain a valid JSON/Go field access - statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to - a container within a pod, this would take - on a value like: "spec.containers{name}" (where - "name" refers to the name of the container - that triggered the event) or if no container - name is specified "spec.containers[2]" (container - with index 2 in this pod). This syntax is - chosen only to have some well-defined way - of referencing a part of an object. TODO: - this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which - this reference is made, if any. More info: - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - required: - - ref - type: object - infrastructure: - description: Infrastructure contains the infrastructure - template reference to be used for the creation of - the MachinePool. + description: Settings defines key value pairs to be passed to the extensions. Values defined here take precedence over the values defined in the corresponding ExtensionConfig. + type: object + validateExtension: + description: ValidateExtension references an extension which is called to validate the topology. + type: string + type: object + name: + description: Name of the patch. + type: string + required: + - name + type: object + type: array + variables: + description: Variables defines the variables which can be configured in the Cluster topology and are then used in patches. + items: + description: ClusterClassVariable defines a variable which can be configured in the Cluster topology and used in patches. + properties: + name: + description: Name of the variable. + type: string + required: + description: 'Required specifies if the variable is required. Note: this applies to the variable as a whole and thus the top-level object defined in the schema. If nested fields are required, this will be specified inside the schema.' + type: boolean + schema: + description: Schema defines the schema of the variable. + properties: + openAPIV3Schema: + description: OpenAPIV3Schema defines the schema of a variable via OpenAPI v3 schema. The schema is a subset of the schema used in Kubernetes CRDs. + properties: + additionalProperties: + description: 'AdditionalProperties specifies the schema of values in a map (keys are always strings). NOTE: Can only be set if type is object. NOTE: AdditionalProperties is mutually exclusive with Properties. NOTE: This field uses PreserveUnknownFields and Schemaless, because recursive validation is not possible.' + x-kubernetes-preserve-unknown-fields: true + default: + description: 'Default is the default value of the variable. NOTE: Can be set for all types.' + x-kubernetes-preserve-unknown-fields: true + description: + description: Description is a human-readable description of this variable. + type: string + enum: + description: 'Enum is the list of valid values of the variable. NOTE: Can be set for all types.' + items: + x-kubernetes-preserve-unknown-fields: true + type: array + example: + description: Example is an example for this variable. + x-kubernetes-preserve-unknown-fields: true + exclusiveMaximum: + description: 'ExclusiveMaximum specifies if the Maximum is exclusive. NOTE: Can only be set if type is integer or number.' + type: boolean + exclusiveMinimum: + description: 'ExclusiveMinimum specifies if the Minimum is exclusive. NOTE: Can only be set if type is integer or number.' + type: boolean + format: + description: 'Format is an OpenAPI v3 format string. Unknown formats are ignored. For a list of supported formats please see: (of the k8s.io/apiextensions-apiserver version we''re currently using) https://github.com/kubernetes/apiextensions-apiserver/blob/master/pkg/apiserver/validation/formats.go NOTE: Can only be set if type is string.' + type: string + items: + description: 'Items specifies fields of an array. NOTE: Can only be set if type is array. NOTE: This field uses PreserveUnknownFields and Schemaless, because recursive validation is not possible.' + x-kubernetes-preserve-unknown-fields: true + maxItems: + description: 'MaxItems is the max length of an array variable. NOTE: Can only be set if type is array.' + format: int64 + type: integer + maxLength: + description: 'MaxLength is the max length of a string variable. NOTE: Can only be set if type is string.' + format: int64 + type: integer + maximum: + description: 'Maximum is the maximum of an integer or number variable. If ExclusiveMaximum is false, the variable is valid if it is lower than, or equal to, the value of Maximum. If ExclusiveMaximum is true, the variable is valid if it is strictly lower than the value of Maximum. NOTE: Can only be set if type is integer or number.' + format: int64 + type: integer + minItems: + description: 'MinItems is the min length of an array variable. NOTE: Can only be set if type is array.' + format: int64 + type: integer + minLength: + description: 'MinLength is the min length of a string variable. NOTE: Can only be set if type is string.' + format: int64 + type: integer + minimum: + description: 'Minimum is the minimum of an integer or number variable. If ExclusiveMinimum is false, the variable is valid if it is greater than, or equal to, the value of Minimum. If ExclusiveMinimum is true, the variable is valid if it is strictly greater than the value of Minimum. NOTE: Can only be set if type is integer or number.' + format: int64 + type: integer + pattern: + description: 'Pattern is the regex which a string variable must match. NOTE: Can only be set if type is string.' + type: string properties: - ref: - description: Ref is a required reference to a custom - resource offered by a provider. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an - object instead of an entire object, this string - should contain a valid JSON/Go field access - statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to - a container within a pod, this would take - on a value like: "spec.containers{name}" (where - "name" refers to the name of the container - that triggered the event) or if no container - name is specified "spec.containers[2]" (container - with index 2 in this pod). This syntax is - chosen only to have some well-defined way - of referencing a part of an object. TODO: - this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which - this reference is made, if any. More info: - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic + description: 'Properties specifies fields of an object. NOTE: Can only be set if type is object. NOTE: Properties is mutually exclusive with AdditionalProperties. NOTE: This field uses PreserveUnknownFields and Schemaless, because recursive validation is not possible.' + x-kubernetes-preserve-unknown-fields: true required: - - ref - type: object - metadata: - description: Metadata is the metadata applied to the - MachinePool. At runtime this metadata is merged with - the corresponding metadata from the topology. - properties: - annotations: - additionalProperties: - type: string - description: 'Annotations is an unstructured key - value map stored with a resource that may be set - by external tools to store and retrieve arbitrary - metadata. They are not queryable and should be - preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' - type: object - labels: - additionalProperties: - type: string - description: 'Map of string keys and values that - can be used to organize and categorize (scope - and select) objects. May match selectors of replication - controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' - type: object - type: object - required: - - bootstrap - - infrastructure - type: object - required: - - class - - template - type: object - type: array - type: object - type: object - status: - description: ClusterClassStatus defines the observed state of the ClusterClass. - properties: - conditions: - description: Conditions defines current observed state of the ClusterClass. - items: - description: Condition defines an observation of a Cluster API resource - operational state. - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. - type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. - type: string - required: - - lastTransitionTime - - status - - type - type: object - type: array - observedGeneration: - description: ObservedGeneration is the latest generation observed - by the controller. - format: int64 - type: integer - variables: - description: Variables is a list of ClusterClassStatusVariable that - are defined for the ClusterClass. - items: - description: ClusterClassStatusVariable defines a variable which - appears in the status of a ClusterClass. + description: 'Required specifies which fields of an object are required. NOTE: Can only be set if type is object.' + items: + type: string + type: array + type: + description: 'Type is the type of the variable. Valid values are: object, array, string, integer, number or boolean.' + type: string + uniqueItems: + description: 'UniqueItems specifies if items in an array must be unique. NOTE: Can only be set if type is array.' + type: boolean + x-kubernetes-preserve-unknown-fields: + description: XPreserveUnknownFields allows setting fields in a variable object which are not defined in the variable schema. This affects fields recursively, except if nested properties or additionalProperties are specified in the schema. + type: boolean + required: + - type + type: object + required: + - openAPIV3Schema + type: object + required: + - name + - required + - schema + type: object + type: array + workers: + description: Workers describes the worker nodes for the cluster. It is a collection of node types which can be used to create the worker nodes of the cluster. properties: - definitions: - description: Definitions is a list of definitions for a variable. + machineDeployments: + description: MachineDeployments is a list of machine deployment classes that can be used to create a set of worker nodes. items: - description: ClusterClassStatusVariableDefinition defines - a variable which appears in the status of a ClusterClass. + description: MachineDeploymentClass serves as a template to define a set of worker nodes of the cluster provisioned using the `ClusterClass`. properties: - from: - description: From specifies the origin of the variable - definition. This will be `inline` for variables defined - in the ClusterClass or the name of a patch defined in - the ClusterClass for variables discovered from a DiscoverVariables - runtime extensions. + class: + description: Class denotes a type of worker node present in the cluster, this name MUST be unique within a ClusterClass and can be referenced in the Cluster to create a managed MachineDeployment. type: string - required: - description: 'Required specifies if the variable is required. - Note: this applies to the variable as a whole and thus - the top-level object defined in the schema. If nested - fields are required, this will be specified inside the - schema.' - type: boolean - schema: - description: Schema defines the schema of the variable. + failureDomain: + description: 'FailureDomain is the failure domain the machines will be created in. Must match a key in the FailureDomains map stored on the cluster object. NOTE: This value can be overridden while defining a Cluster.Topology using this MachineDeploymentClass.' + type: string + machineHealthCheck: + description: MachineHealthCheck defines a MachineHealthCheck for this MachineDeploymentClass. properties: - openAPIV3Schema: - description: OpenAPIV3Schema defines the schema of - a variable via OpenAPI v3 schema. The schema is - a subset of the schema used in Kubernetes CRDs. + maxUnhealthy: + anyOf: + - type: integer + - type: string + description: Any further remediation is only allowed if at most "MaxUnhealthy" machines selected by "selector" are not healthy. + x-kubernetes-int-or-string: true + nodeStartupTimeout: + description: Machines older than this duration without a node will be considered to have failed and will be remediated. If you wish to disable this feature, set the value explicitly to 0. + type: string + remediationTemplate: + description: "RemediationTemplate is a reference to a remediation template provided by an infrastructure provider. \n This field is completely optional, when filled, the MachineHealthCheck controller creates a new object from the template referenced and hands off remediation of the machine to a controller that lives outside of Cluster API." properties: - additionalProperties: - description: 'AdditionalProperties specifies the - schema of values in a map (keys are always strings). - NOTE: Can only be set if type is object. NOTE: - AdditionalProperties is mutually exclusive with - Properties. NOTE: This field uses PreserveUnknownFields - and Schemaless, because recursive validation - is not possible.' - x-kubernetes-preserve-unknown-fields: true - default: - description: 'Default is the default value of - the variable. NOTE: Can be set for all types.' - x-kubernetes-preserve-unknown-fields: true - description: - description: Description is a human-readable description - of this variable. + apiVersion: + description: API version of the referent. type: string - enum: - description: 'Enum is the list of valid values - of the variable. NOTE: Can be set for all types.' - items: - x-kubernetes-preserve-unknown-fields: true - type: array - example: - description: Example is an example for this variable. - x-kubernetes-preserve-unknown-fields: true - exclusiveMaximum: - description: 'ExclusiveMaximum specifies if the - Maximum is exclusive. NOTE: Can only be set - if type is integer or number.' - type: boolean - exclusiveMinimum: - description: 'ExclusiveMinimum specifies if the - Minimum is exclusive. NOTE: Can only be set - if type is integer or number.' - type: boolean - format: - description: 'Format is an OpenAPI v3 format string. - Unknown formats are ignored. For a list of supported - formats please see: (of the k8s.io/apiextensions-apiserver - version we''re currently using) https://github.com/kubernetes/apiextensions-apiserver/blob/master/pkg/apiserver/validation/formats.go - NOTE: Can only be set if type is string.' + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' type: string - items: - description: 'Items specifies fields of an array. - NOTE: Can only be set if type is array. NOTE: - This field uses PreserveUnknownFields and Schemaless, - because recursive validation is not possible.' - x-kubernetes-preserve-unknown-fields: true - maxItems: - description: 'MaxItems is the max length of an - array variable. NOTE: Can only be set if type - is array.' - format: int64 - type: integer - maxLength: - description: 'MaxLength is the max length of a - string variable. NOTE: Can only be set if type - is string.' - format: int64 - type: integer - maximum: - description: 'Maximum is the maximum of an integer - or number variable. If ExclusiveMaximum is false, - the variable is valid if it is lower than, or - equal to, the value of Maximum. If ExclusiveMaximum - is true, the variable is valid if it is strictly - lower than the value of Maximum. NOTE: Can only - be set if type is integer or number.' - format: int64 - type: integer - minItems: - description: 'MinItems is the min length of an - array variable. NOTE: Can only be set if type - is array.' - format: int64 - type: integer - minLength: - description: 'MinLength is the min length of a - string variable. NOTE: Can only be set if type - is string.' - format: int64 - type: integer - minimum: - description: 'Minimum is the minimum of an integer - or number variable. If ExclusiveMinimum is false, - the variable is valid if it is greater than, - or equal to, the value of Minimum. If ExclusiveMinimum - is true, the variable is valid if it is strictly - greater than the value of Minimum. NOTE: Can - only be set if type is integer or number.' - format: int64 - type: integer - pattern: - description: 'Pattern is the regex which a string - variable must match. NOTE: Can only be set if - type is string.' + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + unhealthyConditions: + description: UnhealthyConditions contains a list of the conditions that determine whether a node is considered unhealthy. The conditions are combined in a logical OR, i.e. if any of the conditions is met, the node is unhealthy. + items: + description: UnhealthyCondition represents a Node condition type and value with a timeout specified as a duration. When the named condition has been in the given status for at least the timeout value, a node is considered unhealthy. properties: - description: 'Properties specifies fields of an - object. NOTE: Can only be set if type is object. - NOTE: Properties is mutually exclusive with - AdditionalProperties. NOTE: This field uses - PreserveUnknownFields and Schemaless, because - recursive validation is not possible.' - x-kubernetes-preserve-unknown-fields: true - required: - description: 'Required specifies which fields - of an object are required. NOTE: Can only be - set if type is object.' - items: + status: + minLength: 1 type: string - type: array - type: - description: 'Type is the type of the variable. - Valid values are: object, array, string, integer, - number or boolean.' + timeout: + type: string + type: + minLength: 1 + type: string + required: + - status + - timeout + - type + type: object + type: array + unhealthyRange: + description: 'Any further remediation is only allowed if the number of machines selected by "selector" as not healthy is within the range of "UnhealthyRange". Takes precedence over MaxUnhealthy. Eg. "[3-5]" - This means that remediation will be allowed only when: (a) there are at least 3 unhealthy machines (and) (b) there are at most 5 unhealthy machines' + pattern: ^\[[0-9]+-[0-9]+\]$ + type: string + type: object + minReadySeconds: + description: 'Minimum number of seconds for which a newly created machine should be ready. Defaults to 0 (machine will be considered available as soon as it is ready) NOTE: This value can be overridden while defining a Cluster.Topology using this MachineDeploymentClass.' + format: int32 + type: integer + namingStrategy: + description: NamingStrategy allows changing the naming pattern used when creating the MachineDeployment. + properties: + template: + description: 'Template defines the template to use for generating the name of the MachineDeployment object. If not defined, it will fallback to `{{ .cluster.name }}-{{ .machineDeployment.topologyName }}-{{ .random }}`. If the templated string exceeds 63 characters, it will be trimmed to 58 characters and will get concatenated with a random suffix of length 5. The templating mechanism provides the following arguments: * `.cluster.name`: The name of the cluster object. * `.random`: A random alphanumeric string, without vowels, of length 5. * `.machineDeployment.topologyName`: The name of the MachineDeployment topology (Cluster.spec.topology.workers.machineDeployments[].name).' + type: string + type: object + nodeDeletionTimeout: + description: 'NodeDeletionTimeout defines how long the controller will attempt to delete the Node that the Machine hosts after the Machine is marked for deletion. A duration of 0 will retry deletion indefinitely. Defaults to 10 seconds. NOTE: This value can be overridden while defining a Cluster.Topology using this MachineDeploymentClass.' + type: string + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. The default value is 0, meaning that the node can be drained without any time limitations. NOTE: NodeDrainTimeout is different from `kubectl drain --timeout` NOTE: This value can be overridden while defining a Cluster.Topology using this MachineDeploymentClass.' + type: string + nodeVolumeDetachTimeout: + description: 'NodeVolumeDetachTimeout is the total amount of time that the controller will spend on waiting for all volumes to be detached. The default value is 0, meaning that the volumes can be detached without any time limitations. NOTE: This value can be overridden while defining a Cluster.Topology using this MachineDeploymentClass.' + type: string + strategy: + description: 'The deployment strategy to use to replace existing machines with new ones. NOTE: This value can be overridden while defining a Cluster.Topology using this MachineDeploymentClass.' + properties: + rollingUpdate: + description: Rolling update config params. Present only if MachineDeploymentStrategyType = RollingUpdate. + properties: + deletePolicy: + description: DeletePolicy defines the policy used by the MachineDeployment to identify nodes to delete when downscaling. Valid values are "Random, "Newest", "Oldest" When no value is supplied, the default DeletePolicy of MachineSet is used + enum: + - Random + - Newest + - Oldest type: string - uniqueItems: - description: 'UniqueItems specifies if items in - an array must be unique. NOTE: Can only be set - if type is array.' - type: boolean - x-kubernetes-preserve-unknown-fields: - description: XPreserveUnknownFields allows setting - fields in a variable object which are not defined - in the variable schema. This affects fields - recursively, except if nested properties or - additionalProperties are specified in the schema. - type: boolean + maxSurge: + anyOf: + - type: integer + - type: string + description: 'The maximum number of machines that can be scheduled above the desired number of machines. Value can be an absolute number (ex: 5) or a percentage of desired machines (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to 1. Example: when this is set to 30%, the new MachineSet can be scaled up immediately when the rolling update starts, such that the total number of old and new machines do not exceed 130% of desired machines. Once old machines have been killed, new MachineSet can be scaled up further, ensuring that total number of machines running at any time during the update is at most 130% of desired machines.' + x-kubernetes-int-or-string: true + maxUnavailable: + anyOf: + - type: integer + - type: string + description: 'The maximum number of machines that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired machines (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to 0. Example: when this is set to 30%, the old MachineSet can be scaled down to 70% of desired machines immediately when the rolling update starts. Once new machines are ready, old MachineSet can be scaled down further, followed by scaling up the new MachineSet, ensuring that the total number of machines available at all times during the update is at least 70% of desired machines.' + x-kubernetes-int-or-string: true + type: object + type: + description: Type of deployment. Allowed values are RollingUpdate and OnDelete. The default is RollingUpdate. + enum: + - RollingUpdate + - OnDelete + type: string + type: object + template: + description: Template is a local struct containing a collection of templates for creation of MachineDeployment objects representing a set of worker nodes. + properties: + bootstrap: + description: Bootstrap contains the bootstrap template reference to be used for the creation of worker Machines. + properties: + ref: + description: Ref is a required reference to a custom resource offered by a provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - ref + type: object + infrastructure: + description: Infrastructure contains the infrastructure template reference to be used for the creation of worker Machines. + properties: + ref: + description: Ref is a required reference to a custom resource offered by a provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic required: - - type + - ref + type: object + metadata: + description: Metadata is the metadata applied to the MachineDeployment and the machines of the MachineDeployment. At runtime this metadata is merged with the corresponding metadata from the topology. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object type: object required: - - openAPIV3Schema + - bootstrap + - infrastructure type: object required: - - from - - required - - schema + - class + - template type: object type: array - definitionsConflict: - description: DefinitionsConflict specifies whether or not there - are conflicting definitions for a single variable name. - type: boolean - name: - description: Name is the name of the variable. - type: string - required: - - definitions - - name - type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - cert-manager.io/inject-ca-from: capi-system/capi-serving-cert - controller-gen.kubebuilder.io/version: v0.13.0 - creationTimestamp: null - labels: - cluster.x-k8s.io/provider: cluster-api - clusterctl.cluster.x-k8s.io: "" - name: clusterresourcesetbindings.addons.cluster.x-k8s.io -spec: - conversion: - strategy: Webhook - webhook: - clientConfig: - caBundle: Cg== - service: - name: capi-webhook-service - namespace: capi-system - path: /convert - conversionReviewVersions: - - v1 - - v1beta1 - group: addons.cluster.x-k8s.io - names: - categories: - - cluster-api - kind: ClusterResourceSetBinding - listKind: ClusterResourceSetBindingList - plural: clusterresourcesetbindings - singular: clusterresourcesetbinding - scope: Namespaced - versions: - - deprecated: true - name: v1alpha3 - schema: - openAPIV3Schema: - description: "ClusterResourceSetBinding lists all matching ClusterResourceSets - with the cluster it belongs to. \n Deprecated: This type will be removed - in one of the next releases." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ClusterResourceSetBindingSpec defines the desired state of - ClusterResourceSetBinding. - properties: - bindings: - description: Bindings is a list of ClusterResourceSets and their resources. - items: - description: ResourceSetBinding keeps info on all of the resources - in a ClusterResourceSet. - properties: - clusterResourceSetName: - description: ClusterResourceSetName is the name of the ClusterResourceSet - that is applied to the owner cluster of the binding. - type: string - resources: - description: Resources is a list of resources that the ClusterResourceSet - has. + machinePools: + description: MachinePools is a list of machine pool classes that can be used to create a set of worker nodes. items: - description: ResourceBinding shows the status of a resource - that belongs to a ClusterResourceSet matched by the owner - cluster of the ClusterResourceSetBinding object. + description: MachinePoolClass serves as a template to define a pool of worker nodes of the cluster provisioned using `ClusterClass`. properties: - applied: - description: Applied is to track if a resource is applied - to the cluster or not. - type: boolean - hash: - description: Hash is the hash of a resource's data. This - can be used to decide if a resource is changed. For - "ApplyOnce" ClusterResourceSet.spec.strategy, this is - no-op as that strategy does not act on change. + class: + description: Class denotes a type of machine pool present in the cluster, this name MUST be unique within a ClusterClass and can be referenced in the Cluster to create a managed MachinePool. type: string - kind: - description: 'Kind of the resource. Supported kinds are: - Secrets and ConfigMaps.' - enum: - - Secret - - ConfigMap + failureDomains: + description: 'FailureDomains is the list of failure domains the MachinePool should be attached to. Must match a key in the FailureDomains map stored on the cluster object. NOTE: This value can be overridden while defining a Cluster.Topology using this MachinePoolClass.' + items: + type: string + type: array + minReadySeconds: + description: 'Minimum number of seconds for which a newly created machine pool should be ready. Defaults to 0 (machine will be considered available as soon as it is ready) NOTE: This value can be overridden while defining a Cluster.Topology using this MachinePoolClass.' + format: int32 + type: integer + namingStrategy: + description: NamingStrategy allows changing the naming pattern used when creating the MachinePool. + properties: + template: + description: 'Template defines the template to use for generating the name of the MachinePool object. If not defined, it will fallback to `{{ .cluster.name }}-{{ .machinePool.topologyName }}-{{ .random }}`. If the templated string exceeds 63 characters, it will be trimmed to 58 characters and will get concatenated with a random suffix of length 5. The templating mechanism provides the following arguments: * `.cluster.name`: The name of the cluster object. * `.random`: A random alphanumeric string, without vowels, of length 5. * `.machinePool.topologyName`: The name of the MachinePool topology (Cluster.spec.topology.workers.machinePools[].name).' + type: string + type: object + nodeDeletionTimeout: + description: 'NodeDeletionTimeout defines how long the controller will attempt to delete the Node that the Machine hosts after the Machine Pool is marked for deletion. A duration of 0 will retry deletion indefinitely. Defaults to 10 seconds. NOTE: This value can be overridden while defining a Cluster.Topology using this MachinePoolClass.' type: string - lastAppliedTime: - description: LastAppliedTime identifies when this resource - was last applied to the cluster. - format: date-time + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. The default value is 0, meaning that the node can be drained without any time limitations. NOTE: NodeDrainTimeout is different from `kubectl drain --timeout` NOTE: This value can be overridden while defining a Cluster.Topology using this MachinePoolClass.' type: string - name: - description: Name of the resource that is in the same - namespace with ClusterResourceSet object. - minLength: 1 + nodeVolumeDetachTimeout: + description: 'NodeVolumeDetachTimeout is the total amount of time that the controller will spend on waiting for all volumes to be detached. The default value is 0, meaning that the volumes can be detached without any time limitations. NOTE: This value can be overridden while defining a Cluster.Topology using this MachinePoolClass.' type: string + template: + description: Template is a local struct containing a collection of templates for creation of MachinePools objects representing a pool of worker nodes. + properties: + bootstrap: + description: Bootstrap contains the bootstrap template reference to be used for the creation of the Machines in the MachinePool. + properties: + ref: + description: Ref is a required reference to a custom resource offered by a provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - ref + type: object + infrastructure: + description: Infrastructure contains the infrastructure template reference to be used for the creation of the MachinePool. + properties: + ref: + description: Ref is a required reference to a custom resource offered by a provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - ref + type: object + metadata: + description: Metadata is the metadata applied to the MachinePool. At runtime this metadata is merged with the corresponding metadata from the topology. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + required: + - bootstrap + - infrastructure + type: object required: - - applied - - kind - - name - type: object - type: array - required: - - clusterResourceSetName - type: object - type: array - type: object - type: object - served: false - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - description: Time duration since creation of ClusterResourceSetBinding - jsonPath: .metadata.creationTimestamp - name: Age - type: date - deprecated: true - name: v1alpha4 - schema: - openAPIV3Schema: - description: "ClusterResourceSetBinding lists all matching ClusterResourceSets - with the cluster it belongs to. \n Deprecated: This type will be removed - in one of the next releases." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ClusterResourceSetBindingSpec defines the desired state of - ClusterResourceSetBinding. - properties: - bindings: - description: Bindings is a list of ClusterResourceSets and their resources. - items: - description: ResourceSetBinding keeps info on all of the resources - in a ClusterResourceSet. - properties: - clusterResourceSetName: - description: ClusterResourceSetName is the name of the ClusterResourceSet - that is applied to the owner cluster of the binding. - type: string - resources: - description: Resources is a list of resources that the ClusterResourceSet - has. - items: - description: ResourceBinding shows the status of a resource - that belongs to a ClusterResourceSet matched by the owner - cluster of the ClusterResourceSetBinding object. - properties: - applied: - description: Applied is to track if a resource is applied - to the cluster or not. - type: boolean - hash: - description: Hash is the hash of a resource's data. This - can be used to decide if a resource is changed. For - "ApplyOnce" ClusterResourceSet.spec.strategy, this is - no-op as that strategy does not act on change. - type: string - kind: - description: 'Kind of the resource. Supported kinds are: - Secrets and ConfigMaps.' - enum: - - Secret - - ConfigMap - type: string - lastAppliedTime: - description: LastAppliedTime identifies when this resource - was last applied to the cluster. - format: date-time - type: string - name: - description: Name of the resource that is in the same - namespace with ClusterResourceSet object. - minLength: 1 - type: string - required: - - applied - - kind - - name - type: object - type: array - required: - - clusterResourceSetName - type: object - type: array - type: object - type: object - served: false - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - description: Time duration since creation of ClusterResourceSetBinding - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: ClusterResourceSetBinding lists all matching ClusterResourceSets - with the cluster it belongs to. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ClusterResourceSetBindingSpec defines the desired state of - ClusterResourceSetBinding. - properties: - bindings: - description: Bindings is a list of ClusterResourceSets and their resources. - items: - description: ResourceSetBinding keeps info on all of the resources - in a ClusterResourceSet. - properties: - clusterResourceSetName: - description: ClusterResourceSetName is the name of the ClusterResourceSet - that is applied to the owner cluster of the binding. - type: string - resources: - description: Resources is a list of resources that the ClusterResourceSet - has. - items: - description: ResourceBinding shows the status of a resource - that belongs to a ClusterResourceSet matched by the owner - cluster of the ClusterResourceSetBinding object. - properties: - applied: - description: Applied is to track if a resource is applied - to the cluster or not. - type: boolean - hash: - description: Hash is the hash of a resource's data. This - can be used to decide if a resource is changed. For - "ApplyOnce" ClusterResourceSet.spec.strategy, this is - no-op as that strategy does not act on change. - type: string - kind: - description: 'Kind of the resource. Supported kinds are: - Secrets and ConfigMaps.' - enum: - - Secret - - ConfigMap - type: string - lastAppliedTime: - description: LastAppliedTime identifies when this resource - was last applied to the cluster. - format: date-time - type: string - name: - description: Name of the resource that is in the same - namespace with ClusterResourceSet object. - minLength: 1 - type: string - required: - - applied - - kind - - name + - class + - template type: object type: array - required: - - clusterResourceSetName type: object - type: array - clusterName: - description: 'ClusterName is the name of the Cluster this binding - applies to. Note: this field mandatory in v1beta2.' - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: object + status: + description: ClusterClassStatus defines the observed state of the ClusterClass. + properties: + conditions: + description: Conditions defines current observed state of the ClusterClass. + items: + description: Condition defines an observation of a Cluster API resource operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. + type: string + severity: + description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + observedGeneration: + description: ObservedGeneration is the latest generation observed by the controller. + format: int64 + type: integer + variables: + description: Variables is a list of ClusterClassStatusVariable that are defined for the ClusterClass. + items: + description: ClusterClassStatusVariable defines a variable which appears in the status of a ClusterClass. + properties: + definitions: + description: Definitions is a list of definitions for a variable. + items: + description: ClusterClassStatusVariableDefinition defines a variable which appears in the status of a ClusterClass. + properties: + from: + description: From specifies the origin of the variable definition. This will be `inline` for variables defined in the ClusterClass or the name of a patch defined in the ClusterClass for variables discovered from a DiscoverVariables runtime extensions. + type: string + required: + description: 'Required specifies if the variable is required. Note: this applies to the variable as a whole and thus the top-level object defined in the schema. If nested fields are required, this will be specified inside the schema.' + type: boolean + schema: + description: Schema defines the schema of the variable. + properties: + openAPIV3Schema: + description: OpenAPIV3Schema defines the schema of a variable via OpenAPI v3 schema. The schema is a subset of the schema used in Kubernetes CRDs. + properties: + additionalProperties: + description: 'AdditionalProperties specifies the schema of values in a map (keys are always strings). NOTE: Can only be set if type is object. NOTE: AdditionalProperties is mutually exclusive with Properties. NOTE: This field uses PreserveUnknownFields and Schemaless, because recursive validation is not possible.' + x-kubernetes-preserve-unknown-fields: true + default: + description: 'Default is the default value of the variable. NOTE: Can be set for all types.' + x-kubernetes-preserve-unknown-fields: true + description: + description: Description is a human-readable description of this variable. + type: string + enum: + description: 'Enum is the list of valid values of the variable. NOTE: Can be set for all types.' + items: + x-kubernetes-preserve-unknown-fields: true + type: array + example: + description: Example is an example for this variable. + x-kubernetes-preserve-unknown-fields: true + exclusiveMaximum: + description: 'ExclusiveMaximum specifies if the Maximum is exclusive. NOTE: Can only be set if type is integer or number.' + type: boolean + exclusiveMinimum: + description: 'ExclusiveMinimum specifies if the Minimum is exclusive. NOTE: Can only be set if type is integer or number.' + type: boolean + format: + description: 'Format is an OpenAPI v3 format string. Unknown formats are ignored. For a list of supported formats please see: (of the k8s.io/apiextensions-apiserver version we''re currently using) https://github.com/kubernetes/apiextensions-apiserver/blob/master/pkg/apiserver/validation/formats.go NOTE: Can only be set if type is string.' + type: string + items: + description: 'Items specifies fields of an array. NOTE: Can only be set if type is array. NOTE: This field uses PreserveUnknownFields and Schemaless, because recursive validation is not possible.' + x-kubernetes-preserve-unknown-fields: true + maxItems: + description: 'MaxItems is the max length of an array variable. NOTE: Can only be set if type is array.' + format: int64 + type: integer + maxLength: + description: 'MaxLength is the max length of a string variable. NOTE: Can only be set if type is string.' + format: int64 + type: integer + maximum: + description: 'Maximum is the maximum of an integer or number variable. If ExclusiveMaximum is false, the variable is valid if it is lower than, or equal to, the value of Maximum. If ExclusiveMaximum is true, the variable is valid if it is strictly lower than the value of Maximum. NOTE: Can only be set if type is integer or number.' + format: int64 + type: integer + minItems: + description: 'MinItems is the min length of an array variable. NOTE: Can only be set if type is array.' + format: int64 + type: integer + minLength: + description: 'MinLength is the min length of a string variable. NOTE: Can only be set if type is string.' + format: int64 + type: integer + minimum: + description: 'Minimum is the minimum of an integer or number variable. If ExclusiveMinimum is false, the variable is valid if it is greater than, or equal to, the value of Minimum. If ExclusiveMinimum is true, the variable is valid if it is strictly greater than the value of Minimum. NOTE: Can only be set if type is integer or number.' + format: int64 + type: integer + pattern: + description: 'Pattern is the regex which a string variable must match. NOTE: Can only be set if type is string.' + type: string + properties: + description: 'Properties specifies fields of an object. NOTE: Can only be set if type is object. NOTE: Properties is mutually exclusive with AdditionalProperties. NOTE: This field uses PreserveUnknownFields and Schemaless, because recursive validation is not possible.' + x-kubernetes-preserve-unknown-fields: true + required: + description: 'Required specifies which fields of an object are required. NOTE: Can only be set if type is object.' + items: + type: string + type: array + type: + description: 'Type is the type of the variable. Valid values are: object, array, string, integer, number or boolean.' + type: string + uniqueItems: + description: 'UniqueItems specifies if items in an array must be unique. NOTE: Can only be set if type is array.' + type: boolean + x-kubernetes-preserve-unknown-fields: + description: XPreserveUnknownFields allows setting fields in a variable object which are not defined in the variable schema. This affects fields recursively, except if nested properties or additionalProperties are specified in the schema. + type: boolean + required: + - type + type: object + required: + - openAPIV3Schema + type: object + required: + - from + - required + - schema + type: object + type: array + definitionsConflict: + description: DefinitionsConflict specifies whether or not there are conflicting definitions for a single variable name. + type: boolean + name: + description: Name is the name of the variable. + type: string + required: + - definitions + - name + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} status: acceptedNames: kind: "" @@ -2264,7 +1232,7 @@ metadata: labels: cluster.x-k8s.io/provider: cluster-api clusterctl.cluster.x-k8s.io: "" - name: clusterresourcesets.addons.cluster.x-k8s.io + name: clusterresourcesetbindings.addons.cluster.x-k8s.io spec: conversion: strategy: Webhook @@ -2276,508 +1244,228 @@ spec: namespace: capi-system path: /convert conversionReviewVersions: - - v1 - - v1beta1 + - v1 + - v1beta1 group: addons.cluster.x-k8s.io names: categories: - - cluster-api - kind: ClusterResourceSet - listKind: ClusterResourceSetList - plural: clusterresourcesets - singular: clusterresourceset + - cluster-api + kind: ClusterResourceSetBinding + listKind: ClusterResourceSetBindingList + plural: clusterresourcesetbindings + singular: clusterresourcesetbinding scope: Namespaced versions: - - deprecated: true - name: v1alpha3 - schema: - openAPIV3Schema: - description: "ClusterResourceSet is the Schema for the clusterresourcesets - API. \n Deprecated: This type will be removed in one of the next releases." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ClusterResourceSetSpec defines the desired state of ClusterResourceSet. - properties: - clusterSelector: - description: Label selector for Clusters. The Clusters that are selected - by this will be the ones affected by this ClusterResourceSet. It - must match the Cluster labels. This field is immutable. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. + - deprecated: true + name: v1alpha3 + schema: + openAPIV3Schema: + description: "ClusterResourceSetBinding lists all matching ClusterResourceSets with the cluster it belongs to. \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ClusterResourceSetBindingSpec defines the desired state of ClusterResourceSetBinding. + properties: + bindings: + description: Bindings is a list of ClusterResourceSets and their resources. + items: + description: ResourceSetBinding keeps info on all of the resources in a ClusterResourceSet. + properties: + clusterResourceSetName: + description: ClusterResourceSetName is the name of the ClusterResourceSet that is applied to the owner cluster of the binding. + type: string + resources: + description: Resources is a list of resources that the ClusterResourceSet has. + items: + description: ResourceBinding shows the status of a resource that belongs to a ClusterResourceSet matched by the owner cluster of the ClusterResourceSetBinding object. + properties: + applied: + description: Applied is to track if a resource is applied to the cluster or not. + type: boolean + hash: + description: Hash is the hash of a resource's data. This can be used to decide if a resource is changed. For "ApplyOnce" ClusterResourceSet.spec.strategy, this is no-op as that strategy does not act on change. + type: string + kind: + description: 'Kind of the resource. Supported kinds are: Secrets and ConfigMaps.' + enum: + - Secret + - ConfigMap + type: string + lastAppliedTime: + description: LastAppliedTime identifies when this resource was last applied to the cluster. + format: date-time + type: string + name: + description: Name of the resource that is in the same namespace with ClusterResourceSet object. + minLength: 1 + type: string + required: + - applied + - kind + - name + type: object + type: array + required: + - clusterResourceSetName type: object - type: object - x-kubernetes-map-type: atomic - resources: - description: Resources is a list of Secrets/ConfigMaps where each - contains 1 or more resources to be applied to remote clusters. - items: - description: ResourceRef specifies a resource. - properties: - kind: - description: 'Kind of the resource. Supported kinds are: Secrets - and ConfigMaps.' - enum: - - Secret - - ConfigMap - type: string - name: - description: Name of the resource that is in the same namespace - with ClusterResourceSet object. - minLength: 1 - type: string - required: - - kind - - name - type: object - type: array - strategy: - description: Strategy is the strategy to be used during applying resources. - Defaults to ApplyOnce. This field is immutable. - enum: - - ApplyOnce - type: string - required: - - clusterSelector - type: object - status: - description: ClusterResourceSetStatus defines the observed state of ClusterResourceSet. - properties: - conditions: - description: Conditions defines current state of the ClusterResourceSet. - items: - description: Condition defines an observation of a Cluster API resource - operational state. - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. - type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. - type: string - required: - - status - - type - type: object - type: array - observedGeneration: - description: ObservedGeneration reflects the generation of the most - recently observed ClusterResourceSet. - format: int64 - type: integer - type: object - type: object - served: false - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - description: Time duration since creation of ClusterResourceSet - jsonPath: .metadata.creationTimestamp - name: Age - type: date - deprecated: true - name: v1alpha4 - schema: - openAPIV3Schema: - description: "ClusterResourceSet is the Schema for the clusterresourcesets - API. \n Deprecated: This type will be removed in one of the next releases." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ClusterResourceSetSpec defines the desired state of ClusterResourceSet. - properties: - clusterSelector: - description: Label selector for Clusters. The Clusters that are selected - by this will be the ones affected by this ClusterResourceSet. It - must match the Cluster labels. This field is immutable. Label selector - cannot be empty. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. + type: array + type: object + type: object + served: false + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Time duration since creation of ClusterResourceSetBinding + jsonPath: .metadata.creationTimestamp + name: Age + type: date + deprecated: true + name: v1alpha4 + schema: + openAPIV3Schema: + description: "ClusterResourceSetBinding lists all matching ClusterResourceSets with the cluster it belongs to. \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ClusterResourceSetBindingSpec defines the desired state of ClusterResourceSetBinding. + properties: + bindings: + description: Bindings is a list of ClusterResourceSets and their resources. + items: + description: ResourceSetBinding keeps info on all of the resources in a ClusterResourceSet. + properties: + clusterResourceSetName: + description: ClusterResourceSetName is the name of the ClusterResourceSet that is applied to the owner cluster of the binding. + type: string + resources: + description: Resources is a list of resources that the ClusterResourceSet has. + items: + description: ResourceBinding shows the status of a resource that belongs to a ClusterResourceSet matched by the owner cluster of the ClusterResourceSetBinding object. + properties: + applied: + description: Applied is to track if a resource is applied to the cluster or not. + type: boolean + hash: + description: Hash is the hash of a resource's data. This can be used to decide if a resource is changed. For "ApplyOnce" ClusterResourceSet.spec.strategy, this is no-op as that strategy does not act on change. + type: string + kind: + description: 'Kind of the resource. Supported kinds are: Secrets and ConfigMaps.' + enum: + - Secret + - ConfigMap + type: string + lastAppliedTime: + description: LastAppliedTime identifies when this resource was last applied to the cluster. + format: date-time + type: string + name: + description: Name of the resource that is in the same namespace with ClusterResourceSet object. + minLength: 1 + type: string + required: + - applied + - kind + - name + type: object + type: array + required: + - clusterResourceSetName type: object - type: object - x-kubernetes-map-type: atomic - resources: - description: Resources is a list of Secrets/ConfigMaps where each - contains 1 or more resources to be applied to remote clusters. - items: - description: ResourceRef specifies a resource. - properties: - kind: - description: 'Kind of the resource. Supported kinds are: Secrets - and ConfigMaps.' - enum: - - Secret - - ConfigMap - type: string - name: - description: Name of the resource that is in the same namespace - with ClusterResourceSet object. - minLength: 1 - type: string - required: - - kind - - name - type: object - type: array - strategy: - description: Strategy is the strategy to be used during applying resources. - Defaults to ApplyOnce. This field is immutable. - enum: - - ApplyOnce - type: string - required: - - clusterSelector - type: object - status: - description: ClusterResourceSetStatus defines the observed state of ClusterResourceSet. - properties: - conditions: - description: Conditions defines current state of the ClusterResourceSet. - items: - description: Condition defines an observation of a Cluster API resource - operational state. - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. - type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. - type: string - required: - - status - - type - type: object - type: array - observedGeneration: - description: ObservedGeneration reflects the generation of the most - recently observed ClusterResourceSet. - format: int64 - type: integer - type: object - type: object - served: false - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - description: Time duration since creation of ClusterResourceSet - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: ClusterResourceSet is the Schema for the clusterresourcesets - API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ClusterResourceSetSpec defines the desired state of ClusterResourceSet. - properties: - clusterSelector: - description: Label selector for Clusters. The Clusters that are selected - by this will be the ones affected by this ClusterResourceSet. It - must match the Cluster labels. This field is immutable. Label selector - cannot be empty. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. + type: array + type: object + type: object + served: false + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Time duration since creation of ClusterResourceSetBinding + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: ClusterResourceSetBinding lists all matching ClusterResourceSets with the cluster it belongs to. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ClusterResourceSetBindingSpec defines the desired state of ClusterResourceSetBinding. + properties: + bindings: + description: Bindings is a list of ClusterResourceSets and their resources. + items: + description: ResourceSetBinding keeps info on all of the resources in a ClusterResourceSet. + properties: + clusterResourceSetName: + description: ClusterResourceSetName is the name of the ClusterResourceSet that is applied to the owner cluster of the binding. + type: string + resources: + description: Resources is a list of resources that the ClusterResourceSet has. + items: + description: ResourceBinding shows the status of a resource that belongs to a ClusterResourceSet matched by the owner cluster of the ClusterResourceSetBinding object. + properties: + applied: + description: Applied is to track if a resource is applied to the cluster or not. + type: boolean + hash: + description: Hash is the hash of a resource's data. This can be used to decide if a resource is changed. For "ApplyOnce" ClusterResourceSet.spec.strategy, this is no-op as that strategy does not act on change. + type: string + kind: + description: 'Kind of the resource. Supported kinds are: Secrets and ConfigMaps.' + enum: + - Secret + - ConfigMap + type: string + lastAppliedTime: + description: LastAppliedTime identifies when this resource was last applied to the cluster. + format: date-time + type: string + name: + description: Name of the resource that is in the same namespace with ClusterResourceSet object. + minLength: 1 + type: string + required: + - applied + - kind + - name + type: object + type: array + required: + - clusterResourceSetName type: object - type: object - x-kubernetes-map-type: atomic - resources: - description: Resources is a list of Secrets/ConfigMaps where each - contains 1 or more resources to be applied to remote clusters. - items: - description: ResourceRef specifies a resource. - properties: - kind: - description: 'Kind of the resource. Supported kinds are: Secrets - and ConfigMaps.' - enum: - - Secret - - ConfigMap - type: string - name: - description: Name of the resource that is in the same namespace - with ClusterResourceSet object. - minLength: 1 - type: string - required: - - kind - - name - type: object - type: array - strategy: - description: Strategy is the strategy to be used during applying resources. - Defaults to ApplyOnce. This field is immutable. - enum: - - ApplyOnce - - Reconcile - type: string - required: - - clusterSelector - type: object - status: - description: ClusterResourceSetStatus defines the observed state of ClusterResourceSet. - properties: - conditions: - description: Conditions defines current state of the ClusterResourceSet. - items: - description: Condition defines an observation of a Cluster API resource - operational state. - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. - type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. - type: string - required: - - lastTransitionTime - - status - - type - type: object - type: array - observedGeneration: - description: ObservedGeneration reflects the generation of the most - recently observed ClusterResourceSet. - format: int64 - type: integer - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + clusterName: + description: 'ClusterName is the name of the Cluster this binding applies to. Note: this field mandatory in v1beta2.' + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} status: acceptedNames: kind: "" @@ -2795,7 +1483,7 @@ metadata: labels: cluster.x-k8s.io/provider: cluster-api clusterctl.cluster.x-k8s.io: "" - name: clusters.cluster.x-k8s.io + name: clusterresourcesets.addons.cluster.x-k8s.io spec: conversion: strategy: Webhook @@ -2807,2378 +1495,3079 @@ spec: namespace: capi-system path: /convert conversionReviewVersions: - - v1 - - v1beta1 - group: cluster.x-k8s.io + - v1 + - v1beta1 + group: addons.cluster.x-k8s.io names: categories: - - cluster-api - kind: Cluster - listKind: ClusterList - plural: clusters - shortNames: - - cl - singular: cluster + - cluster-api + kind: ClusterResourceSet + listKind: ClusterResourceSetList + plural: clusterresourcesets + singular: clusterresourceset scope: Namespaced versions: - - additionalPrinterColumns: - - description: Cluster status such as Pending/Provisioning/Provisioned/Deleting/Failed - jsonPath: .status.phase - name: Phase - type: string - deprecated: true - name: v1alpha3 - schema: - openAPIV3Schema: - description: Cluster is the Schema for the clusters API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ClusterSpec defines the desired state of Cluster. - properties: - clusterNetwork: - description: Cluster network configuration. - properties: - apiServerPort: - description: APIServerPort specifies the port the API Server should - bind to. Defaults to 6443. - format: int32 - type: integer - pods: - description: The network ranges from which Pod networks are allocated. + - deprecated: true + name: v1alpha3 + schema: + openAPIV3Schema: + description: "ClusterResourceSet is the Schema for the clusterresourcesets API. \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ClusterResourceSetSpec defines the desired state of ClusterResourceSet. + properties: + clusterSelector: + description: Label selector for Clusters. The Clusters that are selected by this will be the ones affected by this ClusterResourceSet. It must match the Cluster labels. This field is immutable. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + resources: + description: Resources is a list of Secrets/ConfigMaps where each contains 1 or more resources to be applied to remote clusters. + items: + description: ResourceRef specifies a resource. properties: - cidrBlocks: - items: - type: string - type: array + kind: + description: 'Kind of the resource. Supported kinds are: Secrets and ConfigMaps.' + enum: + - Secret + - ConfigMap + type: string + name: + description: Name of the resource that is in the same namespace with ClusterResourceSet object. + minLength: 1 + type: string required: - - cidrBlocks + - kind + - name type: object - serviceDomain: - description: Domain name for services. - type: string - services: - description: The network ranges from which service VIPs are allocated. + type: array + strategy: + description: Strategy is the strategy to be used during applying resources. Defaults to ApplyOnce. This field is immutable. + enum: + - ApplyOnce + type: string + required: + - clusterSelector + type: object + status: + description: ClusterResourceSetStatus defines the observed state of ClusterResourceSet. + properties: + conditions: + description: Conditions defines current state of the ClusterResourceSet. + items: + description: Condition defines an observation of a Cluster API resource operational state. properties: - cidrBlocks: - items: - type: string - type: array + lastTransitionTime: + description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. + type: string + severity: + description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + type: string required: - - cidrBlocks + - status + - type type: object - type: object - controlPlaneEndpoint: - description: ControlPlaneEndpoint represents the endpoint used to - communicate with the control plane. - properties: - host: - description: The hostname on which the API server is serving. - type: string - port: - description: The port on which the API server is serving. - format: int32 - type: integer - required: - - host - - port - type: object - controlPlaneRef: - description: ControlPlaneRef is an optional reference to a provider-specific - resource that holds the details for provisioning the Control Plane - for a Cluster. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - infrastructureRef: - description: InfrastructureRef is a reference to a provider-specific - resource that holds the details for provisioning infrastructure - for a cluster in said provider. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - paused: - description: Paused can be used to prevent controllers from processing - the Cluster and all its associated objects. - type: boolean - type: object - status: - description: ClusterStatus defines the observed state of Cluster. - properties: - conditions: - description: Conditions defines current service state of the cluster. - items: - description: Condition defines an observation of a Cluster API resource - operational state. - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. - type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. - type: string - required: - - status - - type - type: object - type: array - controlPlaneInitialized: - description: ControlPlaneInitialized defines if the control plane - has been initialized. - type: boolean - controlPlaneReady: - description: ControlPlaneReady defines if the control plane is ready. - type: boolean - failureDomains: - additionalProperties: - description: FailureDomainSpec is the Schema for Cluster API failure - domains. It allows controllers to understand how many failure - domains a cluster can optionally span across. + type: array + observedGeneration: + description: ObservedGeneration reflects the generation of the most recently observed ClusterResourceSet. + format: int64 + type: integer + type: object + type: object + served: false + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Time duration since creation of ClusterResourceSet + jsonPath: .metadata.creationTimestamp + name: Age + type: date + deprecated: true + name: v1alpha4 + schema: + openAPIV3Schema: + description: "ClusterResourceSet is the Schema for the clusterresourcesets API. \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ClusterResourceSetSpec defines the desired state of ClusterResourceSet. + properties: + clusterSelector: + description: Label selector for Clusters. The Clusters that are selected by this will be the ones affected by this ClusterResourceSet. It must match the Cluster labels. This field is immutable. Label selector cannot be empty. properties: - attributes: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: additionalProperties: type: string - description: Attributes is a free form map of attributes an - infrastructure provider might use or require. + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object - controlPlane: - description: ControlPlane determines if this failure domain - is suitable for use by control plane machines. - type: boolean type: object - description: FailureDomains is a slice of failure domain objects synced - from the infrastructure provider. - type: object - failureMessage: - description: FailureMessage indicates that there is a fatal problem - reconciling the state, and will be set to a descriptive error message. - type: string - failureReason: - description: FailureReason indicates that there is a fatal problem - reconciling the state, and will be set to a token value suitable - for programmatic interpretation. - type: string - infrastructureReady: - description: InfrastructureReady is the state of the infrastructure - provider. - type: boolean - observedGeneration: - description: ObservedGeneration is the latest generation observed - by the controller. - format: int64 - type: integer - phase: - description: Phase represents the current phase of cluster actuation. - E.g. Pending, Running, Terminating, Failed etc. - type: string - type: object - type: object - served: false - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - description: Time duration since creation of Cluster - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - description: Cluster status such as Pending/Provisioning/Provisioned/Deleting/Failed - jsonPath: .status.phase - name: Phase - type: string - deprecated: true - name: v1alpha4 - schema: - openAPIV3Schema: - description: "Cluster is the Schema for the clusters API. \n Deprecated: This - type will be removed in one of the next releases." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ClusterSpec defines the desired state of Cluster. - properties: - clusterNetwork: - description: Cluster network configuration. - properties: - apiServerPort: - description: APIServerPort specifies the port the API Server should - bind to. Defaults to 6443. - format: int32 - type: integer - pods: - description: The network ranges from which Pod networks are allocated. + x-kubernetes-map-type: atomic + resources: + description: Resources is a list of Secrets/ConfigMaps where each contains 1 or more resources to be applied to remote clusters. + items: + description: ResourceRef specifies a resource. properties: - cidrBlocks: - items: - type: string - type: array + kind: + description: 'Kind of the resource. Supported kinds are: Secrets and ConfigMaps.' + enum: + - Secret + - ConfigMap + type: string + name: + description: Name of the resource that is in the same namespace with ClusterResourceSet object. + minLength: 1 + type: string required: - - cidrBlocks + - kind + - name type: object - serviceDomain: - description: Domain name for services. - type: string - services: - description: The network ranges from which service VIPs are allocated. + type: array + strategy: + description: Strategy is the strategy to be used during applying resources. Defaults to ApplyOnce. This field is immutable. + enum: + - ApplyOnce + type: string + required: + - clusterSelector + type: object + status: + description: ClusterResourceSetStatus defines the observed state of ClusterResourceSet. + properties: + conditions: + description: Conditions defines current state of the ClusterResourceSet. + items: + description: Condition defines an observation of a Cluster API resource operational state. properties: - cidrBlocks: - items: - type: string - type: array + lastTransitionTime: + description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. + type: string + severity: + description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + type: string required: - - cidrBlocks + - status + - type type: object - type: object - controlPlaneEndpoint: - description: ControlPlaneEndpoint represents the endpoint used to - communicate with the control plane. - properties: - host: - description: The hostname on which the API server is serving. - type: string - port: - description: The port on which the API server is serving. - format: int32 - type: integer - required: - - host - - port - type: object - controlPlaneRef: - description: ControlPlaneRef is an optional reference to a provider-specific - resource that holds the details for provisioning the Control Plane - for a Cluster. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - infrastructureRef: - description: InfrastructureRef is a reference to a provider-specific - resource that holds the details for provisioning infrastructure - for a cluster in said provider. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - paused: - description: Paused can be used to prevent controllers from processing - the Cluster and all its associated objects. - type: boolean - topology: - description: 'This encapsulates the topology for the cluster. NOTE: - It is required to enable the ClusterTopology feature gate flag to - activate managed topologies support; this feature is highly experimental, - and parts of it might still be not implemented.' - properties: - class: - description: The name of the ClusterClass object to create the - topology. - type: string - controlPlane: - description: ControlPlane describes the cluster control plane. - properties: - metadata: - description: "Metadata is the metadata applied to the machines - of the ControlPlane. At runtime this metadata is merged - with the corresponding metadata from the ClusterClass. \n - This field is supported if and only if the control plane - provider template referenced in the ClusterClass is Machine - based." + type: array + observedGeneration: + description: ObservedGeneration reflects the generation of the most recently observed ClusterResourceSet. + format: int64 + type: integer + type: object + type: object + served: false + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Time duration since creation of ClusterResourceSet + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: ClusterResourceSet is the Schema for the clusterresourcesets API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ClusterResourceSetSpec defines the desired state of ClusterResourceSet. + properties: + clusterSelector: + description: Label selector for Clusters. The Clusters that are selected by this will be the ones affected by this ClusterResourceSet. It must match the Cluster labels. This field is immutable. Label selector cannot be empty. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: - annotations: - additionalProperties: - type: string - description: 'Annotations is an unstructured key value - map stored with a resource that may be set by external - tools to store and retrieve arbitrary metadata. They - are not queryable and should be preserved when modifying - objects. More info: http://kubernetes.io/docs/user-guide/annotations' - type: object - labels: - additionalProperties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: type: string - description: 'Map of string keys and values that can be - used to organize and categorize (scope and select) objects. - May match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' - type: object + type: array + required: + - key + - operator type: object - replicas: - description: Replicas is the number of control plane nodes. - If the value is nil, the ControlPlane object is created - without the number of Replicas and it's assumed that the - control plane controller does not implement support for - this field. When specified against a control plane provider - that lacks support for this field, this value will be ignored. - format: int32 - type: integer + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + resources: + description: Resources is a list of Secrets/ConfigMaps where each contains 1 or more resources to be applied to remote clusters. + items: + description: ResourceRef specifies a resource. + properties: + kind: + description: 'Kind of the resource. Supported kinds are: Secrets and ConfigMaps.' + enum: + - Secret + - ConfigMap + type: string + name: + description: Name of the resource that is in the same namespace with ClusterResourceSet object. + minLength: 1 + type: string + required: + - kind + - name type: object - rolloutAfter: - description: RolloutAfter performs a rollout of the entire cluster - one component at a time, control plane first and then machine - deployments. - format: date-time - type: string - version: - description: The Kubernetes version of the cluster. - type: string - workers: - description: Workers encapsulates the different constructs that - form the worker nodes for the cluster. + type: array + strategy: + description: Strategy is the strategy to be used during applying resources. Defaults to ApplyOnce. This field is immutable. + enum: + - ApplyOnce + - Reconcile + type: string + required: + - clusterSelector + type: object + status: + description: ClusterResourceSetStatus defines the observed state of ClusterResourceSet. + properties: + conditions: + description: Conditions defines current state of the ClusterResourceSet. + items: + description: Condition defines an observation of a Cluster API resource operational state. properties: - machineDeployments: - description: MachineDeployments is a list of machine deployments - in the cluster. - items: - description: MachineDeploymentTopology specifies the different - parameters for a set of worker nodes in the topology. - This set of nodes is managed by a MachineDeployment object - whose lifecycle is managed by the Cluster controller. - properties: - class: - description: Class is the name of the MachineDeploymentClass - used to create the set of worker nodes. This should - match one of the deployment classes defined in the - ClusterClass object mentioned in the `Cluster.Spec.Class` - field. - type: string - metadata: - description: Metadata is the metadata applied to the - machines of the MachineDeployment. At runtime this - metadata is merged with the corresponding metadata - from the ClusterClass. - properties: - annotations: - additionalProperties: - type: string - description: 'Annotations is an unstructured key - value map stored with a resource that may be set - by external tools to store and retrieve arbitrary - metadata. They are not queryable and should be - preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' - type: object - labels: - additionalProperties: - type: string - description: 'Map of string keys and values that - can be used to organize and categorize (scope - and select) objects. May match selectors of replication - controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' - type: object - type: object - name: - description: Name is the unique identifier for this - MachineDeploymentTopology. The value is used with - other unique identifiers to create a MachineDeployment's - Name (e.g. cluster's name, etc). In case the name - is greater than the allowed maximum length, the values - are hashed together. - type: string - replicas: - description: Replicas is the number of worker nodes - belonging to this set. If the value is nil, the MachineDeployment - is created without the number of Replicas (defaulting - to zero) and it's assumed that an external entity - (like cluster autoscaler) is responsible for the management - of this value. - format: int32 - type: integer - required: - - class - - name - type: object - type: array + lastTransitionTime: + description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. + type: string + severity: + description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + type: string + required: + - lastTransitionTime + - status + - type type: object - required: - - class - - version - type: object - type: object - status: - description: ClusterStatus defines the observed state of Cluster. - properties: - conditions: - description: Conditions defines current service state of the cluster. - items: - description: Condition defines an observation of a Cluster API resource - operational state. + type: array + observedGeneration: + description: ObservedGeneration reflects the generation of the most recently observed ClusterResourceSet. + format: int64 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: capi-system/capi-serving-cert + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: cluster-api + clusterctl.cluster.x-k8s.io: "" + name: clusters.cluster.x-k8s.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + caBundle: Cg== + service: + name: capi-webhook-service + namespace: capi-system + path: /convert + conversionReviewVersions: + - v1 + - v1beta1 + group: cluster.x-k8s.io + names: + categories: + - cluster-api + kind: Cluster + listKind: ClusterList + plural: clusters + shortNames: + - cl + singular: cluster + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Cluster status such as Pending/Provisioning/Provisioned/Deleting/Failed + jsonPath: .status.phase + name: Phase + type: string + deprecated: true + name: v1alpha3 + schema: + openAPIV3Schema: + description: Cluster is the Schema for the clusters API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ClusterSpec defines the desired state of Cluster. + properties: + clusterNetwork: + description: Cluster network configuration. properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time + apiServerPort: + description: APIServerPort specifies the port the API Server should bind to. Defaults to 6443. + format: int32 + type: integer + pods: + description: The network ranges from which Pod networks are allocated. + properties: + cidrBlocks: + items: + type: string + type: array + required: + - cidrBlocks + type: object + serviceDomain: + description: Domain name for services. type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. + services: + description: The network ranges from which service VIPs are allocated. + properties: + cidrBlocks: + items: + type: string + type: array + required: + - cidrBlocks + type: object + type: object + controlPlaneEndpoint: + description: ControlPlaneEndpoint represents the endpoint used to communicate with the control plane. + properties: + host: + description: The hostname on which the API server is serving. type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + port: + description: The port on which the API server is serving. + format: int32 + type: integer + required: + - host + - port + type: object + controlPlaneRef: + description: ControlPlaneRef is an optional reference to a provider-specific resource that holds the details for provisioning the Control Plane for a Cluster. + properties: + apiVersion: + description: API version of the referent. type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' type: string - status: - description: Status of the condition, one of True, False, Unknown. + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string - required: - - status - - type type: object - type: array - controlPlaneReady: - description: ControlPlaneReady defines if the control plane is ready. - type: boolean - failureDomains: - additionalProperties: - description: FailureDomainSpec is the Schema for Cluster API failure - domains. It allows controllers to understand how many failure - domains a cluster can optionally span across. + x-kubernetes-map-type: atomic + infrastructureRef: + description: InfrastructureRef is a reference to a provider-specific resource that holds the details for provisioning infrastructure for a cluster in said provider. properties: - attributes: - additionalProperties: - type: string - description: Attributes is a free form map of attributes an - infrastructure provider might use or require. - type: object - controlPlane: - description: ControlPlane determines if this failure domain - is suitable for use by control plane machines. - type: boolean + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string type: object - description: FailureDomains is a slice of failure domain objects synced - from the infrastructure provider. - type: object - failureMessage: - description: FailureMessage indicates that there is a fatal problem - reconciling the state, and will be set to a descriptive error message. - type: string - failureReason: - description: FailureReason indicates that there is a fatal problem - reconciling the state, and will be set to a token value suitable - for programmatic interpretation. - type: string - infrastructureReady: - description: InfrastructureReady is the state of the infrastructure - provider. - type: boolean - observedGeneration: - description: ObservedGeneration is the latest generation observed - by the controller. - format: int64 - type: integer - phase: - description: Phase represents the current phase of cluster actuation. - E.g. Pending, Running, Terminating, Failed etc. - type: string - type: object - type: object - served: false - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - description: ClusterClass of this Cluster, empty if the Cluster is not using - a ClusterClass - jsonPath: .spec.topology.class - name: ClusterClass - type: string - - description: Cluster status such as Pending/Provisioning/Provisioned/Deleting/Failed - jsonPath: .status.phase - name: Phase - type: string - - description: Time duration since creation of Cluster - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - description: Kubernetes version associated with this Cluster - jsonPath: .spec.topology.version - name: Version - type: string - name: v1beta1 - schema: - openAPIV3Schema: - description: Cluster is the Schema for the clusters API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ClusterSpec defines the desired state of Cluster. - properties: - clusterNetwork: - description: Cluster network configuration. - properties: - apiServerPort: - description: APIServerPort specifies the port the API Server should - bind to. Defaults to 6443. - format: int32 - type: integer - pods: - description: The network ranges from which Pod networks are allocated. + x-kubernetes-map-type: atomic + paused: + description: Paused can be used to prevent controllers from processing the Cluster and all its associated objects. + type: boolean + type: object + status: + description: ClusterStatus defines the observed state of Cluster. + properties: + conditions: + description: Conditions defines current service state of the cluster. + items: + description: Condition defines an observation of a Cluster API resource operational state. properties: - cidrBlocks: - items: + lastTransitionTime: + description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. + type: string + severity: + description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + type: string + required: + - status + - type + type: object + type: array + controlPlaneInitialized: + description: ControlPlaneInitialized defines if the control plane has been initialized. + type: boolean + controlPlaneReady: + description: ControlPlaneReady defines if the control plane is ready. + type: boolean + failureDomains: + additionalProperties: + description: FailureDomainSpec is the Schema for Cluster API failure domains. It allows controllers to understand how many failure domains a cluster can optionally span across. + properties: + attributes: + additionalProperties: + type: string + description: Attributes is a free form map of attributes an infrastructure provider might use or require. + type: object + controlPlane: + description: ControlPlane determines if this failure domain is suitable for use by control plane machines. + type: boolean + type: object + description: FailureDomains is a slice of failure domain objects synced from the infrastructure provider. + type: object + failureMessage: + description: FailureMessage indicates that there is a fatal problem reconciling the state, and will be set to a descriptive error message. + type: string + failureReason: + description: FailureReason indicates that there is a fatal problem reconciling the state, and will be set to a token value suitable for programmatic interpretation. + type: string + infrastructureReady: + description: InfrastructureReady is the state of the infrastructure provider. + type: boolean + observedGeneration: + description: ObservedGeneration is the latest generation observed by the controller. + format: int64 + type: integer + phase: + description: Phase represents the current phase of cluster actuation. E.g. Pending, Running, Terminating, Failed etc. + type: string + type: object + type: object + served: false + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Time duration since creation of Cluster + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Cluster status such as Pending/Provisioning/Provisioned/Deleting/Failed + jsonPath: .status.phase + name: Phase + type: string + deprecated: true + name: v1alpha4 + schema: + openAPIV3Schema: + description: "Cluster is the Schema for the clusters API. \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ClusterSpec defines the desired state of Cluster. + properties: + clusterNetwork: + description: Cluster network configuration. + properties: + apiServerPort: + description: APIServerPort specifies the port the API Server should bind to. Defaults to 6443. + format: int32 + type: integer + pods: + description: The network ranges from which Pod networks are allocated. + properties: + cidrBlocks: + items: + type: string + type: array + required: + - cidrBlocks + type: object + serviceDomain: + description: Domain name for services. + type: string + services: + description: The network ranges from which service VIPs are allocated. + properties: + cidrBlocks: + items: + type: string + type: array + required: + - cidrBlocks + type: object + type: object + controlPlaneEndpoint: + description: ControlPlaneEndpoint represents the endpoint used to communicate with the control plane. + properties: + host: + description: The hostname on which the API server is serving. + type: string + port: + description: The port on which the API server is serving. + format: int32 + type: integer + required: + - host + - port + type: object + controlPlaneRef: + description: ControlPlaneRef is an optional reference to a provider-specific resource that holds the details for provisioning the Control Plane for a Cluster. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + infrastructureRef: + description: InfrastructureRef is a reference to a provider-specific resource that holds the details for provisioning infrastructure for a cluster in said provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + paused: + description: Paused can be used to prevent controllers from processing the Cluster and all its associated objects. + type: boolean + topology: + description: 'This encapsulates the topology for the cluster. NOTE: It is required to enable the ClusterTopology feature gate flag to activate managed topologies support; this feature is highly experimental, and parts of it might still be not implemented.' + properties: + class: + description: The name of the ClusterClass object to create the topology. + type: string + controlPlane: + description: ControlPlane describes the cluster control plane. + properties: + metadata: + description: "Metadata is the metadata applied to the machines of the ControlPlane. At runtime this metadata is merged with the corresponding metadata from the ClusterClass. \n This field is supported if and only if the control plane provider template referenced in the ClusterClass is Machine based." + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + replicas: + description: Replicas is the number of control plane nodes. If the value is nil, the ControlPlane object is created without the number of Replicas and it's assumed that the control plane controller does not implement support for this field. When specified against a control plane provider that lacks support for this field, this value will be ignored. + format: int32 + type: integer + type: object + rolloutAfter: + description: RolloutAfter performs a rollout of the entire cluster one component at a time, control plane first and then machine deployments. + format: date-time + type: string + version: + description: The Kubernetes version of the cluster. + type: string + workers: + description: Workers encapsulates the different constructs that form the worker nodes for the cluster. + properties: + machineDeployments: + description: MachineDeployments is a list of machine deployments in the cluster. + items: + description: MachineDeploymentTopology specifies the different parameters for a set of worker nodes in the topology. This set of nodes is managed by a MachineDeployment object whose lifecycle is managed by the Cluster controller. + properties: + class: + description: Class is the name of the MachineDeploymentClass used to create the set of worker nodes. This should match one of the deployment classes defined in the ClusterClass object mentioned in the `Cluster.Spec.Class` field. + type: string + metadata: + description: Metadata is the metadata applied to the machines of the MachineDeployment. At runtime this metadata is merged with the corresponding metadata from the ClusterClass. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + name: + description: Name is the unique identifier for this MachineDeploymentTopology. The value is used with other unique identifiers to create a MachineDeployment's Name (e.g. cluster's name, etc). In case the name is greater than the allowed maximum length, the values are hashed together. + type: string + replicas: + description: Replicas is the number of worker nodes belonging to this set. If the value is nil, the MachineDeployment is created without the number of Replicas (defaulting to zero) and it's assumed that an external entity (like cluster autoscaler) is responsible for the management of this value. + format: int32 + type: integer + required: + - class + - name + type: object + type: array + type: object + required: + - class + - version + type: object + type: object + status: + description: ClusterStatus defines the observed state of Cluster. + properties: + conditions: + description: Conditions defines current service state of the cluster. + items: + description: Condition defines an observation of a Cluster API resource operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. + type: string + severity: + description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + type: string + required: + - status + - type + type: object + type: array + controlPlaneReady: + description: ControlPlaneReady defines if the control plane is ready. + type: boolean + failureDomains: + additionalProperties: + description: FailureDomainSpec is the Schema for Cluster API failure domains. It allows controllers to understand how many failure domains a cluster can optionally span across. + properties: + attributes: + additionalProperties: + type: string + description: Attributes is a free form map of attributes an infrastructure provider might use or require. + type: object + controlPlane: + description: ControlPlane determines if this failure domain is suitable for use by control plane machines. + type: boolean + type: object + description: FailureDomains is a slice of failure domain objects synced from the infrastructure provider. + type: object + failureMessage: + description: FailureMessage indicates that there is a fatal problem reconciling the state, and will be set to a descriptive error message. + type: string + failureReason: + description: FailureReason indicates that there is a fatal problem reconciling the state, and will be set to a token value suitable for programmatic interpretation. + type: string + infrastructureReady: + description: InfrastructureReady is the state of the infrastructure provider. + type: boolean + observedGeneration: + description: ObservedGeneration is the latest generation observed by the controller. + format: int64 + type: integer + phase: + description: Phase represents the current phase of cluster actuation. E.g. Pending, Running, Terminating, Failed etc. + type: string + type: object + type: object + served: false + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: ClusterClass of this Cluster, empty if the Cluster is not using a ClusterClass + jsonPath: .spec.topology.class + name: ClusterClass + type: string + - description: Cluster status such as Pending/Provisioning/Provisioned/Deleting/Failed + jsonPath: .status.phase + name: Phase + type: string + - description: Time duration since creation of Cluster + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Kubernetes version associated with this Cluster + jsonPath: .spec.topology.version + name: Version + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: Cluster is the Schema for the clusters API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ClusterSpec defines the desired state of Cluster. + properties: + clusterNetwork: + description: Cluster network configuration. + properties: + apiServerPort: + description: APIServerPort specifies the port the API Server should bind to. Defaults to 6443. + format: int32 + type: integer + pods: + description: The network ranges from which Pod networks are allocated. + properties: + cidrBlocks: + items: + type: string + type: array + required: + - cidrBlocks + type: object + serviceDomain: + description: Domain name for services. + type: string + services: + description: The network ranges from which service VIPs are allocated. + properties: + cidrBlocks: + items: + type: string + type: array + required: + - cidrBlocks + type: object + type: object + controlPlaneEndpoint: + description: ControlPlaneEndpoint represents the endpoint used to communicate with the control plane. + properties: + host: + description: The hostname on which the API server is serving. + type: string + port: + description: The port on which the API server is serving. + format: int32 + type: integer + required: + - host + - port + type: object + controlPlaneRef: + description: ControlPlaneRef is an optional reference to a provider-specific resource that holds the details for provisioning the Control Plane for a Cluster. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + infrastructureRef: + description: InfrastructureRef is a reference to a provider-specific resource that holds the details for provisioning infrastructure for a cluster in said provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + paused: + description: Paused can be used to prevent controllers from processing the Cluster and all its associated objects. + type: boolean + topology: + description: 'This encapsulates the topology for the cluster. NOTE: It is required to enable the ClusterTopology feature gate flag to activate managed topologies support; this feature is highly experimental, and parts of it might still be not implemented.' + properties: + class: + description: The name of the ClusterClass object to create the topology. + type: string + controlPlane: + description: ControlPlane describes the cluster control plane. + properties: + machineHealthCheck: + description: MachineHealthCheck allows to enable, disable and override the MachineHealthCheck configuration in the ClusterClass for this control plane. + properties: + enable: + description: "Enable controls if a MachineHealthCheck should be created for the target machines. \n If false: No MachineHealthCheck will be created. \n If not set(default): A MachineHealthCheck will be created if it is defined here or in the associated ClusterClass. If no MachineHealthCheck is defined then none will be created. \n If true: A MachineHealthCheck is guaranteed to be created. Cluster validation will block if `enable` is true and no MachineHealthCheck definition is available." + type: boolean + maxUnhealthy: + anyOf: + - type: integer + - type: string + description: Any further remediation is only allowed if at most "MaxUnhealthy" machines selected by "selector" are not healthy. + x-kubernetes-int-or-string: true + nodeStartupTimeout: + description: Machines older than this duration without a node will be considered to have failed and will be remediated. If you wish to disable this feature, set the value explicitly to 0. + type: string + remediationTemplate: + description: "RemediationTemplate is a reference to a remediation template provided by an infrastructure provider. \n This field is completely optional, when filled, the MachineHealthCheck controller creates a new object from the template referenced and hands off remediation of the machine to a controller that lives outside of Cluster API." + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + unhealthyConditions: + description: UnhealthyConditions contains a list of the conditions that determine whether a node is considered unhealthy. The conditions are combined in a logical OR, i.e. if any of the conditions is met, the node is unhealthy. + items: + description: UnhealthyCondition represents a Node condition type and value with a timeout specified as a duration. When the named condition has been in the given status for at least the timeout value, a node is considered unhealthy. + properties: + status: + minLength: 1 + type: string + timeout: + type: string + type: + minLength: 1 + type: string + required: + - status + - timeout + - type + type: object + type: array + unhealthyRange: + description: 'Any further remediation is only allowed if the number of machines selected by "selector" as not healthy is within the range of "UnhealthyRange". Takes precedence over MaxUnhealthy. Eg. "[3-5]" - This means that remediation will be allowed only when: (a) there are at least 3 unhealthy machines (and) (b) there are at most 5 unhealthy machines' + pattern: ^\[[0-9]+-[0-9]+\]$ + type: string + type: object + metadata: + description: Metadata is the metadata applied to the ControlPlane and the Machines of the ControlPlane if the ControlPlaneTemplate referenced by the ClusterClass is machine based. If not, it is applied only to the ControlPlane. At runtime this metadata is merged with the corresponding metadata from the ClusterClass. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + nodeDeletionTimeout: + description: NodeDeletionTimeout defines how long the controller will attempt to delete the Node that the Machine hosts after the Machine is marked for deletion. A duration of 0 will retry deletion indefinitely. Defaults to 10 seconds. + type: string + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. The default value is 0, meaning that the node can be drained without any time limitations. NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`' + type: string + nodeVolumeDetachTimeout: + description: NodeVolumeDetachTimeout is the total amount of time that the controller will spend on waiting for all volumes to be detached. The default value is 0, meaning that the volumes can be detached without any time limitations. + type: string + replicas: + description: Replicas is the number of control plane nodes. If the value is nil, the ControlPlane object is created without the number of Replicas and it's assumed that the control plane controller does not implement support for this field. When specified against a control plane provider that lacks support for this field, this value will be ignored. + format: int32 + type: integer + type: object + rolloutAfter: + description: "RolloutAfter performs a rollout of the entire cluster one component at a time, control plane first and then machine deployments. \n Deprecated: This field has no function and is going to be removed in the next apiVersion." + format: date-time + type: string + variables: + description: Variables can be used to customize the Cluster through patches. They must comply to the corresponding VariableClasses defined in the ClusterClass. + items: + description: ClusterVariable can be used to customize the Cluster through patches. Each ClusterVariable is associated with a Variable definition in the ClusterClass `status` variables. + properties: + definitionFrom: + description: 'DefinitionFrom specifies where the definition of this Variable is from. DefinitionFrom is `inline` when the definition is from the ClusterClass `.spec.variables` or the name of a patch defined in the ClusterClass `.spec.patches` where the patch is external and provides external variables. This field is mandatory if the variable has `DefinitionsConflict: true` in ClusterClass `status.variables[]`' + type: string + name: + description: Name of the variable. + type: string + value: + description: 'Value of the variable. Note: the value will be validated against the schema of the corresponding ClusterClassVariable from the ClusterClass. Note: We have to use apiextensionsv1.JSON instead of a custom JSON type, because controller-tools has a hard-coded schema for apiextensionsv1.JSON which cannot be produced by another type via controller-tools, i.e. it is not possible to have no type field. Ref: https://github.com/kubernetes-sigs/controller-tools/blob/d0e03a142d0ecdd5491593e941ee1d6b5d91dba6/pkg/crd/known_types.go#L106-L111' + x-kubernetes-preserve-unknown-fields: true + required: + - name + - value + type: object + type: array + version: + description: The Kubernetes version of the cluster. + type: string + workers: + description: Workers encapsulates the different constructs that form the worker nodes for the cluster. + properties: + machineDeployments: + description: MachineDeployments is a list of machine deployments in the cluster. + items: + description: MachineDeploymentTopology specifies the different parameters for a set of worker nodes in the topology. This set of nodes is managed by a MachineDeployment object whose lifecycle is managed by the Cluster controller. + properties: + class: + description: Class is the name of the MachineDeploymentClass used to create the set of worker nodes. This should match one of the deployment classes defined in the ClusterClass object mentioned in the `Cluster.Spec.Class` field. + type: string + failureDomain: + description: FailureDomain is the failure domain the machines will be created in. Must match a key in the FailureDomains map stored on the cluster object. + type: string + machineHealthCheck: + description: MachineHealthCheck allows to enable, disable and override the MachineHealthCheck configuration in the ClusterClass for this MachineDeployment. + properties: + enable: + description: "Enable controls if a MachineHealthCheck should be created for the target machines. \n If false: No MachineHealthCheck will be created. \n If not set(default): A MachineHealthCheck will be created if it is defined here or in the associated ClusterClass. If no MachineHealthCheck is defined then none will be created. \n If true: A MachineHealthCheck is guaranteed to be created. Cluster validation will block if `enable` is true and no MachineHealthCheck definition is available." + type: boolean + maxUnhealthy: + anyOf: + - type: integer + - type: string + description: Any further remediation is only allowed if at most "MaxUnhealthy" machines selected by "selector" are not healthy. + x-kubernetes-int-or-string: true + nodeStartupTimeout: + description: Machines older than this duration without a node will be considered to have failed and will be remediated. If you wish to disable this feature, set the value explicitly to 0. + type: string + remediationTemplate: + description: "RemediationTemplate is a reference to a remediation template provided by an infrastructure provider. \n This field is completely optional, when filled, the MachineHealthCheck controller creates a new object from the template referenced and hands off remediation of the machine to a controller that lives outside of Cluster API." + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + unhealthyConditions: + description: UnhealthyConditions contains a list of the conditions that determine whether a node is considered unhealthy. The conditions are combined in a logical OR, i.e. if any of the conditions is met, the node is unhealthy. + items: + description: UnhealthyCondition represents a Node condition type and value with a timeout specified as a duration. When the named condition has been in the given status for at least the timeout value, a node is considered unhealthy. + properties: + status: + minLength: 1 + type: string + timeout: + type: string + type: + minLength: 1 + type: string + required: + - status + - timeout + - type + type: object + type: array + unhealthyRange: + description: 'Any further remediation is only allowed if the number of machines selected by "selector" as not healthy is within the range of "UnhealthyRange". Takes precedence over MaxUnhealthy. Eg. "[3-5]" - This means that remediation will be allowed only when: (a) there are at least 3 unhealthy machines (and) (b) there are at most 5 unhealthy machines' + pattern: ^\[[0-9]+-[0-9]+\]$ + type: string + type: object + metadata: + description: Metadata is the metadata applied to the MachineDeployment and the machines of the MachineDeployment. At runtime this metadata is merged with the corresponding metadata from the ClusterClass. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + minReadySeconds: + description: Minimum number of seconds for which a newly created machine should be ready. Defaults to 0 (machine will be considered available as soon as it is ready) + format: int32 + type: integer + name: + description: Name is the unique identifier for this MachineDeploymentTopology. The value is used with other unique identifiers to create a MachineDeployment's Name (e.g. cluster's name, etc). In case the name is greater than the allowed maximum length, the values are hashed together. + type: string + nodeDeletionTimeout: + description: NodeDeletionTimeout defines how long the controller will attempt to delete the Node that the Machine hosts after the Machine is marked for deletion. A duration of 0 will retry deletion indefinitely. Defaults to 10 seconds. + type: string + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. The default value is 0, meaning that the node can be drained without any time limitations. NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`' + type: string + nodeVolumeDetachTimeout: + description: NodeVolumeDetachTimeout is the total amount of time that the controller will spend on waiting for all volumes to be detached. The default value is 0, meaning that the volumes can be detached without any time limitations. + type: string + replicas: + description: Replicas is the number of worker nodes belonging to this set. If the value is nil, the MachineDeployment is created without the number of Replicas (defaulting to 1) and it's assumed that an external entity (like cluster autoscaler) is responsible for the management of this value. + format: int32 + type: integer + strategy: + description: The deployment strategy to use to replace existing machines with new ones. + properties: + rollingUpdate: + description: Rolling update config params. Present only if MachineDeploymentStrategyType = RollingUpdate. + properties: + deletePolicy: + description: DeletePolicy defines the policy used by the MachineDeployment to identify nodes to delete when downscaling. Valid values are "Random, "Newest", "Oldest" When no value is supplied, the default DeletePolicy of MachineSet is used + enum: + - Random + - Newest + - Oldest + type: string + maxSurge: + anyOf: + - type: integer + - type: string + description: 'The maximum number of machines that can be scheduled above the desired number of machines. Value can be an absolute number (ex: 5) or a percentage of desired machines (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to 1. Example: when this is set to 30%, the new MachineSet can be scaled up immediately when the rolling update starts, such that the total number of old and new machines do not exceed 130% of desired machines. Once old machines have been killed, new MachineSet can be scaled up further, ensuring that total number of machines running at any time during the update is at most 130% of desired machines.' + x-kubernetes-int-or-string: true + maxUnavailable: + anyOf: + - type: integer + - type: string + description: 'The maximum number of machines that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired machines (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to 0. Example: when this is set to 30%, the old MachineSet can be scaled down to 70% of desired machines immediately when the rolling update starts. Once new machines are ready, old MachineSet can be scaled down further, followed by scaling up the new MachineSet, ensuring that the total number of machines available at all times during the update is at least 70% of desired machines.' + x-kubernetes-int-or-string: true + type: object + type: + description: Type of deployment. Allowed values are RollingUpdate and OnDelete. The default is RollingUpdate. + enum: + - RollingUpdate + - OnDelete + type: string + type: object + variables: + description: Variables can be used to customize the MachineDeployment through patches. + properties: + overrides: + description: Overrides can be used to override Cluster level variables. + items: + description: ClusterVariable can be used to customize the Cluster through patches. Each ClusterVariable is associated with a Variable definition in the ClusterClass `status` variables. + properties: + definitionFrom: + description: 'DefinitionFrom specifies where the definition of this Variable is from. DefinitionFrom is `inline` when the definition is from the ClusterClass `.spec.variables` or the name of a patch defined in the ClusterClass `.spec.patches` where the patch is external and provides external variables. This field is mandatory if the variable has `DefinitionsConflict: true` in ClusterClass `status.variables[]`' + type: string + name: + description: Name of the variable. + type: string + value: + description: 'Value of the variable. Note: the value will be validated against the schema of the corresponding ClusterClassVariable from the ClusterClass. Note: We have to use apiextensionsv1.JSON instead of a custom JSON type, because controller-tools has a hard-coded schema for apiextensionsv1.JSON which cannot be produced by another type via controller-tools, i.e. it is not possible to have no type field. Ref: https://github.com/kubernetes-sigs/controller-tools/blob/d0e03a142d0ecdd5491593e941ee1d6b5d91dba6/pkg/crd/known_types.go#L106-L111' + x-kubernetes-preserve-unknown-fields: true + required: + - name + - value + type: object + type: array + type: object + required: + - class + - name + type: object + type: array + machinePools: + description: MachinePools is a list of machine pools in the cluster. + items: + description: MachinePoolTopology specifies the different parameters for a pool of worker nodes in the topology. This pool of nodes is managed by a MachinePool object whose lifecycle is managed by the Cluster controller. + properties: + class: + description: Class is the name of the MachinePoolClass used to create the pool of worker nodes. This should match one of the deployment classes defined in the ClusterClass object mentioned in the `Cluster.Spec.Class` field. + type: string + failureDomains: + description: FailureDomains is the list of failure domains the machine pool will be created in. Must match a key in the FailureDomains map stored on the cluster object. + items: + type: string + type: array + metadata: + description: Metadata is the metadata applied to the MachinePool. At runtime this metadata is merged with the corresponding metadata from the ClusterClass. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + minReadySeconds: + description: Minimum number of seconds for which a newly created machine pool should be ready. Defaults to 0 (machine will be considered available as soon as it is ready) + format: int32 + type: integer + name: + description: Name is the unique identifier for this MachinePoolTopology. The value is used with other unique identifiers to create a MachinePool's Name (e.g. cluster's name, etc). In case the name is greater than the allowed maximum length, the values are hashed together. + type: string + nodeDeletionTimeout: + description: NodeDeletionTimeout defines how long the controller will attempt to delete the Node that the MachinePool hosts after the MachinePool is marked for deletion. A duration of 0 will retry deletion indefinitely. Defaults to 10 seconds. + type: string + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. The default value is 0, meaning that the node can be drained without any time limitations. NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`' + type: string + nodeVolumeDetachTimeout: + description: NodeVolumeDetachTimeout is the total amount of time that the controller will spend on waiting for all volumes to be detached. The default value is 0, meaning that the volumes can be detached without any time limitations. + type: string + replicas: + description: Replicas is the number of nodes belonging to this pool. If the value is nil, the MachinePool is created without the number of Replicas (defaulting to 1) and it's assumed that an external entity (like cluster autoscaler) is responsible for the management of this value. + format: int32 + type: integer + variables: + description: Variables can be used to customize the MachinePool through patches. + properties: + overrides: + description: Overrides can be used to override Cluster level variables. + items: + description: ClusterVariable can be used to customize the Cluster through patches. Each ClusterVariable is associated with a Variable definition in the ClusterClass `status` variables. + properties: + definitionFrom: + description: 'DefinitionFrom specifies where the definition of this Variable is from. DefinitionFrom is `inline` when the definition is from the ClusterClass `.spec.variables` or the name of a patch defined in the ClusterClass `.spec.patches` where the patch is external and provides external variables. This field is mandatory if the variable has `DefinitionsConflict: true` in ClusterClass `status.variables[]`' + type: string + name: + description: Name of the variable. + type: string + value: + description: 'Value of the variable. Note: the value will be validated against the schema of the corresponding ClusterClassVariable from the ClusterClass. Note: We have to use apiextensionsv1.JSON instead of a custom JSON type, because controller-tools has a hard-coded schema for apiextensionsv1.JSON which cannot be produced by another type via controller-tools, i.e. it is not possible to have no type field. Ref: https://github.com/kubernetes-sigs/controller-tools/blob/d0e03a142d0ecdd5491593e941ee1d6b5d91dba6/pkg/crd/known_types.go#L106-L111' + x-kubernetes-preserve-unknown-fields: true + required: + - name + - value + type: object + type: array + type: object + required: + - class + - name + type: object + type: array + type: object + required: + - class + - version + type: object + type: object + status: + description: ClusterStatus defines the observed state of Cluster. + properties: + conditions: + description: Conditions defines current service state of the cluster. + items: + description: Condition defines an observation of a Cluster API resource operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. + type: string + severity: + description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + controlPlaneReady: + description: ControlPlaneReady defines if the control plane is ready. + type: boolean + failureDomains: + additionalProperties: + description: FailureDomainSpec is the Schema for Cluster API failure domains. It allows controllers to understand how many failure domains a cluster can optionally span across. + properties: + attributes: + additionalProperties: + type: string + description: Attributes is a free form map of attributes an infrastructure provider might use or require. + type: object + controlPlane: + description: ControlPlane determines if this failure domain is suitable for use by control plane machines. + type: boolean + type: object + description: FailureDomains is a slice of failure domain objects synced from the infrastructure provider. + type: object + failureMessage: + description: FailureMessage indicates that there is a fatal problem reconciling the state, and will be set to a descriptive error message. + type: string + failureReason: + description: FailureReason indicates that there is a fatal problem reconciling the state, and will be set to a token value suitable for programmatic interpretation. + type: string + infrastructureReady: + description: InfrastructureReady is the state of the infrastructure provider. + type: boolean + observedGeneration: + description: ObservedGeneration is the latest generation observed by the controller. + format: int64 + type: integer + phase: + description: Phase represents the current phase of cluster actuation. E.g. Pending, Running, Terminating, Failed etc. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: cluster-api + clusterctl.cluster.x-k8s.io: "" + name: extensionconfigs.runtime.cluster.x-k8s.io +spec: + group: runtime.cluster.x-k8s.io + names: + categories: + - cluster-api + kind: ExtensionConfig + listKind: ExtensionConfigList + plural: extensionconfigs + shortNames: + - ext + singular: extensionconfig + scope: Cluster + versions: + - additionalPrinterColumns: + - description: Time duration since creation of ExtensionConfig + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: ExtensionConfig is the Schema for the ExtensionConfig API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ExtensionConfigSpec is the desired state of the ExtensionConfig + properties: + clientConfig: + description: ClientConfig defines how to communicate with the Extension server. + properties: + caBundle: + description: CABundle is a PEM encoded CA bundle which will be used to validate the Extension server's server certificate. + format: byte + type: string + service: + description: "Service is a reference to the Kubernetes service for the Extension server. Note: Exactly one of `url` or `service` must be specified. \n If the Extension server is running within a cluster, then you should use `service`." + properties: + name: + description: Name is the name of the service. type: string - type: array + namespace: + description: Namespace is the namespace of the service. + type: string + path: + description: Path is an optional URL path and if present may be any string permissible in a URL. If a path is set it will be used as prefix to the hook-specific path. + type: string + port: + description: Port is the port on the service that's hosting the Extension server. Defaults to 443. Port should be a valid port number (1-65535, inclusive). + format: int32 + type: integer + required: + - name + - namespace + type: object + url: + description: "URL gives the location of the Extension server, in standard URL form (`scheme://host:port/path`). Note: Exactly one of `url` or `service` must be specified. \n The scheme must be \"https\". \n The `host` should not refer to a service running in the cluster; use the `service` field instead. \n A path is optional, and if present may be any string permissible in a URL. If a path is set it will be used as prefix to the hook-specific path. \n Attempting to use a user or basic auth e.g. \"user:password@\" is not allowed. Fragments (\"#...\") and query parameters (\"?...\") are not allowed either." + type: string + type: object + namespaceSelector: + description: NamespaceSelector decides whether to call the hook for an object based on whether the namespace for that object matches the selector. Defaults to the empty LabelSelector, which matches all objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + settings: + additionalProperties: + type: string + description: 'Settings defines key value pairs to be passed to all calls to all supported RuntimeExtensions. Note: Settings can be overridden on the ClusterClass.' + type: object + required: + - clientConfig + type: object + status: + description: ExtensionConfigStatus is the current state of the ExtensionConfig + properties: + conditions: + description: Conditions define the current service state of the ExtensionConfig. + items: + description: Condition defines an observation of a Cluster API resource operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. + type: string + severity: + description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + type: string required: - - cidrBlocks + - lastTransitionTime + - status + - type type: object - serviceDomain: - description: Domain name for services. - type: string - services: - description: The network ranges from which service VIPs are allocated. + type: array + handlers: + description: Handlers defines the current ExtensionHandlers supported by an Extension. + items: + description: ExtensionHandler specifies the details of a handler for a particular runtime hook registered by an Extension server. properties: - cidrBlocks: - items: - type: string - type: array + failurePolicy: + description: FailurePolicy defines how failures in calls to the ExtensionHandler should be handled by a client. Defaults to Fail if not set. + type: string + name: + description: Name is the unique name of the ExtensionHandler. + type: string + requestHook: + description: RequestHook defines the versioned runtime hook which this ExtensionHandler serves. + properties: + apiVersion: + description: APIVersion is the group and version of the Hook. + type: string + hook: + description: Hook is the name of the hook. + type: string + required: + - apiVersion + - hook + type: object + timeoutSeconds: + description: TimeoutSeconds defines the timeout duration for client calls to the ExtensionHandler. Defaults to 10 is not set. + format: int32 + type: integer required: - - cidrBlocks + - name + - requestHook type: object - type: object - controlPlaneEndpoint: - description: ControlPlaneEndpoint represents the endpoint used to - communicate with the control plane. - properties: - host: - description: The hostname on which the API server is serving. - type: string - port: - description: The port on which the API server is serving. - format: int32 - type: integer - required: - - host - - port - type: object - controlPlaneRef: - description: ControlPlaneRef is an optional reference to a provider-specific - resource that holds the details for provisioning the Control Plane - for a Cluster. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - infrastructureRef: - description: InfrastructureRef is a reference to a provider-specific - resource that holds the details for provisioning infrastructure - for a cluster in said provider. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - paused: - description: Paused can be used to prevent controllers from processing - the Cluster and all its associated objects. - type: boolean - topology: - description: 'This encapsulates the topology for the cluster. NOTE: - It is required to enable the ClusterTopology feature gate flag to - activate managed topologies support; this feature is highly experimental, - and parts of it might still be not implemented.' - properties: - class: - description: The name of the ClusterClass object to create the - topology. - type: string - controlPlane: - description: ControlPlane describes the cluster control plane. + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: cluster-api + clusterctl.cluster.x-k8s.io: "" + name: ipaddressclaims.ipam.cluster.x-k8s.io +spec: + group: ipam.cluster.x-k8s.io + names: + categories: + - cluster-api + kind: IPAddressClaim + listKind: IPAddressClaimList + plural: ipaddressclaims + singular: ipaddressclaim + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Name of the pool to allocate an address from + jsonPath: .spec.poolRef.name + name: Pool Name + type: string + - description: Kind of the pool to allocate an address from + jsonPath: .spec.poolRef.kind + name: Pool Kind + type: string + - description: Time duration since creation of IPAdressClaim + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: IPAddressClaim is the Schema for the ipaddressclaim API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: IPAddressClaimSpec is the desired state of an IPAddressClaim. + properties: + poolRef: + description: PoolRef is a reference to the pool from which an IP address should be created. + properties: + apiGroup: + description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + required: + - poolRef + type: object + status: + description: IPAddressClaimStatus is the observed status of a IPAddressClaim. + properties: + addressRef: + description: AddressRef is a reference to the address that was created for this claim. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + conditions: + description: Conditions summarises the current state of the IPAddressClaim + items: + description: Condition defines an observation of a Cluster API resource operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. + type: string + severity: + description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Name of the pool to allocate an address from + jsonPath: .spec.poolRef.name + name: Pool Name + type: string + - description: Kind of the pool to allocate an address from + jsonPath: .spec.poolRef.kind + name: Pool Kind + type: string + - description: Time duration since creation of IPAdressClaim + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: IPAddressClaim is the Schema for the ipaddressclaim API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: IPAddressClaimSpec is the desired state of an IPAddressClaim. + properties: + poolRef: + description: PoolRef is a reference to the pool from which an IP address should be created. + properties: + apiGroup: + description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + required: + - poolRef + type: object + status: + description: IPAddressClaimStatus is the observed status of a IPAddressClaim. + properties: + addressRef: + description: AddressRef is a reference to the address that was created for this claim. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + conditions: + description: Conditions summarises the current state of the IPAddressClaim + items: + description: Condition defines an observation of a Cluster API resource operational state. properties: - machineHealthCheck: - description: MachineHealthCheck allows to enable, disable - and override the MachineHealthCheck configuration in the - ClusterClass for this control plane. + lastTransitionTime: + description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. + type: string + severity: + description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: cluster-api + clusterctl.cluster.x-k8s.io: "" + name: ipaddresses.ipam.cluster.x-k8s.io +spec: + group: ipam.cluster.x-k8s.io + names: + categories: + - cluster-api + kind: IPAddress + listKind: IPAddressList + plural: ipaddresses + singular: ipaddress + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Address + jsonPath: .spec.address + name: Address + type: string + - description: Name of the pool the address is from + jsonPath: .spec.poolRef.name + name: Pool Name + type: string + - description: Kind of the pool the address is from + jsonPath: .spec.poolRef.kind + name: Pool Kind + type: string + - description: Time duration since creation of IPAdress + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: IPAddress is the Schema for the ipaddress API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: IPAddressSpec is the desired state of an IPAddress. + properties: + address: + description: Address is the IP address. + type: string + claimRef: + description: ClaimRef is a reference to the claim this IPAddress was created for. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + gateway: + description: Gateway is the network gateway of the network the address is from. + type: string + poolRef: + description: PoolRef is a reference to the pool that this IPAddress was created from. + properties: + apiGroup: + description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + prefix: + description: Prefix is the prefix of the address. + type: integer + required: + - address + - claimRef + - poolRef + - prefix + type: object + type: object + served: true + storage: false + subresources: {} + - additionalPrinterColumns: + - description: Address + jsonPath: .spec.address + name: Address + type: string + - description: Name of the pool the address is from + jsonPath: .spec.poolRef.name + name: Pool Name + type: string + - description: Kind of the pool the address is from + jsonPath: .spec.poolRef.kind + name: Pool Kind + type: string + - description: Time duration since creation of IPAdress + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: IPAddress is the Schema for the ipaddress API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: IPAddressSpec is the desired state of an IPAddress. + properties: + address: + description: Address is the IP address. + type: string + claimRef: + description: ClaimRef is a reference to the claim this IPAddress was created for. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + gateway: + description: Gateway is the network gateway of the network the address is from. + type: string + poolRef: + description: PoolRef is a reference to the pool that this IPAddress was created from. + properties: + apiGroup: + description: APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + prefix: + description: Prefix is the prefix of the address. + type: integer + required: + - address + - claimRef + - poolRef + - prefix + type: object + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: capi-system/capi-serving-cert + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: cluster-api + clusterctl.cluster.x-k8s.io: "" + name: machinedeployments.cluster.x-k8s.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + caBundle: Cg== + service: + name: capi-webhook-service + namespace: capi-system + path: /convert + conversionReviewVersions: + - v1 + - v1beta1 + group: cluster.x-k8s.io + names: + categories: + - cluster-api + kind: MachineDeployment + listKind: MachineDeploymentList + plural: machinedeployments + shortNames: + - md + singular: machinedeployment + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: MachineDeployment status such as ScalingUp/ScalingDown/Running/Failed/Unknown + jsonPath: .status.phase + name: Phase + type: string + - description: Total number of non-terminated machines targeted by this MachineDeployment + jsonPath: .status.replicas + name: Replicas + type: integer + - description: Total number of ready machines targeted by this MachineDeployment + jsonPath: .status.readyReplicas + name: Ready + type: integer + - description: Total number of non-terminated machines targeted by this deployment that have the desired template spec + jsonPath: .status.updatedReplicas + name: Updated + type: integer + - description: Total number of unavailable machines targeted by this MachineDeployment + jsonPath: .status.unavailableReplicas + name: Unavailable + type: integer + deprecated: true + name: v1alpha3 + schema: + openAPIV3Schema: + description: "MachineDeployment is the Schema for the machinedeployments API. \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MachineDeploymentSpec defines the desired state of MachineDeployment. + properties: + clusterName: + description: ClusterName is the name of the Cluster this object belongs to. + minLength: 1 + type: string + minReadySeconds: + description: Minimum number of seconds for which a newly created machine should be ready. Defaults to 0 (machine will be considered available as soon as it is ready) + format: int32 + type: integer + paused: + description: Indicates that the deployment is paused. + type: boolean + progressDeadlineSeconds: + description: The maximum time in seconds for a deployment to make progress before it is considered to be failed. The deployment controller will continue to process failed deployments and a condition with a ProgressDeadlineExceeded reason will be surfaced in the deployment status. Note that progress will not be estimated during the time a deployment is paused. Defaults to 600s. + format: int32 + type: integer + replicas: + description: Number of desired machines. Defaults to 1. This is a pointer to distinguish between explicit zero and not specified. + format: int32 + type: integer + revisionHistoryLimit: + description: The number of old MachineSets to retain to allow rollback. This is a pointer to distinguish between explicit zero and not specified. Defaults to 1. + format: int32 + type: integer + selector: + description: Label selector for machines. Existing MachineSets whose machines are selected by this will be the ones affected by this deployment. It must match the machine template's labels. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: - enable: - description: "Enable controls if a MachineHealthCheck - should be created for the target machines. \n If false: - No MachineHealthCheck will be created. \n If not set(default): - A MachineHealthCheck will be created if it is defined - here or in the associated ClusterClass. If no MachineHealthCheck - is defined then none will be created. \n If true: A - MachineHealthCheck is guaranteed to be created. Cluster - validation will block if `enable` is true and no MachineHealthCheck - definition is available." - type: boolean - maxUnhealthy: - anyOf: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + strategy: + description: The deployment strategy to use to replace existing machines with new ones. + properties: + rollingUpdate: + description: Rolling update config params. Present only if MachineDeploymentStrategyType = RollingUpdate. + properties: + maxSurge: + anyOf: + - type: integer + - type: string + description: 'The maximum number of machines that can be scheduled above the desired number of machines. Value can be an absolute number (ex: 5) or a percentage of desired machines (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to 1. Example: when this is set to 30%, the new MachineSet can be scaled up immediately when the rolling update starts, such that the total number of old and new machines do not exceed 130% of desired machines. Once old machines have been killed, new MachineSet can be scaled up further, ensuring that total number of machines running at any time during the update is at most 130% of desired machines.' + x-kubernetes-int-or-string: true + maxUnavailable: + anyOf: - type: integer - type: string - description: Any further remediation is only allowed if - at most "MaxUnhealthy" machines selected by "selector" - are not healthy. - x-kubernetes-int-or-string: true - nodeStartupTimeout: - description: Machines older than this duration without - a node will be considered to have failed and will be - remediated. If you wish to disable this feature, set - the value explicitly to 0. + description: 'The maximum number of machines that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired machines (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to 0. Example: when this is set to 30%, the old MachineSet can be scaled down to 70% of desired machines immediately when the rolling update starts. Once new machines are ready, old MachineSet can be scaled down further, followed by scaling up the new MachineSet, ensuring that the total number of machines available at all times during the update is at least 70% of desired machines.' + x-kubernetes-int-or-string: true + type: object + type: + description: Type of deployment. Currently the only supported strategy is "RollingUpdate". Default is RollingUpdate. + type: string + type: object + template: + description: Template describes the machines that will be created. + properties: + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + generateName: + description: "GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. \n If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). \n Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency \n Deprecated: This field has no function and is going to be removed in a next release." + type: string + labels: + additionalProperties: type: string - remediationTemplate: - description: "RemediationTemplate is a reference to a - remediation template provided by an infrastructure provider. - \n This field is completely optional, when filled, the - MachineHealthCheck controller creates a new object from - the template referenced and hands off remediation of - the machine to a controller that lives outside of Cluster - API." + description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: "Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names \n Deprecated: This field has no function and is going to be removed in a next release." + type: string + namespace: + description: "Namespace defines the space within each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. \n Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces \n Deprecated: This field has no function and is going to be removed in a next release." + type: string + ownerReferences: + description: "List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller. \n Deprecated: This field has no function and is going to be removed in a next release." + items: + description: OwnerReference contains enough information to let you identify an owning object. An owning object must be in the same namespace as the dependent, or be cluster-scoped, so there is no namespace field. properties: apiVersion: description: API version of the referent. type: string - fieldPath: - description: 'If referring to a piece of an object - instead of an entire object, this string should - contain a valid JSON/Go field access statement, - such as desiredState.manifest.containers[2]. For - example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container - that triggered the event) or if no container name - is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only - to have some well-defined way of referencing a part - of an object. TODO: this design is not final and - this field is subject to change in the future.' - type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. See https://kubernetes.io/docs/concepts/architecture/garbage-collection/#foreground-deletion for how the garbage collector interacts with this field and enforces the foreground deletion. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing controller. + type: boolean kind: description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this - reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names' type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids' type: string + required: + - apiVersion + - kind + - name + - uid type: object x-kubernetes-map-type: atomic - unhealthyConditions: - description: UnhealthyConditions contains a list of the - conditions that determine whether a node is considered - unhealthy. The conditions are combined in a logical - OR, i.e. if any of the conditions is met, the node is - unhealthy. - items: - description: UnhealthyCondition represents a Node condition - type and value with a timeout specified as a duration. When - the named condition has been in the given status for - at least the timeout value, a node is considered unhealthy. + type: array + type: object + spec: + description: 'Specification of the desired behavior of the machine. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + bootstrap: + description: Bootstrap is a reference to a local struct which encapsulates fields to configure the Machine’s bootstrapping mechanism. + properties: + configRef: + description: ConfigRef is a reference to a bootstrap provider-specific resource that holds configuration details. The reference is optional to allow users/operators to specify Bootstrap.Data without the need of a controller. properties: - status: - minLength: 1 + apiVersion: + description: API version of the referent. type: string - timeout: + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' type: string - type: - minLength: 1 + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string - required: - - status - - timeout - - type type: object - type: array - unhealthyRange: - description: 'Any further remediation is only allowed - if the number of machines selected by "selector" as - not healthy is within the range of "UnhealthyRange". - Takes precedence over MaxUnhealthy. Eg. "[3-5]" - This - means that remediation will be allowed only when: (a) - there are at least 3 unhealthy machines (and) (b) there - are at most 5 unhealthy machines' - pattern: ^\[[0-9]+-[0-9]+\]$ - type: string - type: object - metadata: - description: Metadata is the metadata applied to the ControlPlane - and the Machines of the ControlPlane if the ControlPlaneTemplate - referenced by the ClusterClass is machine based. If not, - it is applied only to the ControlPlane. At runtime this - metadata is merged with the corresponding metadata from - the ClusterClass. - properties: - annotations: - additionalProperties: + x-kubernetes-map-type: atomic + data: + description: "Data contains the bootstrap data, such as cloud-init details scripts. If nil, the Machine should remain in the Pending state. \n Deprecated: Switch to DataSecretName." type: string - description: 'Annotations is an unstructured key value - map stored with a resource that may be set by external - tools to store and retrieve arbitrary metadata. They - are not queryable and should be preserved when modifying - objects. More info: http://kubernetes.io/docs/user-guide/annotations' - type: object - labels: - additionalProperties: + dataSecretName: + description: DataSecretName is the name of the secret that stores the bootstrap data script. If nil, the Machine should remain in the Pending state. type: string - description: 'Map of string keys and values that can be - used to organize and categorize (scope and select) objects. - May match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' - type: object - type: object - nodeDeletionTimeout: - description: NodeDeletionTimeout defines how long the controller - will attempt to delete the Node that the Machine hosts after - the Machine is marked for deletion. A duration of 0 will - retry deletion indefinitely. Defaults to 10 seconds. - type: string - nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of time - that the controller will spend on draining a node. The default - value is 0, meaning that the node can be drained without - any time limitations. NOTE: NodeDrainTimeout is different - from `kubectl drain --timeout`' - type: string - nodeVolumeDetachTimeout: - description: NodeVolumeDetachTimeout is the total amount of - time that the controller will spend on waiting for all volumes - to be detached. The default value is 0, meaning that the - volumes can be detached without any time limitations. - type: string - replicas: - description: Replicas is the number of control plane nodes. - If the value is nil, the ControlPlane object is created - without the number of Replicas and it's assumed that the - control plane controller does not implement support for - this field. When specified against a control plane provider - that lacks support for this field, this value will be ignored. - format: int32 - type: integer - type: object - rolloutAfter: - description: "RolloutAfter performs a rollout of the entire cluster - one component at a time, control plane first and then machine - deployments. \n Deprecated: This field has no function and is - going to be removed in the next apiVersion." - format: date-time - type: string - variables: - description: Variables can be used to customize the Cluster through - patches. They must comply to the corresponding VariableClasses - defined in the ClusterClass. - items: - description: ClusterVariable can be used to customize the Cluster - through patches. Each ClusterVariable is associated with a - Variable definition in the ClusterClass `status` variables. - properties: - definitionFrom: - description: 'DefinitionFrom specifies where the definition - of this Variable is from. DefinitionFrom is `inline` when - the definition is from the ClusterClass `.spec.variables` - or the name of a patch defined in the ClusterClass `.spec.patches` - where the patch is external and provides external variables. - This field is mandatory if the variable has `DefinitionsConflict: - true` in ClusterClass `status.variables[]`' + type: object + clusterName: + description: ClusterName is the name of the Cluster this object belongs to. + minLength: 1 type: string - name: - description: Name of the variable. + failureDomain: + description: FailureDomain is the failure domain the machine will be created in. Must match a key in the FailureDomains map stored on the cluster object. type: string - value: - description: 'Value of the variable. Note: the value will - be validated against the schema of the corresponding ClusterClassVariable - from the ClusterClass. Note: We have to use apiextensionsv1.JSON - instead of a custom JSON type, because controller-tools - has a hard-coded schema for apiextensionsv1.JSON which - cannot be produced by another type via controller-tools, - i.e. it is not possible to have no type field. Ref: https://github.com/kubernetes-sigs/controller-tools/blob/d0e03a142d0ecdd5491593e941ee1d6b5d91dba6/pkg/crd/known_types.go#L106-L111' - x-kubernetes-preserve-unknown-fields: true - required: - - name - - value - type: object - type: array - version: - description: The Kubernetes version of the cluster. - type: string - workers: - description: Workers encapsulates the different constructs that - form the worker nodes for the cluster. - properties: - machineDeployments: - description: MachineDeployments is a list of machine deployments - in the cluster. - items: - description: MachineDeploymentTopology specifies the different - parameters for a set of worker nodes in the topology. - This set of nodes is managed by a MachineDeployment object - whose lifecycle is managed by the Cluster controller. + infrastructureRef: + description: InfrastructureRef is a required reference to a custom resource offered by an infrastructure provider. properties: - class: - description: Class is the name of the MachineDeploymentClass - used to create the set of worker nodes. This should - match one of the deployment classes defined in the - ClusterClass object mentioned in the `Cluster.Spec.Class` - field. + apiVersion: + description: API version of the referent. type: string - failureDomain: - description: FailureDomain is the failure domain the - machines will be created in. Must match a key in the - FailureDomains map stored on the cluster object. + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - machineHealthCheck: - description: MachineHealthCheck allows to enable, disable - and override the MachineHealthCheck configuration - in the ClusterClass for this MachineDeployment. - properties: - enable: - description: "Enable controls if a MachineHealthCheck - should be created for the target machines. \n - If false: No MachineHealthCheck will be created. - \n If not set(default): A MachineHealthCheck will - be created if it is defined here or in the associated - ClusterClass. If no MachineHealthCheck is defined - then none will be created. \n If true: A MachineHealthCheck - is guaranteed to be created. Cluster validation - will block if `enable` is true and no MachineHealthCheck - definition is available." - type: boolean - maxUnhealthy: - anyOf: - - type: integer - - type: string - description: Any further remediation is only allowed - if at most "MaxUnhealthy" machines selected by - "selector" are not healthy. - x-kubernetes-int-or-string: true - nodeStartupTimeout: - description: Machines older than this duration without - a node will be considered to have failed and will - be remediated. If you wish to disable this feature, - set the value explicitly to 0. - type: string - remediationTemplate: - description: "RemediationTemplate is a reference - to a remediation template provided by an infrastructure - provider. \n This field is completely optional, - when filled, the MachineHealthCheck controller - creates a new object from the template referenced - and hands off remediation of the machine to a - controller that lives outside of Cluster API." - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an - object instead of an entire object, this string - should contain a valid JSON/Go field access - statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to - a container within a pod, this would take - on a value like: "spec.containers{name}" (where - "name" refers to the name of the container - that triggered the event) or if no container - name is specified "spec.containers[2]" (container - with index 2 in this pod). This syntax is - chosen only to have some well-defined way - of referencing a part of an object. TODO: - this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which - this reference is made, if any. More info: - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - unhealthyConditions: - description: UnhealthyConditions contains a list - of the conditions that determine whether a node - is considered unhealthy. The conditions are combined - in a logical OR, i.e. if any of the conditions - is met, the node is unhealthy. - items: - description: UnhealthyCondition represents a Node - condition type and value with a timeout specified - as a duration. When the named condition has - been in the given status for at least the timeout - value, a node is considered unhealthy. - properties: - status: - minLength: 1 - type: string - timeout: - type: string - type: - minLength: 1 - type: string - required: - - status - - timeout - - type - type: object - type: array - unhealthyRange: - description: 'Any further remediation is only allowed - if the number of machines selected by "selector" - as not healthy is within the range of "UnhealthyRange". - Takes precedence over MaxUnhealthy. Eg. "[3-5]" - - This means that remediation will be allowed - only when: (a) there are at least 3 unhealthy - machines (and) (b) there are at most 5 unhealthy - machines' - pattern: ^\[[0-9]+-[0-9]+\]$ - type: string - type: object - metadata: - description: Metadata is the metadata applied to the - MachineDeployment and the machines of the MachineDeployment. - At runtime this metadata is merged with the corresponding - metadata from the ClusterClass. - properties: - annotations: - additionalProperties: - type: string - description: 'Annotations is an unstructured key - value map stored with a resource that may be set - by external tools to store and retrieve arbitrary - metadata. They are not queryable and should be - preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' - type: object - labels: - additionalProperties: - type: string - description: 'Map of string keys and values that - can be used to organize and categorize (scope - and select) objects. May match selectors of replication - controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' - type: object - type: object - minReadySeconds: - description: Minimum number of seconds for which a newly - created machine should be ready. Defaults to 0 (machine - will be considered available as soon as it is ready) - format: int32 - type: integer name: - description: Name is the unique identifier for this - MachineDeploymentTopology. The value is used with - other unique identifiers to create a MachineDeployment's - Name (e.g. cluster's name, etc). In case the name - is greater than the allowed maximum length, the values - are hashed together. + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - nodeDeletionTimeout: - description: NodeDeletionTimeout defines how long the - controller will attempt to delete the Node that the - Machine hosts after the Machine is marked for deletion. - A duration of 0 will retry deletion indefinitely. - Defaults to 10 seconds. + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string - nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of - time that the controller will spend on draining a - node. The default value is 0, meaning that the node - can be drained without any time limitations. NOTE: - NodeDrainTimeout is different from `kubectl drain - --timeout`' + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string - nodeVolumeDetachTimeout: - description: NodeVolumeDetachTimeout is the total amount - of time that the controller will spend on waiting - for all volumes to be detached. The default value - is 0, meaning that the volumes can be detached without - any time limitations. + type: object + x-kubernetes-map-type: atomic + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. The default value is 0, meaning that the node can be drained without any time limitations. NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`' + type: string + providerID: + description: ProviderID is the identification ID of the machine provided by the provider. This field must match the provider ID as seen on the node object corresponding to this machine. This field is required by higher level consumers of cluster-api. Example use case is cluster autoscaler with cluster-api as provider. Clean-up logic in the autoscaler compares machines to nodes to find out machines at provider which could not get registered as Kubernetes nodes. With cluster-api as a generic out-of-tree provider for autoscaler, this field is required by autoscaler to be able to have a provider view of the list of machines. Another list of nodes is queried from the k8s apiserver and then a comparison is done to find out unregistered machines and are marked for delete. This field will be set by the actuators and consumed by higher level entities like autoscaler that will be interfacing with cluster-api as generic provider. + type: string + version: + description: Version defines the desired Kubernetes version. This field is meant to be optionally used by bootstrap providers. + type: string + required: + - bootstrap + - clusterName + - infrastructureRef + type: object + type: object + required: + - clusterName + - selector + - template + type: object + status: + description: MachineDeploymentStatus defines the observed state of MachineDeployment. + properties: + availableReplicas: + description: Total number of available machines (ready for at least minReadySeconds) targeted by this deployment. + format: int32 + type: integer + observedGeneration: + description: The generation observed by the deployment controller. + format: int64 + type: integer + phase: + description: Phase represents the current phase of a MachineDeployment (ScalingUp, ScalingDown, Running, Failed, or Unknown). + type: string + readyReplicas: + description: Total number of ready machines targeted by this deployment. + format: int32 + type: integer + replicas: + description: Total number of non-terminated machines targeted by this deployment (their labels match the selector). + format: int32 + type: integer + selector: + description: 'Selector is the same as the label selector but in the string format to avoid introspection by clients. The string will be in the same format as the query-param syntax. More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors' + type: string + unavailableReplicas: + description: Total number of unavailable machines targeted by this deployment. This is the total number of machines that are still required for the deployment to have 100% available capacity. They may either be machines that are running but not yet available or machines that still have not been created. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated machines targeted by this deployment that have the desired template spec. + format: int32 + type: integer + type: object + type: object + served: false + storage: false + subresources: + scale: + labelSelectorPath: .status.selector + specReplicasPath: .spec.replicas + statusReplicasPath: .status.replicas + status: {} + - additionalPrinterColumns: + - description: Cluster + jsonPath: .spec.clusterName + name: Cluster + type: string + - description: Time duration since creation of MachineDeployment + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: MachineDeployment status such as ScalingUp/ScalingDown/Running/Failed/Unknown + jsonPath: .status.phase + name: Phase + type: string + - description: Total number of non-terminated machines targeted by this MachineDeployment + jsonPath: .status.replicas + name: Replicas + type: integer + - description: Total number of ready machines targeted by this MachineDeployment + jsonPath: .status.readyReplicas + name: Ready + type: integer + - description: Total number of non-terminated machines targeted by this deployment that have the desired template spec + jsonPath: .status.updatedReplicas + name: Updated + type: integer + - description: Total number of unavailable machines targeted by this MachineDeployment + jsonPath: .status.unavailableReplicas + name: Unavailable + type: integer + deprecated: true + name: v1alpha4 + schema: + openAPIV3Schema: + description: "MachineDeployment is the Schema for the machinedeployments API. \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MachineDeploymentSpec defines the desired state of MachineDeployment. + properties: + clusterName: + description: ClusterName is the name of the Cluster this object belongs to. + minLength: 1 + type: string + minReadySeconds: + description: Minimum number of seconds for which a newly created machine should be ready. Defaults to 0 (machine will be considered available as soon as it is ready) + format: int32 + type: integer + paused: + description: Indicates that the deployment is paused. + type: boolean + progressDeadlineSeconds: + description: The maximum time in seconds for a deployment to make progress before it is considered to be failed. The deployment controller will continue to process failed deployments and a condition with a ProgressDeadlineExceeded reason will be surfaced in the deployment status. Note that progress will not be estimated during the time a deployment is paused. Defaults to 600s. + format: int32 + type: integer + replicas: + default: 1 + description: Number of desired machines. Defaults to 1. This is a pointer to distinguish between explicit zero and not specified. + format: int32 + type: integer + revisionHistoryLimit: + description: The number of old MachineSets to retain to allow rollback. This is a pointer to distinguish between explicit zero and not specified. Defaults to 1. + format: int32 + type: integer + selector: + description: Label selector for machines. Existing MachineSets whose machines are selected by this will be the ones affected by this deployment. It must match the machine template's labels. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: type: string - replicas: - description: Replicas is the number of worker nodes - belonging to this set. If the value is nil, the MachineDeployment - is created without the number of Replicas (defaulting - to 1) and it's assumed that an external entity (like - cluster autoscaler) is responsible for the management - of this value. - format: int32 - type: integer - strategy: - description: The deployment strategy to use to replace - existing machines with new ones. + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + strategy: + description: The deployment strategy to use to replace existing machines with new ones. + properties: + rollingUpdate: + description: Rolling update config params. Present only if MachineDeploymentStrategyType = RollingUpdate. + properties: + deletePolicy: + description: DeletePolicy defines the policy used by the MachineDeployment to identify nodes to delete when downscaling. Valid values are "Random, "Newest", "Oldest" When no value is supplied, the default DeletePolicy of MachineSet is used + enum: + - Random + - Newest + - Oldest + type: string + maxSurge: + anyOf: + - type: integer + - type: string + description: 'The maximum number of machines that can be scheduled above the desired number of machines. Value can be an absolute number (ex: 5) or a percentage of desired machines (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to 1. Example: when this is set to 30%, the new MachineSet can be scaled up immediately when the rolling update starts, such that the total number of old and new machines do not exceed 130% of desired machines. Once old machines have been killed, new MachineSet can be scaled up further, ensuring that total number of machines running at any time during the update is at most 130% of desired machines.' + x-kubernetes-int-or-string: true + maxUnavailable: + anyOf: + - type: integer + - type: string + description: 'The maximum number of machines that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired machines (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to 0. Example: when this is set to 30%, the old MachineSet can be scaled down to 70% of desired machines immediately when the rolling update starts. Once new machines are ready, old MachineSet can be scaled down further, followed by scaling up the new MachineSet, ensuring that the total number of machines available at all times during the update is at least 70% of desired machines.' + x-kubernetes-int-or-string: true + type: object + type: + description: Type of deployment. Default is RollingUpdate. + enum: + - RollingUpdate + - OnDelete + type: string + type: object + template: + description: Template describes the machines that will be created. + properties: + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: 'Specification of the desired behavior of the machine. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + bootstrap: + description: Bootstrap is a reference to a local struct which encapsulates fields to configure the Machine’s bootstrapping mechanism. + properties: + configRef: + description: ConfigRef is a reference to a bootstrap provider-specific resource that holds configuration details. The reference is optional to allow users/operators to specify Bootstrap.DataSecretName without the need of a controller. properties: - rollingUpdate: - description: Rolling update config params. Present - only if MachineDeploymentStrategyType = RollingUpdate. - properties: - deletePolicy: - description: DeletePolicy defines the policy - used by the MachineDeployment to identify - nodes to delete when downscaling. Valid values - are "Random, "Newest", "Oldest" When no value - is supplied, the default DeletePolicy of MachineSet - is used - enum: - - Random - - Newest - - Oldest - type: string - maxSurge: - anyOf: - - type: integer - - type: string - description: 'The maximum number of machines - that can be scheduled above the desired number - of machines. Value can be an absolute number - (ex: 5) or a percentage of desired machines - (ex: 10%). This can not be 0 if MaxUnavailable - is 0. Absolute number is calculated from percentage - by rounding up. Defaults to 1. Example: when - this is set to 30%, the new MachineSet can - be scaled up immediately when the rolling - update starts, such that the total number - of old and new machines do not exceed 130% - of desired machines. Once old machines have - been killed, new MachineSet can be scaled - up further, ensuring that total number of - machines running at any time during the update - is at most 130% of desired machines.' - x-kubernetes-int-or-string: true - maxUnavailable: - anyOf: - - type: integer - - type: string - description: 'The maximum number of machines - that can be unavailable during the update. - Value can be an absolute number (ex: 5) or - a percentage of desired machines (ex: 10%). - Absolute number is calculated from percentage - by rounding down. This can not be 0 if MaxSurge - is 0. Defaults to 0. Example: when this is - set to 30%, the old MachineSet can be scaled - down to 70% of desired machines immediately - when the rolling update starts. Once new machines - are ready, old MachineSet can be scaled down - further, followed by scaling up the new MachineSet, - ensuring that the total number of machines - available at all times during the update is - at least 70% of desired machines.' - x-kubernetes-int-or-string: true - type: object - type: - description: Type of deployment. Allowed values - are RollingUpdate and OnDelete. The default is - RollingUpdate. - enum: - - RollingUpdate - - OnDelete + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string type: object - variables: - description: Variables can be used to customize the - MachineDeployment through patches. - properties: - overrides: - description: Overrides can be used to override Cluster - level variables. - items: - description: ClusterVariable can be used to customize - the Cluster through patches. Each ClusterVariable - is associated with a Variable definition in - the ClusterClass `status` variables. - properties: - definitionFrom: - description: 'DefinitionFrom specifies where - the definition of this Variable is from. - DefinitionFrom is `inline` when the definition - is from the ClusterClass `.spec.variables` - or the name of a patch defined in the ClusterClass - `.spec.patches` where the patch is external - and provides external variables. This field - is mandatory if the variable has `DefinitionsConflict: - true` in ClusterClass `status.variables[]`' - type: string - name: - description: Name of the variable. - type: string - value: - description: 'Value of the variable. Note: - the value will be validated against the - schema of the corresponding ClusterClassVariable - from the ClusterClass. Note: We have to - use apiextensionsv1.JSON instead of a custom - JSON type, because controller-tools has - a hard-coded schema for apiextensionsv1.JSON - which cannot be produced by another type - via controller-tools, i.e. it is not possible - to have no type field. Ref: https://github.com/kubernetes-sigs/controller-tools/blob/d0e03a142d0ecdd5491593e941ee1d6b5d91dba6/pkg/crd/known_types.go#L106-L111' - x-kubernetes-preserve-unknown-fields: true - required: - - name - - value - type: object - type: array - type: object - required: - - class - - name + x-kubernetes-map-type: atomic + dataSecretName: + description: DataSecretName is the name of the secret that stores the bootstrap data script. If nil, the Machine should remain in the Pending state. + type: string type: object - type: array - machinePools: - description: MachinePools is a list of machine pools in the - cluster. - items: - description: MachinePoolTopology specifies the different - parameters for a pool of worker nodes in the topology. - This pool of nodes is managed by a MachinePool object - whose lifecycle is managed by the Cluster controller. + clusterName: + description: ClusterName is the name of the Cluster this object belongs to. + minLength: 1 + type: string + failureDomain: + description: FailureDomain is the failure domain the machine will be created in. Must match a key in the FailureDomains map stored on the cluster object. + type: string + infrastructureRef: + description: InfrastructureRef is a required reference to a custom resource offered by an infrastructure provider. properties: - class: - description: Class is the name of the MachinePoolClass - used to create the pool of worker nodes. This should - match one of the deployment classes defined in the - ClusterClass object mentioned in the `Cluster.Spec.Class` - field. + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - failureDomains: - description: FailureDomains is the list of failure domains - the machine pool will be created in. Must match a - key in the FailureDomains map stored on the cluster - object. - items: - type: string - type: array - metadata: - description: Metadata is the metadata applied to the - MachinePool. At runtime this metadata is merged with - the corresponding metadata from the ClusterClass. - properties: - annotations: - additionalProperties: - type: string - description: 'Annotations is an unstructured key - value map stored with a resource that may be set - by external tools to store and retrieve arbitrary - metadata. They are not queryable and should be - preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' - type: object - labels: - additionalProperties: - type: string - description: 'Map of string keys and values that - can be used to organize and categorize (scope - and select) objects. May match selectors of replication - controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' - type: object - type: object - minReadySeconds: - description: Minimum number of seconds for which a newly - created machine pool should be ready. Defaults to - 0 (machine will be considered available as soon as - it is ready) - format: int32 - type: integer name: - description: Name is the unique identifier for this - MachinePoolTopology. The value is used with other - unique identifiers to create a MachinePool's Name - (e.g. cluster's name, etc). In case the name is greater - than the allowed maximum length, the values are hashed - together. + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - nodeDeletionTimeout: - description: NodeDeletionTimeout defines how long the - controller will attempt to delete the Node that the - MachinePool hosts after the MachinePool is marked - for deletion. A duration of 0 will retry deletion - indefinitely. Defaults to 10 seconds. + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string - nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of - time that the controller will spend on draining a - node. The default value is 0, meaning that the node - can be drained without any time limitations. NOTE: - NodeDrainTimeout is different from `kubectl drain - --timeout`' + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' type: string - nodeVolumeDetachTimeout: - description: NodeVolumeDetachTimeout is the total amount - of time that the controller will spend on waiting - for all volumes to be detached. The default value - is 0, meaning that the volumes can be detached without - any time limitations. + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string - replicas: - description: Replicas is the number of nodes belonging - to this pool. If the value is nil, the MachinePool - is created without the number of Replicas (defaulting - to 1) and it's assumed that an external entity (like - cluster autoscaler) is responsible for the management - of this value. - format: int32 - type: integer - variables: - description: Variables can be used to customize the - MachinePool through patches. - properties: - overrides: - description: Overrides can be used to override Cluster - level variables. - items: - description: ClusterVariable can be used to customize - the Cluster through patches. Each ClusterVariable - is associated with a Variable definition in - the ClusterClass `status` variables. - properties: - definitionFrom: - description: 'DefinitionFrom specifies where - the definition of this Variable is from. - DefinitionFrom is `inline` when the definition - is from the ClusterClass `.spec.variables` - or the name of a patch defined in the ClusterClass - `.spec.patches` where the patch is external - and provides external variables. This field - is mandatory if the variable has `DefinitionsConflict: - true` in ClusterClass `status.variables[]`' - type: string - name: - description: Name of the variable. - type: string - value: - description: 'Value of the variable. Note: - the value will be validated against the - schema of the corresponding ClusterClassVariable - from the ClusterClass. Note: We have to - use apiextensionsv1.JSON instead of a custom - JSON type, because controller-tools has - a hard-coded schema for apiextensionsv1.JSON - which cannot be produced by another type - via controller-tools, i.e. it is not possible - to have no type field. Ref: https://github.com/kubernetes-sigs/controller-tools/blob/d0e03a142d0ecdd5491593e941ee1d6b5d91dba6/pkg/crd/known_types.go#L106-L111' - x-kubernetes-preserve-unknown-fields: true - required: - - name - - value - type: object - type: array - type: object - required: - - class - - name type: object - type: array - type: object - required: - - class - - version - type: object - type: object - status: - description: ClusterStatus defines the observed state of Cluster. - properties: - conditions: - description: Conditions defines current service state of the cluster. - items: - description: Condition defines an observation of a Cluster API resource - operational state. - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. - type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. - type: string - required: - - lastTransitionTime - - status - - type - type: object - type: array - controlPlaneReady: - description: ControlPlaneReady defines if the control plane is ready. - type: boolean - failureDomains: - additionalProperties: - description: FailureDomainSpec is the Schema for Cluster API failure - domains. It allows controllers to understand how many failure - domains a cluster can optionally span across. - properties: - attributes: - additionalProperties: - type: string - description: Attributes is a free form map of attributes an - infrastructure provider might use or require. + x-kubernetes-map-type: atomic + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. The default value is 0, meaning that the node can be drained without any time limitations. NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`' + type: string + providerID: + description: ProviderID is the identification ID of the machine provided by the provider. This field must match the provider ID as seen on the node object corresponding to this machine. This field is required by higher level consumers of cluster-api. Example use case is cluster autoscaler with cluster-api as provider. Clean-up logic in the autoscaler compares machines to nodes to find out machines at provider which could not get registered as Kubernetes nodes. With cluster-api as a generic out-of-tree provider for autoscaler, this field is required by autoscaler to be able to have a provider view of the list of machines. Another list of nodes is queried from the k8s apiserver and then a comparison is done to find out unregistered machines and are marked for delete. This field will be set by the actuators and consumed by higher level entities like autoscaler that will be interfacing with cluster-api as generic provider. + type: string + version: + description: Version defines the desired Kubernetes version. This field is meant to be optionally used by bootstrap providers. + type: string + required: + - bootstrap + - clusterName + - infrastructureRef type: object - controlPlane: - description: ControlPlane determines if this failure domain - is suitable for use by control plane machines. - type: boolean type: object - description: FailureDomains is a slice of failure domain objects synced - from the infrastructure provider. - type: object - failureMessage: - description: FailureMessage indicates that there is a fatal problem - reconciling the state, and will be set to a descriptive error message. - type: string - failureReason: - description: FailureReason indicates that there is a fatal problem - reconciling the state, and will be set to a token value suitable - for programmatic interpretation. - type: string - infrastructureReady: - description: InfrastructureReady is the state of the infrastructure - provider. - type: boolean - observedGeneration: - description: ObservedGeneration is the latest generation observed - by the controller. - format: int64 - type: integer - phase: - description: Phase represents the current phase of cluster actuation. - E.g. Pending, Running, Terminating, Failed etc. - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.13.0 - creationTimestamp: null - labels: - cluster.x-k8s.io/provider: cluster-api - clusterctl.cluster.x-k8s.io: "" - name: extensionconfigs.runtime.cluster.x-k8s.io -spec: - group: runtime.cluster.x-k8s.io - names: - categories: - - cluster-api - kind: ExtensionConfig - listKind: ExtensionConfigList - plural: extensionconfigs - shortNames: - - ext - singular: extensionconfig - scope: Cluster - versions: - - additionalPrinterColumns: - - description: Time duration since creation of ExtensionConfig - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: ExtensionConfig is the Schema for the ExtensionConfig API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ExtensionConfigSpec is the desired state of the ExtensionConfig - properties: - clientConfig: - description: ClientConfig defines how to communicate with the Extension - server. - properties: - caBundle: - description: CABundle is a PEM encoded CA bundle which will be - used to validate the Extension server's server certificate. - format: byte - type: string - service: - description: "Service is a reference to the Kubernetes service - for the Extension server. Note: Exactly one of `url` or `service` - must be specified. \n If the Extension server is running within - a cluster, then you should use `service`." + required: + - clusterName + - selector + - template + type: object + status: + description: MachineDeploymentStatus defines the observed state of MachineDeployment. + properties: + availableReplicas: + description: Total number of available machines (ready for at least minReadySeconds) targeted by this deployment. + format: int32 + type: integer + conditions: + description: Conditions defines current service state of the MachineDeployment. + items: + description: Condition defines an observation of a Cluster API resource operational state. properties: - name: - description: Name is the name of the service. + lastTransitionTime: + description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time type: string - namespace: - description: Namespace is the namespace of the service. + message: + description: A human readable message indicating details about the transition. This field may be empty. type: string - path: - description: Path is an optional URL path and if present may - be any string permissible in a URL. If a path is set it - will be used as prefix to the hook-specific path. + reason: + description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. + type: string + severity: + description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. type: string - port: - description: Port is the port on the service that's hosting - the Extension server. Defaults to 443. Port should be a - valid port number (1-65535, inclusive). - format: int32 - type: integer required: - - name - - namespace - type: object - url: - description: "URL gives the location of the Extension server, - in standard URL form (`scheme://host:port/path`). Note: Exactly - one of `url` or `service` must be specified. \n The scheme must - be \"https\". \n The `host` should not refer to a service running - in the cluster; use the `service` field instead. \n A path is - optional, and if present may be any string permissible in a - URL. If a path is set it will be used as prefix to the hook-specific - path. \n Attempting to use a user or basic auth e.g. \"user:password@\" - is not allowed. Fragments (\"#...\") and query parameters (\"?...\") - are not allowed either." - type: string - type: object - namespaceSelector: - description: NamespaceSelector decides whether to call the hook for - an object based on whether the namespace for that object matches - the selector. Defaults to the empty LabelSelector, which matches - all objects. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. + - status + - type type: object - type: object - x-kubernetes-map-type: atomic - settings: - additionalProperties: + type: array + observedGeneration: + description: The generation observed by the deployment controller. + format: int64 + type: integer + phase: + description: Phase represents the current phase of a MachineDeployment (ScalingUp, ScalingDown, Running, Failed, or Unknown). type: string - description: 'Settings defines key value pairs to be passed to all - calls to all supported RuntimeExtensions. Note: Settings can be - overridden on the ClusterClass.' - type: object - required: - - clientConfig - type: object - status: - description: ExtensionConfigStatus is the current state of the ExtensionConfig - properties: - conditions: - description: Conditions define the current service state of the ExtensionConfig. - items: - description: Condition defines an observation of a Cluster API resource - operational state. + readyReplicas: + description: Total number of ready machines targeted by this deployment. + format: int32 + type: integer + replicas: + description: Total number of non-terminated machines targeted by this deployment (their labels match the selector). + format: int32 + type: integer + selector: + description: 'Selector is the same as the label selector but in the string format to avoid introspection by clients. The string will be in the same format as the query-param syntax. More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors' + type: string + unavailableReplicas: + description: Total number of unavailable machines targeted by this deployment. This is the total number of machines that are still required for the deployment to have 100% available capacity. They may either be machines that are running but not yet available or machines that still have not been created. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated machines targeted by this deployment that have the desired template spec. + format: int32 + type: integer + type: object + type: object + served: false + storage: false + subresources: + scale: + labelSelectorPath: .status.selector + specReplicasPath: .spec.replicas + statusReplicasPath: .status.replicas + status: {} + - additionalPrinterColumns: + - description: Cluster + jsonPath: .spec.clusterName + name: Cluster + type: string + - description: Total number of machines desired by this MachineDeployment + jsonPath: .spec.replicas + name: Desired + priority: 10 + type: integer + - description: Total number of non-terminated machines targeted by this MachineDeployment + jsonPath: .status.replicas + name: Replicas + type: integer + - description: Total number of ready machines targeted by this MachineDeployment + jsonPath: .status.readyReplicas + name: Ready + type: integer + - description: Total number of non-terminated machines targeted by this deployment that have the desired template spec + jsonPath: .status.updatedReplicas + name: Updated + type: integer + - description: Total number of unavailable machines targeted by this MachineDeployment + jsonPath: .status.unavailableReplicas + name: Unavailable + type: integer + - description: MachineDeployment status such as ScalingUp/ScalingDown/Running/Failed/Unknown + jsonPath: .status.phase + name: Phase + type: string + - description: Time duration since creation of MachineDeployment + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Kubernetes version associated with this MachineDeployment + jsonPath: .spec.template.spec.version + name: Version + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: MachineDeployment is the Schema for the machinedeployments API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MachineDeploymentSpec defines the desired state of MachineDeployment. + properties: + clusterName: + description: ClusterName is the name of the Cluster this object belongs to. + minLength: 1 + type: string + minReadySeconds: + description: MinReadySeconds is the minimum number of seconds for which a Node for a newly created machine should be ready before considering the replica available. Defaults to 0 (machine will be considered available as soon as the Node is ready) + format: int32 + type: integer + paused: + description: Indicates that the deployment is paused. + type: boolean + progressDeadlineSeconds: + description: The maximum time in seconds for a deployment to make progress before it is considered to be failed. The deployment controller will continue to process failed deployments and a condition with a ProgressDeadlineExceeded reason will be surfaced in the deployment status. Note that progress will not be estimated during the time a deployment is paused. Defaults to 600s. + format: int32 + type: integer + replicas: + description: "Number of desired machines. This is a pointer to distinguish between explicit zero and not specified. \n Defaults to: * if the Kubernetes autoscaler min size and max size annotations are set: - if it's a new MachineDeployment, use min size - if the replicas field of the old MachineDeployment is < min size, use min size - if the replicas field of the old MachineDeployment is > max size, use max size - if the replicas field of the old MachineDeployment is in the (min size, max size) range, keep the value from the oldMD * otherwise use 1 Note: Defaulting will be run whenever the replicas field is not set: * A new MachineDeployment is created with replicas not set. * On an existing MachineDeployment the replicas field was first set and is now unset. Those cases are especially relevant for the following Kubernetes autoscaler use cases: * A new MachineDeployment is created and replicas should be managed by the autoscaler * An existing MachineDeployment which initially wasn't controlled by the autoscaler should be later controlled by the autoscaler" + format: int32 + type: integer + revisionHistoryLimit: + description: The number of old MachineSets to retain to allow rollback. This is a pointer to distinguish between explicit zero and not specified. Defaults to 1. + format: int32 + type: integer + rolloutAfter: + description: 'RolloutAfter is a field to indicate a rollout should be performed after the specified time even if no changes have been made to the MachineDeployment. Example: In the YAML the time can be specified in the RFC3339 format. To specify the rolloutAfter target as March 9, 2023, at 9 am UTC use "2023-03-09T09:00:00Z".' + format: date-time + type: string + selector: + description: Label selector for machines. Existing MachineSets whose machines are selected by this will be the ones affected by this deployment. It must match the machine template's labels. properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. - type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. - type: string - required: - - lastTransitionTime - - status - - type + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object type: object - type: array - handlers: - description: Handlers defines the current ExtensionHandlers supported - by an Extension. - items: - description: ExtensionHandler specifies the details of a handler - for a particular runtime hook registered by an Extension server. + x-kubernetes-map-type: atomic + strategy: + description: The deployment strategy to use to replace existing machines with new ones. properties: - failurePolicy: - description: FailurePolicy defines how failures in calls to - the ExtensionHandler should be handled by a client. Defaults - to Fail if not set. - type: string - name: - description: Name is the unique name of the ExtensionHandler. - type: string - requestHook: - description: RequestHook defines the versioned runtime hook - which this ExtensionHandler serves. + rollingUpdate: + description: Rolling update config params. Present only if MachineDeploymentStrategyType = RollingUpdate. properties: - apiVersion: - description: APIVersion is the group and version of the - Hook. + deletePolicy: + description: DeletePolicy defines the policy used by the MachineDeployment to identify nodes to delete when downscaling. Valid values are "Random, "Newest", "Oldest" When no value is supplied, the default DeletePolicy of MachineSet is used + enum: + - Random + - Newest + - Oldest type: string - hook: - description: Hook is the name of the hook. - type: string - required: - - apiVersion - - hook + maxSurge: + anyOf: + - type: integer + - type: string + description: 'The maximum number of machines that can be scheduled above the desired number of machines. Value can be an absolute number (ex: 5) or a percentage of desired machines (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to 1. Example: when this is set to 30%, the new MachineSet can be scaled up immediately when the rolling update starts, such that the total number of old and new machines do not exceed 130% of desired machines. Once old machines have been killed, new MachineSet can be scaled up further, ensuring that total number of machines running at any time during the update is at most 130% of desired machines.' + x-kubernetes-int-or-string: true + maxUnavailable: + anyOf: + - type: integer + - type: string + description: 'The maximum number of machines that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired machines (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to 0. Example: when this is set to 30%, the old MachineSet can be scaled down to 70% of desired machines immediately when the rolling update starts. Once new machines are ready, old MachineSet can be scaled down further, followed by scaling up the new MachineSet, ensuring that the total number of machines available at all times during the update is at least 70% of desired machines.' + x-kubernetes-int-or-string: true type: object - timeoutSeconds: - description: TimeoutSeconds defines the timeout duration for - client calls to the ExtensionHandler. Defaults to 10 is not - set. - format: int32 - type: integer - required: - - name - - requestHook - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.13.0 - creationTimestamp: null - labels: - cluster.x-k8s.io/provider: cluster-api - clusterctl.cluster.x-k8s.io: "" - name: ipaddressclaims.ipam.cluster.x-k8s.io -spec: - group: ipam.cluster.x-k8s.io - names: - categories: - - cluster-api - kind: IPAddressClaim - listKind: IPAddressClaimList - plural: ipaddressclaims - singular: ipaddressclaim - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: Name of the pool to allocate an address from - jsonPath: .spec.poolRef.name - name: Pool Name - type: string - - description: Kind of the pool to allocate an address from - jsonPath: .spec.poolRef.kind - name: Pool Kind - type: string - - description: Time duration since creation of IPAdressClaim - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: IPAddressClaim is the Schema for the ipaddressclaim API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: IPAddressClaimSpec is the desired state of an IPAddressClaim. - properties: - poolRef: - description: PoolRef is a reference to the pool from which an IP address - should be created. - properties: - apiGroup: - description: APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in - the core API group. For any other third-party types, APIGroup - is required. - type: string - kind: - description: Kind is the type of resource being referenced - type: string - name: - description: Name is the name of resource being referenced - type: string - required: - - kind - - name - type: object - x-kubernetes-map-type: atomic - required: - - poolRef - type: object - status: - description: IPAddressClaimStatus is the observed status of a IPAddressClaim. - properties: - addressRef: - description: AddressRef is a reference to the address that was created - for this claim. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - x-kubernetes-map-type: atomic - conditions: - description: Conditions summarises the current state of the IPAddressClaim - items: - description: Condition defines an observation of a Cluster API resource - operational state. - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. - type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + description: Type of deployment. Allowed values are RollingUpdate and OnDelete. The default is RollingUpdate. + enum: + - RollingUpdate + - OnDelete type: string - required: - - lastTransitionTime - - status - - type type: object - type: array - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - description: Name of the pool to allocate an address from - jsonPath: .spec.poolRef.name - name: Pool Name - type: string - - description: Kind of the pool to allocate an address from - jsonPath: .spec.poolRef.kind - name: Pool Kind - type: string - - description: Time duration since creation of IPAdressClaim - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: IPAddressClaim is the Schema for the ipaddressclaim API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: IPAddressClaimSpec is the desired state of an IPAddressClaim. - properties: - poolRef: - description: PoolRef is a reference to the pool from which an IP address - should be created. - properties: - apiGroup: - description: APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in - the core API group. For any other third-party types, APIGroup - is required. - type: string - kind: - description: Kind is the type of resource being referenced - type: string - name: - description: Name is the name of resource being referenced - type: string - required: - - kind - - name - type: object - x-kubernetes-map-type: atomic - required: - - poolRef - type: object - status: - description: IPAddressClaimStatus is the observed status of a IPAddressClaim. - properties: - addressRef: - description: AddressRef is a reference to the address that was created - for this claim. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - x-kubernetes-map-type: atomic - conditions: - description: Conditions summarises the current state of the IPAddressClaim - items: - description: Condition defines an observation of a Cluster API resource - operational state. + template: + description: Template describes the machines that will be created. properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. - type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. - type: string - required: - - lastTransitionTime - - status - - type - type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.13.0 - creationTimestamp: null - labels: - cluster.x-k8s.io/provider: cluster-api - clusterctl.cluster.x-k8s.io: "" - name: ipaddresses.ipam.cluster.x-k8s.io -spec: - group: ipam.cluster.x-k8s.io - names: - categories: - - cluster-api - kind: IPAddress - listKind: IPAddressList - plural: ipaddresses - singular: ipaddress - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: Address - jsonPath: .spec.address - name: Address - type: string - - description: Name of the pool the address is from - jsonPath: .spec.poolRef.name - name: Pool Name - type: string - - description: Kind of the pool the address is from - jsonPath: .spec.poolRef.kind - name: Pool Kind - type: string - - description: Time duration since creation of IPAdress - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: IPAddress is the Schema for the ipaddress API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: IPAddressSpec is the desired state of an IPAddress. - properties: - address: - description: Address is the IP address. - type: string - claimRef: - description: ClaimRef is a reference to the claim this IPAddress was - created for. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - x-kubernetes-map-type: atomic - gateway: - description: Gateway is the network gateway of the network the address - is from. - type: string - poolRef: - description: PoolRef is a reference to the pool that this IPAddress - was created from. - properties: - apiGroup: - description: APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in - the core API group. For any other third-party types, APIGroup - is required. - type: string - kind: - description: Kind is the type of resource being referenced - type: string - name: - description: Name is the name of resource being referenced - type: string - required: - - kind - - name - type: object - x-kubernetes-map-type: atomic - prefix: - description: Prefix is the prefix of the address. - type: integer - required: - - address - - claimRef - - poolRef - - prefix - type: object - type: object - served: true - storage: false - subresources: {} - - additionalPrinterColumns: - - description: Address - jsonPath: .spec.address - name: Address - type: string - - description: Name of the pool the address is from - jsonPath: .spec.poolRef.name - name: Pool Name - type: string - - description: Kind of the pool the address is from - jsonPath: .spec.poolRef.kind - name: Pool Kind - type: string - - description: Time duration since creation of IPAdress - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: IPAddress is the Schema for the ipaddress API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: IPAddressSpec is the desired state of an IPAddress. - properties: - address: - description: Address is the IP address. - type: string - claimRef: - description: ClaimRef is a reference to the claim this IPAddress was - created for. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - x-kubernetes-map-type: atomic - gateway: - description: Gateway is the network gateway of the network the address - is from. - type: string - poolRef: - description: PoolRef is a reference to the pool that this IPAddress - was created from. - properties: - apiGroup: - description: APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in - the core API group. For any other third-party types, APIGroup - is required. - type: string - kind: - description: Kind is the type of resource being referenced - type: string - name: - description: Name is the name of resource being referenced - type: string - required: - - kind - - name - type: object - x-kubernetes-map-type: atomic - prefix: - description: Prefix is the prefix of the address. - type: integer - required: - - address - - claimRef - - poolRef - - prefix - type: object - type: object - served: true - storage: true - subresources: {} + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: 'Specification of the desired behavior of the machine. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + bootstrap: + description: Bootstrap is a reference to a local struct which encapsulates fields to configure the Machine’s bootstrapping mechanism. + properties: + configRef: + description: ConfigRef is a reference to a bootstrap provider-specific resource that holds configuration details. The reference is optional to allow users/operators to specify Bootstrap.DataSecretName without the need of a controller. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + dataSecretName: + description: DataSecretName is the name of the secret that stores the bootstrap data script. If nil, the Machine should remain in the Pending state. + type: string + type: object + clusterName: + description: ClusterName is the name of the Cluster this object belongs to. + minLength: 1 + type: string + failureDomain: + description: FailureDomain is the failure domain the machine will be created in. Must match a key in the FailureDomains map stored on the cluster object. + type: string + infrastructureRef: + description: InfrastructureRef is a required reference to a custom resource offered by an infrastructure provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + nodeDeletionTimeout: + description: NodeDeletionTimeout defines how long the controller will attempt to delete the Node that the Machine hosts after the Machine is marked for deletion. A duration of 0 will retry deletion indefinitely. Defaults to 10 seconds. + type: string + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. The default value is 0, meaning that the node can be drained without any time limitations. NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`' + type: string + nodeVolumeDetachTimeout: + description: NodeVolumeDetachTimeout is the total amount of time that the controller will spend on waiting for all volumes to be detached. The default value is 0, meaning that the volumes can be detached without any time limitations. + type: string + providerID: + description: ProviderID is the identification ID of the machine provided by the provider. This field must match the provider ID as seen on the node object corresponding to this machine. This field is required by higher level consumers of cluster-api. Example use case is cluster autoscaler with cluster-api as provider. Clean-up logic in the autoscaler compares machines to nodes to find out machines at provider which could not get registered as Kubernetes nodes. With cluster-api as a generic out-of-tree provider for autoscaler, this field is required by autoscaler to be able to have a provider view of the list of machines. Another list of nodes is queried from the k8s apiserver and then a comparison is done to find out unregistered machines and are marked for delete. This field will be set by the actuators and consumed by higher level entities like autoscaler that will be interfacing with cluster-api as generic provider. + type: string + version: + description: Version defines the desired Kubernetes version. This field is meant to be optionally used by bootstrap providers. + type: string + required: + - bootstrap + - clusterName + - infrastructureRef + type: object + type: object + required: + - clusterName + - selector + - template + type: object + status: + description: MachineDeploymentStatus defines the observed state of MachineDeployment. + properties: + availableReplicas: + description: Total number of available machines (ready for at least minReadySeconds) targeted by this deployment. + format: int32 + type: integer + conditions: + description: Conditions defines current service state of the MachineDeployment. + items: + description: Condition defines an observation of a Cluster API resource operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. + type: string + severity: + description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + observedGeneration: + description: The generation observed by the deployment controller. + format: int64 + type: integer + phase: + description: Phase represents the current phase of a MachineDeployment (ScalingUp, ScalingDown, Running, Failed, or Unknown). + type: string + readyReplicas: + description: Total number of ready machines targeted by this deployment. + format: int32 + type: integer + replicas: + description: Total number of non-terminated machines targeted by this deployment (their labels match the selector). + format: int32 + type: integer + selector: + description: 'Selector is the same as the label selector but in the string format to avoid introspection by clients. The string will be in the same format as the query-param syntax. More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors' + type: string + unavailableReplicas: + description: Total number of unavailable machines targeted by this deployment. This is the total number of machines that are still required for the deployment to have 100% available capacity. They may either be machines that are running but not yet available or machines that still have not been created. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated machines targeted by this deployment that have the desired template spec. + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + scale: + labelSelectorPath: .status.selector + specReplicasPath: .spec.replicas + statusReplicasPath: .status.replicas + status: {} status: acceptedNames: kind: "" @@ -5196,7 +4585,7 @@ metadata: labels: cluster.x-k8s.io/provider: cluster-api clusterctl.cluster.x-k8s.io: "" - name: machinedeployments.cluster.x-k8s.io + name: machinehealthchecks.cluster.x-k8s.io spec: conversion: strategy: Webhook @@ -5208,1482 +4597,606 @@ spec: namespace: capi-system path: /convert conversionReviewVersions: - - v1 - - v1beta1 + - v1 + - v1beta1 group: cluster.x-k8s.io names: categories: - - cluster-api - kind: MachineDeployment - listKind: MachineDeploymentList - plural: machinedeployments + - cluster-api + kind: MachineHealthCheck + listKind: MachineHealthCheckList + plural: machinehealthchecks shortNames: - - md - singular: machinedeployment + - mhc + - mhcs + singular: machinehealthcheck scope: Namespaced versions: - - additionalPrinterColumns: - - description: MachineDeployment status such as ScalingUp/ScalingDown/Running/Failed/Unknown - jsonPath: .status.phase - name: Phase - type: string - - description: Total number of non-terminated machines targeted by this MachineDeployment - jsonPath: .status.replicas - name: Replicas - type: integer - - description: Total number of ready machines targeted by this MachineDeployment - jsonPath: .status.readyReplicas - name: Ready - type: integer - - description: Total number of non-terminated machines targeted by this deployment - that have the desired template spec - jsonPath: .status.updatedReplicas - name: Updated - type: integer - - description: Total number of unavailable machines targeted by this MachineDeployment - jsonPath: .status.unavailableReplicas - name: Unavailable - type: integer - deprecated: true - name: v1alpha3 - schema: - openAPIV3Schema: - description: "MachineDeployment is the Schema for the machinedeployments API. - \n Deprecated: This type will be removed in one of the next releases." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: MachineDeploymentSpec defines the desired state of MachineDeployment. - properties: - clusterName: - description: ClusterName is the name of the Cluster this object belongs - to. - minLength: 1 - type: string - minReadySeconds: - description: Minimum number of seconds for which a newly created machine - should be ready. Defaults to 0 (machine will be considered available - as soon as it is ready) - format: int32 - type: integer - paused: - description: Indicates that the deployment is paused. - type: boolean - progressDeadlineSeconds: - description: The maximum time in seconds for a deployment to make - progress before it is considered to be failed. The deployment controller - will continue to process failed deployments and a condition with - a ProgressDeadlineExceeded reason will be surfaced in the deployment - status. Note that progress will not be estimated during the time - a deployment is paused. Defaults to 600s. - format: int32 - type: integer - replicas: - description: Number of desired machines. Defaults to 1. This is a - pointer to distinguish between explicit zero and not specified. - format: int32 - type: integer - revisionHistoryLimit: - description: The number of old MachineSets to retain to allow rollback. - This is a pointer to distinguish between explicit zero and not specified. - Defaults to 1. - format: int32 - type: integer - selector: - description: Label selector for machines. Existing MachineSets whose - machines are selected by this will be the ones affected by this - deployment. It must match the machine template's labels. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic - merge patch. - items: + - additionalPrinterColumns: + - description: Maximum number of unhealthy machines allowed + jsonPath: .spec.maxUnhealthy + name: MaxUnhealthy + type: string + - description: Number of machines currently monitored + jsonPath: .status.expectedMachines + name: ExpectedMachines + type: integer + - description: Current observed healthy machines + jsonPath: .status.currentHealthy + name: CurrentHealthy + type: integer + deprecated: true + name: v1alpha3 + schema: + openAPIV3Schema: + description: "MachineHealthCheck is the Schema for the machinehealthchecks API. \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Specification of machine health check policy + properties: + clusterName: + description: ClusterName is the name of the Cluster this object belongs to. + minLength: 1 + type: string + maxUnhealthy: + anyOf: + - type: integer + - type: string + description: Any further remediation is only allowed if at most "MaxUnhealthy" machines selected by "selector" are not healthy. + x-kubernetes-int-or-string: true + nodeStartupTimeout: + description: Machines older than this duration without a node will be considered to have failed and will be remediated. + type: string + remediationTemplate: + description: "RemediationTemplate is a reference to a remediation template provided by an infrastructure provider. \n This field is completely optional, when filled, the MachineHealthCheck controller creates a new object from the template referenced and hands off remediation of the machine to a controller that lives outside of Cluster API." + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + selector: + description: Label selector to match machines whose health will be exercised + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. type: string - type: array - required: - - key - - operator + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - strategy: - description: The deployment strategy to use to replace existing machines - with new ones. - properties: - rollingUpdate: - description: Rolling update config params. Present only if MachineDeploymentStrategyType - = RollingUpdate. + type: object + x-kubernetes-map-type: atomic + unhealthyConditions: + description: UnhealthyConditions contains a list of the conditions that determine whether a node is considered unhealthy. The conditions are combined in a logical OR, i.e. if any of the conditions is met, the node is unhealthy. + items: + description: UnhealthyCondition represents a Node condition type and value with a timeout specified as a duration. When the named condition has been in the given status for at least the timeout value, a node is considered unhealthy. properties: - maxSurge: - anyOf: - - type: integer - - type: string - description: 'The maximum number of machines that can be scheduled - above the desired number of machines. Value can be an absolute - number (ex: 5) or a percentage of desired machines (ex: - 10%). This can not be 0 if MaxUnavailable is 0. Absolute - number is calculated from percentage by rounding up. Defaults - to 1. Example: when this is set to 30%, the new MachineSet - can be scaled up immediately when the rolling update starts, - such that the total number of old and new machines do not - exceed 130% of desired machines. Once old machines have - been killed, new MachineSet can be scaled up further, ensuring - that total number of machines running at any time during - the update is at most 130% of desired machines.' - x-kubernetes-int-or-string: true - maxUnavailable: - anyOf: - - type: integer - - type: string - description: 'The maximum number of machines that can be unavailable - during the update. Value can be an absolute number (ex: - 5) or a percentage of desired machines (ex: 10%). Absolute - number is calculated from percentage by rounding down. This - can not be 0 if MaxSurge is 0. Defaults to 0. Example: when - this is set to 30%, the old MachineSet can be scaled down - to 70% of desired machines immediately when the rolling - update starts. Once new machines are ready, old MachineSet - can be scaled down further, followed by scaling up the new - MachineSet, ensuring that the total number of machines available - at all times during the update is at least 70% of desired - machines.' - x-kubernetes-int-or-string: true + status: + minLength: 1 + type: string + timeout: + type: string + type: + minLength: 1 + type: string + required: + - status + - timeout + - type type: object - type: - description: Type of deployment. Currently the only supported - strategy is "RollingUpdate". Default is RollingUpdate. - type: string - type: object - template: - description: Template describes the machines that will be created. - properties: - metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + minItems: 1 + type: array + required: + - clusterName + - selector + - unhealthyConditions + type: object + status: + description: Most recently observed status of MachineHealthCheck resource + properties: + conditions: + description: Conditions defines current service state of the MachineHealthCheck. + items: + description: Condition defines an observation of a Cluster API resource operational state. properties: - annotations: - additionalProperties: - type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - http://kubernetes.io/docs/user-guide/annotations' - type: object - generateName: - description: "GenerateName is an optional prefix, used by - the server, to generate a unique name ONLY IF the Name field - has not been provided. If this field is used, the name returned - to the client will be different than the name passed. This - value will also be combined with a unique suffix. The provided - value has the same validation rules as the Name field, and - may be truncated by the length of the suffix required to - make the value unique on the server. \n If this field is - specified and the generated name exists, the server will - NOT return a 409 - instead, it will either return 201 Created - or 500 with Reason ServerTimeout indicating a unique name - could not be found in the time allotted, and the client - should retry (optionally after the time indicated in the - Retry-After header). \n Applied only if Name is not specified. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency - \n Deprecated: This field has no function and is going to - be removed in a next release." - type: string - labels: - additionalProperties: - type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. May - match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' - type: object - name: - description: "Name must be unique within a namespace. Is required - when creating resources, although some resources may allow - a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence - and configuration definition. Cannot be updated. More info: - http://kubernetes.io/docs/user-guide/identifiers#names \n - Deprecated: This field has no function and is going to be - removed in a next release." + lastTransitionTime: + description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time type: string - namespace: - description: "Namespace defines the space within each name - must be unique. An empty namespace is equivalent to the - \"default\" namespace, but \"default\" is the canonical - representation. Not all objects are required to be scoped - to a namespace - the value of this field for those objects - will be empty. \n Must be a DNS_LABEL. Cannot be updated. - More info: http://kubernetes.io/docs/user-guide/namespaces - \n Deprecated: This field has no function and is going to - be removed in a next release." - type: string - ownerReferences: - description: "List of objects depended by this object. If - ALL objects in the list have been deleted, this object will - be garbage collected. If this object is managed by a controller, - then an entry in this list will point to this controller, - with the controller field set to true. There cannot be more - than one managing controller. \n Deprecated: This field - has no function and is going to be removed in a next release." - items: - description: OwnerReference contains enough information - to let you identify an owning object. An owning object - must be in the same namespace as the dependent, or be - cluster-scoped, so there is no namespace field. - properties: - apiVersion: - description: API version of the referent. - type: string - blockOwnerDeletion: - description: If true, AND if the owner has the "foregroundDeletion" - finalizer, then the owner cannot be deleted from the - key-value store until this reference is removed. See - https://kubernetes.io/docs/concepts/architecture/garbage-collection/#foreground-deletion - for how the garbage collector interacts with this - field and enforces the foreground deletion. Defaults - to false. To set this field, a user needs "delete" - permission of the owner, otherwise 422 (Unprocessable - Entity) will be returned. - type: boolean - controller: - description: If true, this reference points to the managing - controller. - type: boolean - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids' - type: string - required: - - apiVersion - - kind - - name - - uid - type: object - x-kubernetes-map-type: atomic - type: array + message: + description: A human readable message indicating details about the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. + type: string + severity: + description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + type: string + required: + - status + - type type: object - spec: - description: 'Specification of the desired behavior of the machine. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - properties: - bootstrap: - description: Bootstrap is a reference to a local struct which - encapsulates fields to configure the Machine’s bootstrapping - mechanism. + type: array + currentHealthy: + description: total number of healthy machines counted by this machine health check + format: int32 + minimum: 0 + type: integer + expectedMachines: + description: total number of machines counted by this machine health check + format: int32 + minimum: 0 + type: integer + observedGeneration: + description: ObservedGeneration is the latest generation observed by the controller. + format: int64 + type: integer + remediationsAllowed: + description: RemediationsAllowed is the number of further remediations allowed by this machine health check before maxUnhealthy short circuiting will be applied + format: int32 + minimum: 0 + type: integer + targets: + description: Targets shows the current list of machines the machine health check is watching + items: + type: string + type: array + type: object + type: object + served: false + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Cluster + jsonPath: .spec.clusterName + name: Cluster + type: string + - description: Time duration since creation of MachineHealthCheck + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Maximum number of unhealthy machines allowed + jsonPath: .spec.maxUnhealthy + name: MaxUnhealthy + type: string + - description: Number of machines currently monitored + jsonPath: .status.expectedMachines + name: ExpectedMachines + type: integer + - description: Current observed healthy machines + jsonPath: .status.currentHealthy + name: CurrentHealthy + type: integer + deprecated: true + name: v1alpha4 + schema: + openAPIV3Schema: + description: "MachineHealthCheck is the Schema for the machinehealthchecks API. \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Specification of machine health check policy + properties: + clusterName: + description: ClusterName is the name of the Cluster this object belongs to. + minLength: 1 + type: string + maxUnhealthy: + anyOf: + - type: integer + - type: string + description: Any further remediation is only allowed if at most "MaxUnhealthy" machines selected by "selector" are not healthy. + x-kubernetes-int-or-string: true + nodeStartupTimeout: + description: Machines older than this duration without a node will be considered to have failed and will be remediated. If not set, this value is defaulted to 10 minutes. If you wish to disable this feature, set the value explicitly to 0. + type: string + remediationTemplate: + description: "RemediationTemplate is a reference to a remediation template provided by an infrastructure provider. \n This field is completely optional, when filled, the MachineHealthCheck controller creates a new object from the template referenced and hands off remediation of the machine to a controller that lives outside of Cluster API." + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + selector: + description: Label selector to match machines whose health will be exercised + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: - configRef: - description: ConfigRef is a reference to a bootstrap provider-specific - resource that holds configuration details. The reference - is optional to allow users/operators to specify Bootstrap.Data - without the need of a controller. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object - instead of an entire object, this string should - contain a valid JSON/Go field access statement, - such as desiredState.manifest.containers[2]. For - example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container - that triggered the event) or if no container name - is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only - to have some well-defined way of referencing a part - of an object. TODO: this design is not final and - this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this - reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - data: - description: "Data contains the bootstrap data, such as - cloud-init details scripts. If nil, the Machine should - remain in the Pending state. \n Deprecated: Switch to - DataSecretName." + key: + description: key is the label key that the selector applies to. type: string - dataSecretName: - description: DataSecretName is the name of the secret - that stores the bootstrap data script. If nil, the Machine - should remain in the Pending state. + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator type: object - clusterName: - description: ClusterName is the name of the Cluster this object - belongs to. + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + unhealthyConditions: + description: UnhealthyConditions contains a list of the conditions that determine whether a node is considered unhealthy. The conditions are combined in a logical OR, i.e. if any of the conditions is met, the node is unhealthy. + items: + description: UnhealthyCondition represents a Node condition type and value with a timeout specified as a duration. When the named condition has been in the given status for at least the timeout value, a node is considered unhealthy. + properties: + status: minLength: 1 type: string - failureDomain: - description: FailureDomain is the failure domain the machine - will be created in. Must match a key in the FailureDomains - map stored on the cluster object. + timeout: type: string - infrastructureRef: - description: InfrastructureRef is a required reference to - a custom resource offered by an infrastructure provider. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that - triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this - pod). This syntax is chosen only to have some well-defined - way of referencing a part of an object. TODO: this design - is not final and this field is subject to change in - the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of time - that the controller will spend on draining a node. The default - value is 0, meaning that the node can be drained without - any time limitations. NOTE: NodeDrainTimeout is different - from `kubectl drain --timeout`' - type: string - providerID: - description: ProviderID is the identification ID of the machine - provided by the provider. This field must match the provider - ID as seen on the node object corresponding to this machine. - This field is required by higher level consumers of cluster-api. - Example use case is cluster autoscaler with cluster-api - as provider. Clean-up logic in the autoscaler compares machines - to nodes to find out machines at provider which could not - get registered as Kubernetes nodes. With cluster-api as - a generic out-of-tree provider for autoscaler, this field - is required by autoscaler to be able to have a provider - view of the list of machines. Another list of nodes is queried - from the k8s apiserver and then a comparison is done to - find out unregistered machines and are marked for delete. - This field will be set by the actuators and consumed by - higher level entities like autoscaler that will be interfacing - with cluster-api as generic provider. - type: string - version: - description: Version defines the desired Kubernetes version. - This field is meant to be optionally used by bootstrap providers. + type: + minLength: 1 type: string required: - - bootstrap - - clusterName - - infrastructureRef - type: object - type: object - required: - - clusterName - - selector - - template - type: object - status: - description: MachineDeploymentStatus defines the observed state of MachineDeployment. - properties: - availableReplicas: - description: Total number of available machines (ready for at least - minReadySeconds) targeted by this deployment. - format: int32 - type: integer - observedGeneration: - description: The generation observed by the deployment controller. - format: int64 - type: integer - phase: - description: Phase represents the current phase of a MachineDeployment - (ScalingUp, ScalingDown, Running, Failed, or Unknown). - type: string - readyReplicas: - description: Total number of ready machines targeted by this deployment. - format: int32 - type: integer - replicas: - description: Total number of non-terminated machines targeted by this - deployment (their labels match the selector). - format: int32 - type: integer - selector: - description: 'Selector is the same as the label selector but in the - string format to avoid introspection by clients. The string will - be in the same format as the query-param syntax. More info about - label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors' - type: string - unavailableReplicas: - description: Total number of unavailable machines targeted by this - deployment. This is the total number of machines that are still - required for the deployment to have 100% available capacity. They - may either be machines that are running but not yet available or - machines that still have not been created. - format: int32 - type: integer - updatedReplicas: - description: Total number of non-terminated machines targeted by this - deployment that have the desired template spec. - format: int32 - type: integer - type: object - type: object - served: false - storage: false - subresources: - scale: - labelSelectorPath: .status.selector - specReplicasPath: .spec.replicas - statusReplicasPath: .status.replicas - status: {} - - additionalPrinterColumns: - - description: Cluster - jsonPath: .spec.clusterName - name: Cluster - type: string - - description: Time duration since creation of MachineDeployment - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - description: MachineDeployment status such as ScalingUp/ScalingDown/Running/Failed/Unknown - jsonPath: .status.phase - name: Phase - type: string - - description: Total number of non-terminated machines targeted by this MachineDeployment - jsonPath: .status.replicas - name: Replicas - type: integer - - description: Total number of ready machines targeted by this MachineDeployment - jsonPath: .status.readyReplicas - name: Ready - type: integer - - description: Total number of non-terminated machines targeted by this deployment - that have the desired template spec - jsonPath: .status.updatedReplicas - name: Updated - type: integer - - description: Total number of unavailable machines targeted by this MachineDeployment - jsonPath: .status.unavailableReplicas - name: Unavailable - type: integer - deprecated: true - name: v1alpha4 - schema: - openAPIV3Schema: - description: "MachineDeployment is the Schema for the machinedeployments API. - \n Deprecated: This type will be removed in one of the next releases." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: MachineDeploymentSpec defines the desired state of MachineDeployment. - properties: - clusterName: - description: ClusterName is the name of the Cluster this object belongs - to. - minLength: 1 - type: string - minReadySeconds: - description: Minimum number of seconds for which a newly created machine - should be ready. Defaults to 0 (machine will be considered available - as soon as it is ready) - format: int32 - type: integer - paused: - description: Indicates that the deployment is paused. - type: boolean - progressDeadlineSeconds: - description: The maximum time in seconds for a deployment to make - progress before it is considered to be failed. The deployment controller - will continue to process failed deployments and a condition with - a ProgressDeadlineExceeded reason will be surfaced in the deployment - status. Note that progress will not be estimated during the time - a deployment is paused. Defaults to 600s. - format: int32 - type: integer - replicas: - default: 1 - description: Number of desired machines. Defaults to 1. This is a - pointer to distinguish between explicit zero and not specified. - format: int32 - type: integer - revisionHistoryLimit: - description: The number of old MachineSets to retain to allow rollback. - This is a pointer to distinguish between explicit zero and not specified. - Defaults to 1. - format: int32 - type: integer - selector: - description: Label selector for machines. Existing MachineSets whose - machines are selected by this will be the ones affected by this - deployment. It must match the machine template's labels. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - strategy: - description: The deployment strategy to use to replace existing machines - with new ones. - properties: - rollingUpdate: - description: Rolling update config params. Present only if MachineDeploymentStrategyType - = RollingUpdate. - properties: - deletePolicy: - description: DeletePolicy defines the policy used by the MachineDeployment - to identify nodes to delete when downscaling. Valid values - are "Random, "Newest", "Oldest" When no value is supplied, - the default DeletePolicy of MachineSet is used - enum: - - Random - - Newest - - Oldest - type: string - maxSurge: - anyOf: - - type: integer - - type: string - description: 'The maximum number of machines that can be scheduled - above the desired number of machines. Value can be an absolute - number (ex: 5) or a percentage of desired machines (ex: - 10%). This can not be 0 if MaxUnavailable is 0. Absolute - number is calculated from percentage by rounding up. Defaults - to 1. Example: when this is set to 30%, the new MachineSet - can be scaled up immediately when the rolling update starts, - such that the total number of old and new machines do not - exceed 130% of desired machines. Once old machines have - been killed, new MachineSet can be scaled up further, ensuring - that total number of machines running at any time during - the update is at most 130% of desired machines.' - x-kubernetes-int-or-string: true - maxUnavailable: - anyOf: - - type: integer - - type: string - description: 'The maximum number of machines that can be unavailable - during the update. Value can be an absolute number (ex: - 5) or a percentage of desired machines (ex: 10%). Absolute - number is calculated from percentage by rounding down. This - can not be 0 if MaxSurge is 0. Defaults to 0. Example: when - this is set to 30%, the old MachineSet can be scaled down - to 70% of desired machines immediately when the rolling - update starts. Once new machines are ready, old MachineSet - can be scaled down further, followed by scaling up the new - MachineSet, ensuring that the total number of machines available - at all times during the update is at least 70% of desired - machines.' - x-kubernetes-int-or-string: true - type: object - type: - description: Type of deployment. Default is RollingUpdate. - enum: - - RollingUpdate - - OnDelete - type: string - type: object - template: - description: Template describes the machines that will be created. - properties: - metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' - properties: - annotations: - additionalProperties: - type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - http://kubernetes.io/docs/user-guide/annotations' - type: object - labels: - additionalProperties: - type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. May - match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' - type: object + - status + - timeout + - type type: object - spec: - description: 'Specification of the desired behavior of the machine. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + minItems: 1 + type: array + unhealthyRange: + description: 'Any further remediation is only allowed if the number of machines selected by "selector" as not healthy is within the range of "UnhealthyRange". Takes precedence over MaxUnhealthy. Eg. "[3-5]" - This means that remediation will be allowed only when: (a) there are at least 3 unhealthy machines (and) (b) there are at most 5 unhealthy machines' + pattern: ^\[[0-9]+-[0-9]+\]$ + type: string + required: + - clusterName + - selector + - unhealthyConditions + type: object + status: + description: Most recently observed status of MachineHealthCheck resource + properties: + conditions: + description: Conditions defines current service state of the MachineHealthCheck. + items: + description: Condition defines an observation of a Cluster API resource operational state. properties: - bootstrap: - description: Bootstrap is a reference to a local struct which - encapsulates fields to configure the Machine’s bootstrapping - mechanism. - properties: - configRef: - description: ConfigRef is a reference to a bootstrap provider-specific - resource that holds configuration details. The reference - is optional to allow users/operators to specify Bootstrap.DataSecretName - without the need of a controller. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object - instead of an entire object, this string should - contain a valid JSON/Go field access statement, - such as desiredState.manifest.containers[2]. For - example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container - that triggered the event) or if no container name - is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only - to have some well-defined way of referencing a part - of an object. TODO: this design is not final and - this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this - reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - dataSecretName: - description: DataSecretName is the name of the secret - that stores the bootstrap data script. If nil, the Machine - should remain in the Pending state. - type: string - type: object - clusterName: - description: ClusterName is the name of the Cluster this object - belongs to. - minLength: 1 + lastTransitionTime: + description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time type: string - failureDomain: - description: FailureDomain is the failure domain the machine - will be created in. Must match a key in the FailureDomains - map stored on the cluster object. + message: + description: A human readable message indicating details about the transition. This field may be empty. type: string - infrastructureRef: - description: InfrastructureRef is a required reference to - a custom resource offered by an infrastructure provider. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that - triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this - pod). This syntax is chosen only to have some well-defined - way of referencing a part of an object. TODO: this design - is not final and this field is subject to change in - the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of time - that the controller will spend on draining a node. The default - value is 0, meaning that the node can be drained without - any time limitations. NOTE: NodeDrainTimeout is different - from `kubectl drain --timeout`' - type: string - providerID: - description: ProviderID is the identification ID of the machine - provided by the provider. This field must match the provider - ID as seen on the node object corresponding to this machine. - This field is required by higher level consumers of cluster-api. - Example use case is cluster autoscaler with cluster-api - as provider. Clean-up logic in the autoscaler compares machines - to nodes to find out machines at provider which could not - get registered as Kubernetes nodes. With cluster-api as - a generic out-of-tree provider for autoscaler, this field - is required by autoscaler to be able to have a provider - view of the list of machines. Another list of nodes is queried - from the k8s apiserver and then a comparison is done to - find out unregistered machines and are marked for delete. - This field will be set by the actuators and consumed by - higher level entities like autoscaler that will be interfacing - with cluster-api as generic provider. - type: string - version: - description: Version defines the desired Kubernetes version. - This field is meant to be optionally used by bootstrap providers. + reason: + description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. + type: string + severity: + description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - - bootstrap - - clusterName - - infrastructureRef + - status + - type type: object - type: object - required: - - clusterName - - selector - - template - type: object - status: - description: MachineDeploymentStatus defines the observed state of MachineDeployment. - properties: - availableReplicas: - description: Total number of available machines (ready for at least - minReadySeconds) targeted by this deployment. - format: int32 - type: integer - conditions: - description: Conditions defines current service state of the MachineDeployment. - items: - description: Condition defines an observation of a Cluster API resource - operational state. + type: array + currentHealthy: + description: total number of healthy machines counted by this machine health check + format: int32 + minimum: 0 + type: integer + expectedMachines: + description: total number of machines counted by this machine health check + format: int32 + minimum: 0 + type: integer + observedGeneration: + description: ObservedGeneration is the latest generation observed by the controller. + format: int64 + type: integer + remediationsAllowed: + description: RemediationsAllowed is the number of further remediations allowed by this machine health check before maxUnhealthy short circuiting will be applied + format: int32 + minimum: 0 + type: integer + targets: + description: Targets shows the current list of machines the machine health check is watching + items: + type: string + type: array + type: object + type: object + served: false + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Cluster + jsonPath: .spec.clusterName + name: Cluster + type: string + - description: Number of machines currently monitored + jsonPath: .status.expectedMachines + name: ExpectedMachines + type: integer + - description: Maximum number of unhealthy machines allowed + jsonPath: .spec.maxUnhealthy + name: MaxUnhealthy + type: string + - description: Current observed healthy machines + jsonPath: .status.currentHealthy + name: CurrentHealthy + type: integer + - description: Time duration since creation of MachineHealthCheck + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: MachineHealthCheck is the Schema for the machinehealthchecks API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Specification of machine health check policy + properties: + clusterName: + description: ClusterName is the name of the Cluster this object belongs to. + minLength: 1 + type: string + maxUnhealthy: + anyOf: + - type: integer + - type: string + description: Any further remediation is only allowed if at most "MaxUnhealthy" machines selected by "selector" are not healthy. + x-kubernetes-int-or-string: true + nodeStartupTimeout: + description: Machines older than this duration without a node will be considered to have failed and will be remediated. If not set, this value is defaulted to 10 minutes. If you wish to disable this feature, set the value explicitly to 0. + type: string + remediationTemplate: + description: "RemediationTemplate is a reference to a remediation template provided by an infrastructure provider. \n This field is completely optional, when filled, the MachineHealthCheck controller creates a new object from the template referenced and hands off remediation of the machine to a controller that lives outside of Cluster API." properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time + apiVersion: + description: API version of the referent. type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - status: - description: Status of the condition, one of True, False, Unknown. + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string - required: - - status - - type type: object - type: array - observedGeneration: - description: The generation observed by the deployment controller. - format: int64 - type: integer - phase: - description: Phase represents the current phase of a MachineDeployment - (ScalingUp, ScalingDown, Running, Failed, or Unknown). - type: string - readyReplicas: - description: Total number of ready machines targeted by this deployment. - format: int32 - type: integer - replicas: - description: Total number of non-terminated machines targeted by this - deployment (their labels match the selector). - format: int32 - type: integer - selector: - description: 'Selector is the same as the label selector but in the - string format to avoid introspection by clients. The string will - be in the same format as the query-param syntax. More info about - label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors' - type: string - unavailableReplicas: - description: Total number of unavailable machines targeted by this - deployment. This is the total number of machines that are still - required for the deployment to have 100% available capacity. They - may either be machines that are running but not yet available or - machines that still have not been created. - format: int32 - type: integer - updatedReplicas: - description: Total number of non-terminated machines targeted by this - deployment that have the desired template spec. - format: int32 - type: integer - type: object - type: object - served: false - storage: false - subresources: - scale: - labelSelectorPath: .status.selector - specReplicasPath: .spec.replicas - statusReplicasPath: .status.replicas - status: {} - - additionalPrinterColumns: - - description: Cluster - jsonPath: .spec.clusterName - name: Cluster - type: string - - description: Total number of machines desired by this MachineDeployment - jsonPath: .spec.replicas - name: Desired - priority: 10 - type: integer - - description: Total number of non-terminated machines targeted by this MachineDeployment - jsonPath: .status.replicas - name: Replicas - type: integer - - description: Total number of ready machines targeted by this MachineDeployment - jsonPath: .status.readyReplicas - name: Ready - type: integer - - description: Total number of non-terminated machines targeted by this deployment - that have the desired template spec - jsonPath: .status.updatedReplicas - name: Updated - type: integer - - description: Total number of unavailable machines targeted by this MachineDeployment - jsonPath: .status.unavailableReplicas - name: Unavailable - type: integer - - description: MachineDeployment status such as ScalingUp/ScalingDown/Running/Failed/Unknown - jsonPath: .status.phase - name: Phase - type: string - - description: Time duration since creation of MachineDeployment - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - description: Kubernetes version associated with this MachineDeployment - jsonPath: .spec.template.spec.version - name: Version - type: string - name: v1beta1 - schema: - openAPIV3Schema: - description: MachineDeployment is the Schema for the machinedeployments API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: MachineDeploymentSpec defines the desired state of MachineDeployment. - properties: - clusterName: - description: ClusterName is the name of the Cluster this object belongs - to. - minLength: 1 - type: string - minReadySeconds: - description: MinReadySeconds is the minimum number of seconds for - which a Node for a newly created machine should be ready before - considering the replica available. Defaults to 0 (machine will be - considered available as soon as the Node is ready) - format: int32 - type: integer - paused: - description: Indicates that the deployment is paused. - type: boolean - progressDeadlineSeconds: - description: The maximum time in seconds for a deployment to make - progress before it is considered to be failed. The deployment controller - will continue to process failed deployments and a condition with - a ProgressDeadlineExceeded reason will be surfaced in the deployment - status. Note that progress will not be estimated during the time - a deployment is paused. Defaults to 600s. - format: int32 - type: integer - replicas: - description: "Number of desired machines. This is a pointer to distinguish - between explicit zero and not specified. \n Defaults to: * if the - Kubernetes autoscaler min size and max size annotations are set: - - if it's a new MachineDeployment, use min size - if the replicas - field of the old MachineDeployment is < min size, use min size - - if the replicas field of the old MachineDeployment is > max size, - use max size - if the replicas field of the old MachineDeployment - is in the (min size, max size) range, keep the value from the oldMD - * otherwise use 1 Note: Defaulting will be run whenever the replicas - field is not set: * A new MachineDeployment is created with replicas - not set. * On an existing MachineDeployment the replicas field was - first set and is now unset. Those cases are especially relevant - for the following Kubernetes autoscaler use cases: * A new MachineDeployment - is created and replicas should be managed by the autoscaler * An - existing MachineDeployment which initially wasn't controlled by - the autoscaler should be later controlled by the autoscaler" - format: int32 - type: integer - revisionHistoryLimit: - description: The number of old MachineSets to retain to allow rollback. - This is a pointer to distinguish between explicit zero and not specified. - Defaults to 1. - format: int32 - type: integer - rolloutAfter: - description: 'RolloutAfter is a field to indicate a rollout should - be performed after the specified time even if no changes have been - made to the MachineDeployment. Example: In the YAML the time can - be specified in the RFC3339 format. To specify the rolloutAfter - target as March 9, 2023, at 9 am UTC use "2023-03-09T09:00:00Z".' - format: date-time - type: string - selector: - description: Label selector for machines. Existing MachineSets whose - machines are selected by this will be the ones affected by this - deployment. It must match the machine template's labels. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic - merge patch. - items: + x-kubernetes-map-type: atomic + selector: + description: Label selector to match machines whose health will be exercised + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. type: string - type: array - required: - - key - - operator + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - strategy: - description: The deployment strategy to use to replace existing machines - with new ones. - properties: - rollingUpdate: - description: Rolling update config params. Present only if MachineDeploymentStrategyType - = RollingUpdate. - properties: - deletePolicy: - description: DeletePolicy defines the policy used by the MachineDeployment - to identify nodes to delete when downscaling. Valid values - are "Random, "Newest", "Oldest" When no value is supplied, - the default DeletePolicy of MachineSet is used - enum: - - Random - - Newest - - Oldest - type: string - maxSurge: - anyOf: - - type: integer - - type: string - description: 'The maximum number of machines that can be scheduled - above the desired number of machines. Value can be an absolute - number (ex: 5) or a percentage of desired machines (ex: - 10%). This can not be 0 if MaxUnavailable is 0. Absolute - number is calculated from percentage by rounding up. Defaults - to 1. Example: when this is set to 30%, the new MachineSet - can be scaled up immediately when the rolling update starts, - such that the total number of old and new machines do not - exceed 130% of desired machines. Once old machines have - been killed, new MachineSet can be scaled up further, ensuring - that total number of machines running at any time during - the update is at most 130% of desired machines.' - x-kubernetes-int-or-string: true - maxUnavailable: - anyOf: - - type: integer - - type: string - description: 'The maximum number of machines that can be unavailable - during the update. Value can be an absolute number (ex: - 5) or a percentage of desired machines (ex: 10%). Absolute - number is calculated from percentage by rounding down. This - can not be 0 if MaxSurge is 0. Defaults to 0. Example: when - this is set to 30%, the old MachineSet can be scaled down - to 70% of desired machines immediately when the rolling - update starts. Once new machines are ready, old MachineSet - can be scaled down further, followed by scaling up the new - MachineSet, ensuring that the total number of machines available - at all times during the update is at least 70% of desired - machines.' - x-kubernetes-int-or-string: true - type: object - type: - description: Type of deployment. Allowed values are RollingUpdate - and OnDelete. The default is RollingUpdate. - enum: - - RollingUpdate - - OnDelete - type: string - type: object - template: - description: Template describes the machines that will be created. - properties: - metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + type: object + x-kubernetes-map-type: atomic + unhealthyConditions: + description: UnhealthyConditions contains a list of the conditions that determine whether a node is considered unhealthy. The conditions are combined in a logical OR, i.e. if any of the conditions is met, the node is unhealthy. + items: + description: UnhealthyCondition represents a Node condition type and value with a timeout specified as a duration. When the named condition has been in the given status for at least the timeout value, a node is considered unhealthy. properties: - annotations: - additionalProperties: - type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - http://kubernetes.io/docs/user-guide/annotations' - type: object - labels: - additionalProperties: - type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. May - match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' - type: object + status: + minLength: 1 + type: string + timeout: + type: string + type: + minLength: 1 + type: string + required: + - status + - timeout + - type type: object - spec: - description: 'Specification of the desired behavior of the machine. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + minItems: 1 + type: array + unhealthyRange: + description: 'Any further remediation is only allowed if the number of machines selected by "selector" as not healthy is within the range of "UnhealthyRange". Takes precedence over MaxUnhealthy. Eg. "[3-5]" - This means that remediation will be allowed only when: (a) there are at least 3 unhealthy machines (and) (b) there are at most 5 unhealthy machines' + pattern: ^\[[0-9]+-[0-9]+\]$ + type: string + required: + - clusterName + - selector + - unhealthyConditions + type: object + status: + description: Most recently observed status of MachineHealthCheck resource + properties: + conditions: + description: Conditions defines current service state of the MachineHealthCheck. + items: + description: Condition defines an observation of a Cluster API resource operational state. properties: - bootstrap: - description: Bootstrap is a reference to a local struct which - encapsulates fields to configure the Machine’s bootstrapping - mechanism. - properties: - configRef: - description: ConfigRef is a reference to a bootstrap provider-specific - resource that holds configuration details. The reference - is optional to allow users/operators to specify Bootstrap.DataSecretName - without the need of a controller. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object - instead of an entire object, this string should - contain a valid JSON/Go field access statement, - such as desiredState.manifest.containers[2]. For - example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container - that triggered the event) or if no container name - is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only - to have some well-defined way of referencing a part - of an object. TODO: this design is not final and - this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this - reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - dataSecretName: - description: DataSecretName is the name of the secret - that stores the bootstrap data script. If nil, the Machine - should remain in the Pending state. - type: string - type: object - clusterName: - description: ClusterName is the name of the Cluster this object - belongs to. - minLength: 1 + lastTransitionTime: + description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time type: string - failureDomain: - description: FailureDomain is the failure domain the machine - will be created in. Must match a key in the FailureDomains - map stored on the cluster object. + message: + description: A human readable message indicating details about the transition. This field may be empty. type: string - infrastructureRef: - description: InfrastructureRef is a required reference to - a custom resource offered by an infrastructure provider. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that - triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this - pod). This syntax is chosen only to have some well-defined - way of referencing a part of an object. TODO: this design - is not final and this field is subject to change in - the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - nodeDeletionTimeout: - description: NodeDeletionTimeout defines how long the controller - will attempt to delete the Node that the Machine hosts after - the Machine is marked for deletion. A duration of 0 will - retry deletion indefinitely. Defaults to 10 seconds. - type: string - nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of time - that the controller will spend on draining a node. The default - value is 0, meaning that the node can be drained without - any time limitations. NOTE: NodeDrainTimeout is different - from `kubectl drain --timeout`' - type: string - nodeVolumeDetachTimeout: - description: NodeVolumeDetachTimeout is the total amount of - time that the controller will spend on waiting for all volumes - to be detached. The default value is 0, meaning that the - volumes can be detached without any time limitations. - type: string - providerID: - description: ProviderID is the identification ID of the machine - provided by the provider. This field must match the provider - ID as seen on the node object corresponding to this machine. - This field is required by higher level consumers of cluster-api. - Example use case is cluster autoscaler with cluster-api - as provider. Clean-up logic in the autoscaler compares machines - to nodes to find out machines at provider which could not - get registered as Kubernetes nodes. With cluster-api as - a generic out-of-tree provider for autoscaler, this field - is required by autoscaler to be able to have a provider - view of the list of machines. Another list of nodes is queried - from the k8s apiserver and then a comparison is done to - find out unregistered machines and are marked for delete. - This field will be set by the actuators and consumed by - higher level entities like autoscaler that will be interfacing - with cluster-api as generic provider. - type: string - version: - description: Version defines the desired Kubernetes version. - This field is meant to be optionally used by bootstrap providers. + reason: + description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. + type: string + severity: + description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - - bootstrap - - clusterName - - infrastructureRef + - lastTransitionTime + - status + - type type: object - type: object - required: - - clusterName - - selector - - template - type: object - status: - description: MachineDeploymentStatus defines the observed state of MachineDeployment. - properties: - availableReplicas: - description: Total number of available machines (ready for at least - minReadySeconds) targeted by this deployment. - format: int32 - type: integer - conditions: - description: Conditions defines current service state of the MachineDeployment. - items: - description: Condition defines an observation of a Cluster API resource - operational state. - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. - type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. - type: string - required: - - lastTransitionTime - - status - - type - type: object - type: array - observedGeneration: - description: The generation observed by the deployment controller. - format: int64 - type: integer - phase: - description: Phase represents the current phase of a MachineDeployment - (ScalingUp, ScalingDown, Running, Failed, or Unknown). - type: string - readyReplicas: - description: Total number of ready machines targeted by this deployment. - format: int32 - type: integer - replicas: - description: Total number of non-terminated machines targeted by this - deployment (their labels match the selector). - format: int32 - type: integer - selector: - description: 'Selector is the same as the label selector but in the - string format to avoid introspection by clients. The string will - be in the same format as the query-param syntax. More info about - label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors' - type: string - unavailableReplicas: - description: Total number of unavailable machines targeted by this - deployment. This is the total number of machines that are still - required for the deployment to have 100% available capacity. They - may either be machines that are running but not yet available or - machines that still have not been created. - format: int32 - type: integer - updatedReplicas: - description: Total number of non-terminated machines targeted by this - deployment that have the desired template spec. - format: int32 - type: integer - type: object - type: object - served: true - storage: true - subresources: - scale: - labelSelectorPath: .status.selector - specReplicasPath: .spec.replicas - statusReplicasPath: .status.replicas - status: {} + type: array + currentHealthy: + description: total number of healthy machines counted by this machine health check + format: int32 + minimum: 0 + type: integer + expectedMachines: + description: total number of machines counted by this machine health check + format: int32 + minimum: 0 + type: integer + observedGeneration: + description: ObservedGeneration is the latest generation observed by the controller. + format: int64 + type: integer + remediationsAllowed: + description: RemediationsAllowed is the number of further remediations allowed by this machine health check before maxUnhealthy short circuiting will be applied + format: int32 + minimum: 0 + type: integer + targets: + description: Targets shows the current list of machines the machine health check is watching + items: + type: string + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} status: acceptedNames: kind: "" @@ -6701,7 +5214,7 @@ metadata: labels: cluster.x-k8s.io/provider: cluster-api clusterctl.cluster.x-k8s.io: "" - name: machinehealthchecks.cluster.x-k8s.io + name: machinepools.cluster.x-k8s.io spec: conversion: strategy: Webhook @@ -6713,818 +5226,895 @@ spec: namespace: capi-system path: /convert conversionReviewVersions: - - v1 - - v1beta1 + - v1 + - v1beta1 group: cluster.x-k8s.io names: categories: - - cluster-api - kind: MachineHealthCheck - listKind: MachineHealthCheckList - plural: machinehealthchecks + - cluster-api + kind: MachinePool + listKind: MachinePoolList + plural: machinepools shortNames: - - mhc - - mhcs - singular: machinehealthcheck + - mp + singular: machinepool scope: Namespaced versions: - - additionalPrinterColumns: - - description: Maximum number of unhealthy machines allowed - jsonPath: .spec.maxUnhealthy - name: MaxUnhealthy - type: string - - description: Number of machines currently monitored - jsonPath: .status.expectedMachines - name: ExpectedMachines - type: integer - - description: Current observed healthy machines - jsonPath: .status.currentHealthy - name: CurrentHealthy - type: integer - deprecated: true - name: v1alpha3 - schema: - openAPIV3Schema: - description: "MachineHealthCheck is the Schema for the machinehealthchecks - API. \n Deprecated: This type will be removed in one of the next releases." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Specification of machine health check policy - properties: - clusterName: - description: ClusterName is the name of the Cluster this object belongs - to. - minLength: 1 - type: string - maxUnhealthy: - anyOf: - - type: integer - - type: string - description: Any further remediation is only allowed if at most "MaxUnhealthy" - machines selected by "selector" are not healthy. - x-kubernetes-int-or-string: true - nodeStartupTimeout: - description: Machines older than this duration without a node will - be considered to have failed and will be remediated. - type: string - remediationTemplate: - description: "RemediationTemplate is a reference to a remediation - template provided by an infrastructure provider. \n This field is - completely optional, when filled, the MachineHealthCheck controller - creates a new object from the template referenced and hands off - remediation of the machine to a controller that lives outside of - Cluster API." - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - selector: - description: Label selector to match machines whose health will be - exercised - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. + - additionalPrinterColumns: + - description: MachinePool replicas count + jsonPath: .status.replicas + name: Replicas + type: string + - description: MachinePool status such as Terminating/Pending/Provisioning/Running/Failed etc + jsonPath: .status.phase + name: Phase + type: string + - description: Kubernetes version associated with this MachinePool + jsonPath: .spec.template.spec.version + name: Version + type: string + deprecated: true + name: v1alpha3 + schema: + openAPIV3Schema: + description: "MachinePool is the Schema for the machinepools API. \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MachinePoolSpec defines the desired state of MachinePool. + properties: + clusterName: + description: ClusterName is the name of the Cluster this object belongs to. + minLength: 1 + type: string + failureDomains: + description: FailureDomains is the list of failure domains this MachinePool should be attached to. + items: + type: string + type: array + minReadySeconds: + description: Minimum number of seconds for which a newly created machine instances should be ready. Defaults to 0 (machine instance will be considered available as soon as it is ready) + format: int32 + type: integer + providerIDList: + description: ProviderIDList are the identification IDs of machine instances provided by the provider. This field must match the provider IDs as seen on the node objects corresponding to a machine pool's machine instances. + items: + type: string + type: array + replicas: + description: Number of desired machines. Defaults to 1. This is a pointer to distinguish between explicit zero and not specified. + format: int32 + type: integer + strategy: + description: The deployment strategy to use to replace existing machine instances with new ones. + properties: + rollingUpdate: + description: Rolling update config params. Present only if MachineDeploymentStrategyType = RollingUpdate. + properties: + maxSurge: + anyOf: + - type: integer + - type: string + description: 'The maximum number of machines that can be scheduled above the desired number of machines. Value can be an absolute number (ex: 5) or a percentage of desired machines (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to 1. Example: when this is set to 30%, the new MachineSet can be scaled up immediately when the rolling update starts, such that the total number of old and new machines do not exceed 130% of desired machines. Once old machines have been killed, new MachineSet can be scaled up further, ensuring that total number of machines running at any time during the update is at most 130% of desired machines.' + x-kubernetes-int-or-string: true + maxUnavailable: + anyOf: + - type: integer + - type: string + description: 'The maximum number of machines that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired machines (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to 0. Example: when this is set to 30%, the old MachineSet can be scaled down to 70% of desired machines immediately when the rolling update starts. Once new machines are ready, old MachineSet can be scaled down further, followed by scaling up the new MachineSet, ensuring that the total number of machines available at all times during the update is at least 70% of desired machines.' + x-kubernetes-int-or-string: true + type: object + type: + description: Type of deployment. Currently the only supported strategy is "RollingUpdate". Default is RollingUpdate. + type: string + type: object + template: + description: Template describes the machines that will be created. + properties: + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' properties: - key: - description: key is the label key that the selector applies - to. + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + generateName: + description: "GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. \n If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). \n Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency \n Deprecated: This field has no function and is going to be removed in a next release." + type: string + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: "Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names \n Deprecated: This field has no function and is going to be removed in a next release." + type: string + namespace: + description: "Namespace defines the space within each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. \n Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces \n Deprecated: This field has no function and is going to be removed in a next release." + type: string + ownerReferences: + description: "List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller. \n Deprecated: This field has no function and is going to be removed in a next release." + items: + description: OwnerReference contains enough information to let you identify an owning object. An owning object must be in the same namespace as the dependent, or be cluster-scoped, so there is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. See https://kubernetes.io/docs/concepts/architecture/garbage-collection/#foreground-deletion for how the garbage collector interacts with this field and enforces the foreground deletion. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: object + x-kubernetes-map-type: atomic + type: array + type: object + spec: + description: 'Specification of the desired behavior of the machine. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + bootstrap: + description: Bootstrap is a reference to a local struct which encapsulates fields to configure the Machine’s bootstrapping mechanism. + properties: + configRef: + description: ConfigRef is a reference to a bootstrap provider-specific resource that holds configuration details. The reference is optional to allow users/operators to specify Bootstrap.Data without the need of a controller. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + data: + description: "Data contains the bootstrap data, such as cloud-init details scripts. If nil, the Machine should remain in the Pending state. \n Deprecated: Switch to DataSecretName." + type: string + dataSecretName: + description: DataSecretName is the name of the secret that stores the bootstrap data script. If nil, the Machine should remain in the Pending state. + type: string + type: object + clusterName: + description: ClusterName is the name of the Cluster this object belongs to. + minLength: 1 + type: string + failureDomain: + description: FailureDomain is the failure domain the machine will be created in. Must match a key in the FailureDomains map stored on the cluster object. + type: string + infrastructureRef: + description: InfrastructureRef is a required reference to a custom resource offered by an infrastructure provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. The default value is 0, meaning that the node can be drained without any time limitations. NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`' + type: string + providerID: + description: ProviderID is the identification ID of the machine provided by the provider. This field must match the provider ID as seen on the node object corresponding to this machine. This field is required by higher level consumers of cluster-api. Example use case is cluster autoscaler with cluster-api as provider. Clean-up logic in the autoscaler compares machines to nodes to find out machines at provider which could not get registered as Kubernetes nodes. With cluster-api as a generic out-of-tree provider for autoscaler, this field is required by autoscaler to be able to have a provider view of the list of machines. Another list of nodes is queried from the k8s apiserver and then a comparison is done to find out unregistered machines and are marked for delete. This field will be set by the actuators and consumed by higher level entities like autoscaler that will be interfacing with cluster-api as generic provider. + type: string + version: + description: Version defines the desired Kubernetes version. This field is meant to be optionally used by bootstrap providers. + type: string + required: + - bootstrap + - clusterName + - infrastructureRef + type: object + type: object + required: + - clusterName + - template + type: object + status: + description: MachinePoolStatus defines the observed state of MachinePool. + properties: + availableReplicas: + description: The number of available replicas (ready for at least minReadySeconds) for this MachinePool. + format: int32 + type: integer + bootstrapReady: + description: BootstrapReady is the state of the bootstrap provider. + type: boolean + conditions: + description: Conditions define the current service state of the MachinePool. + items: + description: Condition defines an observation of a Cluster API resource operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. + type: string + severity: + description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + type: string + required: + - status + - type + type: object + type: array + failureMessage: + description: FailureMessage indicates that there is a problem reconciling the state, and will be set to a descriptive error message. + type: string + failureReason: + description: FailureReason indicates that there is a problem reconciling the state, and will be set to a token value suitable for programmatic interpretation. + type: string + infrastructureReady: + description: InfrastructureReady is the state of the infrastructure provider. + type: boolean + nodeRefs: + description: NodeRefs will point to the corresponding Nodes if it they exist. + items: + description: "ObjectReference contains enough information to let you inspect or modify the referred object. --- New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular restrictions like, \"must refer only to types A and B\" or \"UID not honored\" or \"name must be restricted\". Those cannot be well described when embedded. 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple and the version of the actual struct is irrelevant. 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. \n Instead of using this type, create a locally provided and used type that is well-focused on your reference. For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 ." + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + type: array + observedGeneration: + description: ObservedGeneration is the latest generation observed by the controller. + format: int64 + type: integer + phase: + description: Phase represents the current phase of cluster actuation. E.g. Pending, Running, Terminating, Failed etc. + type: string + readyReplicas: + description: The number of ready replicas for this MachinePool. A machine is considered ready when the node has been created and is "Ready". + format: int32 + type: integer + replicas: + description: Replicas is the most recently observed number of replicas. + format: int32 + type: integer + unavailableReplicas: + description: Total number of unavailable machine instances targeted by this machine pool. This is the total number of machine instances that are still required for the machine pool to have 100% available capacity. They may either be machine instances that are running but not yet available or machine instances that still have not been created. + format: int32 + type: integer + type: object + type: object + served: false + storage: false + subresources: + scale: + specReplicasPath: .spec.replicas + statusReplicasPath: .status.replicas + status: {} + - additionalPrinterColumns: + - description: Time duration since creation of MachinePool + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: MachinePool replicas count + jsonPath: .status.replicas + name: Replicas + type: string + - description: MachinePool status such as Terminating/Pending/Provisioning/Running/Failed etc + jsonPath: .status.phase + name: Phase + type: string + - description: Kubernetes version associated with this MachinePool + jsonPath: .spec.template.spec.version + name: Version + type: string + deprecated: true + name: v1alpha4 + schema: + openAPIV3Schema: + description: "MachinePool is the Schema for the machinepools API. \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MachinePoolSpec defines the desired state of MachinePool. + properties: + clusterName: + description: ClusterName is the name of the Cluster this object belongs to. + minLength: 1 + type: string + failureDomains: + description: FailureDomains is the list of failure domains this MachinePool should be attached to. + items: + type: string + type: array + minReadySeconds: + description: Minimum number of seconds for which a newly created machine instances should be ready. Defaults to 0 (machine instance will be considered available as soon as it is ready) + format: int32 + type: integer + providerIDList: + description: ProviderIDList are the identification IDs of machine instances provided by the provider. This field must match the provider IDs as seen on the node objects corresponding to a machine pool's machine instances. + items: + type: string + type: array + replicas: + description: Number of desired machines. Defaults to 1. This is a pointer to distinguish between explicit zero and not specified. + format: int32 + type: integer + template: + description: Template describes the machines that will be created. + properties: + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: 'Specification of the desired behavior of the machine. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + bootstrap: + description: Bootstrap is a reference to a local struct which encapsulates fields to configure the Machine’s bootstrapping mechanism. + properties: + configRef: + description: ConfigRef is a reference to a bootstrap provider-specific resource that holds configuration details. The reference is optional to allow users/operators to specify Bootstrap.DataSecretName without the need of a controller. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + dataSecretName: + description: DataSecretName is the name of the secret that stores the bootstrap data script. If nil, the Machine should remain in the Pending state. + type: string + type: object + clusterName: + description: ClusterName is the name of the Cluster this object belongs to. + minLength: 1 type: string - operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. + failureDomain: + description: FailureDomain is the failure domain the machine will be created in. Must match a key in the FailureDomains map stored on the cluster object. + type: string + infrastructureRef: + description: InfrastructureRef is a required reference to a custom resource offered by an infrastructure provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. The default value is 0, meaning that the node can be drained without any time limitations. NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`' + type: string + providerID: + description: ProviderID is the identification ID of the machine provided by the provider. This field must match the provider ID as seen on the node object corresponding to this machine. This field is required by higher level consumers of cluster-api. Example use case is cluster autoscaler with cluster-api as provider. Clean-up logic in the autoscaler compares machines to nodes to find out machines at provider which could not get registered as Kubernetes nodes. With cluster-api as a generic out-of-tree provider for autoscaler, this field is required by autoscaler to be able to have a provider view of the list of machines. Another list of nodes is queried from the k8s apiserver and then a comparison is done to find out unregistered machines and are marked for delete. This field will be set by the actuators and consumed by higher level entities like autoscaler that will be interfacing with cluster-api as generic provider. + type: string + version: + description: Version defines the desired Kubernetes version. This field is meant to be optionally used by bootstrap providers. type: string - values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array required: - - key - - operator + - bootstrap + - clusterName + - infrastructureRef type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - unhealthyConditions: - description: UnhealthyConditions contains a list of the conditions - that determine whether a node is considered unhealthy. The conditions - are combined in a logical OR, i.e. if any of the conditions is met, - the node is unhealthy. - items: - description: UnhealthyCondition represents a Node condition type - and value with a timeout specified as a duration. When the named - condition has been in the given status for at least the timeout - value, a node is considered unhealthy. - properties: - status: - minLength: 1 - type: string - timeout: - type: string - type: - minLength: 1 - type: string - required: - - status - - timeout - - type - type: object - minItems: 1 - type: array - required: - - clusterName - - selector - - unhealthyConditions - type: object - status: - description: Most recently observed status of MachineHealthCheck resource - properties: - conditions: - description: Conditions defines current service state of the MachineHealthCheck. - items: - description: Condition defines an observation of a Cluster API resource - operational state. - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. - type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. - type: string - required: - - status - - type type: object - type: array - currentHealthy: - description: total number of healthy machines counted by this machine - health check - format: int32 - minimum: 0 - type: integer - expectedMachines: - description: total number of machines counted by this machine health - check - format: int32 - minimum: 0 - type: integer - observedGeneration: - description: ObservedGeneration is the latest generation observed - by the controller. - format: int64 - type: integer - remediationsAllowed: - description: RemediationsAllowed is the number of further remediations - allowed by this machine health check before maxUnhealthy short circuiting - will be applied - format: int32 - minimum: 0 - type: integer - targets: - description: Targets shows the current list of machines the machine - health check is watching - items: + required: + - clusterName + - template + type: object + status: + description: MachinePoolStatus defines the observed state of MachinePool. + properties: + availableReplicas: + description: The number of available replicas (ready for at least minReadySeconds) for this MachinePool. + format: int32 + type: integer + bootstrapReady: + description: BootstrapReady is the state of the bootstrap provider. + type: boolean + conditions: + description: Conditions define the current service state of the MachinePool. + items: + description: Condition defines an observation of a Cluster API resource operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. + type: string + severity: + description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + type: string + required: + - status + - type + type: object + type: array + failureMessage: + description: FailureMessage indicates that there is a problem reconciling the state, and will be set to a descriptive error message. type: string - type: array - type: object - type: object - served: false - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - description: Cluster - jsonPath: .spec.clusterName - name: Cluster - type: string - - description: Time duration since creation of MachineHealthCheck - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - description: Maximum number of unhealthy machines allowed - jsonPath: .spec.maxUnhealthy - name: MaxUnhealthy - type: string - - description: Number of machines currently monitored - jsonPath: .status.expectedMachines - name: ExpectedMachines - type: integer - - description: Current observed healthy machines - jsonPath: .status.currentHealthy - name: CurrentHealthy - type: integer - deprecated: true - name: v1alpha4 - schema: - openAPIV3Schema: - description: "MachineHealthCheck is the Schema for the machinehealthchecks - API. \n Deprecated: This type will be removed in one of the next releases." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Specification of machine health check policy - properties: - clusterName: - description: ClusterName is the name of the Cluster this object belongs - to. - minLength: 1 - type: string - maxUnhealthy: - anyOf: - - type: integer - - type: string - description: Any further remediation is only allowed if at most "MaxUnhealthy" - machines selected by "selector" are not healthy. - x-kubernetes-int-or-string: true - nodeStartupTimeout: - description: Machines older than this duration without a node will - be considered to have failed and will be remediated. If not set, - this value is defaulted to 10 minutes. If you wish to disable this - feature, set the value explicitly to 0. - type: string - remediationTemplate: - description: "RemediationTemplate is a reference to a remediation - template provided by an infrastructure provider. \n This field is - completely optional, when filled, the MachineHealthCheck controller - creates a new object from the template referenced and hands off - remediation of the machine to a controller that lives outside of - Cluster API." - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - selector: - description: Label selector to match machines whose health will be - exercised - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. + failureReason: + description: FailureReason indicates that there is a problem reconciling the state, and will be set to a token value suitable for programmatic interpretation. + type: string + infrastructureReady: + description: InfrastructureReady is the state of the infrastructure provider. + type: boolean + nodeRefs: + description: NodeRefs will point to the corresponding Nodes if it they exist. + items: + description: "ObjectReference contains enough information to let you inspect or modify the referred object. --- New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular restrictions like, \"must refer only to types A and B\" or \"UID not honored\" or \"name must be restricted\". Those cannot be well described when embedded. 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple and the version of the actual struct is irrelevant. 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. \n Instead of using this type, create a locally provided and used type that is well-focused on your reference. For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 ." + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + type: array + observedGeneration: + description: ObservedGeneration is the latest generation observed by the controller. + format: int64 + type: integer + phase: + description: Phase represents the current phase of cluster actuation. E.g. Pending, Running, Terminating, Failed etc. + type: string + readyReplicas: + description: The number of ready replicas for this MachinePool. A machine is considered ready when the node has been created and is "Ready". + format: int32 + type: integer + replicas: + description: Replicas is the most recently observed number of replicas. + format: int32 + type: integer + unavailableReplicas: + description: Total number of unavailable machine instances targeted by this machine pool. This is the total number of machine instances that are still required for the machine pool to have 100% available capacity. They may either be machine instances that are running but not yet available or machine instances that still have not been created. + format: int32 + type: integer + type: object + type: object + served: false + storage: false + subresources: + scale: + specReplicasPath: .spec.replicas + statusReplicasPath: .status.replicas + status: {} + - additionalPrinterColumns: + - description: Cluster + jsonPath: .spec.clusterName + name: Cluster + type: string + - description: Total number of machines desired by this MachinePool + jsonPath: .spec.replicas + name: Desired + priority: 10 + type: integer + - description: MachinePool replicas count + jsonPath: .status.replicas + name: Replicas + type: string + - description: MachinePool status such as Terminating/Pending/Provisioning/Running/Failed etc + jsonPath: .status.phase + name: Phase + type: string + - description: Time duration since creation of MachinePool + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Kubernetes version associated with this MachinePool + jsonPath: .spec.template.spec.version + name: Version + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: MachinePool is the Schema for the machinepools API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MachinePoolSpec defines the desired state of MachinePool. + properties: + clusterName: + description: ClusterName is the name of the Cluster this object belongs to. + minLength: 1 + type: string + failureDomains: + description: FailureDomains is the list of failure domains this MachinePool should be attached to. + items: + type: string + type: array + minReadySeconds: + description: 'Minimum number of seconds for which a newly created machine instances should be ready. Defaults to 0 (machine instance will be considered available as soon as it is ready) NOTE: No logic is implemented for this field and it currently has no behaviour.' + format: int32 + type: integer + providerIDList: + description: ProviderIDList are the identification IDs of machine instances provided by the provider. This field must match the provider IDs as seen on the node objects corresponding to a machine pool's machine instances. + items: + type: string + type: array + replicas: + description: Number of desired machines. Defaults to 1. This is a pointer to distinguish between explicit zero and not specified. + format: int32 + type: integer + template: + description: Template describes the machines that will be created. + properties: + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic - merge patch. - items: + annotations: + additionalProperties: type: string - type: array - required: - - key - - operator + description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - unhealthyConditions: - description: UnhealthyConditions contains a list of the conditions - that determine whether a node is considered unhealthy. The conditions - are combined in a logical OR, i.e. if any of the conditions is met, - the node is unhealthy. - items: - description: UnhealthyCondition represents a Node condition type - and value with a timeout specified as a duration. When the named - condition has been in the given status for at least the timeout - value, a node is considered unhealthy. - properties: - status: - minLength: 1 - type: string - timeout: - type: string - type: - minLength: 1 - type: string - required: - - status - - timeout - - type - type: object - minItems: 1 - type: array - unhealthyRange: - description: 'Any further remediation is only allowed if the number - of machines selected by "selector" as not healthy is within the - range of "UnhealthyRange". Takes precedence over MaxUnhealthy. Eg. - "[3-5]" - This means that remediation will be allowed only when: - (a) there are at least 3 unhealthy machines (and) (b) there are - at most 5 unhealthy machines' - pattern: ^\[[0-9]+-[0-9]+\]$ - type: string - required: - - clusterName - - selector - - unhealthyConditions - type: object - status: - description: Most recently observed status of MachineHealthCheck resource - properties: - conditions: - description: Conditions defines current service state of the MachineHealthCheck. - items: - description: Condition defines an observation of a Cluster API resource - operational state. - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. - type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. - type: string - required: - - status - - type - type: object - type: array - currentHealthy: - description: total number of healthy machines counted by this machine - health check - format: int32 - minimum: 0 - type: integer - expectedMachines: - description: total number of machines counted by this machine health - check - format: int32 - minimum: 0 - type: integer - observedGeneration: - description: ObservedGeneration is the latest generation observed - by the controller. - format: int64 - type: integer - remediationsAllowed: - description: RemediationsAllowed is the number of further remediations - allowed by this machine health check before maxUnhealthy short circuiting - will be applied - format: int32 - minimum: 0 - type: integer - targets: - description: Targets shows the current list of machines the machine - health check is watching - items: - type: string - type: array - type: object - type: object - served: false - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - description: Cluster - jsonPath: .spec.clusterName - name: Cluster - type: string - - description: Number of machines currently monitored - jsonPath: .status.expectedMachines - name: ExpectedMachines - type: integer - - description: Maximum number of unhealthy machines allowed - jsonPath: .spec.maxUnhealthy - name: MaxUnhealthy - type: string - - description: Current observed healthy machines - jsonPath: .status.currentHealthy - name: CurrentHealthy - type: integer - - description: Time duration since creation of MachineHealthCheck - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: MachineHealthCheck is the Schema for the machinehealthchecks - API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Specification of machine health check policy - properties: - clusterName: - description: ClusterName is the name of the Cluster this object belongs - to. - minLength: 1 - type: string - maxUnhealthy: - anyOf: - - type: integer - - type: string - description: Any further remediation is only allowed if at most "MaxUnhealthy" - machines selected by "selector" are not healthy. - x-kubernetes-int-or-string: true - nodeStartupTimeout: - description: Machines older than this duration without a node will - be considered to have failed and will be remediated. If not set, - this value is defaulted to 10 minutes. If you wish to disable this - feature, set the value explicitly to 0. - type: string - remediationTemplate: - description: "RemediationTemplate is a reference to a remediation - template provided by an infrastructure provider. \n This field is - completely optional, when filled, the MachineHealthCheck controller - creates a new object from the template referenced and hands off - remediation of the machine to a controller that lives outside of - Cluster API." - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - selector: - description: Label selector to match machines whose health will be - exercised - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. + spec: + description: 'Specification of the desired behavior of the machine. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' properties: - key: - description: key is the label key that the selector applies - to. + bootstrap: + description: Bootstrap is a reference to a local struct which encapsulates fields to configure the Machine’s bootstrapping mechanism. + properties: + configRef: + description: ConfigRef is a reference to a bootstrap provider-specific resource that holds configuration details. The reference is optional to allow users/operators to specify Bootstrap.DataSecretName without the need of a controller. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + dataSecretName: + description: DataSecretName is the name of the secret that stores the bootstrap data script. If nil, the Machine should remain in the Pending state. + type: string + type: object + clusterName: + description: ClusterName is the name of the Cluster this object belongs to. + minLength: 1 type: string - operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. + failureDomain: + description: FailureDomain is the failure domain the machine will be created in. Must match a key in the FailureDomains map stored on the cluster object. + type: string + infrastructureRef: + description: InfrastructureRef is a required reference to a custom resource offered by an infrastructure provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + nodeDeletionTimeout: + description: NodeDeletionTimeout defines how long the controller will attempt to delete the Node that the Machine hosts after the Machine is marked for deletion. A duration of 0 will retry deletion indefinitely. Defaults to 10 seconds. + type: string + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. The default value is 0, meaning that the node can be drained without any time limitations. NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`' + type: string + nodeVolumeDetachTimeout: + description: NodeVolumeDetachTimeout is the total amount of time that the controller will spend on waiting for all volumes to be detached. The default value is 0, meaning that the volumes can be detached without any time limitations. + type: string + providerID: + description: ProviderID is the identification ID of the machine provided by the provider. This field must match the provider ID as seen on the node object corresponding to this machine. This field is required by higher level consumers of cluster-api. Example use case is cluster autoscaler with cluster-api as provider. Clean-up logic in the autoscaler compares machines to nodes to find out machines at provider which could not get registered as Kubernetes nodes. With cluster-api as a generic out-of-tree provider for autoscaler, this field is required by autoscaler to be able to have a provider view of the list of machines. Another list of nodes is queried from the k8s apiserver and then a comparison is done to find out unregistered machines and are marked for delete. This field will be set by the actuators and consumed by higher level entities like autoscaler that will be interfacing with cluster-api as generic provider. + type: string + version: + description: Version defines the desired Kubernetes version. This field is meant to be optionally used by bootstrap providers. type: string - values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array required: - - key - - operator + - bootstrap + - clusterName + - infrastructureRef type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - unhealthyConditions: - description: UnhealthyConditions contains a list of the conditions - that determine whether a node is considered unhealthy. The conditions - are combined in a logical OR, i.e. if any of the conditions is met, - the node is unhealthy. - items: - description: UnhealthyCondition represents a Node condition type - and value with a timeout specified as a duration. When the named - condition has been in the given status for at least the timeout - value, a node is considered unhealthy. - properties: - status: - minLength: 1 - type: string - timeout: - type: string - type: - minLength: 1 - type: string - required: - - status - - timeout - - type - type: object - minItems: 1 - type: array - unhealthyRange: - description: 'Any further remediation is only allowed if the number - of machines selected by "selector" as not healthy is within the - range of "UnhealthyRange". Takes precedence over MaxUnhealthy. Eg. - "[3-5]" - This means that remediation will be allowed only when: - (a) there are at least 3 unhealthy machines (and) (b) there are - at most 5 unhealthy machines' - pattern: ^\[[0-9]+-[0-9]+\]$ - type: string - required: - - clusterName - - selector - - unhealthyConditions - type: object - status: - description: Most recently observed status of MachineHealthCheck resource - properties: - conditions: - description: Conditions defines current service state of the MachineHealthCheck. - items: - description: Condition defines an observation of a Cluster API resource - operational state. - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. - type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. - type: string - required: - - lastTransitionTime - - status - - type type: object - type: array - currentHealthy: - description: total number of healthy machines counted by this machine - health check - format: int32 - minimum: 0 - type: integer - expectedMachines: - description: total number of machines counted by this machine health - check - format: int32 - minimum: 0 - type: integer - observedGeneration: - description: ObservedGeneration is the latest generation observed - by the controller. - format: int64 - type: integer - remediationsAllowed: - description: RemediationsAllowed is the number of further remediations - allowed by this machine health check before maxUnhealthy short circuiting - will be applied - format: int32 - minimum: 0 - type: integer - targets: - description: Targets shows the current list of machines the machine - health check is watching - items: + required: + - clusterName + - template + type: object + status: + description: MachinePoolStatus defines the observed state of MachinePool. + properties: + availableReplicas: + description: The number of available replicas (ready for at least minReadySeconds) for this MachinePool. + format: int32 + type: integer + bootstrapReady: + description: BootstrapReady is the state of the bootstrap provider. + type: boolean + conditions: + description: Conditions define the current service state of the MachinePool. + items: + description: Condition defines an observation of a Cluster API resource operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. + type: string + severity: + description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + failureMessage: + description: FailureMessage indicates that there is a problem reconciling the state, and will be set to a descriptive error message. + type: string + failureReason: + description: FailureReason indicates that there is a problem reconciling the state, and will be set to a token value suitable for programmatic interpretation. + type: string + infrastructureReady: + description: InfrastructureReady is the state of the infrastructure provider. + type: boolean + nodeRefs: + description: NodeRefs will point to the corresponding Nodes if it they exist. + items: + description: "ObjectReference contains enough information to let you inspect or modify the referred object. --- New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular restrictions like, \"must refer only to types A and B\" or \"UID not honored\" or \"name must be restricted\". Those cannot be well described when embedded. 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple and the version of the actual struct is irrelevant. 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. \n Instead of using this type, create a locally provided and used type that is well-focused on your reference. For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 ." + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + type: array + observedGeneration: + description: ObservedGeneration is the latest generation observed by the controller. + format: int64 + type: integer + phase: + description: Phase represents the current phase of cluster actuation. E.g. Pending, Running, Terminating, Failed etc. type: string - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} + readyReplicas: + description: The number of ready replicas for this MachinePool. A machine is considered ready when the node has been created and is "Ready". + format: int32 + type: integer + replicas: + description: Replicas is the most recently observed number of replicas. + format: int32 + type: integer + unavailableReplicas: + description: Total number of unavailable machine instances targeted by this machine pool. This is the total number of machine instances that are still required for the machine pool to have 100% available capacity. They may either be machine instances that are running but not yet available or machine instances that still have not been created. + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + scale: + specReplicasPath: .spec.replicas + statusReplicasPath: .status.replicas + status: {} status: acceptedNames: kind: "" @@ -7542,7 +6132,7 @@ metadata: labels: cluster.x-k8s.io/provider: cluster-api clusterctl.cluster.x-k8s.io: "" - name: machinepools.cluster.x-k8s.io + name: machines.cluster.x-k8s.io spec: conversion: strategy: Webhook @@ -7554,512 +6144,335 @@ spec: namespace: capi-system path: /convert conversionReviewVersions: - - v1 - - v1beta1 + - v1 + - v1beta1 group: cluster.x-k8s.io names: categories: - - cluster-api - kind: MachinePool - listKind: MachinePoolList - plural: machinepools + - cluster-api + kind: Machine + listKind: MachineList + plural: machines shortNames: - - mp - singular: machinepool + - ma + singular: machine scope: Namespaced versions: - - additionalPrinterColumns: - - description: MachinePool replicas count - jsonPath: .status.replicas - name: Replicas - type: string - - description: MachinePool status such as Terminating/Pending/Provisioning/Running/Failed - etc - jsonPath: .status.phase - name: Phase - type: string - - description: Kubernetes version associated with this MachinePool - jsonPath: .spec.template.spec.version - name: Version - type: string - deprecated: true - name: v1alpha3 - schema: - openAPIV3Schema: - description: "MachinePool is the Schema for the machinepools API. \n Deprecated: - This type will be removed in one of the next releases." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: MachinePoolSpec defines the desired state of MachinePool. - properties: - clusterName: - description: ClusterName is the name of the Cluster this object belongs - to. - minLength: 1 - type: string - failureDomains: - description: FailureDomains is the list of failure domains this MachinePool - should be attached to. - items: + - additionalPrinterColumns: + - description: Provider ID + jsonPath: .spec.providerID + name: ProviderID + type: string + - description: Machine status such as Terminating/Pending/Running/Failed etc + jsonPath: .status.phase + name: Phase + type: string + - description: Kubernetes version associated with this Machine + jsonPath: .spec.version + name: Version + type: string + - description: Node name associated with this machine + jsonPath: .status.nodeRef.name + name: NodeName + priority: 1 + type: string + deprecated: true + name: v1alpha3 + schema: + openAPIV3Schema: + description: "Machine is the Schema for the machines API. \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MachineSpec defines the desired state of Machine. + properties: + bootstrap: + description: Bootstrap is a reference to a local struct which encapsulates fields to configure the Machine’s bootstrapping mechanism. + properties: + configRef: + description: ConfigRef is a reference to a bootstrap provider-specific resource that holds configuration details. The reference is optional to allow users/operators to specify Bootstrap.Data without the need of a controller. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + data: + description: "Data contains the bootstrap data, such as cloud-init details scripts. If nil, the Machine should remain in the Pending state. \n Deprecated: Switch to DataSecretName." + type: string + dataSecretName: + description: DataSecretName is the name of the secret that stores the bootstrap data script. If nil, the Machine should remain in the Pending state. + type: string + type: object + clusterName: + description: ClusterName is the name of the Cluster this object belongs to. + minLength: 1 type: string - type: array - minReadySeconds: - description: Minimum number of seconds for which a newly created machine - instances should be ready. Defaults to 0 (machine instance will - be considered available as soon as it is ready) - format: int32 - type: integer - providerIDList: - description: ProviderIDList are the identification IDs of machine - instances provided by the provider. This field must match the provider - IDs as seen on the node objects corresponding to a machine pool's - machine instances. - items: + failureDomain: + description: FailureDomain is the failure domain the machine will be created in. Must match a key in the FailureDomains map stored on the cluster object. type: string - type: array - replicas: - description: Number of desired machines. Defaults to 1. This is a - pointer to distinguish between explicit zero and not specified. - format: int32 - type: integer - strategy: - description: The deployment strategy to use to replace existing machine - instances with new ones. - properties: - rollingUpdate: - description: Rolling update config params. Present only if MachineDeploymentStrategyType - = RollingUpdate. - properties: - maxSurge: - anyOf: - - type: integer - - type: string - description: 'The maximum number of machines that can be scheduled - above the desired number of machines. Value can be an absolute - number (ex: 5) or a percentage of desired machines (ex: - 10%). This can not be 0 if MaxUnavailable is 0. Absolute - number is calculated from percentage by rounding up. Defaults - to 1. Example: when this is set to 30%, the new MachineSet - can be scaled up immediately when the rolling update starts, - such that the total number of old and new machines do not - exceed 130% of desired machines. Once old machines have - been killed, new MachineSet can be scaled up further, ensuring - that total number of machines running at any time during - the update is at most 130% of desired machines.' - x-kubernetes-int-or-string: true - maxUnavailable: - anyOf: - - type: integer - - type: string - description: 'The maximum number of machines that can be unavailable - during the update. Value can be an absolute number (ex: - 5) or a percentage of desired machines (ex: 10%). Absolute - number is calculated from percentage by rounding down. This - can not be 0 if MaxSurge is 0. Defaults to 0. Example: when - this is set to 30%, the old MachineSet can be scaled down - to 70% of desired machines immediately when the rolling - update starts. Once new machines are ready, old MachineSet - can be scaled down further, followed by scaling up the new - MachineSet, ensuring that the total number of machines available - at all times during the update is at least 70% of desired - machines.' - x-kubernetes-int-or-string: true - type: object - type: - description: Type of deployment. Currently the only supported - strategy is "RollingUpdate". Default is RollingUpdate. - type: string - type: object - template: - description: Template describes the machines that will be created. - properties: - metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + infrastructureRef: + description: InfrastructureRef is a required reference to a custom resource offered by an infrastructure provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. The default value is 0, meaning that the node can be drained without any time limitations. NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`' + type: string + providerID: + description: ProviderID is the identification ID of the machine provided by the provider. This field must match the provider ID as seen on the node object corresponding to this machine. This field is required by higher level consumers of cluster-api. Example use case is cluster autoscaler with cluster-api as provider. Clean-up logic in the autoscaler compares machines to nodes to find out machines at provider which could not get registered as Kubernetes nodes. With cluster-api as a generic out-of-tree provider for autoscaler, this field is required by autoscaler to be able to have a provider view of the list of machines. Another list of nodes is queried from the k8s apiserver and then a comparison is done to find out unregistered machines and are marked for delete. This field will be set by the actuators and consumed by higher level entities like autoscaler that will be interfacing with cluster-api as generic provider. + type: string + version: + description: Version defines the desired Kubernetes version. This field is meant to be optionally used by bootstrap providers. + type: string + required: + - bootstrap + - clusterName + - infrastructureRef + type: object + status: + description: MachineStatus defines the observed state of Machine. + properties: + addresses: + description: Addresses is a list of addresses assigned to the machine. This field is copied from the infrastructure provider reference. + items: + description: MachineAddress contains information for the node's address. properties: - annotations: - additionalProperties: - type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - http://kubernetes.io/docs/user-guide/annotations' - type: object - generateName: - description: "GenerateName is an optional prefix, used by - the server, to generate a unique name ONLY IF the Name field - has not been provided. If this field is used, the name returned - to the client will be different than the name passed. This - value will also be combined with a unique suffix. The provided - value has the same validation rules as the Name field, and - may be truncated by the length of the suffix required to - make the value unique on the server. \n If this field is - specified and the generated name exists, the server will - NOT return a 409 - instead, it will either return 201 Created - or 500 with Reason ServerTimeout indicating a unique name - could not be found in the time allotted, and the client - should retry (optionally after the time indicated in the - Retry-After header). \n Applied only if Name is not specified. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency - \n Deprecated: This field has no function and is going to - be removed in a next release." - type: string - labels: - additionalProperties: - type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. May - match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' - type: object - name: - description: "Name must be unique within a namespace. Is required - when creating resources, although some resources may allow - a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence - and configuration definition. Cannot be updated. More info: - http://kubernetes.io/docs/user-guide/identifiers#names \n - Deprecated: This field has no function and is going to be - removed in a next release." + address: + description: The machine address. type: string - namespace: - description: "Namespace defines the space within each name - must be unique. An empty namespace is equivalent to the - \"default\" namespace, but \"default\" is the canonical - representation. Not all objects are required to be scoped - to a namespace - the value of this field for those objects - will be empty. \n Must be a DNS_LABEL. Cannot be updated. - More info: http://kubernetes.io/docs/user-guide/namespaces - \n Deprecated: This field has no function and is going to - be removed in a next release." - type: string - ownerReferences: - description: "List of objects depended by this object. If - ALL objects in the list have been deleted, this object will - be garbage collected. If this object is managed by a controller, - then an entry in this list will point to this controller, - with the controller field set to true. There cannot be more - than one managing controller. \n Deprecated: This field - has no function and is going to be removed in a next release." - items: - description: OwnerReference contains enough information - to let you identify an owning object. An owning object - must be in the same namespace as the dependent, or be - cluster-scoped, so there is no namespace field. - properties: - apiVersion: - description: API version of the referent. - type: string - blockOwnerDeletion: - description: If true, AND if the owner has the "foregroundDeletion" - finalizer, then the owner cannot be deleted from the - key-value store until this reference is removed. See - https://kubernetes.io/docs/concepts/architecture/garbage-collection/#foreground-deletion - for how the garbage collector interacts with this - field and enforces the foreground deletion. Defaults - to false. To set this field, a user needs "delete" - permission of the owner, otherwise 422 (Unprocessable - Entity) will be returned. - type: boolean - controller: - description: If true, this reference points to the managing - controller. - type: boolean - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids' - type: string - required: - - apiVersion - - kind - - name - - uid - type: object - x-kubernetes-map-type: atomic - type: array + type: + description: Machine address type, one of Hostname, ExternalIP or InternalIP. + type: string + required: + - address + - type type: object - spec: - description: 'Specification of the desired behavior of the machine. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + type: array + bootstrapReady: + description: BootstrapReady is the state of the bootstrap provider. + type: boolean + conditions: + description: Conditions defines current service state of the Machine. + items: + description: Condition defines an observation of a Cluster API resource operational state. properties: - bootstrap: - description: Bootstrap is a reference to a local struct which - encapsulates fields to configure the Machine’s bootstrapping - mechanism. - properties: - configRef: - description: ConfigRef is a reference to a bootstrap provider-specific - resource that holds configuration details. The reference - is optional to allow users/operators to specify Bootstrap.Data - without the need of a controller. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object - instead of an entire object, this string should - contain a valid JSON/Go field access statement, - such as desiredState.manifest.containers[2]. For - example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container - that triggered the event) or if no container name - is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only - to have some well-defined way of referencing a part - of an object. TODO: this design is not final and - this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this - reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - data: - description: "Data contains the bootstrap data, such as - cloud-init details scripts. If nil, the Machine should - remain in the Pending state. \n Deprecated: Switch to - DataSecretName." - type: string - dataSecretName: - description: DataSecretName is the name of the secret - that stores the bootstrap data script. If nil, the Machine - should remain in the Pending state. - type: string - type: object - clusterName: - description: ClusterName is the name of the Cluster this object - belongs to. - minLength: 1 + lastTransitionTime: + description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time type: string - failureDomain: - description: FailureDomain is the failure domain the machine - will be created in. Must match a key in the FailureDomains - map stored on the cluster object. + message: + description: A human readable message indicating details about the transition. This field may be empty. type: string - infrastructureRef: - description: InfrastructureRef is a required reference to - a custom resource offered by an infrastructure provider. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that - triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this - pod). This syntax is chosen only to have some well-defined - way of referencing a part of an object. TODO: this design - is not final and this field is subject to change in - the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of time - that the controller will spend on draining a node. The default - value is 0, meaning that the node can be drained without - any time limitations. NOTE: NodeDrainTimeout is different - from `kubectl drain --timeout`' - type: string - providerID: - description: ProviderID is the identification ID of the machine - provided by the provider. This field must match the provider - ID as seen on the node object corresponding to this machine. - This field is required by higher level consumers of cluster-api. - Example use case is cluster autoscaler with cluster-api - as provider. Clean-up logic in the autoscaler compares machines - to nodes to find out machines at provider which could not - get registered as Kubernetes nodes. With cluster-api as - a generic out-of-tree provider for autoscaler, this field - is required by autoscaler to be able to have a provider - view of the list of machines. Another list of nodes is queried - from the k8s apiserver and then a comparison is done to - find out unregistered machines and are marked for delete. - This field will be set by the actuators and consumed by - higher level entities like autoscaler that will be interfacing - with cluster-api as generic provider. - type: string - version: - description: Version defines the desired Kubernetes version. - This field is meant to be optionally used by bootstrap providers. + reason: + description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. + type: string + severity: + description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - - bootstrap - - clusterName - - infrastructureRef + - status + - type type: object - type: object - required: - - clusterName - - template - type: object - status: - description: MachinePoolStatus defines the observed state of MachinePool. - properties: - availableReplicas: - description: The number of available replicas (ready for at least - minReadySeconds) for this MachinePool. - format: int32 - type: integer - bootstrapReady: - description: BootstrapReady is the state of the bootstrap provider. - type: boolean - conditions: - description: Conditions define the current service state of the MachinePool. - items: - description: Condition defines an observation of a Cluster API resource - operational state. + type: array + failureMessage: + description: "FailureMessage will be set in the event that there is a terminal problem reconciling the Machine and will contain a more verbose string suitable for logging and human consumption. \n This field should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the Machine's spec or the configuration of the controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the controller, or the responsible controller itself being critically misconfigured. \n Any transient errors that occur during the reconciliation of Machines can be added as events to the Machine object and/or logged in the controller's output." + type: string + failureReason: + description: "FailureReason will be set in the event that there is a terminal problem reconciling the Machine and will contain a succinct value suitable for machine interpretation. \n This field should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the Machine's spec or the configuration of the controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the controller, or the responsible controller itself being critically misconfigured. \n Any transient errors that occur during the reconciliation of Machines can be added as events to the Machine object and/or logged in the controller's output." + type: string + infrastructureReady: + description: InfrastructureReady is the state of the infrastructure provider. + type: boolean + lastUpdated: + description: LastUpdated identifies when the phase of the Machine last transitioned. + format: date-time + type: string + nodeRef: + description: NodeRef will point to the corresponding Node if it exists. properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string - status: - description: Status of the condition, one of True, False, Unknown. + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + observedGeneration: + description: ObservedGeneration is the latest generation observed by the controller. + format: int64 + type: integer + phase: + description: Phase represents the current phase of machine actuation. E.g. Pending, Running, Terminating, Failed etc. + type: string + version: + description: Version specifies the current version of Kubernetes running on the corresponding Node. This is meant to be a means of bubbling up status from the Node to the Machine. It is entirely optional, but useful for end-user UX if it’s present. + type: string + type: object + type: object + served: false + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Cluster + jsonPath: .spec.clusterName + name: Cluster + type: string + - description: Time duration since creation of Machine + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Provider ID + jsonPath: .spec.providerID + name: ProviderID + type: string + - description: Machine status such as Terminating/Pending/Running/Failed etc + jsonPath: .status.phase + name: Phase + type: string + - description: Kubernetes version associated with this Machine + jsonPath: .spec.version + name: Version + type: string + - description: Node name associated with this machine + jsonPath: .status.nodeRef.name + name: NodeName + priority: 1 + type: string + deprecated: true + name: v1alpha4 + schema: + openAPIV3Schema: + description: "Machine is the Schema for the machines API. \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MachineSpec defines the desired state of Machine. + properties: + bootstrap: + description: Bootstrap is a reference to a local struct which encapsulates fields to configure the Machine’s bootstrapping mechanism. + properties: + configRef: + description: ConfigRef is a reference to a bootstrap provider-specific resource that holds configuration details. The reference is optional to allow users/operators to specify Bootstrap.DataSecretName without the need of a controller. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + dataSecretName: + description: DataSecretName is the name of the secret that stores the bootstrap data script. If nil, the Machine should remain in the Pending state. type: string - required: - - status - - type type: object - type: array - failureMessage: - description: FailureMessage indicates that there is a problem reconciling - the state, and will be set to a descriptive error message. - type: string - failureReason: - description: FailureReason indicates that there is a problem reconciling - the state, and will be set to a token value suitable for programmatic - interpretation. - type: string - infrastructureReady: - description: InfrastructureReady is the state of the infrastructure - provider. - type: boolean - nodeRefs: - description: NodeRefs will point to the corresponding Nodes if it - they exist. - items: - description: "ObjectReference contains enough information to let - you inspect or modify the referred object. --- New uses of this - type are discouraged because of difficulty describing its usage - when embedded in APIs. 1. Ignored fields. It includes many fields - which are not generally honored. For instance, ResourceVersion - and FieldPath are both very rarely valid in actual usage. 2. Invalid - usage help. It is impossible to add specific help for individual - usage. In most embedded usages, there are particular restrictions - like, \"must refer only to types A and B\" or \"UID not honored\" - or \"name must be restricted\". Those cannot be well described - when embedded. 3. Inconsistent validation. Because the usages - are different, the validation rules are different by usage, which - makes it hard for users to predict what will happen. 4. The fields - are both imprecise and overly precise. Kind is not a precise - mapping to a URL. This can produce ambiguity during interpretation - and require a REST mapping. In most cases, the dependency is - on the group,resource tuple and the version of the actual struct - is irrelevant. 5. We cannot easily change it. Because this type - is embedded in many locations, updates to this type will affect - numerous schemas. Don't make new APIs embed an underspecified - API type they do not control. \n Instead of using this type, create - a locally provided and used type that is well-focused on your - reference. For example, ServiceReferences for admission registration: - https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 - ." + clusterName: + description: ClusterName is the name of the Cluster this object belongs to. + minLength: 1 + type: string + failureDomain: + description: FailureDomain is the failure domain the machine will be created in. Must match a key in the FailureDomains map stored on the cluster object. + type: string + infrastructureRef: + description: InfrastructureRef is a required reference to a custom resource offered by an infrastructure provider. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' type: string kind: description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' @@ -8071,405 +6484,144 @@ spec: description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' type: string uid: description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string type: object x-kubernetes-map-type: atomic - type: array - observedGeneration: - description: ObservedGeneration is the latest generation observed - by the controller. - format: int64 - type: integer - phase: - description: Phase represents the current phase of cluster actuation. - E.g. Pending, Running, Terminating, Failed etc. - type: string - readyReplicas: - description: The number of ready replicas for this MachinePool. A - machine is considered ready when the node has been created and is - "Ready". - format: int32 - type: integer - replicas: - description: Replicas is the most recently observed number of replicas. - format: int32 - type: integer - unavailableReplicas: - description: Total number of unavailable machine instances targeted - by this machine pool. This is the total number of machine instances - that are still required for the machine pool to have 100% available - capacity. They may either be machine instances that are running - but not yet available or machine instances that still have not been - created. - format: int32 - type: integer - type: object - type: object - served: false - storage: false - subresources: - scale: - specReplicasPath: .spec.replicas - statusReplicasPath: .status.replicas - status: {} - - additionalPrinterColumns: - - description: Time duration since creation of MachinePool - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - description: MachinePool replicas count - jsonPath: .status.replicas - name: Replicas - type: string - - description: MachinePool status such as Terminating/Pending/Provisioning/Running/Failed - etc - jsonPath: .status.phase - name: Phase - type: string - - description: Kubernetes version associated with this MachinePool - jsonPath: .spec.template.spec.version - name: Version - type: string - deprecated: true - name: v1alpha4 - schema: - openAPIV3Schema: - description: "MachinePool is the Schema for the machinepools API. \n Deprecated: - This type will be removed in one of the next releases." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: MachinePoolSpec defines the desired state of MachinePool. - properties: - clusterName: - description: ClusterName is the name of the Cluster this object belongs - to. - minLength: 1 - type: string - failureDomains: - description: FailureDomains is the list of failure domains this MachinePool - should be attached to. - items: + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. The default value is 0, meaning that the node can be drained without any time limitations. NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`' type: string - type: array - minReadySeconds: - description: Minimum number of seconds for which a newly created machine - instances should be ready. Defaults to 0 (machine instance will - be considered available as soon as it is ready) - format: int32 - type: integer - providerIDList: - description: ProviderIDList are the identification IDs of machine - instances provided by the provider. This field must match the provider - IDs as seen on the node objects corresponding to a machine pool's - machine instances. - items: + providerID: + description: ProviderID is the identification ID of the machine provided by the provider. This field must match the provider ID as seen on the node object corresponding to this machine. This field is required by higher level consumers of cluster-api. Example use case is cluster autoscaler with cluster-api as provider. Clean-up logic in the autoscaler compares machines to nodes to find out machines at provider which could not get registered as Kubernetes nodes. With cluster-api as a generic out-of-tree provider for autoscaler, this field is required by autoscaler to be able to have a provider view of the list of machines. Another list of nodes is queried from the k8s apiserver and then a comparison is done to find out unregistered machines and are marked for delete. This field will be set by the actuators and consumed by higher level entities like autoscaler that will be interfacing with cluster-api as generic provider. type: string - type: array - replicas: - description: Number of desired machines. Defaults to 1. This is a - pointer to distinguish between explicit zero and not specified. - format: int32 - type: integer - template: - description: Template describes the machines that will be created. - properties: - metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + version: + description: Version defines the desired Kubernetes version. This field is meant to be optionally used by bootstrap providers. + type: string + required: + - bootstrap + - clusterName + - infrastructureRef + type: object + status: + description: MachineStatus defines the observed state of Machine. + properties: + addresses: + description: Addresses is a list of addresses assigned to the machine. This field is copied from the infrastructure provider reference. + items: + description: MachineAddress contains information for the node's address. properties: - annotations: - additionalProperties: - type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - http://kubernetes.io/docs/user-guide/annotations' - type: object - labels: - additionalProperties: - type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. May - match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' - type: object + address: + description: The machine address. + type: string + type: + description: Machine address type, one of Hostname, ExternalIP or InternalIP. + type: string + required: + - address + - type type: object - spec: - description: 'Specification of the desired behavior of the machine. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + type: array + bootstrapReady: + description: BootstrapReady is the state of the bootstrap provider. + type: boolean + conditions: + description: Conditions defines current service state of the Machine. + items: + description: Condition defines an observation of a Cluster API resource operational state. properties: - bootstrap: - description: Bootstrap is a reference to a local struct which - encapsulates fields to configure the Machine’s bootstrapping - mechanism. - properties: - configRef: - description: ConfigRef is a reference to a bootstrap provider-specific - resource that holds configuration details. The reference - is optional to allow users/operators to specify Bootstrap.DataSecretName - without the need of a controller. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object - instead of an entire object, this string should - contain a valid JSON/Go field access statement, - such as desiredState.manifest.containers[2]. For - example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container - that triggered the event) or if no container name - is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only - to have some well-defined way of referencing a part - of an object. TODO: this design is not final and - this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this - reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - dataSecretName: - description: DataSecretName is the name of the secret - that stores the bootstrap data script. If nil, the Machine - should remain in the Pending state. - type: string - type: object - clusterName: - description: ClusterName is the name of the Cluster this object - belongs to. - minLength: 1 + lastTransitionTime: + description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time type: string - failureDomain: - description: FailureDomain is the failure domain the machine - will be created in. Must match a key in the FailureDomains - map stored on the cluster object. + message: + description: A human readable message indicating details about the transition. This field may be empty. type: string - infrastructureRef: - description: InfrastructureRef is a required reference to - a custom resource offered by an infrastructure provider. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that - triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this - pod). This syntax is chosen only to have some well-defined - way of referencing a part of an object. TODO: this design - is not final and this field is subject to change in - the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of time - that the controller will spend on draining a node. The default - value is 0, meaning that the node can be drained without - any time limitations. NOTE: NodeDrainTimeout is different - from `kubectl drain --timeout`' - type: string - providerID: - description: ProviderID is the identification ID of the machine - provided by the provider. This field must match the provider - ID as seen on the node object corresponding to this machine. - This field is required by higher level consumers of cluster-api. - Example use case is cluster autoscaler with cluster-api - as provider. Clean-up logic in the autoscaler compares machines - to nodes to find out machines at provider which could not - get registered as Kubernetes nodes. With cluster-api as - a generic out-of-tree provider for autoscaler, this field - is required by autoscaler to be able to have a provider - view of the list of machines. Another list of nodes is queried - from the k8s apiserver and then a comparison is done to - find out unregistered machines and are marked for delete. - This field will be set by the actuators and consumed by - higher level entities like autoscaler that will be interfacing - with cluster-api as generic provider. - type: string - version: - description: Version defines the desired Kubernetes version. - This field is meant to be optionally used by bootstrap providers. + reason: + description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. + type: string + severity: + description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - - bootstrap - - clusterName - - infrastructureRef + - status + - type type: object - type: object - required: - - clusterName - - template - type: object - status: - description: MachinePoolStatus defines the observed state of MachinePool. - properties: - availableReplicas: - description: The number of available replicas (ready for at least - minReadySeconds) for this MachinePool. - format: int32 - type: integer - bootstrapReady: - description: BootstrapReady is the state of the bootstrap provider. - type: boolean - conditions: - description: Conditions define the current service state of the MachinePool. - items: - description: Condition defines an observation of a Cluster API resource - operational state. + type: array + failureMessage: + description: "FailureMessage will be set in the event that there is a terminal problem reconciling the Machine and will contain a more verbose string suitable for logging and human consumption. \n This field should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the Machine's spec or the configuration of the controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the controller, or the responsible controller itself being critically misconfigured. \n Any transient errors that occur during the reconciliation of Machines can be added as events to the Machine object and/or logged in the controller's output." + type: string + failureReason: + description: "FailureReason will be set in the event that there is a terminal problem reconciling the Machine and will contain a succinct value suitable for machine interpretation. \n This field should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the Machine's spec or the configuration of the controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the controller, or the responsible controller itself being critically misconfigured. \n Any transient errors that occur during the reconciliation of Machines can be added as events to the Machine object and/or logged in the controller's output." + type: string + infrastructureReady: + description: InfrastructureReady is the state of the infrastructure provider. + type: boolean + lastUpdated: + description: LastUpdated identifies when the phase of the Machine last transitioned. + format: date-time + type: string + nodeInfo: + description: 'NodeInfo is a set of ids/uuids to uniquely identify the node. More info: https://kubernetes.io/docs/concepts/nodes/node/#info' properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time + architecture: + description: The Architecture reported by the node type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. + bootID: + description: Boot ID reported by the node. type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + containerRuntimeVersion: + description: ContainerRuntime Version reported by the node through runtime remote API (e.g. containerd://1.4.2). type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + kernelVersion: + description: Kernel Version reported by the node from 'uname -r' (e.g. 3.16.0-0.bpo.4-amd64). type: string - status: - description: Status of the condition, one of True, False, Unknown. + kubeProxyVersion: + description: KubeProxy Version reported by the node. type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + kubeletVersion: + description: Kubelet Version reported by the node. + type: string + machineID: + description: 'MachineID reported by the node. For unique machine identification in the cluster this field is preferred. Learn more from man(5) machine-id: http://man7.org/linux/man-pages/man5/machine-id.5.html' + type: string + operatingSystem: + description: The Operating System reported by the node + type: string + osImage: + description: OS Image reported by the node from /etc/os-release (e.g. Debian GNU/Linux 7 (wheezy)). + type: string + systemUUID: + description: SystemUUID reported by the node. For unique machine identification MachineID is preferred. This field is specific to Red Hat hosts https://access.redhat.com/documentation/en-us/red_hat_subscription_management/1/html/rhsm/uuid type: string required: - - status - - type + - architecture + - bootID + - containerRuntimeVersion + - kernelVersion + - kubeProxyVersion + - kubeletVersion + - machineID + - operatingSystem + - osImage + - systemUUID type: object - type: array - failureMessage: - description: FailureMessage indicates that there is a problem reconciling - the state, and will be set to a descriptive error message. - type: string - failureReason: - description: FailureReason indicates that there is a problem reconciling - the state, and will be set to a token value suitable for programmatic - interpretation. - type: string - infrastructureReady: - description: InfrastructureReady is the state of the infrastructure - provider. - type: boolean - nodeRefs: - description: NodeRefs will point to the corresponding Nodes if it - they exist. - items: - description: "ObjectReference contains enough information to let - you inspect or modify the referred object. --- New uses of this - type are discouraged because of difficulty describing its usage - when embedded in APIs. 1. Ignored fields. It includes many fields - which are not generally honored. For instance, ResourceVersion - and FieldPath are both very rarely valid in actual usage. 2. Invalid - usage help. It is impossible to add specific help for individual - usage. In most embedded usages, there are particular restrictions - like, \"must refer only to types A and B\" or \"UID not honored\" - or \"name must be restricted\". Those cannot be well described - when embedded. 3. Inconsistent validation. Because the usages - are different, the validation rules are different by usage, which - makes it hard for users to predict what will happen. 4. The fields - are both imprecise and overly precise. Kind is not a precise - mapping to a URL. This can produce ambiguity during interpretation - and require a REST mapping. In most cases, the dependency is - on the group,resource tuple and the version of the actual struct - is irrelevant. 5. We cannot easily change it. Because this type - is embedded in many locations, updates to this type will affect - numerous schemas. Don't make new APIs embed an underspecified - API type they do not control. \n Instead of using this type, create - a locally provided and used type that is well-focused on your - reference. For example, ServiceReferences for admission registration: - https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 - ." + nodeRef: + description: NodeRef will point to the corresponding Node if it exists. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' type: string kind: description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' @@ -8481,426 +6633,118 @@ spec: description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' type: string uid: description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string type: object x-kubernetes-map-type: atomic - type: array - observedGeneration: - description: ObservedGeneration is the latest generation observed - by the controller. - format: int64 - type: integer - phase: - description: Phase represents the current phase of cluster actuation. - E.g. Pending, Running, Terminating, Failed etc. - type: string - readyReplicas: - description: The number of ready replicas for this MachinePool. A - machine is considered ready when the node has been created and is - "Ready". - format: int32 - type: integer - replicas: - description: Replicas is the most recently observed number of replicas. - format: int32 - type: integer - unavailableReplicas: - description: Total number of unavailable machine instances targeted - by this machine pool. This is the total number of machine instances - that are still required for the machine pool to have 100% available - capacity. They may either be machine instances that are running - but not yet available or machine instances that still have not been - created. - format: int32 - type: integer - type: object - type: object - served: false - storage: false - subresources: - scale: - specReplicasPath: .spec.replicas - statusReplicasPath: .status.replicas - status: {} - - additionalPrinterColumns: - - description: Cluster - jsonPath: .spec.clusterName - name: Cluster - type: string - - description: Total number of machines desired by this MachinePool - jsonPath: .spec.replicas - name: Desired - priority: 10 - type: integer - - description: MachinePool replicas count - jsonPath: .status.replicas - name: Replicas - type: string - - description: MachinePool status such as Terminating/Pending/Provisioning/Running/Failed - etc - jsonPath: .status.phase - name: Phase - type: string - - description: Time duration since creation of MachinePool - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - description: Kubernetes version associated with this MachinePool - jsonPath: .spec.template.spec.version - name: Version - type: string - name: v1beta1 - schema: - openAPIV3Schema: - description: MachinePool is the Schema for the machinepools API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: MachinePoolSpec defines the desired state of MachinePool. - properties: - clusterName: - description: ClusterName is the name of the Cluster this object belongs - to. - minLength: 1 - type: string - failureDomains: - description: FailureDomains is the list of failure domains this MachinePool - should be attached to. - items: + observedGeneration: + description: ObservedGeneration is the latest generation observed by the controller. + format: int64 + type: integer + phase: + description: Phase represents the current phase of machine actuation. E.g. Pending, Running, Terminating, Failed etc. type: string - type: array - minReadySeconds: - description: 'Minimum number of seconds for which a newly created - machine instances should be ready. Defaults to 0 (machine instance - will be considered available as soon as it is ready) NOTE: No logic - is implemented for this field and it currently has no behaviour.' - format: int32 - type: integer - providerIDList: - description: ProviderIDList are the identification IDs of machine - instances provided by the provider. This field must match the provider - IDs as seen on the node objects corresponding to a machine pool's - machine instances. - items: + version: + description: Version specifies the current version of Kubernetes running on the corresponding Node. This is meant to be a means of bubbling up status from the Node to the Machine. It is entirely optional, but useful for end-user UX if it’s present. type: string - type: array - replicas: - description: Number of desired machines. Defaults to 1. This is a - pointer to distinguish between explicit zero and not specified. - format: int32 - type: integer - template: - description: Template describes the machines that will be created. - properties: - metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' - properties: - annotations: - additionalProperties: + type: object + type: object + served: false + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Cluster + jsonPath: .spec.clusterName + name: Cluster + type: string + - description: Node name associated with this machine + jsonPath: .status.nodeRef.name + name: NodeName + type: string + - description: Provider ID + jsonPath: .spec.providerID + name: ProviderID + type: string + - description: Machine status such as Terminating/Pending/Running/Failed etc + jsonPath: .status.phase + name: Phase + type: string + - description: Time duration since creation of Machine + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Kubernetes version associated with this Machine + jsonPath: .spec.version + name: Version + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: Machine is the Schema for the machines API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MachineSpec defines the desired state of Machine. + properties: + bootstrap: + description: Bootstrap is a reference to a local struct which encapsulates fields to configure the Machine’s bootstrapping mechanism. + properties: + configRef: + description: ConfigRef is a reference to a bootstrap provider-specific resource that holds configuration details. The reference is optional to allow users/operators to specify Bootstrap.DataSecretName without the need of a controller. + properties: + apiVersion: + description: API version of the referent. type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - http://kubernetes.io/docs/user-guide/annotations' - type: object - labels: - additionalProperties: + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. May - match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' - type: object - type: object - spec: - description: 'Specification of the desired behavior of the machine. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - properties: - bootstrap: - description: Bootstrap is a reference to a local struct which - encapsulates fields to configure the Machine’s bootstrapping - mechanism. - properties: - configRef: - description: ConfigRef is a reference to a bootstrap provider-specific - resource that holds configuration details. The reference - is optional to allow users/operators to specify Bootstrap.DataSecretName - without the need of a controller. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object - instead of an entire object, this string should - contain a valid JSON/Go field access statement, - such as desiredState.manifest.containers[2]. For - example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container - that triggered the event) or if no container name - is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only - to have some well-defined way of referencing a part - of an object. TODO: this design is not final and - this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this - reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - dataSecretName: - description: DataSecretName is the name of the secret - that stores the bootstrap data script. If nil, the Machine - should remain in the Pending state. - type: string - type: object - clusterName: - description: ClusterName is the name of the Cluster this object - belongs to. - minLength: 1 - type: string - failureDomain: - description: FailureDomain is the failure domain the machine - will be created in. Must match a key in the FailureDomains - map stored on the cluster object. - type: string - infrastructureRef: - description: InfrastructureRef is a required reference to - a custom resource offered by an infrastructure provider. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that - triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this - pod). This syntax is chosen only to have some well-defined - way of referencing a part of an object. TODO: this design - is not final and this field is subject to change in - the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - nodeDeletionTimeout: - description: NodeDeletionTimeout defines how long the controller - will attempt to delete the Node that the Machine hosts after - the Machine is marked for deletion. A duration of 0 will - retry deletion indefinitely. Defaults to 10 seconds. - type: string - nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of time - that the controller will spend on draining a node. The default - value is 0, meaning that the node can be drained without - any time limitations. NOTE: NodeDrainTimeout is different - from `kubectl drain --timeout`' - type: string - nodeVolumeDetachTimeout: - description: NodeVolumeDetachTimeout is the total amount of - time that the controller will spend on waiting for all volumes - to be detached. The default value is 0, meaning that the - volumes can be detached without any time limitations. - type: string - providerID: - description: ProviderID is the identification ID of the machine - provided by the provider. This field must match the provider - ID as seen on the node object corresponding to this machine. - This field is required by higher level consumers of cluster-api. - Example use case is cluster autoscaler with cluster-api - as provider. Clean-up logic in the autoscaler compares machines - to nodes to find out machines at provider which could not - get registered as Kubernetes nodes. With cluster-api as - a generic out-of-tree provider for autoscaler, this field - is required by autoscaler to be able to have a provider - view of the list of machines. Another list of nodes is queried - from the k8s apiserver and then a comparison is done to - find out unregistered machines and are marked for delete. - This field will be set by the actuators and consumed by - higher level entities like autoscaler that will be interfacing - with cluster-api as generic provider. - type: string - version: - description: Version defines the desired Kubernetes version. - This field is meant to be optionally used by bootstrap providers. - type: string - required: - - bootstrap - - clusterName - - infrastructureRef - type: object - type: object - required: - - clusterName - - template - type: object - status: - description: MachinePoolStatus defines the observed state of MachinePool. - properties: - availableReplicas: - description: The number of available replicas (ready for at least - minReadySeconds) for this MachinePool. - format: int32 - type: integer - bootstrapReady: - description: BootstrapReady is the state of the bootstrap provider. - type: boolean - conditions: - description: Conditions define the current service state of the MachinePool. - items: - description: Condition defines an observation of a Cluster API resource - operational state. - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. - type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + dataSecretName: + description: DataSecretName is the name of the secret that stores the bootstrap data script. If nil, the Machine should remain in the Pending state. type: string - required: - - lastTransitionTime - - status - - type type: object - type: array - failureMessage: - description: FailureMessage indicates that there is a problem reconciling - the state, and will be set to a descriptive error message. - type: string - failureReason: - description: FailureReason indicates that there is a problem reconciling - the state, and will be set to a token value suitable for programmatic - interpretation. - type: string - infrastructureReady: - description: InfrastructureReady is the state of the infrastructure - provider. - type: boolean - nodeRefs: - description: NodeRefs will point to the corresponding Nodes if it - they exist. - items: - description: "ObjectReference contains enough information to let - you inspect or modify the referred object. --- New uses of this - type are discouraged because of difficulty describing its usage - when embedded in APIs. 1. Ignored fields. It includes many fields - which are not generally honored. For instance, ResourceVersion - and FieldPath are both very rarely valid in actual usage. 2. Invalid - usage help. It is impossible to add specific help for individual - usage. In most embedded usages, there are particular restrictions - like, \"must refer only to types A and B\" or \"UID not honored\" - or \"name must be restricted\". Those cannot be well described - when embedded. 3. Inconsistent validation. Because the usages - are different, the validation rules are different by usage, which - makes it hard for users to predict what will happen. 4. The fields - are both imprecise and overly precise. Kind is not a precise - mapping to a URL. This can produce ambiguity during interpretation - and require a REST mapping. In most cases, the dependency is - on the group,resource tuple and the version of the actual struct - is irrelevant. 5. We cannot easily change it. Because this type - is embedded in many locations, updates to this type will affect - numerous schemas. Don't make new APIs embed an underspecified - API type they do not control. \n Instead of using this type, create - a locally provided and used type that is well-focused on your - reference. For example, ServiceReferences for admission registration: - https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 - ." + clusterName: + description: ClusterName is the name of the Cluster this object belongs to. + minLength: 1 + type: string + failureDomain: + description: FailureDomain is the failure domain the machine will be created in. Must match a key in the FailureDomains map stored on the cluster object. + type: string + infrastructureRef: + description: InfrastructureRef is a required reference to a custom resource offered by an infrastructure provider. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' type: string kind: description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' @@ -8912,1236 +6756,186 @@ spec: description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' type: string uid: description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string type: object x-kubernetes-map-type: atomic - type: array - observedGeneration: - description: ObservedGeneration is the latest generation observed - by the controller. - format: int64 - type: integer - phase: - description: Phase represents the current phase of cluster actuation. - E.g. Pending, Running, Terminating, Failed etc. - type: string - readyReplicas: - description: The number of ready replicas for this MachinePool. A - machine is considered ready when the node has been created and is - "Ready". - format: int32 - type: integer - replicas: - description: Replicas is the most recently observed number of replicas. - format: int32 - type: integer - unavailableReplicas: - description: Total number of unavailable machine instances targeted - by this machine pool. This is the total number of machine instances - that are still required for the machine pool to have 100% available - capacity. They may either be machine instances that are running - but not yet available or machine instances that still have not been - created. - format: int32 - type: integer - type: object - type: object - served: true - storage: true - subresources: - scale: - specReplicasPath: .spec.replicas - statusReplicasPath: .status.replicas - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - cert-manager.io/inject-ca-from: capi-system/capi-serving-cert - controller-gen.kubebuilder.io/version: v0.13.0 - creationTimestamp: null - labels: - cluster.x-k8s.io/provider: cluster-api - clusterctl.cluster.x-k8s.io: "" - name: machines.cluster.x-k8s.io -spec: - conversion: - strategy: Webhook - webhook: - clientConfig: - caBundle: Cg== - service: - name: capi-webhook-service - namespace: capi-system - path: /convert - conversionReviewVersions: - - v1 - - v1beta1 - group: cluster.x-k8s.io - names: - categories: - - cluster-api - kind: Machine - listKind: MachineList - plural: machines - shortNames: - - ma - singular: machine - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: Provider ID - jsonPath: .spec.providerID - name: ProviderID - type: string - - description: Machine status such as Terminating/Pending/Running/Failed etc - jsonPath: .status.phase - name: Phase - type: string - - description: Kubernetes version associated with this Machine - jsonPath: .spec.version - name: Version - type: string - - description: Node name associated with this machine - jsonPath: .status.nodeRef.name - name: NodeName - priority: 1 - type: string - deprecated: true - name: v1alpha3 - schema: - openAPIV3Schema: - description: "Machine is the Schema for the machines API. \n Deprecated: This - type will be removed in one of the next releases." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: MachineSpec defines the desired state of Machine. - properties: - bootstrap: - description: Bootstrap is a reference to a local struct which encapsulates - fields to configure the Machine’s bootstrapping mechanism. - properties: - configRef: - description: ConfigRef is a reference to a bootstrap provider-specific - resource that holds configuration details. The reference is - optional to allow users/operators to specify Bootstrap.Data - without the need of a controller. + nodeDeletionTimeout: + description: NodeDeletionTimeout defines how long the controller will attempt to delete the Node that the Machine hosts after the Machine is marked for deletion. A duration of 0 will retry deletion indefinitely. Defaults to 10 seconds. + type: string + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. The default value is 0, meaning that the node can be drained without any time limitations. NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`' + type: string + nodeVolumeDetachTimeout: + description: NodeVolumeDetachTimeout is the total amount of time that the controller will spend on waiting for all volumes to be detached. The default value is 0, meaning that the volumes can be detached without any time limitations. + type: string + providerID: + description: ProviderID is the identification ID of the machine provided by the provider. This field must match the provider ID as seen on the node object corresponding to this machine. This field is required by higher level consumers of cluster-api. Example use case is cluster autoscaler with cluster-api as provider. Clean-up logic in the autoscaler compares machines to nodes to find out machines at provider which could not get registered as Kubernetes nodes. With cluster-api as a generic out-of-tree provider for autoscaler, this field is required by autoscaler to be able to have a provider view of the list of machines. Another list of nodes is queried from the k8s apiserver and then a comparison is done to find out unregistered machines and are marked for delete. This field will be set by the actuators and consumed by higher level entities like autoscaler that will be interfacing with cluster-api as generic provider. + type: string + version: + description: Version defines the desired Kubernetes version. This field is meant to be optionally used by bootstrap providers. + type: string + required: + - bootstrap + - clusterName + - infrastructureRef + type: object + status: + description: MachineStatus defines the observed state of Machine. + properties: + addresses: + description: Addresses is a list of addresses assigned to the machine. This field is copied from the infrastructure provider reference. + items: + description: MachineAddress contains information for the node's address. properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part - of an object. TODO: this design is not final and this field - is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + address: + description: The machine address. type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: + description: Machine address type, one of Hostname, ExternalIP, InternalIP, ExternalDNS or InternalDNS. type: string + required: + - address + - type type: object - x-kubernetes-map-type: atomic - data: - description: "Data contains the bootstrap data, such as cloud-init - details scripts. If nil, the Machine should remain in the Pending - state. \n Deprecated: Switch to DataSecretName." - type: string - dataSecretName: - description: DataSecretName is the name of the secret that stores - the bootstrap data script. If nil, the Machine should remain - in the Pending state. - type: string - type: object - clusterName: - description: ClusterName is the name of the Cluster this object belongs - to. - minLength: 1 - type: string - failureDomain: - description: FailureDomain is the failure domain the machine will - be created in. Must match a key in the FailureDomains map stored - on the cluster object. - type: string - infrastructureRef: - description: InfrastructureRef is a required reference to a custom - resource offered by an infrastructure provider. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of time that the - controller will spend on draining a node. The default value is 0, - meaning that the node can be drained without any time limitations. - NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`' - type: string - providerID: - description: ProviderID is the identification ID of the machine provided - by the provider. This field must match the provider ID as seen on - the node object corresponding to this machine. This field is required - by higher level consumers of cluster-api. Example use case is cluster - autoscaler with cluster-api as provider. Clean-up logic in the autoscaler - compares machines to nodes to find out machines at provider which - could not get registered as Kubernetes nodes. With cluster-api as - a generic out-of-tree provider for autoscaler, this field is required - by autoscaler to be able to have a provider view of the list of - machines. Another list of nodes is queried from the k8s apiserver - and then a comparison is done to find out unregistered machines - and are marked for delete. This field will be set by the actuators - and consumed by higher level entities like autoscaler that will - be interfacing with cluster-api as generic provider. - type: string - version: - description: Version defines the desired Kubernetes version. This - field is meant to be optionally used by bootstrap providers. - type: string - required: - - bootstrap - - clusterName - - infrastructureRef - type: object - status: - description: MachineStatus defines the observed state of Machine. - properties: - addresses: - description: Addresses is a list of addresses assigned to the machine. - This field is copied from the infrastructure provider reference. - items: - description: MachineAddress contains information for the node's - address. - properties: - address: - description: The machine address. - type: string - type: - description: Machine address type, one of Hostname, ExternalIP - or InternalIP. - type: string - required: - - address - - type - type: object - type: array - bootstrapReady: - description: BootstrapReady is the state of the bootstrap provider. - type: boolean - conditions: - description: Conditions defines current service state of the Machine. - items: - description: Condition defines an observation of a Cluster API resource - operational state. - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. - type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. - type: string - required: - - status - - type - type: object - type: array - failureMessage: - description: "FailureMessage will be set in the event that there is - a terminal problem reconciling the Machine and will contain a more - verbose string suitable for logging and human consumption. \n This - field should not be set for transitive errors that a controller - faces that are expected to be fixed automatically over time (like - service outages), but instead indicate that something is fundamentally - wrong with the Machine's spec or the configuration of the controller, - and that manual intervention is required. Examples of terminal errors - would be invalid combinations of settings in the spec, values that - are unsupported by the controller, or the responsible controller - itself being critically misconfigured. \n Any transient errors that - occur during the reconciliation of Machines can be added as events - to the Machine object and/or logged in the controller's output." - type: string - failureReason: - description: "FailureReason will be set in the event that there is - a terminal problem reconciling the Machine and will contain a succinct - value suitable for machine interpretation. \n This field should - not be set for transitive errors that a controller faces that are - expected to be fixed automatically over time (like service outages), - but instead indicate that something is fundamentally wrong with - the Machine's spec or the configuration of the controller, and that - manual intervention is required. Examples of terminal errors would - be invalid combinations of settings in the spec, values that are - unsupported by the controller, or the responsible controller itself - being critically misconfigured. \n Any transient errors that occur - during the reconciliation of Machines can be added as events to - the Machine object and/or logged in the controller's output." - type: string - infrastructureReady: - description: InfrastructureReady is the state of the infrastructure - provider. - type: boolean - lastUpdated: - description: LastUpdated identifies when the phase of the Machine - last transitioned. - format: date-time - type: string - nodeRef: - description: NodeRef will point to the corresponding Node if it exists. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - observedGeneration: - description: ObservedGeneration is the latest generation observed - by the controller. - format: int64 - type: integer - phase: - description: Phase represents the current phase of machine actuation. - E.g. Pending, Running, Terminating, Failed etc. - type: string - version: - description: Version specifies the current version of Kubernetes running - on the corresponding Node. This is meant to be a means of bubbling - up status from the Node to the Machine. It is entirely optional, - but useful for end-user UX if it’s present. - type: string - type: object - type: object - served: false - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - description: Cluster - jsonPath: .spec.clusterName - name: Cluster - type: string - - description: Time duration since creation of Machine - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - description: Provider ID - jsonPath: .spec.providerID - name: ProviderID - type: string - - description: Machine status such as Terminating/Pending/Running/Failed etc - jsonPath: .status.phase - name: Phase - type: string - - description: Kubernetes version associated with this Machine - jsonPath: .spec.version - name: Version - type: string - - description: Node name associated with this machine - jsonPath: .status.nodeRef.name - name: NodeName - priority: 1 - type: string - deprecated: true - name: v1alpha4 - schema: - openAPIV3Schema: - description: "Machine is the Schema for the machines API. \n Deprecated: This - type will be removed in one of the next releases." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: MachineSpec defines the desired state of Machine. - properties: - bootstrap: - description: Bootstrap is a reference to a local struct which encapsulates - fields to configure the Machine’s bootstrapping mechanism. - properties: - configRef: - description: ConfigRef is a reference to a bootstrap provider-specific - resource that holds configuration details. The reference is - optional to allow users/operators to specify Bootstrap.DataSecretName - without the need of a controller. + type: array + bootstrapReady: + description: BootstrapReady is the state of the bootstrap provider. + type: boolean + certificatesExpiryDate: + description: CertificatesExpiryDate is the expiry date of the machine certificates. This value is only set for control plane machines. + format: date-time + type: string + conditions: + description: Conditions defines current service state of the Machine. + items: + description: Condition defines an observation of a Cluster API resource operational state. properties: - apiVersion: - description: API version of the referent. + lastTransitionTime: + description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time type: string - fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part - of an object. TODO: this design is not final and this field - is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + message: + description: A human readable message indicating details about the transition. This field may be empty. type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + reason: + description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + severity: + description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + status: + description: Status of the condition, one of True, False, Unknown. type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. type: string + required: + - lastTransitionTime + - status + - type type: object - x-kubernetes-map-type: atomic - dataSecretName: - description: DataSecretName is the name of the secret that stores - the bootstrap data script. If nil, the Machine should remain - in the Pending state. - type: string - type: object - clusterName: - description: ClusterName is the name of the Cluster this object belongs - to. - minLength: 1 - type: string - failureDomain: - description: FailureDomain is the failure domain the machine will - be created in. Must match a key in the FailureDomains map stored - on the cluster object. - type: string - infrastructureRef: - description: InfrastructureRef is a required reference to a custom - resource offered by an infrastructure provider. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of time that the - controller will spend on draining a node. The default value is 0, - meaning that the node can be drained without any time limitations. - NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`' - type: string - providerID: - description: ProviderID is the identification ID of the machine provided - by the provider. This field must match the provider ID as seen on - the node object corresponding to this machine. This field is required - by higher level consumers of cluster-api. Example use case is cluster - autoscaler with cluster-api as provider. Clean-up logic in the autoscaler - compares machines to nodes to find out machines at provider which - could not get registered as Kubernetes nodes. With cluster-api as - a generic out-of-tree provider for autoscaler, this field is required - by autoscaler to be able to have a provider view of the list of - machines. Another list of nodes is queried from the k8s apiserver - and then a comparison is done to find out unregistered machines - and are marked for delete. This field will be set by the actuators - and consumed by higher level entities like autoscaler that will - be interfacing with cluster-api as generic provider. - type: string - version: - description: Version defines the desired Kubernetes version. This - field is meant to be optionally used by bootstrap providers. - type: string - required: - - bootstrap - - clusterName - - infrastructureRef - type: object - status: - description: MachineStatus defines the observed state of Machine. - properties: - addresses: - description: Addresses is a list of addresses assigned to the machine. - This field is copied from the infrastructure provider reference. - items: - description: MachineAddress contains information for the node's - address. + type: array + failureMessage: + description: "FailureMessage will be set in the event that there is a terminal problem reconciling the Machine and will contain a more verbose string suitable for logging and human consumption. \n This field should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the Machine's spec or the configuration of the controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the controller, or the responsible controller itself being critically misconfigured. \n Any transient errors that occur during the reconciliation of Machines can be added as events to the Machine object and/or logged in the controller's output." + type: string + failureReason: + description: "FailureReason will be set in the event that there is a terminal problem reconciling the Machine and will contain a succinct value suitable for machine interpretation. \n This field should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the Machine's spec or the configuration of the controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the controller, or the responsible controller itself being critically misconfigured. \n Any transient errors that occur during the reconciliation of Machines can be added as events to the Machine object and/or logged in the controller's output." + type: string + infrastructureReady: + description: InfrastructureReady is the state of the infrastructure provider. + type: boolean + lastUpdated: + description: LastUpdated identifies when the phase of the Machine last transitioned. + format: date-time + type: string + nodeInfo: + description: 'NodeInfo is a set of ids/uuids to uniquely identify the node. More info: https://kubernetes.io/docs/concepts/nodes/node/#info' properties: - address: - description: The machine address. + architecture: + description: The Architecture reported by the node type: string - type: - description: Machine address type, one of Hostname, ExternalIP - or InternalIP. + bootID: + description: Boot ID reported by the node. type: string - required: - - address - - type - type: object - type: array - bootstrapReady: - description: BootstrapReady is the state of the bootstrap provider. - type: boolean - conditions: - description: Conditions defines current service state of the Machine. - items: - description: Condition defines an observation of a Cluster API resource - operational state. - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time + containerRuntimeVersion: + description: ContainerRuntime Version reported by the node through runtime remote API (e.g. containerd://1.4.2). type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. + kernelVersion: + description: Kernel Version reported by the node from 'uname -r' (e.g. 3.16.0-0.bpo.4-amd64). type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + kubeProxyVersion: + description: KubeProxy Version reported by the node. type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + kubeletVersion: + description: Kubelet Version reported by the node. type: string - status: - description: Status of the condition, one of True, False, Unknown. + machineID: + description: 'MachineID reported by the node. For unique machine identification in the cluster this field is preferred. Learn more from man(5) machine-id: http://man7.org/linux/man-pages/man5/machine-id.5.html' type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + operatingSystem: + description: The Operating System reported by the node type: string - required: - - status - - type - type: object - type: array - failureMessage: - description: "FailureMessage will be set in the event that there is - a terminal problem reconciling the Machine and will contain a more - verbose string suitable for logging and human consumption. \n This - field should not be set for transitive errors that a controller - faces that are expected to be fixed automatically over time (like - service outages), but instead indicate that something is fundamentally - wrong with the Machine's spec or the configuration of the controller, - and that manual intervention is required. Examples of terminal errors - would be invalid combinations of settings in the spec, values that - are unsupported by the controller, or the responsible controller - itself being critically misconfigured. \n Any transient errors that - occur during the reconciliation of Machines can be added as events - to the Machine object and/or logged in the controller's output." - type: string - failureReason: - description: "FailureReason will be set in the event that there is - a terminal problem reconciling the Machine and will contain a succinct - value suitable for machine interpretation. \n This field should - not be set for transitive errors that a controller faces that are - expected to be fixed automatically over time (like service outages), - but instead indicate that something is fundamentally wrong with - the Machine's spec or the configuration of the controller, and that - manual intervention is required. Examples of terminal errors would - be invalid combinations of settings in the spec, values that are - unsupported by the controller, or the responsible controller itself - being critically misconfigured. \n Any transient errors that occur - during the reconciliation of Machines can be added as events to - the Machine object and/or logged in the controller's output." - type: string - infrastructureReady: - description: InfrastructureReady is the state of the infrastructure - provider. - type: boolean - lastUpdated: - description: LastUpdated identifies when the phase of the Machine - last transitioned. - format: date-time - type: string - nodeInfo: - description: 'NodeInfo is a set of ids/uuids to uniquely identify - the node. More info: https://kubernetes.io/docs/concepts/nodes/node/#info' - properties: - architecture: - description: The Architecture reported by the node - type: string - bootID: - description: Boot ID reported by the node. - type: string - containerRuntimeVersion: - description: ContainerRuntime Version reported by the node through - runtime remote API (e.g. containerd://1.4.2). - type: string - kernelVersion: - description: Kernel Version reported by the node from 'uname -r' - (e.g. 3.16.0-0.bpo.4-amd64). - type: string - kubeProxyVersion: - description: KubeProxy Version reported by the node. - type: string - kubeletVersion: - description: Kubelet Version reported by the node. - type: string - machineID: - description: 'MachineID reported by the node. For unique machine - identification in the cluster this field is preferred. Learn - more from man(5) machine-id: http://man7.org/linux/man-pages/man5/machine-id.5.html' - type: string - operatingSystem: - description: The Operating System reported by the node - type: string - osImage: - description: OS Image reported by the node from /etc/os-release - (e.g. Debian GNU/Linux 7 (wheezy)). - type: string - systemUUID: - description: SystemUUID reported by the node. For unique machine - identification MachineID is preferred. This field is specific - to Red Hat hosts https://access.redhat.com/documentation/en-us/red_hat_subscription_management/1/html/rhsm/uuid - type: string - required: - - architecture - - bootID - - containerRuntimeVersion - - kernelVersion - - kubeProxyVersion - - kubeletVersion - - machineID - - operatingSystem - - osImage - - systemUUID - type: object - nodeRef: - description: NodeRef will point to the corresponding Node if it exists. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - observedGeneration: - description: ObservedGeneration is the latest generation observed - by the controller. - format: int64 - type: integer - phase: - description: Phase represents the current phase of machine actuation. - E.g. Pending, Running, Terminating, Failed etc. - type: string - version: - description: Version specifies the current version of Kubernetes running - on the corresponding Node. This is meant to be a means of bubbling - up status from the Node to the Machine. It is entirely optional, - but useful for end-user UX if it’s present. - type: string - type: object - type: object - served: false - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - description: Cluster - jsonPath: .spec.clusterName - name: Cluster - type: string - - description: Node name associated with this machine - jsonPath: .status.nodeRef.name - name: NodeName - type: string - - description: Provider ID - jsonPath: .spec.providerID - name: ProviderID - type: string - - description: Machine status such as Terminating/Pending/Running/Failed etc - jsonPath: .status.phase - name: Phase - type: string - - description: Time duration since creation of Machine - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - description: Kubernetes version associated with this Machine - jsonPath: .spec.version - name: Version - type: string - name: v1beta1 - schema: - openAPIV3Schema: - description: Machine is the Schema for the machines API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: MachineSpec defines the desired state of Machine. - properties: - bootstrap: - description: Bootstrap is a reference to a local struct which encapsulates - fields to configure the Machine’s bootstrapping mechanism. - properties: - configRef: - description: ConfigRef is a reference to a bootstrap provider-specific - resource that holds configuration details. The reference is - optional to allow users/operators to specify Bootstrap.DataSecretName - without the need of a controller. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part - of an object. TODO: this design is not final and this field - is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - dataSecretName: - description: DataSecretName is the name of the secret that stores - the bootstrap data script. If nil, the Machine should remain - in the Pending state. - type: string - type: object - clusterName: - description: ClusterName is the name of the Cluster this object belongs - to. - minLength: 1 - type: string - failureDomain: - description: FailureDomain is the failure domain the machine will - be created in. Must match a key in the FailureDomains map stored - on the cluster object. - type: string - infrastructureRef: - description: InfrastructureRef is a required reference to a custom - resource offered by an infrastructure provider. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - nodeDeletionTimeout: - description: NodeDeletionTimeout defines how long the controller will - attempt to delete the Node that the Machine hosts after the Machine - is marked for deletion. A duration of 0 will retry deletion indefinitely. - Defaults to 10 seconds. - type: string - nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of time that the - controller will spend on draining a node. The default value is 0, - meaning that the node can be drained without any time limitations. - NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`' - type: string - nodeVolumeDetachTimeout: - description: NodeVolumeDetachTimeout is the total amount of time that - the controller will spend on waiting for all volumes to be detached. - The default value is 0, meaning that the volumes can be detached - without any time limitations. - type: string - providerID: - description: ProviderID is the identification ID of the machine provided - by the provider. This field must match the provider ID as seen on - the node object corresponding to this machine. This field is required - by higher level consumers of cluster-api. Example use case is cluster - autoscaler with cluster-api as provider. Clean-up logic in the autoscaler - compares machines to nodes to find out machines at provider which - could not get registered as Kubernetes nodes. With cluster-api as - a generic out-of-tree provider for autoscaler, this field is required - by autoscaler to be able to have a provider view of the list of - machines. Another list of nodes is queried from the k8s apiserver - and then a comparison is done to find out unregistered machines - and are marked for delete. This field will be set by the actuators - and consumed by higher level entities like autoscaler that will - be interfacing with cluster-api as generic provider. - type: string - version: - description: Version defines the desired Kubernetes version. This - field is meant to be optionally used by bootstrap providers. - type: string - required: - - bootstrap - - clusterName - - infrastructureRef - type: object - status: - description: MachineStatus defines the observed state of Machine. - properties: - addresses: - description: Addresses is a list of addresses assigned to the machine. - This field is copied from the infrastructure provider reference. - items: - description: MachineAddress contains information for the node's - address. - properties: - address: - description: The machine address. + osImage: + description: OS Image reported by the node from /etc/os-release (e.g. Debian GNU/Linux 7 (wheezy)). type: string - type: - description: Machine address type, one of Hostname, ExternalIP, - InternalIP, ExternalDNS or InternalDNS. + systemUUID: + description: SystemUUID reported by the node. For unique machine identification MachineID is preferred. This field is specific to Red Hat hosts https://access.redhat.com/documentation/en-us/red_hat_subscription_management/1/html/rhsm/uuid type: string required: - - address - - type + - architecture + - bootID + - containerRuntimeVersion + - kernelVersion + - kubeProxyVersion + - kubeletVersion + - machineID + - operatingSystem + - osImage + - systemUUID type: object - type: array - bootstrapReady: - description: BootstrapReady is the state of the bootstrap provider. - type: boolean - certificatesExpiryDate: - description: CertificatesExpiryDate is the expiry date of the machine - certificates. This value is only set for control plane machines. - format: date-time - type: string - conditions: - description: Conditions defines current service state of the Machine. - items: - description: Condition defines an observation of a Cluster API resource - operational state. + nodeRef: + description: NodeRef will point to the corresponding Node if it exists. properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time + apiVersion: + description: API version of the referent. type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - status: - description: Status of the condition, one of True, False, Unknown. + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string - required: - - lastTransitionTime - - status - - type type: object - type: array - failureMessage: - description: "FailureMessage will be set in the event that there is - a terminal problem reconciling the Machine and will contain a more - verbose string suitable for logging and human consumption. \n This - field should not be set for transitive errors that a controller - faces that are expected to be fixed automatically over time (like - service outages), but instead indicate that something is fundamentally - wrong with the Machine's spec or the configuration of the controller, - and that manual intervention is required. Examples of terminal errors - would be invalid combinations of settings in the spec, values that - are unsupported by the controller, or the responsible controller - itself being critically misconfigured. \n Any transient errors that - occur during the reconciliation of Machines can be added as events - to the Machine object and/or logged in the controller's output." - type: string - failureReason: - description: "FailureReason will be set in the event that there is - a terminal problem reconciling the Machine and will contain a succinct - value suitable for machine interpretation. \n This field should - not be set for transitive errors that a controller faces that are - expected to be fixed automatically over time (like service outages), - but instead indicate that something is fundamentally wrong with - the Machine's spec or the configuration of the controller, and that - manual intervention is required. Examples of terminal errors would - be invalid combinations of settings in the spec, values that are - unsupported by the controller, or the responsible controller itself - being critically misconfigured. \n Any transient errors that occur - during the reconciliation of Machines can be added as events to - the Machine object and/or logged in the controller's output." - type: string - infrastructureReady: - description: InfrastructureReady is the state of the infrastructure - provider. - type: boolean - lastUpdated: - description: LastUpdated identifies when the phase of the Machine - last transitioned. - format: date-time - type: string - nodeInfo: - description: 'NodeInfo is a set of ids/uuids to uniquely identify - the node. More info: https://kubernetes.io/docs/concepts/nodes/node/#info' - properties: - architecture: - description: The Architecture reported by the node - type: string - bootID: - description: Boot ID reported by the node. - type: string - containerRuntimeVersion: - description: ContainerRuntime Version reported by the node through - runtime remote API (e.g. containerd://1.4.2). - type: string - kernelVersion: - description: Kernel Version reported by the node from 'uname -r' - (e.g. 3.16.0-0.bpo.4-amd64). - type: string - kubeProxyVersion: - description: KubeProxy Version reported by the node. - type: string - kubeletVersion: - description: Kubelet Version reported by the node. - type: string - machineID: - description: 'MachineID reported by the node. For unique machine - identification in the cluster this field is preferred. Learn - more from man(5) machine-id: http://man7.org/linux/man-pages/man5/machine-id.5.html' - type: string - operatingSystem: - description: The Operating System reported by the node - type: string - osImage: - description: OS Image reported by the node from /etc/os-release - (e.g. Debian GNU/Linux 7 (wheezy)). - type: string - systemUUID: - description: SystemUUID reported by the node. For unique machine - identification MachineID is preferred. This field is specific - to Red Hat hosts https://access.redhat.com/documentation/en-us/red_hat_subscription_management/1/html/rhsm/uuid - type: string - required: - - architecture - - bootID - - containerRuntimeVersion - - kernelVersion - - kubeProxyVersion - - kubeletVersion - - machineID - - operatingSystem - - osImage - - systemUUID - type: object - nodeRef: - description: NodeRef will point to the corresponding Node if it exists. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - observedGeneration: - description: ObservedGeneration is the latest generation observed - by the controller. - format: int64 - type: integer - phase: - description: Phase represents the current phase of machine actuation. - E.g. Pending, Running, Terminating, Failed etc. - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + x-kubernetes-map-type: atomic + observedGeneration: + description: ObservedGeneration is the latest generation observed by the controller. + format: int64 + type: integer + phase: + description: Phase represents the current phase of machine actuation. E.g. Pending, Running, Terminating, Failed etc. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} status: acceptedNames: kind: "" @@ -10171,1274 +6965,832 @@ spec: namespace: capi-system path: /convert conversionReviewVersions: - - v1 - - v1beta1 + - v1 + - v1beta1 group: cluster.x-k8s.io names: categories: - - cluster-api + - cluster-api kind: MachineSet listKind: MachineSetList plural: machinesets shortNames: - - ms + - ms singular: machineset scope: Namespaced versions: - - additionalPrinterColumns: - - description: Total number of non-terminated machines targeted by this machineset - jsonPath: .status.replicas - name: Replicas - type: integer - - description: Total number of available machines (ready for at least minReadySeconds) - jsonPath: .status.availableReplicas - name: Available - type: integer - - description: Total number of ready machines targeted by this machineset. - jsonPath: .status.readyReplicas - name: Ready - type: integer - deprecated: true - name: v1alpha3 - schema: - openAPIV3Schema: - description: "MachineSet is the Schema for the machinesets API. \n Deprecated: - This type will be removed in one of the next releases." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: MachineSetSpec defines the desired state of MachineSet. - properties: - clusterName: - description: ClusterName is the name of the Cluster this object belongs - to. - minLength: 1 - type: string - deletePolicy: - description: DeletePolicy defines the policy used to identify nodes - to delete when downscaling. Defaults to "Random". Valid values - are "Random, "Newest", "Oldest" - enum: - - Random - - Newest - - Oldest - type: string - minReadySeconds: - description: MinReadySeconds is the minimum number of seconds for - which a newly created machine should be ready. Defaults to 0 (machine - will be considered available as soon as it is ready) - format: int32 - type: integer - replicas: - description: Replicas is the number of desired replicas. This is a - pointer to distinguish between explicit zero and unspecified. Defaults - to 1. - format: int32 - type: integer - selector: - description: 'Selector is a label query over machines that should - match the replica count. Label keys and values that must match in - order to be controlled by this MachineSet. It must match the machine - template''s labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors' - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. + - additionalPrinterColumns: + - description: Total number of non-terminated machines targeted by this machineset + jsonPath: .status.replicas + name: Replicas + type: integer + - description: Total number of available machines (ready for at least minReadySeconds) + jsonPath: .status.availableReplicas + name: Available + type: integer + - description: Total number of ready machines targeted by this machineset. + jsonPath: .status.readyReplicas + name: Ready + type: integer + deprecated: true + name: v1alpha3 + schema: + openAPIV3Schema: + description: "MachineSet is the Schema for the machinesets API. \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MachineSetSpec defines the desired state of MachineSet. + properties: + clusterName: + description: ClusterName is the name of the Cluster this object belongs to. + minLength: 1 + type: string + deletePolicy: + description: DeletePolicy defines the policy used to identify nodes to delete when downscaling. Defaults to "Random". Valid values are "Random, "Newest", "Oldest" + enum: + - Random + - Newest + - Oldest + type: string + minReadySeconds: + description: MinReadySeconds is the minimum number of seconds for which a newly created machine should be ready. Defaults to 0 (machine will be considered available as soon as it is ready) + format: int32 + type: integer + replicas: + description: Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. Defaults to 1. + format: int32 + type: integer + selector: + description: 'Selector is a label query over machines that should match the replica count. Label keys and values that must match in order to be controlled by this MachineSet. It must match the machine template''s labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors' + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + template: + description: Template is the object that describes the machine that will be created if insufficient replicas are detected. Object references to custom resources are treated as templates. + properties: + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' properties: - key: - description: key is the label key that the selector applies - to. + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + generateName: + description: "GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. \n If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). \n Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency \n Deprecated: This field has no function and is going to be removed in a next release." type: string - operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + name: + description: "Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names \n Deprecated: This field has no function and is going to be removed in a next release." type: string - values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic - merge patch. + namespace: + description: "Namespace defines the space within each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty. \n Must be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces \n Deprecated: This field has no function and is going to be removed in a next release." + type: string + ownerReferences: + description: "List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller. \n Deprecated: This field has no function and is going to be removed in a next release." items: - type: string + description: OwnerReference contains enough information to let you identify an owning object. An owning object must be in the same namespace as the dependent, or be cluster-scoped, so there is no namespace field. + properties: + apiVersion: + description: API version of the referent. + type: string + blockOwnerDeletion: + description: If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. See https://kubernetes.io/docs/concepts/architecture/garbage-collection/#foreground-deletion for how the garbage collector interacts with this field and enforces the foreground deletion. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. + type: boolean + controller: + description: If true, this reference points to the managing controller. + type: boolean + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids' + type: string + required: + - apiVersion + - kind + - name + - uid + type: object + x-kubernetes-map-type: atomic type: array - required: - - key - - operator type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - template: - description: Template is the object that describes the machine that - will be created if insufficient replicas are detected. Object references - to custom resources are treated as templates. - properties: - metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' - properties: - annotations: - additionalProperties: + spec: + description: 'Specification of the desired behavior of the machine. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + bootstrap: + description: Bootstrap is a reference to a local struct which encapsulates fields to configure the Machine’s bootstrapping mechanism. + properties: + configRef: + description: ConfigRef is a reference to a bootstrap provider-specific resource that holds configuration details. The reference is optional to allow users/operators to specify Bootstrap.Data without the need of a controller. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + data: + description: "Data contains the bootstrap data, such as cloud-init details scripts. If nil, the Machine should remain in the Pending state. \n Deprecated: Switch to DataSecretName." + type: string + dataSecretName: + description: DataSecretName is the name of the secret that stores the bootstrap data script. If nil, the Machine should remain in the Pending state. + type: string + type: object + clusterName: + description: ClusterName is the name of the Cluster this object belongs to. + minLength: 1 type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - http://kubernetes.io/docs/user-guide/annotations' - type: object - generateName: - description: "GenerateName is an optional prefix, used by - the server, to generate a unique name ONLY IF the Name field - has not been provided. If this field is used, the name returned - to the client will be different than the name passed. This - value will also be combined with a unique suffix. The provided - value has the same validation rules as the Name field, and - may be truncated by the length of the suffix required to - make the value unique on the server. \n If this field is - specified and the generated name exists, the server will - NOT return a 409 - instead, it will either return 201 Created - or 500 with Reason ServerTimeout indicating a unique name - could not be found in the time allotted, and the client - should retry (optionally after the time indicated in the - Retry-After header). \n Applied only if Name is not specified. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency - \n Deprecated: This field has no function and is going to - be removed in a next release." - type: string - labels: - additionalProperties: + failureDomain: + description: FailureDomain is the failure domain the machine will be created in. Must match a key in the FailureDomains map stored on the cluster object. type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. May - match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' - type: object - name: - description: "Name must be unique within a namespace. Is required - when creating resources, although some resources may allow - a client to request the generation of an appropriate name - automatically. Name is primarily intended for creation idempotence - and configuration definition. Cannot be updated. More info: - http://kubernetes.io/docs/user-guide/identifiers#names \n - Deprecated: This field has no function and is going to be - removed in a next release." - type: string - namespace: - description: "Namespace defines the space within each name - must be unique. An empty namespace is equivalent to the - \"default\" namespace, but \"default\" is the canonical - representation. Not all objects are required to be scoped - to a namespace - the value of this field for those objects - will be empty. \n Must be a DNS_LABEL. Cannot be updated. - More info: http://kubernetes.io/docs/user-guide/namespaces - \n Deprecated: This field has no function and is going to - be removed in a next release." - type: string - ownerReferences: - description: "List of objects depended by this object. If - ALL objects in the list have been deleted, this object will - be garbage collected. If this object is managed by a controller, - then an entry in this list will point to this controller, - with the controller field set to true. There cannot be more - than one managing controller. \n Deprecated: This field - has no function and is going to be removed in a next release." - items: - description: OwnerReference contains enough information - to let you identify an owning object. An owning object - must be in the same namespace as the dependent, or be - cluster-scoped, so there is no namespace field. + infrastructureRef: + description: InfrastructureRef is a required reference to a custom resource offered by an infrastructure provider. properties: apiVersion: description: API version of the referent. type: string - blockOwnerDeletion: - description: If true, AND if the owner has the "foregroundDeletion" - finalizer, then the owner cannot be deleted from the - key-value store until this reference is removed. See - https://kubernetes.io/docs/concepts/architecture/garbage-collection/#foreground-deletion - for how the garbage collector interacts with this - field and enforces the foreground deletion. Defaults - to false. To set this field, a user needs "delete" - permission of the owner, otherwise 422 (Unprocessable - Entity) will be returned. - type: boolean - controller: - description: If true, this reference points to the managing - controller. - type: boolean + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string kind: description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#names' + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names#uids' + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string - required: - - apiVersion - - kind - - name - - uid type: object x-kubernetes-map-type: atomic - type: array - type: object - spec: - description: 'Specification of the desired behavior of the machine. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - properties: - bootstrap: - description: Bootstrap is a reference to a local struct which - encapsulates fields to configure the Machine’s bootstrapping - mechanism. + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. The default value is 0, meaning that the node can be drained without any time limitations. NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`' + type: string + providerID: + description: ProviderID is the identification ID of the machine provided by the provider. This field must match the provider ID as seen on the node object corresponding to this machine. This field is required by higher level consumers of cluster-api. Example use case is cluster autoscaler with cluster-api as provider. Clean-up logic in the autoscaler compares machines to nodes to find out machines at provider which could not get registered as Kubernetes nodes. With cluster-api as a generic out-of-tree provider for autoscaler, this field is required by autoscaler to be able to have a provider view of the list of machines. Another list of nodes is queried from the k8s apiserver and then a comparison is done to find out unregistered machines and are marked for delete. This field will be set by the actuators and consumed by higher level entities like autoscaler that will be interfacing with cluster-api as generic provider. + type: string + version: + description: Version defines the desired Kubernetes version. This field is meant to be optionally used by bootstrap providers. + type: string + required: + - bootstrap + - clusterName + - infrastructureRef + type: object + type: object + required: + - clusterName + - selector + type: object + status: + description: MachineSetStatus defines the observed state of MachineSet. + properties: + availableReplicas: + description: The number of available replicas (ready for at least minReadySeconds) for this MachineSet. + format: int32 + type: integer + failureMessage: + type: string + failureReason: + description: "In the event that there is a terminal problem reconciling the replicas, both FailureReason and FailureMessage will be set. FailureReason will be populated with a succinct value suitable for machine interpretation, while FailureMessage will contain a more verbose string suitable for logging and human consumption. \n These fields should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the MachineTemplate's spec or the configuration of the machine controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the machine controller, or the responsible machine controller itself being critically misconfigured. \n Any transient errors that occur during the reconciliation of Machines can be added as events to the MachineSet object and/or logged in the controller's output." + type: string + fullyLabeledReplicas: + description: The number of replicas that have labels matching the labels of the machine template of the MachineSet. + format: int32 + type: integer + observedGeneration: + description: ObservedGeneration reflects the generation of the most recently observed MachineSet. + format: int64 + type: integer + readyReplicas: + description: The number of ready replicas for this MachineSet. A machine is considered ready when the node has been created and is "Ready". + format: int32 + type: integer + replicas: + description: Replicas is the most recently observed number of replicas. + format: int32 + type: integer + selector: + description: 'Selector is the same as the label selector but in the string format to avoid introspection by clients. The string will be in the same format as the query-param syntax. More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors' + type: string + type: object + type: object + served: false + storage: false + subresources: + scale: + labelSelectorPath: .status.selector + specReplicasPath: .spec.replicas + statusReplicasPath: .status.replicas + status: {} + - additionalPrinterColumns: + - description: Cluster + jsonPath: .spec.clusterName + name: Cluster + type: string + - description: Time duration since creation of MachineSet + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Total number of non-terminated machines targeted by this machineset + jsonPath: .status.replicas + name: Replicas + type: integer + - description: Total number of available machines (ready for at least minReadySeconds) + jsonPath: .status.availableReplicas + name: Available + type: integer + - description: Total number of ready machines targeted by this machineset. + jsonPath: .status.readyReplicas + name: Ready + type: integer + deprecated: true + name: v1alpha4 + schema: + openAPIV3Schema: + description: "MachineSet is the Schema for the machinesets API. \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MachineSetSpec defines the desired state of MachineSet. + properties: + clusterName: + description: ClusterName is the name of the Cluster this object belongs to. + minLength: 1 + type: string + deletePolicy: + description: DeletePolicy defines the policy used to identify nodes to delete when downscaling. Defaults to "Random". Valid values are "Random, "Newest", "Oldest" + enum: + - Random + - Newest + - Oldest + type: string + minReadySeconds: + description: MinReadySeconds is the minimum number of seconds for which a newly created machine should be ready. Defaults to 0 (machine will be considered available as soon as it is ready) + format: int32 + type: integer + replicas: + default: 1 + description: Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. Defaults to 1. + format: int32 + type: integer + selector: + description: 'Selector is a label query over machines that should match the replica count. Label keys and values that must match in order to be controlled by this MachineSet. It must match the machine template''s labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors' + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: - configRef: - description: ConfigRef is a reference to a bootstrap provider-specific - resource that holds configuration details. The reference - is optional to allow users/operators to specify Bootstrap.Data - without the need of a controller. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object - instead of an entire object, this string should - contain a valid JSON/Go field access statement, - such as desiredState.manifest.containers[2]. For - example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container - that triggered the event) or if no container name - is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only - to have some well-defined way of referencing a part - of an object. TODO: this design is not final and - this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this - reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - data: - description: "Data contains the bootstrap data, such as - cloud-init details scripts. If nil, the Machine should - remain in the Pending state. \n Deprecated: Switch to - DataSecretName." + key: + description: key is the label key that the selector applies to. type: string - dataSecretName: - description: DataSecretName is the name of the secret - that stores the bootstrap data script. If nil, the Machine - should remain in the Pending state. + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator type: object - clusterName: - description: ClusterName is the name of the Cluster this object - belongs to. - minLength: 1 - type: string - failureDomain: - description: FailureDomain is the failure domain the machine - will be created in. Must match a key in the FailureDomains - map stored on the cluster object. + type: array + matchLabels: + additionalProperties: type: string - infrastructureRef: - description: InfrastructureRef is a required reference to - a custom resource offered by an infrastructure provider. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that - triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this - pod). This syntax is chosen only to have some well-defined - way of referencing a part of an object. TODO: this design - is not final and this field is subject to change in - the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + template: + description: Template is the object that describes the machine that will be created if insufficient replicas are detected. Object references to custom resources are treated as templates. + properties: + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + properties: + annotations: + additionalProperties: type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: type: string - type: object - x-kubernetes-map-type: atomic - nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of time - that the controller will spend on draining a node. The default - value is 0, meaning that the node can be drained without - any time limitations. NOTE: NodeDrainTimeout is different - from `kubectl drain --timeout`' - type: string - providerID: - description: ProviderID is the identification ID of the machine - provided by the provider. This field must match the provider - ID as seen on the node object corresponding to this machine. - This field is required by higher level consumers of cluster-api. - Example use case is cluster autoscaler with cluster-api - as provider. Clean-up logic in the autoscaler compares machines - to nodes to find out machines at provider which could not - get registered as Kubernetes nodes. With cluster-api as - a generic out-of-tree provider for autoscaler, this field - is required by autoscaler to be able to have a provider - view of the list of machines. Another list of nodes is queried - from the k8s apiserver and then a comparison is done to - find out unregistered machines and are marked for delete. - This field will be set by the actuators and consumed by - higher level entities like autoscaler that will be interfacing - with cluster-api as generic provider. - type: string - version: - description: Version defines the desired Kubernetes version. - This field is meant to be optionally used by bootstrap providers. - type: string - required: - - bootstrap - - clusterName - - infrastructureRef - type: object - type: object - required: - - clusterName - - selector - type: object - status: - description: MachineSetStatus defines the observed state of MachineSet. - properties: - availableReplicas: - description: The number of available replicas (ready for at least - minReadySeconds) for this MachineSet. - format: int32 - type: integer - failureMessage: - type: string - failureReason: - description: "In the event that there is a terminal problem reconciling - the replicas, both FailureReason and FailureMessage will be set. - FailureReason will be populated with a succinct value suitable for - machine interpretation, while FailureMessage will contain a more - verbose string suitable for logging and human consumption. \n These - fields should not be set for transitive errors that a controller - faces that are expected to be fixed automatically over time (like - service outages), but instead indicate that something is fundamentally - wrong with the MachineTemplate's spec or the configuration of the - machine controller, and that manual intervention is required. Examples - of terminal errors would be invalid combinations of settings in - the spec, values that are unsupported by the machine controller, - or the responsible machine controller itself being critically misconfigured. - \n Any transient errors that occur during the reconciliation of - Machines can be added as events to the MachineSet object and/or - logged in the controller's output." - type: string - fullyLabeledReplicas: - description: The number of replicas that have labels matching the - labels of the machine template of the MachineSet. - format: int32 - type: integer - observedGeneration: - description: ObservedGeneration reflects the generation of the most - recently observed MachineSet. - format: int64 - type: integer - readyReplicas: - description: The number of ready replicas for this MachineSet. A machine - is considered ready when the node has been created and is "Ready". - format: int32 - type: integer - replicas: - description: Replicas is the most recently observed number of replicas. - format: int32 - type: integer - selector: - description: 'Selector is the same as the label selector but in the - string format to avoid introspection by clients. The string will - be in the same format as the query-param syntax. More info about - label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors' - type: string - type: object - type: object - served: false - storage: false - subresources: - scale: - labelSelectorPath: .status.selector - specReplicasPath: .spec.replicas - statusReplicasPath: .status.replicas - status: {} - - additionalPrinterColumns: - - description: Cluster - jsonPath: .spec.clusterName - name: Cluster - type: string - - description: Time duration since creation of MachineSet - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - description: Total number of non-terminated machines targeted by this machineset - jsonPath: .status.replicas - name: Replicas - type: integer - - description: Total number of available machines (ready for at least minReadySeconds) - jsonPath: .status.availableReplicas - name: Available - type: integer - - description: Total number of ready machines targeted by this machineset. - jsonPath: .status.readyReplicas - name: Ready - type: integer - deprecated: true - name: v1alpha4 - schema: - openAPIV3Schema: - description: "MachineSet is the Schema for the machinesets API. \n Deprecated: - This type will be removed in one of the next releases." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: MachineSetSpec defines the desired state of MachineSet. - properties: - clusterName: - description: ClusterName is the name of the Cluster this object belongs - to. - minLength: 1 - type: string - deletePolicy: - description: DeletePolicy defines the policy used to identify nodes - to delete when downscaling. Defaults to "Random". Valid values - are "Random, "Newest", "Oldest" - enum: - - Random - - Newest - - Oldest - type: string - minReadySeconds: - description: MinReadySeconds is the minimum number of seconds for - which a newly created machine should be ready. Defaults to 0 (machine - will be considered available as soon as it is ready) - format: int32 - type: integer - replicas: - default: 1 - description: Replicas is the number of desired replicas. This is a - pointer to distinguish between explicit zero and unspecified. Defaults - to 1. - format: int32 - type: integer - selector: - description: 'Selector is a label query over machines that should - match the replica count. Label keys and values that must match in - order to be controlled by this MachineSet. It must match the machine - template''s labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors' - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. + description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: 'Specification of the desired behavior of the machine. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' properties: - key: - description: key is the label key that the selector applies - to. + bootstrap: + description: Bootstrap is a reference to a local struct which encapsulates fields to configure the Machine’s bootstrapping mechanism. + properties: + configRef: + description: ConfigRef is a reference to a bootstrap provider-specific resource that holds configuration details. The reference is optional to allow users/operators to specify Bootstrap.DataSecretName without the need of a controller. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + dataSecretName: + description: DataSecretName is the name of the secret that stores the bootstrap data script. If nil, the Machine should remain in the Pending state. + type: string + type: object + clusterName: + description: ClusterName is the name of the Cluster this object belongs to. + minLength: 1 type: string - operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. + failureDomain: + description: FailureDomain is the failure domain the machine will be created in. Must match a key in the FailureDomains map stored on the cluster object. type: string - values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - template: - description: Template is the object that describes the machine that - will be created if insufficient replicas are detected. Object references - to custom resources are treated as templates. - properties: - metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' - properties: - annotations: - additionalProperties: + infrastructureRef: + description: InfrastructureRef is a required reference to a custom resource offered by an infrastructure provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. The default value is 0, meaning that the node can be drained without any time limitations. NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`' type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - http://kubernetes.io/docs/user-guide/annotations' - type: object - labels: - additionalProperties: + providerID: + description: ProviderID is the identification ID of the machine provided by the provider. This field must match the provider ID as seen on the node object corresponding to this machine. This field is required by higher level consumers of cluster-api. Example use case is cluster autoscaler with cluster-api as provider. Clean-up logic in the autoscaler compares machines to nodes to find out machines at provider which could not get registered as Kubernetes nodes. With cluster-api as a generic out-of-tree provider for autoscaler, this field is required by autoscaler to be able to have a provider view of the list of machines. Another list of nodes is queried from the k8s apiserver and then a comparison is done to find out unregistered machines and are marked for delete. This field will be set by the actuators and consumed by higher level entities like autoscaler that will be interfacing with cluster-api as generic provider. type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. May - match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' - type: object - type: object - spec: - description: 'Specification of the desired behavior of the machine. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + version: + description: Version defines the desired Kubernetes version. This field is meant to be optionally used by bootstrap providers. + type: string + required: + - bootstrap + - clusterName + - infrastructureRef + type: object + type: object + required: + - clusterName + - selector + type: object + status: + description: MachineSetStatus defines the observed state of MachineSet. + properties: + availableReplicas: + description: The number of available replicas (ready for at least minReadySeconds) for this MachineSet. + format: int32 + type: integer + conditions: + description: Conditions defines current service state of the MachineSet. + items: + description: Condition defines an observation of a Cluster API resource operational state. properties: - bootstrap: - description: Bootstrap is a reference to a local struct which - encapsulates fields to configure the Machine’s bootstrapping - mechanism. - properties: - configRef: - description: ConfigRef is a reference to a bootstrap provider-specific - resource that holds configuration details. The reference - is optional to allow users/operators to specify Bootstrap.DataSecretName - without the need of a controller. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object - instead of an entire object, this string should - contain a valid JSON/Go field access statement, - such as desiredState.manifest.containers[2]. For - example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container - that triggered the event) or if no container name - is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only - to have some well-defined way of referencing a part - of an object. TODO: this design is not final and - this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this - reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - dataSecretName: - description: DataSecretName is the name of the secret - that stores the bootstrap data script. If nil, the Machine - should remain in the Pending state. - type: string - type: object - clusterName: - description: ClusterName is the name of the Cluster this object - belongs to. - minLength: 1 + lastTransitionTime: + description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about the transition. This field may be empty. type: string - failureDomain: - description: FailureDomain is the failure domain the machine - will be created in. Must match a key in the FailureDomains - map stored on the cluster object. + reason: + description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. type: string - infrastructureRef: - description: InfrastructureRef is a required reference to - a custom resource offered by an infrastructure provider. + severity: + description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. + type: string + required: + - status + - type + type: object + type: array + failureMessage: + type: string + failureReason: + description: "In the event that there is a terminal problem reconciling the replicas, both FailureReason and FailureMessage will be set. FailureReason will be populated with a succinct value suitable for machine interpretation, while FailureMessage will contain a more verbose string suitable for logging and human consumption. \n These fields should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the MachineTemplate's spec or the configuration of the machine controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the machine controller, or the responsible machine controller itself being critically misconfigured. \n Any transient errors that occur during the reconciliation of Machines can be added as events to the MachineSet object and/or logged in the controller's output." + type: string + fullyLabeledReplicas: + description: The number of replicas that have labels matching the labels of the machine template of the MachineSet. + format: int32 + type: integer + observedGeneration: + description: ObservedGeneration reflects the generation of the most recently observed MachineSet. + format: int64 + type: integer + readyReplicas: + description: The number of ready replicas for this MachineSet. A machine is considered ready when the node has been created and is "Ready". + format: int32 + type: integer + replicas: + description: Replicas is the most recently observed number of replicas. + format: int32 + type: integer + selector: + description: 'Selector is the same as the label selector but in the string format to avoid introspection by clients. The string will be in the same format as the query-param syntax. More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors' + type: string + type: object + type: object + served: false + storage: false + subresources: + scale: + labelSelectorPath: .status.selector + specReplicasPath: .spec.replicas + statusReplicasPath: .status.replicas + status: {} + - additionalPrinterColumns: + - description: Cluster + jsonPath: .spec.clusterName + name: Cluster + type: string + - description: Total number of machines desired by this machineset + jsonPath: .spec.replicas + name: Desired + priority: 10 + type: integer + - description: Total number of non-terminated machines targeted by this machineset + jsonPath: .status.replicas + name: Replicas + type: integer + - description: Total number of ready machines targeted by this machineset. + jsonPath: .status.readyReplicas + name: Ready + type: integer + - description: Total number of available machines (ready for at least minReadySeconds) + jsonPath: .status.availableReplicas + name: Available + type: integer + - description: Time duration since creation of MachineSet + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Kubernetes version associated with this MachineSet + jsonPath: .spec.template.spec.version + name: Version + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: MachineSet is the Schema for the machinesets API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MachineSetSpec defines the desired state of MachineSet. + properties: + clusterName: + description: ClusterName is the name of the Cluster this object belongs to. + minLength: 1 + type: string + deletePolicy: + description: DeletePolicy defines the policy used to identify nodes to delete when downscaling. Defaults to "Random". Valid values are "Random, "Newest", "Oldest" + enum: + - Random + - Newest + - Oldest + type: string + minReadySeconds: + description: MinReadySeconds is the minimum number of seconds for which a Node for a newly created machine should be ready before considering the replica available. Defaults to 0 (machine will be considered available as soon as the Node is ready) + format: int32 + type: integer + replicas: + default: 1 + description: Replicas is the number of desired replicas. This is a pointer to distinguish between explicit zero and unspecified. Defaults to 1. + format: int32 + type: integer + selector: + description: 'Selector is a label query over machines that should match the replica count. Label keys and values that must match in order to be controlled by this MachineSet. It must match the machine template''s labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors' + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that - triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this - pod). This syntax is chosen only to have some well-defined - way of referencing a part of an object. TODO: this design - is not final and this field is subject to change in - the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + key: + description: key is the label key that the selector applies to. type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator type: object - x-kubernetes-map-type: atomic - nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of time - that the controller will spend on draining a node. The default - value is 0, meaning that the node can be drained without - any time limitations. NOTE: NodeDrainTimeout is different - from `kubectl drain --timeout`' - type: string - providerID: - description: ProviderID is the identification ID of the machine - provided by the provider. This field must match the provider - ID as seen on the node object corresponding to this machine. - This field is required by higher level consumers of cluster-api. - Example use case is cluster autoscaler with cluster-api - as provider. Clean-up logic in the autoscaler compares machines - to nodes to find out machines at provider which could not - get registered as Kubernetes nodes. With cluster-api as - a generic out-of-tree provider for autoscaler, this field - is required by autoscaler to be able to have a provider - view of the list of machines. Another list of nodes is queried - from the k8s apiserver and then a comparison is done to - find out unregistered machines and are marked for delete. - This field will be set by the actuators and consumed by - higher level entities like autoscaler that will be interfacing - with cluster-api as generic provider. - type: string - version: - description: Version defines the desired Kubernetes version. - This field is meant to be optionally used by bootstrap providers. + type: array + matchLabels: + additionalProperties: type: string - required: - - bootstrap - - clusterName - - infrastructureRef - type: object - type: object - required: - - clusterName - - selector - type: object - status: - description: MachineSetStatus defines the observed state of MachineSet. - properties: - availableReplicas: - description: The number of available replicas (ready for at least - minReadySeconds) for this MachineSet. - format: int32 - type: integer - conditions: - description: Conditions defines current service state of the MachineSet. - items: - description: Condition defines an observation of a Cluster API resource - operational state. - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. - type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. - type: string - required: - - status - - type + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object type: object - type: array - failureMessage: - type: string - failureReason: - description: "In the event that there is a terminal problem reconciling - the replicas, both FailureReason and FailureMessage will be set. - FailureReason will be populated with a succinct value suitable for - machine interpretation, while FailureMessage will contain a more - verbose string suitable for logging and human consumption. \n These - fields should not be set for transitive errors that a controller - faces that are expected to be fixed automatically over time (like - service outages), but instead indicate that something is fundamentally - wrong with the MachineTemplate's spec or the configuration of the - machine controller, and that manual intervention is required. Examples - of terminal errors would be invalid combinations of settings in - the spec, values that are unsupported by the machine controller, - or the responsible machine controller itself being critically misconfigured. - \n Any transient errors that occur during the reconciliation of - Machines can be added as events to the MachineSet object and/or - logged in the controller's output." - type: string - fullyLabeledReplicas: - description: The number of replicas that have labels matching the - labels of the machine template of the MachineSet. - format: int32 - type: integer - observedGeneration: - description: ObservedGeneration reflects the generation of the most - recently observed MachineSet. - format: int64 - type: integer - readyReplicas: - description: The number of ready replicas for this MachineSet. A machine - is considered ready when the node has been created and is "Ready". - format: int32 - type: integer - replicas: - description: Replicas is the most recently observed number of replicas. - format: int32 - type: integer - selector: - description: 'Selector is the same as the label selector but in the - string format to avoid introspection by clients. The string will - be in the same format as the query-param syntax. More info about - label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors' - type: string - type: object - type: object - served: false - storage: false - subresources: - scale: - labelSelectorPath: .status.selector - specReplicasPath: .spec.replicas - statusReplicasPath: .status.replicas - status: {} - - additionalPrinterColumns: - - description: Cluster - jsonPath: .spec.clusterName - name: Cluster - type: string - - description: Total number of machines desired by this machineset - jsonPath: .spec.replicas - name: Desired - priority: 10 - type: integer - - description: Total number of non-terminated machines targeted by this machineset - jsonPath: .status.replicas - name: Replicas - type: integer - - description: Total number of ready machines targeted by this machineset. - jsonPath: .status.readyReplicas - name: Ready - type: integer - - description: Total number of available machines (ready for at least minReadySeconds) - jsonPath: .status.availableReplicas - name: Available - type: integer - - description: Time duration since creation of MachineSet - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - description: Kubernetes version associated with this MachineSet - jsonPath: .spec.template.spec.version - name: Version - type: string - name: v1beta1 - schema: - openAPIV3Schema: - description: MachineSet is the Schema for the machinesets API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: MachineSetSpec defines the desired state of MachineSet. - properties: - clusterName: - description: ClusterName is the name of the Cluster this object belongs - to. - minLength: 1 - type: string - deletePolicy: - description: DeletePolicy defines the policy used to identify nodes - to delete when downscaling. Defaults to "Random". Valid values - are "Random, "Newest", "Oldest" - enum: - - Random - - Newest - - Oldest - type: string - minReadySeconds: - description: MinReadySeconds is the minimum number of seconds for - which a Node for a newly created machine should be ready before - considering the replica available. Defaults to 0 (machine will be - considered available as soon as the Node is ready) - format: int32 - type: integer - replicas: - default: 1 - description: Replicas is the number of desired replicas. This is a - pointer to distinguish between explicit zero and unspecified. Defaults - to 1. - format: int32 - type: integer - selector: - description: 'Selector is a label query over machines that should - match the replica count. Label keys and values that must match in - order to be controlled by this MachineSet. It must match the machine - template''s labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors' - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. + x-kubernetes-map-type: atomic + template: + description: Template is the object that describes the machine that will be created if insufficient replicas are detected. Object references to custom resources are treated as templates. + properties: + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' properties: - key: - description: key is the label key that the selector applies - to. + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: 'Specification of the desired behavior of the machine. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + bootstrap: + description: Bootstrap is a reference to a local struct which encapsulates fields to configure the Machine’s bootstrapping mechanism. + properties: + configRef: + description: ConfigRef is a reference to a bootstrap provider-specific resource that holds configuration details. The reference is optional to allow users/operators to specify Bootstrap.DataSecretName without the need of a controller. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + dataSecretName: + description: DataSecretName is the name of the secret that stores the bootstrap data script. If nil, the Machine should remain in the Pending state. + type: string + type: object + clusterName: + description: ClusterName is the name of the Cluster this object belongs to. + minLength: 1 type: string - operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. + failureDomain: + description: FailureDomain is the failure domain the machine will be created in. Must match a key in the FailureDomains map stored on the cluster object. type: string - values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - template: - description: Template is the object that describes the machine that - will be created if insufficient replicas are detected. Object references - to custom resources are treated as templates. - properties: - metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' - properties: - annotations: - additionalProperties: + infrastructureRef: + description: InfrastructureRef is a required reference to a custom resource offered by an infrastructure provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + nodeDeletionTimeout: + description: NodeDeletionTimeout defines how long the controller will attempt to delete the Node that the Machine hosts after the Machine is marked for deletion. A duration of 0 will retry deletion indefinitely. Defaults to 10 seconds. type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - http://kubernetes.io/docs/user-guide/annotations' - type: object - labels: - additionalProperties: + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. The default value is 0, meaning that the node can be drained without any time limitations. NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`' type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. May - match selectors of replication controllers and services. - More info: http://kubernetes.io/docs/user-guide/labels' - type: object - type: object - spec: - description: 'Specification of the desired behavior of the machine. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + nodeVolumeDetachTimeout: + description: NodeVolumeDetachTimeout is the total amount of time that the controller will spend on waiting for all volumes to be detached. The default value is 0, meaning that the volumes can be detached without any time limitations. + type: string + providerID: + description: ProviderID is the identification ID of the machine provided by the provider. This field must match the provider ID as seen on the node object corresponding to this machine. This field is required by higher level consumers of cluster-api. Example use case is cluster autoscaler with cluster-api as provider. Clean-up logic in the autoscaler compares machines to nodes to find out machines at provider which could not get registered as Kubernetes nodes. With cluster-api as a generic out-of-tree provider for autoscaler, this field is required by autoscaler to be able to have a provider view of the list of machines. Another list of nodes is queried from the k8s apiserver and then a comparison is done to find out unregistered machines and are marked for delete. This field will be set by the actuators and consumed by higher level entities like autoscaler that will be interfacing with cluster-api as generic provider. + type: string + version: + description: Version defines the desired Kubernetes version. This field is meant to be optionally used by bootstrap providers. + type: string + required: + - bootstrap + - clusterName + - infrastructureRef + type: object + type: object + required: + - clusterName + - selector + type: object + status: + description: MachineSetStatus defines the observed state of MachineSet. + properties: + availableReplicas: + description: The number of available replicas (ready for at least minReadySeconds) for this MachineSet. + format: int32 + type: integer + conditions: + description: Conditions defines current service state of the MachineSet. + items: + description: Condition defines an observation of a Cluster API resource operational state. properties: - bootstrap: - description: Bootstrap is a reference to a local struct which - encapsulates fields to configure the Machine’s bootstrapping - mechanism. - properties: - configRef: - description: ConfigRef is a reference to a bootstrap provider-specific - resource that holds configuration details. The reference - is optional to allow users/operators to specify Bootstrap.DataSecretName - without the need of a controller. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object - instead of an entire object, this string should - contain a valid JSON/Go field access statement, - such as desiredState.manifest.containers[2]. For - example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container - that triggered the event) or if no container name - is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only - to have some well-defined way of referencing a part - of an object. TODO: this design is not final and - this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this - reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - dataSecretName: - description: DataSecretName is the name of the secret - that stores the bootstrap data script. If nil, the Machine - should remain in the Pending state. - type: string - type: object - clusterName: - description: ClusterName is the name of the Cluster this object - belongs to. - minLength: 1 + lastTransitionTime: + description: Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time type: string - failureDomain: - description: FailureDomain is the failure domain the machine - will be created in. Must match a key in the FailureDomains - map stored on the cluster object. + message: + description: A human readable message indicating details about the transition. This field may be empty. type: string - infrastructureRef: - description: InfrastructureRef is a required reference to - a custom resource offered by an infrastructure provider. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that - triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this - pod). This syntax is chosen only to have some well-defined - way of referencing a part of an object. TODO: this design - is not final and this field is subject to change in - the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - nodeDeletionTimeout: - description: NodeDeletionTimeout defines how long the controller - will attempt to delete the Node that the Machine hosts after - the Machine is marked for deletion. A duration of 0 will - retry deletion indefinitely. Defaults to 10 seconds. - type: string - nodeDrainTimeout: - description: 'NodeDrainTimeout is the total amount of time - that the controller will spend on draining a node. The default - value is 0, meaning that the node can be drained without - any time limitations. NOTE: NodeDrainTimeout is different - from `kubectl drain --timeout`' - type: string - nodeVolumeDetachTimeout: - description: NodeVolumeDetachTimeout is the total amount of - time that the controller will spend on waiting for all volumes - to be detached. The default value is 0, meaning that the - volumes can be detached without any time limitations. - type: string - providerID: - description: ProviderID is the identification ID of the machine - provided by the provider. This field must match the provider - ID as seen on the node object corresponding to this machine. - This field is required by higher level consumers of cluster-api. - Example use case is cluster autoscaler with cluster-api - as provider. Clean-up logic in the autoscaler compares machines - to nodes to find out machines at provider which could not - get registered as Kubernetes nodes. With cluster-api as - a generic out-of-tree provider for autoscaler, this field - is required by autoscaler to be able to have a provider - view of the list of machines. Another list of nodes is queried - from the k8s apiserver and then a comparison is done to - find out unregistered machines and are marked for delete. - This field will be set by the actuators and consumed by - higher level entities like autoscaler that will be interfacing - with cluster-api as generic provider. - type: string - version: - description: Version defines the desired Kubernetes version. - This field is meant to be optionally used by bootstrap providers. + reason: + description: The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty. + type: string + severity: + description: Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. type: string required: - - bootstrap - - clusterName - - infrastructureRef + - lastTransitionTime + - status + - type type: object - type: object - required: - - clusterName - - selector - type: object - status: - description: MachineSetStatus defines the observed state of MachineSet. - properties: - availableReplicas: - description: The number of available replicas (ready for at least - minReadySeconds) for this MachineSet. - format: int32 - type: integer - conditions: - description: Conditions defines current service state of the MachineSet. - items: - description: Condition defines an observation of a Cluster API resource - operational state. - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. This should be when the underlying condition changed. - If that is not known, then using the time when the API field - changed is acceptable. - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. This field may be empty. - type: string - reason: - description: The reason for the condition's last transition - in CamelCase. The specific API may choose whether or not this - field is considered a guaranteed API. This field may not be - empty. - type: string - severity: - description: Severity provides an explicit classification of - Reason code, so the users or machines can immediately understand - the current situation and act accordingly. The Severity field - MUST be set only when Status=False. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition in CamelCase or in foo.example.com/CamelCase. - Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. - type: string - required: - - lastTransitionTime - - status - - type - type: object - type: array - failureMessage: - type: string - failureReason: - description: "In the event that there is a terminal problem reconciling - the replicas, both FailureReason and FailureMessage will be set. - FailureReason will be populated with a succinct value suitable for - machine interpretation, while FailureMessage will contain a more - verbose string suitable for logging and human consumption. \n These - fields should not be set for transitive errors that a controller - faces that are expected to be fixed automatically over time (like - service outages), but instead indicate that something is fundamentally - wrong with the MachineTemplate's spec or the configuration of the - machine controller, and that manual intervention is required. Examples - of terminal errors would be invalid combinations of settings in - the spec, values that are unsupported by the machine controller, - or the responsible machine controller itself being critically misconfigured. - \n Any transient errors that occur during the reconciliation of - Machines can be added as events to the MachineSet object and/or - logged in the controller's output." - type: string - fullyLabeledReplicas: - description: The number of replicas that have labels matching the - labels of the machine template of the MachineSet. - format: int32 - type: integer - observedGeneration: - description: ObservedGeneration reflects the generation of the most - recently observed MachineSet. - format: int64 - type: integer - readyReplicas: - description: The number of ready replicas for this MachineSet. A machine - is considered ready when the node has been created and is "Ready". - format: int32 - type: integer - replicas: - description: Replicas is the most recently observed number of replicas. - format: int32 - type: integer - selector: - description: 'Selector is the same as the label selector but in the - string format to avoid introspection by clients. The string will - be in the same format as the query-param syntax. More info about - label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors' - type: string - type: object - type: object - served: true - storage: true - subresources: - scale: - labelSelectorPath: .status.selector - specReplicasPath: .spec.replicas - statusReplicasPath: .status.replicas - status: {} + type: array + failureMessage: + type: string + failureReason: + description: "In the event that there is a terminal problem reconciling the replicas, both FailureReason and FailureMessage will be set. FailureReason will be populated with a succinct value suitable for machine interpretation, while FailureMessage will contain a more verbose string suitable for logging and human consumption. \n These fields should not be set for transitive errors that a controller faces that are expected to be fixed automatically over time (like service outages), but instead indicate that something is fundamentally wrong with the MachineTemplate's spec or the configuration of the machine controller, and that manual intervention is required. Examples of terminal errors would be invalid combinations of settings in the spec, values that are unsupported by the machine controller, or the responsible machine controller itself being critically misconfigured. \n Any transient errors that occur during the reconciliation of Machines can be added as events to the MachineSet object and/or logged in the controller's output." + type: string + fullyLabeledReplicas: + description: The number of replicas that have labels matching the labels of the machine template of the MachineSet. + format: int32 + type: integer + observedGeneration: + description: ObservedGeneration reflects the generation of the most recently observed MachineSet. + format: int64 + type: integer + readyReplicas: + description: The number of ready replicas for this MachineSet. A machine is considered ready when the node has been created and is "Ready". + format: int32 + type: integer + replicas: + description: Replicas is the most recently observed number of replicas. + format: int32 + type: integer + selector: + description: 'Selector is the same as the label selector but in the string format to avoid introspection by clients. The string will be in the same format as the query-param syntax. More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors' + type: string + type: object + type: object + served: true + storage: true + subresources: + scale: + labelSelectorPath: .status.selector + specReplicasPath: .spec.replicas + statusReplicasPath: .status.replicas + status: {} status: acceptedNames: kind: "" @@ -11464,29 +7816,29 @@ metadata: name: capi-leader-election-role namespace: capi-system rules: -- apiGroups: - - "" - resources: - - events - verbs: - - create -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete --- aggregationRule: clusterRoleSelectors: - - matchLabels: - cluster.x-k8s.io/aggregate-to-manager: "true" + - matchLabels: + cluster.x-k8s.io/aggregate-to-manager: "true" apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: @@ -11505,345 +7857,345 @@ metadata: clusterctl.cluster.x-k8s.io: "" name: capi-manager-role rules: -- apiGroups: - - "" - resources: - - namespaces - verbs: - - get - - list - - watch -- apiGroups: - - addons.cluster.x-k8s.io - resources: - - '*' - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - addons.cluster.x-k8s.io - resources: - - clusterresourcesets/finalizers - - clusterresourcesets/status - verbs: - - get - - patch - - update -- apiGroups: - - apiextensions.k8s.io - resources: - - customresourcedefinitions - verbs: - - get - - list - - watch -- apiGroups: - - authentication.k8s.io - resources: - - tokenreviews - verbs: - - create -- apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create -- apiGroups: - - bootstrap.cluster.x-k8s.io - - controlplane.cluster.x-k8s.io - - infrastructure.cluster.x-k8s.io - resources: - - '*' - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - bootstrap.cluster.x-k8s.io - - infrastructure.cluster.x-k8s.io - resources: - - '*' - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - cluster.x-k8s.io - resources: - - clusterclasses - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - cluster.x-k8s.io - resources: - - clusterclasses - - clusterclasses/status - verbs: - - get - - list - - patch - - update - - watch -- apiGroups: - - cluster.x-k8s.io - resources: - - clusters - verbs: - - get - - list - - watch -- apiGroups: - - cluster.x-k8s.io - resources: - - clusters - - clusters/finalizers - - clusters/status - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - cluster.x-k8s.io - resources: - - clusters - - clusters/status - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - cluster.x-k8s.io - resources: - - machinedeployments - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - cluster.x-k8s.io - resources: - - machinedeployments - - machinedeployments/finalizers - verbs: - - get - - list - - patch - - update - - watch -- apiGroups: - - cluster.x-k8s.io - resources: - - machinedeployments - - machinedeployments/finalizers - - machinedeployments/status - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - cluster.x-k8s.io - resources: - - machinehealthchecks - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - cluster.x-k8s.io - resources: - - machinehealthchecks - - machinehealthchecks/finalizers - - machinehealthchecks/status - verbs: - - get - - list - - patch - - update - - watch -- apiGroups: - - cluster.x-k8s.io - resources: - - machinepools - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - cluster.x-k8s.io - resources: - - machinepools - - machinepools/finalizers - - machinepools/status - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - cluster.x-k8s.io - resources: - - machines - - machines/finalizers - - machines/status - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - cluster.x-k8s.io - resources: - - machines - - machines/status - verbs: - - delete - - get - - list - - watch -- apiGroups: - - cluster.x-k8s.io - resources: - - machinesets - verbs: - - get - - list - - watch -- apiGroups: - - cluster.x-k8s.io - resources: - - machinesets - - machinesets/finalizers - verbs: - - get - - list - - patch - - update - - watch -- apiGroups: - - cluster.x-k8s.io - resources: - - machinesets - - machinesets/finalizers - - machinesets/status - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - patch - - watch -- apiGroups: - - "" - resources: - - events - verbs: - - create - - get - - list - - patch - - watch -- apiGroups: - - "" - resources: - - nodes - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - "" - resources: - - secrets - verbs: - - create - - delete - - get - - list - - patch - - watch -- apiGroups: - - ipam.cluster.x-k8s.io - resources: - - ipaddressclaims - verbs: - - get - - list - - watch -- apiGroups: - - runtime.cluster.x-k8s.io - resources: - - extensionconfigs - - extensionconfigs/status - verbs: - - get - - list - - patch - - update - - watch + - apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - addons.cluster.x-k8s.io + resources: + - '*' + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - addons.cluster.x-k8s.io + resources: + - clusterresourcesets/finalizers + - clusterresourcesets/status + verbs: + - get + - patch + - update + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - get + - list + - watch + - apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create + - apiGroups: + - bootstrap.cluster.x-k8s.io + - controlplane.cluster.x-k8s.io + - infrastructure.cluster.x-k8s.io + resources: + - '*' + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - bootstrap.cluster.x-k8s.io + - infrastructure.cluster.x-k8s.io + resources: + - '*' + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - cluster.x-k8s.io + resources: + - clusterclasses + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - cluster.x-k8s.io + resources: + - clusterclasses + - clusterclasses/status + verbs: + - get + - list + - patch + - update + - watch + - apiGroups: + - cluster.x-k8s.io + resources: + - clusters + verbs: + - get + - list + - watch + - apiGroups: + - cluster.x-k8s.io + resources: + - clusters + - clusters/finalizers + - clusters/status + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - cluster.x-k8s.io + resources: + - clusters + - clusters/status + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - cluster.x-k8s.io + resources: + - machinedeployments + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - cluster.x-k8s.io + resources: + - machinedeployments + - machinedeployments/finalizers + verbs: + - get + - list + - patch + - update + - watch + - apiGroups: + - cluster.x-k8s.io + resources: + - machinedeployments + - machinedeployments/finalizers + - machinedeployments/status + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - cluster.x-k8s.io + resources: + - machinehealthchecks + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - cluster.x-k8s.io + resources: + - machinehealthchecks + - machinehealthchecks/finalizers + - machinehealthchecks/status + verbs: + - get + - list + - patch + - update + - watch + - apiGroups: + - cluster.x-k8s.io + resources: + - machinepools + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - cluster.x-k8s.io + resources: + - machinepools + - machinepools/finalizers + - machinepools/status + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - cluster.x-k8s.io + resources: + - machines + - machines/finalizers + - machines/status + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - cluster.x-k8s.io + resources: + - machines + - machines/status + verbs: + - delete + - get + - list + - watch + - apiGroups: + - cluster.x-k8s.io + resources: + - machinesets + verbs: + - get + - list + - watch + - apiGroups: + - cluster.x-k8s.io + resources: + - machinesets + - machinesets/finalizers + verbs: + - get + - list + - patch + - update + - watch + - apiGroups: + - cluster.x-k8s.io + resources: + - machinesets + - machinesets/finalizers + - machinesets/status + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - patch + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - create + - get + - list + - patch + - watch + - apiGroups: + - "" + resources: + - nodes + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - patch + - watch + - apiGroups: + - ipam.cluster.x-k8s.io + resources: + - ipaddressclaims + verbs: + - get + - list + - watch + - apiGroups: + - runtime.cluster.x-k8s.io + resources: + - extensionconfigs + - extensionconfigs/status + verbs: + - get + - list + - patch + - update + - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding @@ -11859,9 +8211,9 @@ roleRef: kind: Role name: capi-leader-election-role subjects: -- kind: ServiceAccount - name: capi-manager - namespace: capi-system + - kind: ServiceAccount + name: capi-manager + namespace: capi-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding @@ -11876,9 +8228,9 @@ roleRef: kind: ClusterRole name: capi-aggregated-manager-role subjects: -- kind: ServiceAccount - name: capi-manager - namespace: capi-system + - kind: ServiceAccount + name: capi-manager + namespace: capi-system --- apiVersion: v1 kind: Service @@ -11890,8 +8242,8 @@ metadata: namespace: capi-system spec: ports: - - port: 443 - targetPort: webhook-server + - port: 443 + targetPort: webhook-server selector: cluster.x-k8s.io/provider: cluster-api --- @@ -11920,60 +8272,60 @@ spec: control-plane: controller-manager spec: containers: - - args: - - --leader-elect - - --diagnostics-address=:8443 - - --insecure-diagnostics=false - - --feature-gates=MachinePool=false,ClusterResourceSet=false,ClusterTopology=true,RuntimeSDK=false,MachineSetPreflightChecks=false - command: - - /manager - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_UID - valueFrom: - fieldRef: - fieldPath: metadata.uid - image: registry.k8s.io/cluster-api/cluster-api-controller:v1.6.2 - imagePullPolicy: IfNotPresent - livenessProbe: - httpGet: - path: /healthz - port: healthz - name: manager - ports: - - containerPort: 9443 - name: webhook-server - protocol: TCP - - containerPort: 9440 - name: healthz - protocol: TCP - - containerPort: 8443 - name: metrics - protocol: TCP - readinessProbe: - httpGet: - path: /readyz - port: healthz - resources: {} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - privileged: false - runAsGroup: 65532 - runAsUser: 65532 - volumeMounts: - - mountPath: /tmp/k8s-webhook-server/serving-certs - name: cert - readOnly: true + - args: + - --leader-elect + - --diagnostics-address=:8443 + - --insecure-diagnostics=false + - --feature-gates=MachinePool=false,ClusterResourceSet=false,ClusterTopology=true,RuntimeSDK=false,MachineSetPreflightChecks=false + command: + - /manager + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_UID + valueFrom: + fieldRef: + fieldPath: metadata.uid + image: registry.k8s.io/cluster-api/cluster-api-controller:v1.6.2 + imagePullPolicy: IfNotPresent + livenessProbe: + httpGet: + path: /healthz + port: healthz + name: manager + ports: + - containerPort: 9443 + name: webhook-server + protocol: TCP + - containerPort: 9440 + name: healthz + protocol: TCP + - containerPort: 8443 + name: metrics + protocol: TCP + readinessProbe: + httpGet: + path: /readyz + port: healthz + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + privileged: false + runAsGroup: 65532 + runAsUser: 65532 + volumeMounts: + - mountPath: /tmp/k8s-webhook-server/serving-certs + name: cert + readOnly: true securityContext: runAsNonRoot: true seccompProfile: @@ -11981,14 +8333,14 @@ spec: serviceAccountName: capi-manager terminationGracePeriodSeconds: 10 tolerations: - - effect: NoSchedule - key: node-role.kubernetes.io/master - - effect: NoSchedule - key: node-role.kubernetes.io/control-plane + - effect: NoSchedule + key: node-role.kubernetes.io/master + - effect: NoSchedule + key: node-role.kubernetes.io/control-plane volumes: - - name: cert - secret: - secretName: capi-webhook-service-cert + - name: cert + secret: + secretName: capi-webhook-service-cert status: {} --- apiVersion: cert-manager.io/v1 @@ -12001,15 +8353,15 @@ metadata: namespace: capi-system spec: dnsNames: - - capi-webhook-service.capi-system.svc - - capi-webhook-service.capi-system.svc.cluster.local + - capi-webhook-service.capi-system.svc + - capi-webhook-service.capi-system.svc.cluster.local issuerRef: kind: Issuer name: capi-selfsigned-issuer secretName: capi-webhook-service-cert subject: organizations: - - k8s-sig-cluster-lifecycle + - k8s-sig-cluster-lifecycle --- apiVersion: cert-manager.io/v1 kind: Issuer @@ -12033,204 +8385,204 @@ metadata: clusterctl.cluster.x-k8s.io: "" name: capi-mutating-webhook-configuration webhooks: -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: capi-webhook-service - namespace: capi-system - path: /mutate-cluster-x-k8s-io-v1beta1-cluster - failurePolicy: Fail - matchPolicy: Equivalent - name: default.cluster.cluster.x-k8s.io - rules: - - apiGroups: - - cluster.x-k8s.io - apiVersions: - - v1beta1 - operations: - - CREATE - - UPDATE - resources: - - clusters - sideEffects: None -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: capi-webhook-service - namespace: capi-system - path: /mutate-cluster-x-k8s-io-v1beta1-clusterclass - failurePolicy: Fail - matchPolicy: Equivalent - name: default.clusterclass.cluster.x-k8s.io - rules: - - apiGroups: - - cluster.x-k8s.io - apiVersions: - - v1beta1 - operations: - - CREATE - - UPDATE - resources: - - clusterclasses - sideEffects: None -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: capi-webhook-service - namespace: capi-system - path: /mutate-cluster-x-k8s-io-v1beta1-machine - failurePolicy: Fail - matchPolicy: Equivalent - name: default.machine.cluster.x-k8s.io - rules: - - apiGroups: - - cluster.x-k8s.io - apiVersions: - - v1beta1 - operations: - - CREATE - - UPDATE - resources: - - machines - sideEffects: None -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: capi-webhook-service - namespace: capi-system - path: /mutate-cluster-x-k8s-io-v1beta1-machinedeployment - failurePolicy: Fail - matchPolicy: Equivalent - name: default.machinedeployment.cluster.x-k8s.io - rules: - - apiGroups: - - cluster.x-k8s.io - apiVersions: - - v1beta1 - operations: - - CREATE - - UPDATE - resources: - - machinedeployments - sideEffects: None -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: capi-webhook-service - namespace: capi-system - path: /mutate-cluster-x-k8s-io-v1beta1-machinehealthcheck - failurePolicy: Fail - matchPolicy: Equivalent - name: default.machinehealthcheck.cluster.x-k8s.io - rules: - - apiGroups: - - cluster.x-k8s.io - apiVersions: - - v1beta1 - operations: - - CREATE - - UPDATE - resources: - - machinehealthchecks - sideEffects: None -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: capi-webhook-service - namespace: capi-system - path: /mutate-cluster-x-k8s-io-v1beta1-machineset - failurePolicy: Fail - matchPolicy: Equivalent - name: default.machineset.cluster.x-k8s.io - rules: - - apiGroups: - - cluster.x-k8s.io - apiVersions: - - v1beta1 - operations: - - CREATE - - UPDATE - resources: - - machinesets - sideEffects: None -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: capi-webhook-service - namespace: capi-system - path: /mutate-runtime-cluster-x-k8s-io-v1alpha1-extensionconfig - failurePolicy: Fail - matchPolicy: Equivalent - name: default.extensionconfig.runtime.addons.cluster.x-k8s.io - rules: - - apiGroups: - - runtime.cluster.x-k8s.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - extensionconfigs - sideEffects: None -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: capi-webhook-service - namespace: capi-system - path: /mutate-cluster-x-k8s-io-v1beta1-machinepool - failurePolicy: Fail - matchPolicy: Equivalent - name: default.machinepool.cluster.x-k8s.io - rules: - - apiGroups: - - cluster.x-k8s.io - apiVersions: - - v1beta1 - operations: - - CREATE - - UPDATE - resources: - - machinepools - sideEffects: None -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: capi-webhook-service - namespace: capi-system - path: /mutate-addons-cluster-x-k8s-io-v1beta1-clusterresourceset - failurePolicy: Fail - matchPolicy: Equivalent - name: default.clusterresourceset.addons.cluster.x-k8s.io - rules: - - apiGroups: - - addons.cluster.x-k8s.io - apiVersions: - - v1beta1 - operations: - - CREATE - - UPDATE - resources: - - clusterresourcesets - sideEffects: None + - admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /mutate-cluster-x-k8s-io-v1beta1-cluster + failurePolicy: Fail + matchPolicy: Equivalent + name: default.cluster.cluster.x-k8s.io + rules: + - apiGroups: + - cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - clusters + sideEffects: None + - admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /mutate-cluster-x-k8s-io-v1beta1-clusterclass + failurePolicy: Fail + matchPolicy: Equivalent + name: default.clusterclass.cluster.x-k8s.io + rules: + - apiGroups: + - cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - clusterclasses + sideEffects: None + - admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /mutate-cluster-x-k8s-io-v1beta1-machine + failurePolicy: Fail + matchPolicy: Equivalent + name: default.machine.cluster.x-k8s.io + rules: + - apiGroups: + - cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - machines + sideEffects: None + - admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /mutate-cluster-x-k8s-io-v1beta1-machinedeployment + failurePolicy: Fail + matchPolicy: Equivalent + name: default.machinedeployment.cluster.x-k8s.io + rules: + - apiGroups: + - cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - machinedeployments + sideEffects: None + - admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /mutate-cluster-x-k8s-io-v1beta1-machinehealthcheck + failurePolicy: Fail + matchPolicy: Equivalent + name: default.machinehealthcheck.cluster.x-k8s.io + rules: + - apiGroups: + - cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - machinehealthchecks + sideEffects: None + - admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /mutate-cluster-x-k8s-io-v1beta1-machineset + failurePolicy: Fail + matchPolicy: Equivalent + name: default.machineset.cluster.x-k8s.io + rules: + - apiGroups: + - cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - machinesets + sideEffects: None + - admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /mutate-runtime-cluster-x-k8s-io-v1alpha1-extensionconfig + failurePolicy: Fail + matchPolicy: Equivalent + name: default.extensionconfig.runtime.addons.cluster.x-k8s.io + rules: + - apiGroups: + - runtime.cluster.x-k8s.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - extensionconfigs + sideEffects: None + - admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /mutate-cluster-x-k8s-io-v1beta1-machinepool + failurePolicy: Fail + matchPolicy: Equivalent + name: default.machinepool.cluster.x-k8s.io + rules: + - apiGroups: + - cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - machinepools + sideEffects: None + - admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /mutate-addons-cluster-x-k8s-io-v1beta1-clusterresourceset + failurePolicy: Fail + matchPolicy: Equivalent + name: default.clusterresourceset.addons.cluster.x-k8s.io + rules: + - apiGroups: + - addons.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - clusterresourcesets + sideEffects: None --- apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration @@ -12243,271 +8595,271 @@ metadata: clusterctl.cluster.x-k8s.io: "" name: capi-validating-webhook-configuration webhooks: -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: capi-webhook-service - namespace: capi-system - path: /validate-cluster-x-k8s-io-v1beta1-cluster - failurePolicy: Fail - matchPolicy: Equivalent - name: validation.cluster.cluster.x-k8s.io - rules: - - apiGroups: - - cluster.x-k8s.io - apiVersions: - - v1beta1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - clusters - sideEffects: None -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: capi-webhook-service - namespace: capi-system - path: /validate-cluster-x-k8s-io-v1beta1-clusterclass - failurePolicy: Fail - matchPolicy: Equivalent - name: validation.clusterclass.cluster.x-k8s.io - rules: - - apiGroups: - - cluster.x-k8s.io - apiVersions: - - v1beta1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - clusterclasses - sideEffects: None -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: capi-webhook-service - namespace: capi-system - path: /validate-cluster-x-k8s-io-v1beta1-machine - failurePolicy: Fail - matchPolicy: Equivalent - name: validation.machine.cluster.x-k8s.io - rules: - - apiGroups: - - cluster.x-k8s.io - apiVersions: - - v1beta1 - operations: - - CREATE - - UPDATE - resources: - - machines - sideEffects: None -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: capi-webhook-service - namespace: capi-system - path: /validate-cluster-x-k8s-io-v1beta1-machinedeployment - failurePolicy: Fail - matchPolicy: Equivalent - name: validation.machinedeployment.cluster.x-k8s.io - rules: - - apiGroups: - - cluster.x-k8s.io - apiVersions: - - v1beta1 - operations: - - CREATE - - UPDATE - resources: - - machinedeployments - sideEffects: None -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: capi-webhook-service - namespace: capi-system - path: /validate-cluster-x-k8s-io-v1beta1-machinehealthcheck - failurePolicy: Fail - matchPolicy: Equivalent - name: validation.machinehealthcheck.cluster.x-k8s.io - rules: - - apiGroups: - - cluster.x-k8s.io - apiVersions: - - v1beta1 - operations: - - CREATE - - UPDATE - resources: - - machinehealthchecks - sideEffects: None -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: capi-webhook-service - namespace: capi-system - path: /validate-cluster-x-k8s-io-v1beta1-machineset - failurePolicy: Fail - matchPolicy: Equivalent - name: validation.machineset.cluster.x-k8s.io - rules: - - apiGroups: - - cluster.x-k8s.io - apiVersions: - - v1beta1 - operations: - - CREATE - - UPDATE - resources: - - machinesets - sideEffects: None -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: capi-webhook-service - namespace: capi-system - path: /validate-runtime-cluster-x-k8s-io-v1alpha1-extensionconfig - failurePolicy: Fail - matchPolicy: Equivalent - name: validation.extensionconfig.runtime.cluster.x-k8s.io - rules: - - apiGroups: - - runtime.cluster.x-k8s.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - extensionconfigs - sideEffects: None -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: capi-webhook-service - namespace: capi-system - path: /validate-cluster-x-k8s-io-v1beta1-machinepool - failurePolicy: Fail - matchPolicy: Equivalent - name: validation.machinepool.cluster.x-k8s.io - rules: - - apiGroups: - - cluster.x-k8s.io - apiVersions: - - v1beta1 - operations: - - CREATE - - UPDATE - resources: - - machinepools - sideEffects: None -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: capi-webhook-service - namespace: capi-system - path: /validate-addons-cluster-x-k8s-io-v1beta1-clusterresourceset - failurePolicy: Fail - matchPolicy: Equivalent - name: validation.clusterresourceset.addons.cluster.x-k8s.io - rules: - - apiGroups: - - addons.cluster.x-k8s.io - apiVersions: - - v1beta1 - operations: - - CREATE - - UPDATE - resources: - - clusterresourcesets - sideEffects: None -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: capi-webhook-service - namespace: capi-system - path: /validate-addons-cluster-x-k8s-io-v1beta1-clusterresourcesetbinding - failurePolicy: Fail - matchPolicy: Equivalent - name: validation.clusterresourcesetbinding.addons.cluster.x-k8s.io - rules: - - apiGroups: - - addons.cluster.x-k8s.io - apiVersions: - - v1beta1 - operations: - - CREATE - - UPDATE - resources: - - clusterresourcesetbindings - sideEffects: None -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: capi-webhook-service - namespace: capi-system - path: /validate-ipam-cluster-x-k8s-io-v1beta1-ipaddress - failurePolicy: Fail - matchPolicy: Equivalent - name: validation.ipaddress.ipam.cluster.x-k8s.io - rules: - - apiGroups: - - ipam.cluster.x-k8s.io - apiVersions: - - v1beta1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - ipaddresses - sideEffects: None -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: capi-webhook-service - namespace: capi-system - path: /validate-ipam-cluster-x-k8s-io-v1beta1-ipaddressclaim - failurePolicy: Fail - matchPolicy: Equivalent - name: validation.ipaddressclaim.ipam.cluster.x-k8s.io - rules: - - apiGroups: - - ipam.cluster.x-k8s.io - apiVersions: - - v1beta1 - operations: - - CREATE - - UPDATE - - DELETE - resources: - - ipaddressclaims - sideEffects: None + - admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /validate-cluster-x-k8s-io-v1beta1-cluster + failurePolicy: Fail + matchPolicy: Equivalent + name: validation.cluster.cluster.x-k8s.io + rules: + - apiGroups: + - cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - clusters + sideEffects: None + - admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /validate-cluster-x-k8s-io-v1beta1-clusterclass + failurePolicy: Fail + matchPolicy: Equivalent + name: validation.clusterclass.cluster.x-k8s.io + rules: + - apiGroups: + - cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - clusterclasses + sideEffects: None + - admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /validate-cluster-x-k8s-io-v1beta1-machine + failurePolicy: Fail + matchPolicy: Equivalent + name: validation.machine.cluster.x-k8s.io + rules: + - apiGroups: + - cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - machines + sideEffects: None + - admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /validate-cluster-x-k8s-io-v1beta1-machinedeployment + failurePolicy: Fail + matchPolicy: Equivalent + name: validation.machinedeployment.cluster.x-k8s.io + rules: + - apiGroups: + - cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - machinedeployments + sideEffects: None + - admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /validate-cluster-x-k8s-io-v1beta1-machinehealthcheck + failurePolicy: Fail + matchPolicy: Equivalent + name: validation.machinehealthcheck.cluster.x-k8s.io + rules: + - apiGroups: + - cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - machinehealthchecks + sideEffects: None + - admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /validate-cluster-x-k8s-io-v1beta1-machineset + failurePolicy: Fail + matchPolicy: Equivalent + name: validation.machineset.cluster.x-k8s.io + rules: + - apiGroups: + - cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - machinesets + sideEffects: None + - admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /validate-runtime-cluster-x-k8s-io-v1alpha1-extensionconfig + failurePolicy: Fail + matchPolicy: Equivalent + name: validation.extensionconfig.runtime.cluster.x-k8s.io + rules: + - apiGroups: + - runtime.cluster.x-k8s.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - extensionconfigs + sideEffects: None + - admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /validate-cluster-x-k8s-io-v1beta1-machinepool + failurePolicy: Fail + matchPolicy: Equivalent + name: validation.machinepool.cluster.x-k8s.io + rules: + - apiGroups: + - cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - machinepools + sideEffects: None + - admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /validate-addons-cluster-x-k8s-io-v1beta1-clusterresourceset + failurePolicy: Fail + matchPolicy: Equivalent + name: validation.clusterresourceset.addons.cluster.x-k8s.io + rules: + - apiGroups: + - addons.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - clusterresourcesets + sideEffects: None + - admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /validate-addons-cluster-x-k8s-io-v1beta1-clusterresourcesetbinding + failurePolicy: Fail + matchPolicy: Equivalent + name: validation.clusterresourcesetbinding.addons.cluster.x-k8s.io + rules: + - apiGroups: + - addons.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - clusterresourcesetbindings + sideEffects: None + - admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /validate-ipam-cluster-x-k8s-io-v1beta1-ipaddress + failurePolicy: Fail + matchPolicy: Equivalent + name: validation.ipaddress.ipam.cluster.x-k8s.io + rules: + - apiGroups: + - ipam.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - ipaddresses + sideEffects: None + - admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /validate-ipam-cluster-x-k8s-io-v1beta1-ipaddressclaim + failurePolicy: Fail + matchPolicy: Equivalent + name: validation.ipaddressclaim.ipam.cluster.x-k8s.io + rules: + - apiGroups: + - ipam.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - ipaddressclaims + sideEffects: None diff --git a/infra/capi/kindnet/clusterrole.yaml b/infra/capi/kindnet/clusterrole.yaml index 19cc413..8761ccd 100644 --- a/infra/capi/kindnet/clusterrole.yaml +++ b/infra/capi/kindnet/clusterrole.yaml @@ -12,8 +12,8 @@ rules: - watch - patch - apiGroups: - - "" + - "" resources: - configmaps verbs: - - get \ No newline at end of file + - get diff --git a/infra/capi/kindnet/clusterrolebinding.yaml b/infra/capi/kindnet/clusterrolebinding.yaml index 2877cce..5e5f888 100644 --- a/infra/capi/kindnet/clusterrolebinding.yaml +++ b/infra/capi/kindnet/clusterrolebinding.yaml @@ -7,6 +7,6 @@ roleRef: kind: ClusterRole name: kindnet subjects: -- kind: ServiceAccount - name: kindnet - namespace: kube-system \ No newline at end of file + - kind: ServiceAccount + name: kindnet + namespace: kube-system diff --git a/infra/capi/kindnet/daemonset.yaml b/infra/capi/kindnet/daemonset.yaml index 0693472..5c6d895 100644 --- a/infra/capi/kindnet/daemonset.yaml +++ b/infra/capi/kindnet/daemonset.yaml @@ -20,61 +20,61 @@ spec: spec: hostNetwork: true tolerations: - - operator: Exists - effect: NoSchedule + - operator: Exists + effect: NoSchedule serviceAccountName: kindnet initContainers: - - name: install-cni-bin - image: ghcr.io/aojea/kindnetd:v1.1.0 - command: ['sh', '-c', 'cd /opt/cni/bin; for i in * ; do cat $i > /cni/$i ; chmod +x /cni/$i ; done'] - volumeMounts: - - name: cni-bin - mountPath: /cni + - name: install-cni-bin + image: ghcr.io/aojea/kindnetd:v1.1.0 + command: ['sh', '-c', 'cd /opt/cni/bin; for i in * ; do cat $i > /cni/$i ; chmod +x /cni/$i ; done'] + volumeMounts: + - name: cni-bin + mountPath: /cni containers: - - name: kindnet-cni - image: ghcr.io/aojea/kindnetd:v1.1.0 - env: - - name: HOST_IP - valueFrom: - fieldRef: - fieldPath: status.hostIP - - name: POD_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - volumeMounts: + - name: kindnet-cni + image: ghcr.io/aojea/kindnetd:v1.1.0 + env: + - name: HOST_IP + valueFrom: + fieldRef: + fieldPath: status.hostIP + - name: POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + volumeMounts: + - name: cni-cfg + mountPath: /etc/cni/net.d + - name: xtables-lock + mountPath: /run/xtables.lock + readOnly: false + - name: lib-modules + mountPath: /lib/modules + readOnly: true + resources: + requests: + cpu: "100m" + memory: "50Mi" + limits: + cpu: "100m" + memory: "50Mi" + securityContext: + privileged: false + capabilities: + add: ["NET_RAW", "NET_ADMIN"] + volumes: + - name: cni-bin + hostPath: + path: /opt/cni/bin + type: DirectoryOrCreate - name: cni-cfg - mountPath: /etc/cni/net.d + hostPath: + path: /etc/cni/net.d + type: DirectoryOrCreate - name: xtables-lock - mountPath: /run/xtables.lock - readOnly: false + hostPath: + path: /run/xtables.lock + type: FileOrCreate - name: lib-modules - mountPath: /lib/modules - readOnly: true - resources: - requests: - cpu: "100m" - memory: "50Mi" - limits: - cpu: "100m" - memory: "50Mi" - securityContext: - privileged: false - capabilities: - add: ["NET_RAW", "NET_ADMIN"] - volumes: - - name: cni-bin - hostPath: - path: /opt/cni/bin - type: DirectoryOrCreate - - name: cni-cfg - hostPath: - path: /etc/cni/net.d - type: DirectoryOrCreate - - name: xtables-lock - hostPath: - path: /run/xtables.lock - type: FileOrCreate - - name: lib-modules - hostPath: - path: /lib/modules \ No newline at end of file + hostPath: + path: /lib/modules diff --git a/infra/capi/kindnet/serviceaccount.yaml b/infra/capi/kindnet/serviceaccount.yaml index 3d416f9..e3992c6 100644 --- a/infra/capi/kindnet/serviceaccount.yaml +++ b/infra/capi/kindnet/serviceaccount.yaml @@ -2,4 +2,4 @@ apiVersion: v1 kind: ServiceAccount metadata: name: kindnet - namespace: kube-system \ No newline at end of file + namespace: kube-system diff --git a/infra/capi/local-path-provisioner/clusterrole.yaml b/infra/capi/local-path-provisioner/clusterrole.yaml index c672945..d7e07f1 100644 --- a/infra/capi/local-path-provisioner/clusterrole.yaml +++ b/infra/capi/local-path-provisioner/clusterrole.yaml @@ -3,16 +3,16 @@ kind: ClusterRole metadata: name: local-path-provisioner-role rules: - - apiGroups: [ "" ] - resources: [ "nodes", "persistentvolumeclaims", "configmaps" ] - verbs: [ "get", "list", "watch" ] - - apiGroups: [ "" ] - resources: [ "endpoints", "persistentvolumes", "pods" ] - verbs: [ "*" ] - - apiGroups: [ "" ] - resources: [ "events" ] - verbs: [ "create", "patch" ] - - apiGroups: [ "storage.k8s.io" ] - resources: [ "storageclasses" ] - verbs: [ "get", "list", "watch" ] + - apiGroups: [""] + resources: ["nodes", "persistentvolumeclaims", "configmaps"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["endpoints", "persistentvolumes", "pods"] + verbs: ["*"] + - apiGroups: [""] + resources: ["events"] + verbs: ["create", "patch"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] diff --git a/infra/capi/multus/multus-daemonset-thick.yml b/infra/capi/multus/multus-daemonset-thick.yml index 1775f53..f5f4ca8 100644 --- a/infra/capi/multus/multus-daemonset-thick.yml +++ b/infra/capi/multus/multus-daemonset-thick.yml @@ -6,7 +6,6 @@ # - upgrade/update/uninstall scenario # Multus team understand users deployment scenarios are diverse, hence we do not cover # comprehensive deployment scenario. We expect that it is covered by each platform deployment. ---- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -26,21 +25,14 @@ spec: storage: true schema: openAPIV3Schema: - description: 'NetworkAttachmentDefinition is a CRD schema specified by the Network Plumbing - Working Group to express the intent for attaching pods to one or more logical or physical - networks. More information available at: https://github.com/k8snetworkplumbingwg/multi-net-spec' + description: 'NetworkAttachmentDefinition is a CRD schema specified by the Network Plumbing Working Group to express the intent for attaching pods to one or more logical or physical networks. More information available at: https://github.com/k8snetworkplumbingwg/multi-net-spec' type: object properties: apiVersion: - description: 'APIVersion defines the versioned schema of this represen - tation of an object. Servers should convert recognized schemas to the - latest internal value, and may reject unrecognized values. More info: - https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: 'APIVersion defines the versioned schema of this represen tation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object @@ -153,7 +145,7 @@ spec: containers: - name: kube-multus image: ghcr.io/k8snetworkplumbingwg/multus-cni:v4.0.2-thick - command: [ "/usr/src/multus-cni/bin/multus-daemon" ] + command: ["/usr/src/multus-cni/bin/multus-daemon"] resources: requests: cpu: "100m" @@ -215,8 +207,8 @@ spec: configMap: name: multus-daemon-config items: - - key: daemon-config.json - path: daemon-config.json + - key: daemon-config.json + path: daemon-config.json - name: host-run hostPath: path: /run diff --git a/infra/capi/nephio-workload-cluster/apply-replacements.yaml b/infra/capi/nephio-workload-cluster/apply-replacements.yaml index 04bf9bd..6a00325 100644 --- a/infra/capi/nephio-workload-cluster/apply-replacements.yaml +++ b/infra/capi/nephio-workload-cluster/apply-replacements.yaml @@ -5,26 +5,26 @@ metadata: annotations: config.kubernetes.io/local-config: "true" replacements: -- source: - kind: ConfigMap - name: kptfile.kpt.dev - fieldPath: data.name - targets: - - select: - kind: PackageVariant - fieldPaths: - - metadata.name - - spec.downstream.package - options: - delimiter: '-' - index: 0 - - select: - kind: PackageVariant - fieldPaths: - - spec.injectors.[kind=WorkloadCluster].name - - spec.pipeline.mutators.[image=gcr.io/kpt-fn/set-annotations:v0.1.4].configMap.[nephio.org/cluster-name] - - select: - kind: WorkloadCluster - fieldPaths: - - metadata.name - - spec.clusterName + - source: + kind: ConfigMap + name: kptfile.kpt.dev + fieldPath: data.name + targets: + - select: + kind: PackageVariant + fieldPaths: + - metadata.name + - spec.downstream.package + options: + delimiter: '-' + index: 0 + - select: + kind: PackageVariant + fieldPaths: + - spec.injectors.[kind=WorkloadCluster].name + - spec.pipeline.mutators.[image=gcr.io/kpt-fn/set-annotations:v0.1.4].configMap.[nephio.org/cluster-name] + - select: + kind: WorkloadCluster + fieldPaths: + - metadata.name + - spec.clusterName diff --git a/infra/capi/nephio-workload-cluster/pv-cluster.yaml b/infra/capi/nephio-workload-cluster/pv-cluster.yaml index f1824db..649838d 100644 --- a/infra/capi/nephio-workload-cluster/pv-cluster.yaml +++ b/infra/capi/nephio-workload-cluster/pv-cluster.yaml @@ -13,10 +13,10 @@ spec: package: example-cluster repo: mgmt injectors: - - kind: WorkloadCluster - name: example + - kind: WorkloadCluster + name: example pipeline: mutators: - - image: gcr.io/kpt-fn/set-annotations:v0.1.4 - configMap: - nephio.org/cluster-name: example + - image: gcr.io/kpt-fn/set-annotations:v0.1.4 + configMap: + nephio.org/cluster-name: example diff --git a/infra/capi/nephio-workload-cluster/pv-configsync.yaml b/infra/capi/nephio-workload-cluster/pv-configsync.yaml index d2ebd8d..47985bd 100644 --- a/infra/capi/nephio-workload-cluster/pv-configsync.yaml +++ b/infra/capi/nephio-workload-cluster/pv-configsync.yaml @@ -14,6 +14,6 @@ spec: repo: mgmt-staging pipeline: mutators: - - image: gcr.io/kpt-fn/set-annotations:v0.1.4 - configMap: - nephio.org/cluster-name: example + - image: gcr.io/kpt-fn/set-annotations:v0.1.4 + configMap: + nephio.org/cluster-name: example diff --git a/infra/capi/nephio-workload-cluster/pv-crds.yaml b/infra/capi/nephio-workload-cluster/pv-crds.yaml index e3c4608..644fbbd 100644 --- a/infra/capi/nephio-workload-cluster/pv-crds.yaml +++ b/infra/capi/nephio-workload-cluster/pv-crds.yaml @@ -14,6 +14,6 @@ spec: repo: mgmt-staging pipeline: mutators: - - image: gcr.io/kpt-fn/set-annotations:v0.1.4 - configMap: - nephio.org/cluster-name: example + - image: gcr.io/kpt-fn/set-annotations:v0.1.4 + configMap: + nephio.org/cluster-name: example diff --git a/infra/capi/nephio-workload-cluster/pv-kindnet.yaml b/infra/capi/nephio-workload-cluster/pv-kindnet.yaml index 7446b97..4c3845d 100644 --- a/infra/capi/nephio-workload-cluster/pv-kindnet.yaml +++ b/infra/capi/nephio-workload-cluster/pv-kindnet.yaml @@ -14,6 +14,6 @@ spec: repo: mgmt-staging pipeline: mutators: - - image: gcr.io/kpt-fn/set-annotations:v0.1.4 - configMap: - nephio.org/cluster-name: example + - image: gcr.io/kpt-fn/set-annotations:v0.1.4 + configMap: + nephio.org/cluster-name: example diff --git a/infra/capi/nephio-workload-cluster/pv-local-path-provisioner.yaml b/infra/capi/nephio-workload-cluster/pv-local-path-provisioner.yaml index 7ef9f0c..45e9be1 100644 --- a/infra/capi/nephio-workload-cluster/pv-local-path-provisioner.yaml +++ b/infra/capi/nephio-workload-cluster/pv-local-path-provisioner.yaml @@ -14,7 +14,7 @@ spec: repo: mgmt-staging pipeline: mutators: - - image: gcr.io/kpt-fn/set-annotations:v0.1.4 - configMap: - nephio.org/cluster-name: example + - image: gcr.io/kpt-fn/set-annotations:v0.1.4 + configMap: + nephio.org/cluster-name: example diff --git a/infra/capi/nephio-workload-cluster/pv-metallb.yaml b/infra/capi/nephio-workload-cluster/pv-metallb.yaml index 98248a2..de06e58 100644 --- a/infra/capi/nephio-workload-cluster/pv-metallb.yaml +++ b/infra/capi/nephio-workload-cluster/pv-metallb.yaml @@ -14,6 +14,6 @@ spec: repo: mgmt-staging pipeline: mutators: - - image: gcr.io/kpt-fn/set-annotations:v0.1.4 - configMap: - nephio.org/cluster-name: example + - image: gcr.io/kpt-fn/set-annotations:v0.1.4 + configMap: + nephio.org/cluster-name: example diff --git a/infra/capi/nephio-workload-cluster/pv-multus.yaml b/infra/capi/nephio-workload-cluster/pv-multus.yaml index a94fcd3..2337d90 100644 --- a/infra/capi/nephio-workload-cluster/pv-multus.yaml +++ b/infra/capi/nephio-workload-cluster/pv-multus.yaml @@ -14,6 +14,6 @@ spec: repo: mgmt-staging pipeline: mutators: - - image: gcr.io/kpt-fn/set-annotations:v0.1.4 - configMap: - nephio.org/cluster-name: example + - image: gcr.io/kpt-fn/set-annotations:v0.1.4 + configMap: + nephio.org/cluster-name: example diff --git a/infra/capi/nephio-workload-cluster/pv-repo.yaml b/infra/capi/nephio-workload-cluster/pv-repo.yaml index 0eb3285..d9508f7 100644 --- a/infra/capi/nephio-workload-cluster/pv-repo.yaml +++ b/infra/capi/nephio-workload-cluster/pv-repo.yaml @@ -13,10 +13,10 @@ spec: package: example-repo repo: mgmt injectors: - - kind: WorkloadCluster - name: example + - kind: WorkloadCluster + name: example pipeline: mutators: - - image: gcr.io/kpt-fn/set-annotations:v0.1.4 - configMap: - nephio.org/cluster-name: example + - image: gcr.io/kpt-fn/set-annotations:v0.1.4 + configMap: + nephio.org/cluster-name: example diff --git a/infra/capi/nephio-workload-cluster/pv-rootsync.yaml b/infra/capi/nephio-workload-cluster/pv-rootsync.yaml index c596a69..1cec49d 100644 --- a/infra/capi/nephio-workload-cluster/pv-rootsync.yaml +++ b/infra/capi/nephio-workload-cluster/pv-rootsync.yaml @@ -13,10 +13,10 @@ spec: package: example-rootsync repo: mgmt-staging injectors: - - kind: WorkloadCluster - name: example + - kind: WorkloadCluster + name: example pipeline: mutators: - - image: gcr.io/kpt-fn/set-annotations:v0.1.4 - configMap: - nephio.org/cluster-name: example + - image: gcr.io/kpt-fn/set-annotations:v0.1.4 + configMap: + nephio.org/cluster-name: example diff --git a/infra/capi/nephio-workload-cluster/pv-vlanindex.yaml b/infra/capi/nephio-workload-cluster/pv-vlanindex.yaml index 408dc03..4cb229d 100644 --- a/infra/capi/nephio-workload-cluster/pv-vlanindex.yaml +++ b/infra/capi/nephio-workload-cluster/pv-vlanindex.yaml @@ -13,10 +13,10 @@ spec: package: example-vlanindex repo: mgmt injectors: - - kind: WorkloadCluster - name: example + - kind: WorkloadCluster + name: example pipeline: mutators: - - image: gcr.io/kpt-fn/set-annotations:v0.1.4 - configMap: - nephio.org/cluster-name: example + - image: gcr.io/kpt-fn/set-annotations:v0.1.4 + configMap: + nephio.org/cluster-name: example diff --git a/infra/capi/nephio-workload-cluster/workload-cluster.yaml b/infra/capi/nephio-workload-cluster/workload-cluster.yaml index 247e818..8fe6a53 100644 --- a/infra/capi/nephio-workload-cluster/workload-cluster.yaml +++ b/infra/capi/nephio-workload-cluster/workload-cluster.yaml @@ -7,7 +7,7 @@ spec: # well as in metadata. clusterName: example cnis: - - macvlan - - ipvlan - - sriov + - macvlan + - ipvlan + - sriov masterInterface: eth1 diff --git a/infra/gcp/cc-cluster-gke-std-csr-cs/apply-replacements.yaml b/infra/gcp/cc-cluster-gke-std-csr-cs/apply-replacements.yaml index dce6444..9c53998 100644 --- a/infra/gcp/cc-cluster-gke-std-csr-cs/apply-replacements.yaml +++ b/infra/gcp/cc-cluster-gke-std-csr-cs/apply-replacements.yaml @@ -5,33 +5,33 @@ metadata: annotations: config.kubernetes.io/local-config: "true" replacements: -- source: - kind: ConfigMap - name: kptfile.kpt.dev - fieldPath: data.name - targets: - - select: + - source: kind: ConfigMap - name: setters - fieldPaths: - - data.name -- source: - kind: ConfigMap - name: gcp-context - fieldPath: data.project-id - targets: - - select: + name: kptfile.kpt.dev + fieldPath: data.name + targets: + - select: + kind: ConfigMap + name: setters + fieldPaths: + - data.name + - source: kind: ConfigMap - name: setters - fieldPaths: - - data.project-id -- source: - kind: ConfigMap - name: gcp-context - fieldPath: data.location - targets: - - select: + name: gcp-context + fieldPath: data.project-id + targets: + - select: + kind: ConfigMap + name: setters + fieldPaths: + - data.project-id + - source: kind: ConfigMap - name: setters - fieldPaths: - - data.location + name: gcp-context + fieldPath: data.location + targets: + - select: + kind: ConfigMap + name: setters + fieldPaths: + - data.location diff --git a/infra/gcp/cc-repo-csr/apply-replacements.yaml b/infra/gcp/cc-repo-csr/apply-replacements.yaml index dce6444..9c53998 100644 --- a/infra/gcp/cc-repo-csr/apply-replacements.yaml +++ b/infra/gcp/cc-repo-csr/apply-replacements.yaml @@ -5,33 +5,33 @@ metadata: annotations: config.kubernetes.io/local-config: "true" replacements: -- source: - kind: ConfigMap - name: kptfile.kpt.dev - fieldPath: data.name - targets: - - select: + - source: kind: ConfigMap - name: setters - fieldPaths: - - data.name -- source: - kind: ConfigMap - name: gcp-context - fieldPath: data.project-id - targets: - - select: + name: kptfile.kpt.dev + fieldPath: data.name + targets: + - select: + kind: ConfigMap + name: setters + fieldPaths: + - data.name + - source: kind: ConfigMap - name: setters - fieldPaths: - - data.project-id -- source: - kind: ConfigMap - name: gcp-context - fieldPath: data.location - targets: - - select: + name: gcp-context + fieldPath: data.project-id + targets: + - select: + kind: ConfigMap + name: setters + fieldPaths: + - data.project-id + - source: kind: ConfigMap - name: setters - fieldPaths: - - data.location + name: gcp-context + fieldPath: data.location + targets: + - select: + kind: ConfigMap + name: setters + fieldPaths: + - data.location diff --git a/infra/gcp/nephio-blueprint-repo/apply-replacements.yaml b/infra/gcp/nephio-blueprint-repo/apply-replacements.yaml index d77dd90..61cb935 100644 --- a/infra/gcp/nephio-blueprint-repo/apply-replacements.yaml +++ b/infra/gcp/nephio-blueprint-repo/apply-replacements.yaml @@ -5,38 +5,38 @@ metadata: annotations: config.kubernetes.io/local-config: "true" replacements: -- source: - kind: ConfigMap - name: kptfile.kpt.dev - fieldPath: data.name - targets: - - select: - kind: PackageVariant - fieldPaths: - - metadata.name - - spec.downstream.package - - select: + - source: kind: ConfigMap - name: setters - fieldPaths: - - data.name -- source: - kind: ConfigMap - name: gcp-context - fieldPath: data.project-id - targets: - - select: + name: kptfile.kpt.dev + fieldPath: data.name + targets: + - select: + kind: PackageVariant + fieldPaths: + - metadata.name + - spec.downstream.package + - select: + kind: ConfigMap + name: setters + fieldPaths: + - data.name + - source: kind: ConfigMap - name: setters - fieldPaths: - - data.project-id -- source: - kind: ConfigMap - name: gcp-context - fieldPath: data.location - targets: - - select: + name: gcp-context + fieldPath: data.project-id + targets: + - select: + kind: ConfigMap + name: setters + fieldPaths: + - data.project-id + - source: kind: ConfigMap - name: setters - fieldPaths: - - data.location + name: gcp-context + fieldPath: data.location + targets: + - select: + kind: ConfigMap + name: setters + fieldPaths: + - data.location diff --git a/infra/gcp/nephio-blueprint-repo/pv-repo.yaml b/infra/gcp/nephio-blueprint-repo/pv-repo.yaml index 2887d9a..e9f463c 100644 --- a/infra/gcp/nephio-blueprint-repo/pv-repo.yaml +++ b/infra/gcp/nephio-blueprint-repo/pv-repo.yaml @@ -13,5 +13,5 @@ spec: package: example repo: config-control injectors: - - kind: ConfigMap - name: gcp-context + - kind: ConfigMap + name: gcp-context diff --git a/infra/gcp/nephio-workload-cluster-gke/apply-replacements.yaml b/infra/gcp/nephio-workload-cluster-gke/apply-replacements.yaml index 1ed60cc..38efc2b 100644 --- a/infra/gcp/nephio-workload-cluster-gke/apply-replacements.yaml +++ b/infra/gcp/nephio-workload-cluster-gke/apply-replacements.yaml @@ -5,58 +5,58 @@ metadata: annotations: config.kubernetes.io/local-config: "true" replacements: -- source: - kind: ConfigMap - name: kptfile.kpt.dev - fieldPath: data.name - targets: - - select: - kind: PackageVariant - fieldPaths: - - metadata.name - - spec.downstream.package - - select: - kind: PackageVariant - fieldPaths: - - spec.injectors.[kind=WorkloadCluster].name - - spec.pipeline.mutators.[image=gcr.io/kpt-fn/set-annotations:v0.1.4].configMap.[nephio.org/cluster-name] - - select: - kind: WorkloadCluster - fieldPaths: - - metadata.name - - spec.clusterName - - select: + - source: kind: ConfigMap - name: setters - fieldPaths: - - data.name - - data.cluster-name -- source: - kind: ConfigMap - name: gcp-context - fieldPath: data.project-id - targets: - - select: + name: kptfile.kpt.dev + fieldPath: data.name + targets: + - select: + kind: PackageVariant + fieldPaths: + - metadata.name + - spec.downstream.package + - select: + kind: PackageVariant + fieldPaths: + - spec.injectors.[kind=WorkloadCluster].name + - spec.pipeline.mutators.[image=gcr.io/kpt-fn/set-annotations:v0.1.4].configMap.[nephio.org/cluster-name] + - select: + kind: WorkloadCluster + fieldPaths: + - metadata.name + - spec.clusterName + - select: + kind: ConfigMap + name: setters + fieldPaths: + - data.name + - data.cluster-name + - source: kind: ConfigMap - name: setters - fieldPaths: - - data.project-id -- source: - kind: ConfigMap - name: gcp-context - fieldPath: data.location - targets: - - select: + name: gcp-context + fieldPath: data.project-id + targets: + - select: + kind: ConfigMap + name: setters + fieldPaths: + - data.project-id + - source: kind: ConfigMap - name: setters - fieldPaths: - - data.location -- source: - kind: ConfigMap - name: gcp-context - fieldPath: metadata.annotations.[kpt.dev/injected-resource] - targets: - - select: - kind: PackageVariant - fieldPaths: - - spec.injectors.0.name + name: gcp-context + fieldPath: data.location + targets: + - select: + kind: ConfigMap + name: setters + fieldPaths: + - data.location + - source: + kind: ConfigMap + name: gcp-context + fieldPath: metadata.annotations.[kpt.dev/injected-resource] + targets: + - select: + kind: PackageVariant + fieldPaths: + - spec.injectors.0.name diff --git a/infra/gcp/nephio-workload-cluster-gke/pv-cluster.yaml b/infra/gcp/nephio-workload-cluster-gke/pv-cluster.yaml index 36e7303..7e496d9 100644 --- a/infra/gcp/nephio-workload-cluster-gke/pv-cluster.yaml +++ b/infra/gcp/nephio-workload-cluster-gke/pv-cluster.yaml @@ -13,10 +13,10 @@ spec: package: example repo: config-control injectors: - - kind: ConfigMap - name: example + - kind: ConfigMap + name: example pipeline: mutators: - - image: gcr.io/kpt-fn/set-annotations:v0.1.4 - configMap: - nephio.org/cluster-name: example + - image: gcr.io/kpt-fn/set-annotations:v0.1.4 + configMap: + nephio.org/cluster-name: example diff --git a/nephio/core/configsync/config-management-operator.yaml b/nephio/core/configsync/config-management-operator.yaml index e27da6a..2205082 100644 --- a/nephio/core/configsync/config-management-operator.yaml +++ b/nephio/core/configsync/config-management-operator.yaml @@ -15,247 +15,247 @@ spec: singular: configmanagement scope: Cluster versions: - - name: v1 - schema: - openAPIV3Schema: - description: ConfigManagement is the Schema for the ConfigManagement API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - properties: - name: - pattern: config-management - type: string - type: object - spec: - description: ConfigManagementSpec defines the desired state of ConfigManagement. - properties: - ConfigSyncDisableFSWatcher: - description: ConfigSyncDisableFSWatcher provides the ability to disable the fs-watcher process. This field is intentionally left hidden/undocumented since it is only meant to be used by customers who have very large repositories. Optional. - type: boolean - ConfigSyncLogLevel: - description: ConfigSyncLogLevel overrides the logging verbosity for all ConfigSync pods. This field is intentionally left hidden/undocumented since it is really only used to gather extra logs for support cases. - type: integer - binauthz: - description: BinAuthz enables Binary Authorization as recognized by the "binauthz.configmanagement.gke.io" label set to "true". - properties: - enabled: - description: 'Enable or disable BinAuthz. Default: false.' - type: boolean - policyRef: - description: PolicyRef is a reference to the BinAuthz policy which will be evaluated. Required if BinAuthz is enabled. - properties: - gkeCluster: - description: BinAuthz policy associated with this GKE-on-GCP cluster. - properties: - location: - description: Location of this cluster - type: string - name: - description: The name of this cluster according to GKE. This is not necessarily the same as the hub membership name. - type: string - project: - description: The name of the GCP project containing this cluster - type: string - type: object - type: object - type: object - channel: - description: 'Channel specifies a channel that can be used to resolve a specific addon, eg: stable It will be ignored if Version is specified' - type: string - clusterName: - description: ClusterName, if defined, sets the name for this cluster. If unset, the cluster is considered to be unnamed, and cannot use ClusterSelectors. - type: string - configConnector: - description: 'Deprecated: Does nothing. ConfigConnector can no longer be enabled/disabled with the ConfigManagement resource; the software is available as a standalone: https://cloud.google.com/config-connector' - properties: - enabled: - description: 'Enable or disable the Config Connector. Default: false.' - type: boolean - type: object - enableLegacyFields: - description: EnableLegacyFields instructs the operator to use spec.git for generating a RootSync resource in MultiRepo mode. Note that this should only be set to true if spec.enableMultiRepo is set to true. - type: boolean - enableMultiRepo: - description: EnableMultiRepo instructs the operator to enable Multi Repo mode for Config Sync. - type: boolean - git: - description: Git contains configuration specific to importing policies from a Git repo. - properties: - gcpServiceAccountEmail: - description: 'GCPServiceAccountEmail specifies the GCP service account used to annotate the Config Sync Kubernetes Service Account. Note: The field is used when secretType: gcpServiceAccount.' - type: string - policyDir: - description: 'PolicyDir is the absolute path of the directory that contains the local policy. Default: the root directory of the repo.' - type: string - proxy: - description: Proxy is a struct that contains options for configuring access to the Git repo via a proxy. Only has an effect when secretType is one of ("cookiefile", "none"). Optional. - properties: - httpProxy: - description: HTTPProxy defines a HTTP_PROXY env variable used to access the Git repo. If both HTTPProxy and HTTPSProxy are specified, HTTPProxy will be ignored. Optional. - type: string - httpsProxy: - description: HTTPSProxy defines a HTTPS_PROXY env variable used to access the Git repo. If both HTTPProxy and HTTPSProxy are specified, HTTPProxy will be ignored. Optional. - type: string - type: object - secretType: - description: SecretType is the type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. Required. The validation of this is case-sensitive. - pattern: ^(ssh|cookiefile|gcenode|gcpserviceaccount|token|none)$ - type: string - syncBranch: - description: 'SyncBranch is the branch to sync from. Default: "master".' - type: string - syncRepo: - pattern: ^(((https?|git|ssh):\/\/)|git@) - type: string - syncRev: - description: 'SyncRev is the git revision (tag or hash) to check out. Default: HEAD.' - type: string - syncWait: - description: 'SyncWaitSeconds is the time duration in seconds between consecutive syncs. Default: 15 seconds. Note that SyncWaitSecs is not a time.Duration on purpose. This provides a reminder to developers that customers specify this value using using integers like "3" in their ConfigManagement YAML. However, time.Duration is at a nanosecond granularity, and it''s easy to introduce a bug where it looks like the code is dealing with seconds but its actually nanoseconds (or vice versa).' - type: integer - type: object - hierarchyController: - description: Hierarchy Controller enables HierarchyController components as recognized by the "hierarchycontroller.configmanagement.gke.io" label set to "true". - properties: - enableHierarchicalResourceQuota: - description: 'HierarchicalResourceQuota enforces resource quota in a hierarchical fashion: a resource quota set for one namespace provides constraints that limit aggregate resource consumption for that namespace and all its descendants. Disabling this will not delete user created hrq CRs, but will delete all the intermediate resources created by HRQ (specifically the resource quota singletons), which are labeled with hierarchycontroller.configmanagement.gke.io/hrq for easier cleanup.' - type: boolean - enablePodTreeLabels: - description: PodTreeLabels copies the tree labels from namespaces to pods, allowing any system that uses pod logs (such as Stackdriver logging) to inspect the hierarchy. - type: boolean - enabled: - description: 'Enable or disable the Hierarchy Controller. Default: false.' - type: boolean - type: object - importer: - description: Importer allows one to override the existing resource requirements for the importer pod - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - type: object - patches: - items: + - name: v1 + schema: + openAPIV3Schema: + description: ConfigManagement is the Schema for the ConfigManagement API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + properties: + name: + pattern: config-management + type: string + type: object + spec: + description: ConfigManagementSpec defines the desired state of ConfigManagement. + properties: + ConfigSyncDisableFSWatcher: + description: ConfigSyncDisableFSWatcher provides the ability to disable the fs-watcher process. This field is intentionally left hidden/undocumented since it is only meant to be used by customers who have very large repositories. Optional. + type: boolean + ConfigSyncLogLevel: + description: ConfigSyncLogLevel overrides the logging verbosity for all ConfigSync pods. This field is intentionally left hidden/undocumented since it is really only used to gather extra logs for support cases. + type: integer + binauthz: + description: BinAuthz enables Binary Authorization as recognized by the "binauthz.configmanagement.gke.io" label set to "true". + properties: + enabled: + description: 'Enable or disable BinAuthz. Default: false.' + type: boolean + policyRef: + description: PolicyRef is a reference to the BinAuthz policy which will be evaluated. Required if BinAuthz is enabled. + properties: + gkeCluster: + description: BinAuthz policy associated with this GKE-on-GCP cluster. + properties: + location: + description: Location of this cluster + type: string + name: + description: The name of this cluster according to GKE. This is not necessarily the same as the hub membership name. + type: string + project: + description: The name of the GCP project containing this cluster + type: string + type: object + type: object type: object - type: array - x-kubernetes-preserve-unknown-fields: true - policyController: - description: Policy Controller enables PolicyController components as recognized by the "gatekeeper.sh/manifest" label set to "true". - properties: - auditIntervalSeconds: - description: AuditIntervalSeconds. The number of seconds between audit runs. Defaults to 60 seconds. To disable audit, set this to 0. - format: int64 - type: integer - enabled: - description: 'Enable or disable the Policy Controller. Default: false.' - type: boolean - exemptableNamespaces: - description: ExemptableNamespaces. The namespaces in this list are able to have the admission.gatekeeper.sh/ignore label set. When the label is set, Policy Controller will not be called for that namespace or any resources contained in it. `gatekeeper-system` is always exempted. - items: + channel: + description: 'Channel specifies a channel that can be used to resolve a specific addon, eg: stable It will be ignored if Version is specified' + type: string + clusterName: + description: ClusterName, if defined, sets the name for this cluster. If unset, the cluster is considered to be unnamed, and cannot use ClusterSelectors. + type: string + configConnector: + description: 'Deprecated: Does nothing. ConfigConnector can no longer be enabled/disabled with the ConfigManagement resource; the software is available as a standalone: https://cloud.google.com/config-connector' + properties: + enabled: + description: 'Enable or disable the Config Connector. Default: false.' + type: boolean + type: object + enableLegacyFields: + description: EnableLegacyFields instructs the operator to use spec.git for generating a RootSync resource in MultiRepo mode. Note that this should only be set to true if spec.enableMultiRepo is set to true. + type: boolean + enableMultiRepo: + description: EnableMultiRepo instructs the operator to enable Multi Repo mode for Config Sync. + type: boolean + git: + description: Git contains configuration specific to importing policies from a Git repo. + properties: + gcpServiceAccountEmail: + description: 'GCPServiceAccountEmail specifies the GCP service account used to annotate the Config Sync Kubernetes Service Account. Note: The field is used when secretType: gcpServiceAccount.' type: string - type: array - logDeniesEnabled: - description: 'LogDeniesEnabled. If true, Policy Controller will log all denies and dryrun failures. No effect unless policyController is enabled. Default: false.' - type: boolean - monitoring: - description: Monitoring specifies the configuration of monitoring. - properties: - backends: - items: + policyDir: + description: 'PolicyDir is the absolute path of the directory that contains the local policy. Default: the root directory of the repo.' + type: string + proxy: + description: Proxy is a struct that contains options for configuring access to the Git repo via a proxy. Only has an effect when secretType is one of ("cookiefile", "none"). Optional. + properties: + httpProxy: + description: HTTPProxy defines a HTTP_PROXY env variable used to access the Git repo. If both HTTPProxy and HTTPSProxy are specified, HTTPProxy will be ignored. Optional. type: string - type: array - type: object - mutation: - description: Mutation specifies the configuration of mutation. This is a preview feature and may change before becoming generally available. - properties: - enabled: - description: 'Enable or disable mutation in policy controller. If true, mutation CRDs, webhook and controller will be deployed to the cluster. Default: false.' - type: boolean - type: object - referentialRulesEnabled: - description: 'ReferentialRulesEnabled. If true, Policy Controller will allow `data.inventory` references in the contents of ConstraintTemplate Rego. No effect unless policyController is enabled. Default: false.' - type: boolean - templateLibraryInstalled: - description: 'TemplateLibraryInstalled. If true, a set of default ConstraintTemplates will be deployed to the cluster. ConstraintTemplates will not be deployed if this is explicitly set to false or if policyController is not enabled. Default: true.' - type: boolean - type: object - preventDrift: - description: 'preventDrift, if set to `true`, enables the Config Sync admission webhook to prevent drifts. If set to `false`, disables the Config Sync admission webhook and does not prevent drifts. Default: false. Config Sync always corrects drifts no matter the value of preventDrift.' - type: boolean - sourceFormat: - description: "SourceFormat specifies how the repository is formatted. See documentation for specifics of what these options do. \n Must be one of hierarchy, unstructured. Optional. Set to hierarchy if not specified. \n The validation of this is case-sensitive." - pattern: ^(hierarchy|unstructured|)$ - type: string - syncer: - description: Syncer allows one to override the existing resource requirements for the syncer pod - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + httpsProxy: + description: HTTPSProxy defines a HTTPS_PROXY env variable used to access the Git repo. If both HTTPProxy and HTTPSProxy are specified, HTTPProxy will be ignored. Optional. + type: string + type: object + secretType: + description: SecretType is the type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. Required. The validation of this is case-sensitive. + pattern: ^(ssh|cookiefile|gcenode|gcpserviceaccount|token|none)$ + type: string + syncBranch: + description: 'SyncBranch is the branch to sync from. Default: "master".' + type: string + syncRepo: + pattern: ^(((https?|git|ssh):\/\/)|git@) + type: string + syncRev: + description: 'SyncRev is the git revision (tag or hash) to check out. Default: HEAD.' + type: string + syncWait: + description: 'SyncWaitSeconds is the time duration in seconds between consecutive syncs. Default: 15 seconds. Note that SyncWaitSecs is not a time.Duration on purpose. This provides a reminder to developers that customers specify this value using using integers like "3" in their ConfigManagement YAML. However, time.Duration is at a nanosecond granularity, and it''s easy to introduce a bug where it looks like the code is dealing with seconds but its actually nanoseconds (or vice versa).' + type: integer + type: object + hierarchyController: + description: Hierarchy Controller enables HierarchyController components as recognized by the "hierarchycontroller.configmanagement.gke.io" label set to "true". + properties: + enableHierarchicalResourceQuota: + description: 'HierarchicalResourceQuota enforces resource quota in a hierarchical fashion: a resource quota set for one namespace provides constraints that limit aggregate resource consumption for that namespace and all its descendants. Disabling this will not delete user created hrq CRs, but will delete all the intermediate resources created by HRQ (specifically the resource quota singletons), which are labeled with hierarchycontroller.configmanagement.gke.io/hrq for easier cleanup.' + type: boolean + enablePodTreeLabels: + description: PodTreeLabels copies the tree labels from namespaces to pods, allowing any system that uses pod logs (such as Stackdriver logging) to inspect the hierarchy. + type: boolean + enabled: + description: 'Enable or disable the Hierarchy Controller. Default: false.' + type: boolean + type: object + importer: + description: Importer allows one to override the existing resource requirements for the importer pod + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + patches: + items: type: object - type: object - version: - description: Version specifies the exact addon version to be deployed, eg 1.2.3 It should not be specified if Channel is specified - type: string - type: object - status: - description: ConfigManagementStatus defines the observed state of ConfigManagement. - properties: - configManagementVersion: - description: ConfigManagementVersion is the semantic version number of the config management system enforced by the currently running config management operator. - type: string - errors: - items: + type: array + x-kubernetes-preserve-unknown-fields: true + policyController: + description: Policy Controller enables PolicyController components as recognized by the "gatekeeper.sh/manifest" label set to "true". + properties: + auditIntervalSeconds: + description: AuditIntervalSeconds. The number of seconds between audit runs. Defaults to 60 seconds. To disable audit, set this to 0. + format: int64 + type: integer + enabled: + description: 'Enable or disable the Policy Controller. Default: false.' + type: boolean + exemptableNamespaces: + description: ExemptableNamespaces. The namespaces in this list are able to have the admission.gatekeeper.sh/ignore label set. When the label is set, Policy Controller will not be called for that namespace or any resources contained in it. `gatekeeper-system` is always exempted. + items: + type: string + type: array + logDeniesEnabled: + description: 'LogDeniesEnabled. If true, Policy Controller will log all denies and dryrun failures. No effect unless policyController is enabled. Default: false.' + type: boolean + monitoring: + description: Monitoring specifies the configuration of monitoring. + properties: + backends: + items: + type: string + type: array + type: object + mutation: + description: Mutation specifies the configuration of mutation. This is a preview feature and may change before becoming generally available. + properties: + enabled: + description: 'Enable or disable mutation in policy controller. If true, mutation CRDs, webhook and controller will be deployed to the cluster. Default: false.' + type: boolean + type: object + referentialRulesEnabled: + description: 'ReferentialRulesEnabled. If true, Policy Controller will allow `data.inventory` references in the contents of ConstraintTemplate Rego. No effect unless policyController is enabled. Default: false.' + type: boolean + templateLibraryInstalled: + description: 'TemplateLibraryInstalled. If true, a set of default ConstraintTemplates will be deployed to the cluster. ConstraintTemplates will not be deployed if this is explicitly set to false or if policyController is not enabled. Default: true.' + type: boolean + type: object + preventDrift: + description: 'preventDrift, if set to `true`, enables the Config Sync admission webhook to prevent drifts. If set to `false`, disables the Config Sync admission webhook and does not prevent drifts. Default: false. Config Sync always corrects drifts no matter the value of preventDrift.' + type: boolean + sourceFormat: + description: "SourceFormat specifies how the repository is formatted. See documentation for specifics of what these options do. \n Must be one of hierarchy, unstructured. Optional. Set to hierarchy if not specified. \n The validation of this is case-sensitive." + pattern: ^(hierarchy|unstructured|)$ + type: string + syncer: + description: Syncer allows one to override the existing resource requirements for the syncer pod + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + version: + description: Version specifies the exact addon version to be deployed, eg 1.2.3 It should not be specified if Channel is specified type: string - type: array - healthy: - type: boolean - phase: - type: string - required: - - healthy - type: object - required: - - metadata - - spec - type: object - served: true - storage: true + type: object + status: + description: ConfigManagementStatus defines the observed state of ConfigManagement. + properties: + configManagementVersion: + description: ConfigManagementVersion is the semantic version number of the config management system enforced by the currently running config management operator. + type: string + errors: + items: + type: string + type: array + healthy: + type: boolean + phase: + type: string + required: + - healthy + type: object + required: + - metadata + - spec + type: object + served: true + storage: true --- apiVersion: v1 kind: Namespace @@ -305,9 +305,9 @@ roleRef: kind: ClusterRole name: config-management-operator subjects: -- kind: ServiceAccount - name: config-management-operator - namespace: config-management-system + - kind: ServiceAccount + name: config-management-operator + namespace: config-management-system --- apiVersion: v1 kind: ServiceAccount @@ -345,22 +345,22 @@ spec: component: config-management-operator spec: containers: - - command: - - /manager - - --private-registry= - name: manager - image: gcr.io/config-management-release/config-management-operator:20220617195442-op - resources: - requests: - cpu: 100m - memory: 100Mi - envFrom: - - configMapRef: - name: operator-environment-options - optional: true - securityContext: - allowPrivilegeEscalation: false - readOnlyRootFilesystem: true + - command: + - /manager + - --private-registry= + name: manager + image: gcr.io/config-management-release/config-management-operator:20220617195442-op + resources: + requests: + cpu: 100m + memory: 100Mi + envFrom: + - configMapRef: + name: operator-environment-options + optional: true + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true serviceAccount: config-management-operator securityContext: runAsUser: 1000 diff --git a/nephio/core/configsync/rootsync-crd.yaml b/nephio/core/configsync/rootsync-crd.yaml index 943fed5..4705574 100644 --- a/nephio/core/configsync/rootsync-crd.yaml +++ b/nephio/core/configsync/rootsync-crd.yaml @@ -32,257 +32,359 @@ spec: preserveUnknownFields: false scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.rendering.commit - name: RenderingCommit - type: string - - jsonPath: .status.rendering.errorSummary.totalCount - name: RenderingErrorCount - type: integer - - jsonPath: .status.source.commit - name: SourceCommit - type: string - - jsonPath: .status.source.errorSummary.totalCount - name: SourceErrorCount - type: integer - - jsonPath: .status.sync.commit - name: SyncCommit - type: string - - jsonPath: .status.sync.errorSummary.totalCount - name: SyncErrorCount - type: integer - name: v1alpha1 - schema: - openAPIV3Schema: - description: RootSync is the Schema for the rootsyncs API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: RootSyncSpec defines the desired state of RootSync - properties: - git: - description: git contains configuration specific to importing resources from a Git repo. - properties: - auth: - description: auth is the type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, or none. The validation of this is case-sensitive. Required. - enum: - - ssh - - cookiefile - - gcenode - - gcpserviceaccount - - token - - none - type: string - branch: - description: 'branch is the git branch to checkout. Default: "master".' - type: string - dir: - description: 'dir is the absolute path of the directory that contains the local resources. Default: the root directory of the repo.' - type: string - gcpServiceAccountEmail: - description: 'gcpServiceAccountEmail specifies the GCP service account used to annotate the RootSync/RepoSync controller Kubernetes Service Account. Note: The field is used when spec.git.auth: gcpserviceaccount.' - type: string - noSSLVerify: - description: 'noSSLVerify specifies whether to enable or disable the SSL certificate verification. Default: false. If noSSLVerify is set to true, it tells Git to skip the SSL certificate verification.' - type: boolean - period: - description: 'period is the time duration between consecutive syncs. Default: 15s. Note to developers that customers specify this value using string (https://golang.org/pkg/time/#Duration.String) like "3s" in their Custom Resource YAML. However, time.Duration is at a nanosecond granularity, and it is easy to introduce a bug where it looks like the code is dealing with seconds but its actually nanoseconds (or vice versa).' - type: string - proxy: - description: proxy specifies an HTTPS proxy for accessing the Git repo. Only has an effect when secretType is one of ("cookiefile", "none", "token"). When secretType is "cookiefile" or "token", if your HTTPS proxy URL contains sensitive information such as a username or password and you need to hide the sensitive information, you can leave this field empty and add the URL for the HTTPS proxy into the same Secret used for the Git credential via `kubectl create secret ... --from-literal=https_proxy=HTTPS_PROXY_URL`. Optional. - type: string - repo: - description: repo is the git repository URL to sync from. Required. - type: string - revision: - description: 'revision is the git revision (tag, ref or commit) to fetch. Default: "HEAD".' - type: string - secretRef: - description: secretRef is the secret used to connect to the Git source of truth. - properties: - name: - description: name represents the secret name. - type: string - type: object - required: - - auth - - repo - type: object - helm: - description: helm contains configuration specific to importing resources from a Helm repo. - properties: - auth: - description: auth specifies the type to authenticate to the Helm repository. Must be one of secret, gcpserviceaccount, or none. The validation of this is case-sensitive. Required. - enum: - - none - - gcpserviceaccount - - token - type: string - chart: - description: chart is a Helm chart name. Required. - type: string - gcpServiceAccountEmail: - description: 'gcpServiceAccountEmail specifies the GCP service account used to annotate the RootSync/RepoSync controller Kubernetes Service Account. Note: The field is used when spec.helm.auth: gcpserviceaccount.' - type: string - includeCRDs: - description: 'includeCRDs specifies if Helm template should also generate CustomResourceDefinitions. If IncludeCRDs is set to false, no CustomeResourceDefinition will be generated. Default: false.' - type: boolean - namespace: - description: namespace sets the target namespace for a release - type: string - period: - description: 'period is the time duration between consecutive syncs. Default: 15s. Use string to specify this field value, like "30s", "5m". More details about valid inputs: https://pkg.go.dev/time#ParseDuration. Chart will not be re-synced if version is specified and it is not "latest"' - type: string - releaseName: - description: releaseName is the name of the Helm release. - type: string - repo: - description: repo is the helm repository URL to sync from. Required. - type: string - secretRef: - description: secretRef holds the authentication secret for accessing the Helm repository. - properties: - name: - description: name represents the secret name. - type: string - type: object - values: - description: values to use instead of default values that accompany the chart - type: object - valuesFiles: - description: valuesFiles is a list of path to Helm value files. Values files must be in the same repository with the Helm chart. And the paths here are absolute path from the root directory of the repository - items: + - additionalPrinterColumns: + - jsonPath: .status.rendering.commit + name: RenderingCommit + type: string + - jsonPath: .status.rendering.errorSummary.totalCount + name: RenderingErrorCount + type: integer + - jsonPath: .status.source.commit + name: SourceCommit + type: string + - jsonPath: .status.source.errorSummary.totalCount + name: SourceErrorCount + type: integer + - jsonPath: .status.sync.commit + name: SyncCommit + type: string + - jsonPath: .status.sync.errorSummary.totalCount + name: SyncErrorCount + type: integer + name: v1alpha1 + schema: + openAPIV3Schema: + description: RootSync is the Schema for the rootsyncs API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: RootSyncSpec defines the desired state of RootSync + properties: + git: + description: git contains configuration specific to importing resources from a Git repo. + properties: + auth: + description: auth is the type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, or none. The validation of this is case-sensitive. Required. + enum: + - ssh + - cookiefile + - gcenode + - gcpserviceaccount + - token + - none type: string - type: array - version: - description: version is the chart version. If this is not specified, the latest version is used - type: string - required: - - auth - - chart - - repo - type: object - oci: - description: oci contains configuration specific to importing resources from an OCI package. - properties: - auth: - description: auth is the type of secret configured for access to the OCI package. Must be one of gcenode, gcpserviceaccount, or none. The validation of this is case-sensitive. Required. - enum: - - gcenode - - gcpserviceaccount - - none - type: string - dir: - description: 'dir is the absolute path of the directory that contains the local resources. Default: the root directory of the image.' - type: string - gcpServiceAccountEmail: - description: 'gcpServiceAccountEmail specifies the GCP service account used to annotate the RootSync/RepoSync controller Kubernetes Service Account. Note: The field is used when secretType: gcpServiceAccount.' - type: string - image: - description: 'image is the OCI image repository URL for the package to sync from. e.g. `LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME`. The image can be pulled by TAG or by DIGEST if it is specified in PACKAGE_NAME. - Pull by tag: `LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME:TAG`. - Pull by digest: `LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME@sha256:DIGEST`. If neither TAG nor DIGEST is specified, it pulls with the `latest` tag by default. Required' - type: string - period: - description: 'period is the time duration between consecutive syncs. Default: 15s. Note to developers that customers specify this value using string (https://golang.org/pkg/time/#Duration.String) like "3s" in their Custom Resource YAML. However, time.Duration is at a nanosecond granularity, and it is easy to introduce a bug where it looks like the code is dealing with seconds but its actually nanoseconds (or vice versa).' - type: string - required: - - auth - - image - type: object - override: - description: override allows to override the settings for a reconciler. - nullable: true - properties: - enableShellInRendering: - description: 'enableShellInRendering specifies whether to enable or disable the shell access in rendering process. Default: false. Kustomize remote bases requires shell access. Setting this field to true will enable shell in the rendering process and support pulling remote bases from public repositories.' - type: boolean - gitSyncDepth: - description: gitSyncDepth allows one to override the number of git commits to fetch. Must be no less than 0. Config Sync would do a full clone if this field is 0, and a shallow clone if this field is greater than 0. If this field is not provided, Config Sync would configure it automatically. - format: int64 - minimum: 0 - type: integer - reconcileTimeout: - description: 'reconcileTimeout allows one to override the threshold for how long to wait for all resources to reconcile before giving up. Default: 5m. Use string to specify this field value, like "30s", "5m". More details about valid inputs: https://pkg.go.dev/time#ParseDuration. Recommended reconcileTimeout range is from "10s" to "1h".' - type: string - resources: - description: resources allow one to override the resource requirements for the containers in a reconciler pod. - items: - description: ContainerResourcesSpec allows to override the resource requirements for a container + branch: + description: 'branch is the git branch to checkout. Default: "master".' + type: string + dir: + description: 'dir is the absolute path of the directory that contains the local resources. Default: the root directory of the repo.' + type: string + gcpServiceAccountEmail: + description: 'gcpServiceAccountEmail specifies the GCP service account used to annotate the RootSync/RepoSync controller Kubernetes Service Account. Note: The field is used when spec.git.auth: gcpserviceaccount.' + type: string + noSSLVerify: + description: 'noSSLVerify specifies whether to enable or disable the SSL certificate verification. Default: false. If noSSLVerify is set to true, it tells Git to skip the SSL certificate verification.' + type: boolean + period: + description: 'period is the time duration between consecutive syncs. Default: 15s. Note to developers that customers specify this value using string (https://golang.org/pkg/time/#Duration.String) like "3s" in their Custom Resource YAML. However, time.Duration is at a nanosecond granularity, and it is easy to introduce a bug where it looks like the code is dealing with seconds but its actually nanoseconds (or vice versa).' + type: string + proxy: + description: proxy specifies an HTTPS proxy for accessing the Git repo. Only has an effect when secretType is one of ("cookiefile", "none", "token"). When secretType is "cookiefile" or "token", if your HTTPS proxy URL contains sensitive information such as a username or password and you need to hide the sensitive information, you can leave this field empty and add the URL for the HTTPS proxy into the same Secret used for the Git credential via `kubectl create secret ... --from-literal=https_proxy=HTTPS_PROXY_URL`. Optional. + type: string + repo: + description: repo is the git repository URL to sync from. Required. + type: string + revision: + description: 'revision is the git revision (tag, ref or commit) to fetch. Default: "HEAD".' + type: string + secretRef: + description: secretRef is the secret used to connect to the Git source of truth. properties: - containerName: - description: containerName specifies the name of a container whose resource requirements will be overridden. Must be "reconciler", "git-sync", "hydration-controller", or "oci-sync". - pattern: ^(reconciler|git-sync|hydration-controller|oci-sync)$ + name: + description: name represents the secret name. type: string - cpuLimit: - anyOf: - - type: integer - - type: string - description: cpuLimit allows one to override the CPU limit of a container - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - cpuRequest: - anyOf: - - type: integer - - type: string - description: cpuRequest allows one to override the CPU request of a container - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - memoryLimit: - anyOf: - - type: integer - - type: string - description: memoryLimit allows one to override the memory limit of a container - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - memoryRequest: - anyOf: - - type: integer - - type: string - description: memoryRequest allows one to override the memory request of a container - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true type: object - type: array - statusMode: - description: statusMode controls whether the actuation status such as apply failed or not should be embedded into the ResourceGroup object. Must be "enabled" or "disabled". If set to "enabled", it increases the size of the ResourceGroup object. - pattern: ^(enabled|disabled|)$ - type: string - type: object - sourceFormat: - description: "sourceFormat specifies how the repository is formatted. See documentation for specifics of what these options do. \n Must be one of hierarchy, unstructured. Optional. Set to hierarchy if not specified. \n The validation of this is case-sensitive." - pattern: ^(hierarchy|unstructured|)$ - type: string - sourceType: - default: git - description: "sourceType specifies the type of the source of truth. \n Must be one of git, oci, helm. Optional. Set to git if not specified." - pattern: ^(git|oci|helm)$ - type: string - type: object - status: - description: RootSyncStatus defines the observed state of RootSync - properties: - conditions: - description: conditions represents the latest available observations of the RootSync's current state. - items: - description: RootSyncCondition describes the state of a RootSync at a certain point. + required: + - auth + - repo + type: object + helm: + description: helm contains configuration specific to importing resources from a Helm repo. properties: - commit: - description: hash of the source of truth. It can be a git commit hash, or an OCI image digest. + auth: + description: auth specifies the type to authenticate to the Helm repository. Must be one of secret, gcpserviceaccount, or none. The validation of this is case-sensitive. Required. + enum: + - none + - gcpserviceaccount + - token + type: string + chart: + description: chart is a Helm chart name. Required. + type: string + gcpServiceAccountEmail: + description: 'gcpServiceAccountEmail specifies the GCP service account used to annotate the RootSync/RepoSync controller Kubernetes Service Account. Note: The field is used when spec.helm.auth: gcpserviceaccount.' + type: string + includeCRDs: + description: 'includeCRDs specifies if Helm template should also generate CustomResourceDefinitions. If IncludeCRDs is set to false, no CustomeResourceDefinition will be generated. Default: false.' + type: boolean + namespace: + description: namespace sets the target namespace for a release + type: string + period: + description: 'period is the time duration between consecutive syncs. Default: 15s. Use string to specify this field value, like "30s", "5m". More details about valid inputs: https://pkg.go.dev/time#ParseDuration. Chart will not be re-synced if version is specified and it is not "latest"' + type: string + releaseName: + description: releaseName is the name of the Helm release. type: string - errorSourceRefs: - description: errorSourceRefs track the origination(s) of errors when the condition type is Syncing. + repo: + description: repo is the helm repository URL to sync from. Required. + type: string + secretRef: + description: secretRef holds the authentication secret for accessing the Helm repository. + properties: + name: + description: name represents the secret name. + type: string + type: object + values: + description: values to use instead of default values that accompany the chart + type: object + valuesFiles: + description: valuesFiles is a list of path to Helm value files. Values files must be in the same repository with the Helm chart. And the paths here are absolute path from the root directory of the repository items: - description: ErrorSource indicates the origination of errors. type: string type: array + version: + description: version is the chart version. If this is not specified, the latest version is used + type: string + required: + - auth + - chart + - repo + type: object + oci: + description: oci contains configuration specific to importing resources from an OCI package. + properties: + auth: + description: auth is the type of secret configured for access to the OCI package. Must be one of gcenode, gcpserviceaccount, or none. The validation of this is case-sensitive. Required. + enum: + - gcenode + - gcpserviceaccount + - none + type: string + dir: + description: 'dir is the absolute path of the directory that contains the local resources. Default: the root directory of the image.' + type: string + gcpServiceAccountEmail: + description: 'gcpServiceAccountEmail specifies the GCP service account used to annotate the RootSync/RepoSync controller Kubernetes Service Account. Note: The field is used when secretType: gcpServiceAccount.' + type: string + image: + description: 'image is the OCI image repository URL for the package to sync from. e.g. `LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME`. The image can be pulled by TAG or by DIGEST if it is specified in PACKAGE_NAME. - Pull by tag: `LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME:TAG`. - Pull by digest: `LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME@sha256:DIGEST`. If neither TAG nor DIGEST is specified, it pulls with the `latest` tag by default. Required' + type: string + period: + description: 'period is the time duration between consecutive syncs. Default: 15s. Note to developers that customers specify this value using string (https://golang.org/pkg/time/#Duration.String) like "3s" in their Custom Resource YAML. However, time.Duration is at a nanosecond granularity, and it is easy to introduce a bug where it looks like the code is dealing with seconds but its actually nanoseconds (or vice versa).' + type: string + required: + - auth + - image + type: object + override: + description: override allows to override the settings for a reconciler. + nullable: true + properties: + enableShellInRendering: + description: 'enableShellInRendering specifies whether to enable or disable the shell access in rendering process. Default: false. Kustomize remote bases requires shell access. Setting this field to true will enable shell in the rendering process and support pulling remote bases from public repositories.' + type: boolean + gitSyncDepth: + description: gitSyncDepth allows one to override the number of git commits to fetch. Must be no less than 0. Config Sync would do a full clone if this field is 0, and a shallow clone if this field is greater than 0. If this field is not provided, Config Sync would configure it automatically. + format: int64 + minimum: 0 + type: integer + reconcileTimeout: + description: 'reconcileTimeout allows one to override the threshold for how long to wait for all resources to reconcile before giving up. Default: 5m. Use string to specify this field value, like "30s", "5m". More details about valid inputs: https://pkg.go.dev/time#ParseDuration. Recommended reconcileTimeout range is from "10s" to "1h".' + type: string + resources: + description: resources allow one to override the resource requirements for the containers in a reconciler pod. + items: + description: ContainerResourcesSpec allows to override the resource requirements for a container + properties: + containerName: + description: containerName specifies the name of a container whose resource requirements will be overridden. Must be "reconciler", "git-sync", "hydration-controller", or "oci-sync". + pattern: ^(reconciler|git-sync|hydration-controller|oci-sync)$ + type: string + cpuLimit: + anyOf: + - type: integer + - type: string + description: cpuLimit allows one to override the CPU limit of a container + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + cpuRequest: + anyOf: + - type: integer + - type: string + description: cpuRequest allows one to override the CPU request of a container + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + memoryLimit: + anyOf: + - type: integer + - type: string + description: memoryLimit allows one to override the memory limit of a container + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + memoryRequest: + anyOf: + - type: integer + - type: string + description: memoryRequest allows one to override the memory request of a container + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: array + statusMode: + description: statusMode controls whether the actuation status such as apply failed or not should be embedded into the ResourceGroup object. Must be "enabled" or "disabled". If set to "enabled", it increases the size of the ResourceGroup object. + pattern: ^(enabled|disabled|)$ + type: string + type: object + sourceFormat: + description: "sourceFormat specifies how the repository is formatted. See documentation for specifics of what these options do. \n Must be one of hierarchy, unstructured. Optional. Set to hierarchy if not specified. \n The validation of this is case-sensitive." + pattern: ^(hierarchy|unstructured|)$ + type: string + sourceType: + default: git + description: "sourceType specifies the type of the source of truth. \n Must be one of git, oci, helm. Optional. Set to git if not specified." + pattern: ^(git|oci|helm)$ + type: string + type: object + status: + description: RootSyncStatus defines the observed state of RootSync + properties: + conditions: + description: conditions represents the latest available observations of the RootSync's current state. + items: + description: RootSyncCondition describes the state of a RootSync at a certain point. + properties: + commit: + description: hash of the source of truth. It can be a git commit hash, or an OCI image digest. + type: string + errorSourceRefs: + description: errorSourceRefs track the origination(s) of errors when the condition type is Syncing. + items: + description: ErrorSource indicates the origination of errors. + type: string + type: array + errorSummary: + description: errorSummary summarizes the errors in the `errors` field when the condition type is Reconciling or Stalled, and summarizes the errors referred in the `errorsSourceRefs` field when the condition type is Syncing. + properties: + errorCountAfterTruncation: + description: errorCountAfterTruncation tracks the number of errors in the `Errors` field. + type: integer + totalCount: + description: totalCount tracks the total number of errors. + type: integer + truncated: + description: truncated indicates whether the `Errors` field includes all the errors. If `true`, the `Errors` field does not includes all the errors. If `false`, the `Errors` field includes all the errors. The size limit of a RootSync/RepoSync object is 2MiB. The status update would fail with the `ResourceExhausted` rpc error if there are too many errors. + type: boolean + type: object + errors: + description: errors is a list of errors that occurred in the process. This field is used to track errors when the condition type is Reconciling or Stalled. When the condition type is Syncing, the `errorSourceRefs` field is used instead to avoid duplicating errors between `status.conditions` and `status.rendering|source|sync`. + items: + description: ConfigSyncError represents an error that occurs while parsing, applying, or remediating a resource. + properties: + code: + description: code is the error code of this particular error. Error codes are numeric strings, like "1012". + type: string + errorMessage: + description: errorMessage describes the error that occurred. + type: string + errorResources: + description: errorResources describes the resources associated with this error, if any. + items: + description: ResourceRef contains the identification bits of a single managed resource. + properties: + gvk: + description: gvk is the GroupVersionKind of the affected K8S resource. This field may be empty for errors that are not associated with a specific resource. + properties: + group: + type: string + kind: + type: string + version: + type: string + required: + - group + - kind + - version + type: object + name: + description: name is the name of the affected K8S resource. This field may be empty for errors that are not associated with a specific resource. + type: string + namespace: + description: namespace is the namespace of the affected K8S resource. This field may be empty for errors that are associated with a cluster-scoped resource or not associated with a specific resource. + type: string + sourcePath: + description: sourcePath is the repo-relative slash path to where the config is defined. This field may be empty for errors that are not associated with a specific config file. + type: string + type: object + type: array + required: + - code + - errorMessage + type: object + type: array + lastTransitionTime: + description: Last time the condition transitioned from one status to another. + format: date-time + nullable: true + type: string + lastUpdateTime: + description: The last time this condition was updated. + format: date-time + nullable: true + type: string + message: + description: A human readable message indicating details about the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: status of the condition, one of True, False, Unknown. + type: string + type: + description: type of RootSync condition. + type: string + required: + - status + - type + type: object + type: array + lastSyncedCommit: + description: lastSyncedCommit describes the most recent hash that is successfully synced. It can be a git commit hash, or an OCI image digest. + type: string + observedGeneration: + description: observedGeneration is the most recent generation observed for the sync resource. It corresponds to the it's generation, which is updated on mutation by the API Server. + format: int64 + type: integer + reconciler: + description: reconciler is the name of the reconciler process which corresponds to the sync resource. + type: string + rendering: + description: rendering contains fields describing the status of rendering resources from the source of truth. + properties: + commit: + description: hash of the source of truth that is rendered. It can be a git commit hash, or an OCI image digest. + type: string errorSummary: - description: errorSummary summarizes the errors in the `errors` field when the condition type is Reconciling or Stalled, and summarizes the errors referred in the `errorsSourceRefs` field when the condition type is Syncing. + description: errorSummary summarizes the errors encountered during the process of rendering the source of truth. properties: errorCountAfterTruncation: description: errorCountAfterTruncation tracks the number of errors in the `Errors` field. @@ -295,7 +397,7 @@ spec: type: boolean type: object errors: - description: errors is a list of errors that occurred in the process. This field is used to track errors when the condition type is Reconciling or Stalled. When the condition type is Syncing, the `errorSourceRefs` field is used instead to avoid duplicating errors between `status.conditions` and `status.rendering|source|sync`. + description: errors is a list of any errors that occurred while rendering the source of truth. items: description: ConfigSyncError represents an error that occurs while parsing, applying, or remediating a resource. properties: @@ -320,9 +422,9 @@ spec: version: type: string required: - - group - - kind - - version + - group + - kind + - version type: object name: description: name is the name of the affected K8S resource. This field may be empty for errors that are not associated with a specific resource. @@ -336,622 +438,166 @@ spec: type: object type: array required: - - code - - errorMessage + - code + - errorMessage type: object type: array - lastTransitionTime: - description: Last time the condition transitioned from one status to another. - format: date-time - nullable: true - type: string - lastUpdateTime: - description: The last time this condition was updated. + gitStatus: + description: gitStatus contains fields describing the status of a Git source of truth. + properties: + branch: + description: branch is the git branch being fetched + type: string + dir: + description: 'dir is the path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository' + type: string + repo: + description: repo is the git repository URL being synced from. + type: string + revision: + description: revision is the git revision (tag, ref, or commit) being fetched. + type: string + required: + - branch + - dir + - repo + - revision + type: object + lastUpdate: + description: lastUpdate is the timestamp of when this status was last updated by a reconciler. format: date-time nullable: true type: string message: - description: A human readable message indicating details about the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - status: - description: status of the condition, one of True, False, Unknown. + description: Human-readable message describes details about the rendering status. type: string - type: - description: type of RootSync condition. - type: string - required: - - status - - type - type: object - type: array - lastSyncedCommit: - description: lastSyncedCommit describes the most recent hash that is successfully synced. It can be a git commit hash, or an OCI image digest. - type: string - observedGeneration: - description: observedGeneration is the most recent generation observed for the sync resource. It corresponds to the it's generation, which is updated on mutation by the API Server. - format: int64 - type: integer - reconciler: - description: reconciler is the name of the reconciler process which corresponds to the sync resource. - type: string - rendering: - description: rendering contains fields describing the status of rendering resources from the source of truth. - properties: - commit: - description: hash of the source of truth that is rendered. It can be a git commit hash, or an OCI image digest. - type: string - errorSummary: - description: errorSummary summarizes the errors encountered during the process of rendering the source of truth. - properties: - errorCountAfterTruncation: - description: errorCountAfterTruncation tracks the number of errors in the `Errors` field. - type: integer - totalCount: - description: totalCount tracks the total number of errors. - type: integer - truncated: - description: truncated indicates whether the `Errors` field includes all the errors. If `true`, the `Errors` field does not includes all the errors. If `false`, the `Errors` field includes all the errors. The size limit of a RootSync/RepoSync object is 2MiB. The status update would fail with the `ResourceExhausted` rpc error if there are too many errors. - type: boolean - type: object - errors: - description: errors is a list of any errors that occurred while rendering the source of truth. - items: - description: ConfigSyncError represents an error that occurs while parsing, applying, or remediating a resource. + ociStatus: + description: ociStatus contains fields describing the status of an OCI source of truth. properties: - code: - description: code is the error code of this particular error. Error codes are numeric strings, like "1012". + dir: + description: 'dir is the absolute path of the directory that contains the local resources. Default: the root directory of the repository' type: string - errorMessage: - description: errorMessage describes the error that occurred. + image: + description: image is the OCI image repository URL for the package to sync from. type: string - errorResources: - description: errorResources describes the resources associated with this error, if any. - items: - description: ResourceRef contains the identification bits of a single managed resource. - properties: - gvk: - description: gvk is the GroupVersionKind of the affected K8S resource. This field may be empty for errors that are not associated with a specific resource. - properties: - group: - type: string - kind: - type: string - version: - type: string - required: - - group - - kind - - version - type: object - name: - description: name is the name of the affected K8S resource. This field may be empty for errors that are not associated with a specific resource. - type: string - namespace: - description: namespace is the namespace of the affected K8S resource. This field may be empty for errors that are associated with a cluster-scoped resource or not associated with a specific resource. - type: string - sourcePath: - description: sourcePath is the repo-relative slash path to where the config is defined. This field may be empty for errors that are not associated with a specific config file. - type: string - type: object - type: array required: - - code - - errorMessage + - dir + - image type: object - type: array - gitStatus: - description: gitStatus contains fields describing the status of a Git source of truth. - properties: - branch: - description: branch is the git branch being fetched - type: string - dir: - description: 'dir is the path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository' - type: string - repo: - description: repo is the git repository URL being synced from. - type: string - revision: - description: revision is the git revision (tag, ref, or commit) being fetched. - type: string - required: - - branch - - dir - - repo - - revision - type: object - lastUpdate: - description: lastUpdate is the timestamp of when this status was last updated by a reconciler. - format: date-time - nullable: true - type: string - message: - description: Human-readable message describes details about the rendering status. - type: string - ociStatus: - description: ociStatus contains fields describing the status of an OCI source of truth. - properties: - dir: - description: 'dir is the absolute path of the directory that contains the local resources. Default: the root directory of the repository' - type: string - image: - description: image is the OCI image repository URL for the package to sync from. - type: string - required: - - dir - - image - type: object - type: object - source: - description: source contains fields describing the status of a *Sync's source of truth. - properties: - commit: - description: hash of the source of truth that is rendered. It can be a git commit hash, or an OCI image digest. - type: string - errorSummary: - description: errorSummary summarizes the errors encountered during the process of reading from the source of truth. - properties: - errorCountAfterTruncation: - description: errorCountAfterTruncation tracks the number of errors in the `Errors` field. - type: integer - totalCount: - description: totalCount tracks the total number of errors. - type: integer - truncated: - description: truncated indicates whether the `Errors` field includes all the errors. If `true`, the `Errors` field does not includes all the errors. If `false`, the `Errors` field includes all the errors. The size limit of a RootSync/RepoSync object is 2MiB. The status update would fail with the `ResourceExhausted` rpc error if there are too many errors. - type: boolean - type: object - errors: - description: errors is a list of any errors that occurred while reading from the source of truth. - items: - description: ConfigSyncError represents an error that occurs while parsing, applying, or remediating a resource. + type: object + source: + description: source contains fields describing the status of a *Sync's source of truth. + properties: + commit: + description: hash of the source of truth that is rendered. It can be a git commit hash, or an OCI image digest. + type: string + errorSummary: + description: errorSummary summarizes the errors encountered during the process of reading from the source of truth. properties: - code: - description: code is the error code of this particular error. Error codes are numeric strings, like "1012". - type: string - errorMessage: - description: errorMessage describes the error that occurred. - type: string - errorResources: - description: errorResources describes the resources associated with this error, if any. - items: - description: ResourceRef contains the identification bits of a single managed resource. - properties: - gvk: - description: gvk is the GroupVersionKind of the affected K8S resource. This field may be empty for errors that are not associated with a specific resource. - properties: - group: - type: string - kind: - type: string - version: - type: string - required: - - group - - kind - - version - type: object - name: - description: name is the name of the affected K8S resource. This field may be empty for errors that are not associated with a specific resource. - type: string - namespace: - description: namespace is the namespace of the affected K8S resource. This field may be empty for errors that are associated with a cluster-scoped resource or not associated with a specific resource. - type: string - sourcePath: - description: sourcePath is the repo-relative slash path to where the config is defined. This field may be empty for errors that are not associated with a specific config file. - type: string - type: object - type: array - required: - - code - - errorMessage + errorCountAfterTruncation: + description: errorCountAfterTruncation tracks the number of errors in the `Errors` field. + type: integer + totalCount: + description: totalCount tracks the total number of errors. + type: integer + truncated: + description: truncated indicates whether the `Errors` field includes all the errors. If `true`, the `Errors` field does not includes all the errors. If `false`, the `Errors` field includes all the errors. The size limit of a RootSync/RepoSync object is 2MiB. The status update would fail with the `ResourceExhausted` rpc error if there are too many errors. + type: boolean type: object - type: array - gitStatus: - description: gitStatus contains fields describing the status of a Git source of truth. - properties: - branch: - description: branch is the git branch being fetched - type: string - dir: - description: 'dir is the path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository' - type: string - repo: - description: repo is the git repository URL being synced from. - type: string - revision: - description: revision is the git revision (tag, ref, or commit) being fetched. - type: string - required: - - branch - - dir - - repo - - revision - type: object - lastUpdate: - description: lastUpdate is the timestamp of when this status was last updated by a reconciler. - format: date-time - nullable: true - type: string - ociStatus: - description: ociStatus contains fields describing the status of an OCI source of truth. - properties: - dir: - description: 'dir is the absolute path of the directory that contains the local resources. Default: the root directory of the repository' - type: string - image: - description: image is the OCI image repository URL for the package to sync from. - type: string - required: - - dir - - image - type: object - type: object - sync: - description: sync contains fields describing the status of syncing resources from the source of truth to the cluster. - properties: - commit: - description: hash of the source of truth that is rendered. It can be a git commit hash, or an OCI image digest. - type: string - errorSummary: - description: errorSummary summarizes the errors encountered during the process of syncing the resources. - properties: - errorCountAfterTruncation: - description: errorCountAfterTruncation tracks the number of errors in the `Errors` field. - type: integer - totalCount: - description: totalCount tracks the total number of errors. - type: integer - truncated: - description: truncated indicates whether the `Errors` field includes all the errors. If `true`, the `Errors` field does not includes all the errors. If `false`, the `Errors` field includes all the errors. The size limit of a RootSync/RepoSync object is 2MiB. The status update would fail with the `ResourceExhausted` rpc error if there are too many errors. - type: boolean - type: object - errors: - description: errors is a list of any errors that occurred while applying the resources from the change indicated by Commit. - items: - description: ConfigSyncError represents an error that occurs while parsing, applying, or remediating a resource. + errors: + description: errors is a list of any errors that occurred while reading from the source of truth. + items: + description: ConfigSyncError represents an error that occurs while parsing, applying, or remediating a resource. + properties: + code: + description: code is the error code of this particular error. Error codes are numeric strings, like "1012". + type: string + errorMessage: + description: errorMessage describes the error that occurred. + type: string + errorResources: + description: errorResources describes the resources associated with this error, if any. + items: + description: ResourceRef contains the identification bits of a single managed resource. + properties: + gvk: + description: gvk is the GroupVersionKind of the affected K8S resource. This field may be empty for errors that are not associated with a specific resource. + properties: + group: + type: string + kind: + type: string + version: + type: string + required: + - group + - kind + - version + type: object + name: + description: name is the name of the affected K8S resource. This field may be empty for errors that are not associated with a specific resource. + type: string + namespace: + description: namespace is the namespace of the affected K8S resource. This field may be empty for errors that are associated with a cluster-scoped resource or not associated with a specific resource. + type: string + sourcePath: + description: sourcePath is the repo-relative slash path to where the config is defined. This field may be empty for errors that are not associated with a specific config file. + type: string + type: object + type: array + required: + - code + - errorMessage + type: object + type: array + gitStatus: + description: gitStatus contains fields describing the status of a Git source of truth. properties: - code: - description: code is the error code of this particular error. Error codes are numeric strings, like "1012". + branch: + description: branch is the git branch being fetched type: string - errorMessage: - description: errorMessage describes the error that occurred. + dir: + description: 'dir is the path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository' + type: string + repo: + description: repo is the git repository URL being synced from. + type: string + revision: + description: revision is the git revision (tag, ref, or commit) being fetched. type: string - errorResources: - description: errorResources describes the resources associated with this error, if any. - items: - description: ResourceRef contains the identification bits of a single managed resource. - properties: - gvk: - description: gvk is the GroupVersionKind of the affected K8S resource. This field may be empty for errors that are not associated with a specific resource. - properties: - group: - type: string - kind: - type: string - version: - type: string - required: - - group - - kind - - version - type: object - name: - description: name is the name of the affected K8S resource. This field may be empty for errors that are not associated with a specific resource. - type: string - namespace: - description: namespace is the namespace of the affected K8S resource. This field may be empty for errors that are associated with a cluster-scoped resource or not associated with a specific resource. - type: string - sourcePath: - description: sourcePath is the repo-relative slash path to where the config is defined. This field may be empty for errors that are not associated with a specific config file. - type: string - type: object - type: array required: - - code - - errorMessage + - branch + - dir + - repo + - revision type: object - type: array - gitStatus: - description: gitStatus contains fields describing the status of a Git source of truth. - properties: - branch: - description: branch is the git branch being fetched - type: string - dir: - description: 'dir is the path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository' - type: string - repo: - description: repo is the git repository URL being synced from. - type: string - revision: - description: revision is the git revision (tag, ref, or commit) being fetched. - type: string - required: - - branch - - dir - - repo - - revision - type: object - lastUpdate: - description: lastUpdate is the timestamp of when this status was last updated by a reconciler. - format: date-time - nullable: true - type: string - ociStatus: - description: ociStatus contains fields describing the status of an OCI source of truth. - properties: - dir: - description: 'dir is the absolute path of the directory that contains the local resources. Default: the root directory of the repository' - type: string - image: - description: image is the OCI image repository URL for the package to sync from. - type: string - required: - - dir - - image - type: object - type: object - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .status.rendering.commit - name: RenderingCommit - type: string - - jsonPath: .status.rendering.errorSummary.totalCount - name: RenderingErrorCount - type: integer - - jsonPath: .status.source.commit - name: SourceCommit - type: string - - jsonPath: .status.source.errorSummary.totalCount - name: SourceErrorCount - type: integer - - jsonPath: .status.sync.commit - name: SyncCommit - type: string - - jsonPath: .status.sync.errorSummary.totalCount - name: SyncErrorCount - type: integer - name: v1beta1 - schema: - openAPIV3Schema: - description: RootSync is the Schema for the rootsyncs API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: RootSyncSpec defines the desired state of RootSync - properties: - git: - description: git contains configuration specific to importing resources from a Git repo. - properties: - auth: - description: auth is the type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, or none. The validation of this is case-sensitive. Required. - enum: - - ssh - - cookiefile - - gcenode - - gcpserviceaccount - - token - - none - type: string - branch: - description: 'branch is the git branch to checkout. Default: "master".' - type: string - dir: - description: 'dir is the absolute path of the directory that contains the local resources. Default: the root directory of the repo.' - type: string - gcpServiceAccountEmail: - description: 'gcpServiceAccountEmail specifies the GCP service account used to annotate the RootSync/RepoSync controller Kubernetes Service Account. Note: The field is used when secretType: gcpServiceAccount.' - type: string - noSSLVerify: - description: 'noSSLVerify specifies whether to enable or disable the SSL certificate verification. Default: false. If noSSLVerify is set to true, it tells Git to skip the SSL certificate verification.' - type: boolean - period: - description: 'period is the time duration between consecutive syncs. Default: 15s. Note to developers that customers specify this value using string (https://golang.org/pkg/time/#Duration.String) like "3s" in their Custom Resource YAML. However, time.Duration is at a nanosecond granularity, and it is easy to introduce a bug where it looks like the code is dealing with seconds but its actually nanoseconds (or vice versa).' - type: string - proxy: - description: proxy specifies an HTTPS proxy for accessing the Git repo. Only has an effect when secretType is one of ("cookiefile", "none", "token"). When secretType is "cookiefile" or "token", if your HTTPS proxy URL contains sensitive information such as a username or password and you need to hide the sensitive information, you can leave this field empty and add the URL for the HTTPS proxy into the same Secret used for the Git credential via `kubectl create secret ... --from-literal=https_proxy=HTTPS_PROXY_URL`. Optional. - type: string - repo: - description: repo is the git repository URL to sync from. Required. - type: string - revision: - description: 'revision is the git revision (tag, ref or commit) to fetch. Default: "HEAD".' - type: string - secretRef: - description: secretRef is the secret used to connect to the Git source of truth. - properties: - name: - description: name represents the secret name. - type: string - type: object - required: - - auth - - repo - type: object - helm: - description: helm contains configuration specific to importing resources from a Helm repo. - properties: - auth: - description: auth specifies the type to authenticate to the Helm repository. Must be one of secret, gcpserviceaccount, or none. The validation of this is case-sensitive. Required. - enum: - - none - - gcpserviceaccount - - token - type: string - chart: - description: chart is a Helm chart name. Required. - type: string - gcpServiceAccountEmail: - description: 'gcpServiceAccountEmail specifies the GCP service account used to annotate the RootSync/RepoSync controller Kubernetes Service Account. Note: The field is used when spec.helm.auth: gcpserviceaccount.' - type: string - includeCRDs: - description: 'includeCRDs specifies if Helm template should also generate CustomResourceDefinitions. If IncludeCRDs is set to false, no CustomeResourceDefinition will be generated. Default: false.' - type: boolean - namespace: - description: namespace sets the target namespace for a release - type: string - period: - description: 'period is the time duration between consecutive syncs. Default: 15s. Use string to specify this field value, like "30s", "5m". More details about valid inputs: https://pkg.go.dev/time#ParseDuration. Chart will not be re-synced if version is specified and it is not "latest"' - type: string - releaseName: - description: releaseName is the name of the Helm release. - type: string - repo: - description: repo is the helm repository URL to sync from. Required. - type: string - secretRef: - description: secretRef holds the authentication secret for accessing the Helm repository. - properties: - name: - description: name represents the secret name. - type: string - type: object - values: - description: values to use instead of default values that accompany the chart - type: object - valuesFiles: - description: valuesFiles is a list of path to Helm value files. Values files must be in the same repository with the Helm chart. And the paths here are absolute path from the root directory of the repository - items: + lastUpdate: + description: lastUpdate is the timestamp of when this status was last updated by a reconciler. + format: date-time + nullable: true type: string - type: array - version: - description: version is the chart version. If this is not specified, the latest version is used - type: string - required: - - auth - - chart - - repo - type: object - oci: - description: oci contains configuration specific to importing resources from an OCI package. - properties: - auth: - description: auth is the type of secret configured for access to the OCI package. Must be one of gcenode, gcpserviceaccount, or none. The validation of this is case-sensitive. Required. - enum: - - gcenode - - gcpserviceaccount - - none - type: string - dir: - description: 'dir is the absolute path of the directory that contains the local resources. Default: the root directory of the image.' - type: string - gcpServiceAccountEmail: - description: 'gcpServiceAccountEmail specifies the GCP service account used to annotate the RootSync/RepoSync controller Kubernetes Service Account. Note: The field is used when secretType: gcpServiceAccount.' - type: string - image: - description: 'image is the OCI image repository URL for the package to sync from. e.g. `LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME`. The image can be pulled by TAG or by DIGEST if it is specified in PACKAGE_NAME. - Pull by tag: `LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME:TAG`. - Pull by digest: `LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME@sha256:DIGEST`. If neither TAG nor DIGEST is specified, it pulls with the `latest` tag by default. Required' - type: string - period: - description: 'period is the time duration between consecutive syncs. Default: 15s. Note to developers that customers specify this value using string (https://golang.org/pkg/time/#Duration.String) like "3s" in their Custom Resource YAML. However, time.Duration is at a nanosecond granularity, and it is easy to introduce a bug where it looks like the code is dealing with seconds but its actually nanoseconds (or vice versa).' - type: string - required: - - auth - - image - type: object - override: - description: override allows to override the settings for a root reconciler. - nullable: true - properties: - enableShellInRendering: - description: 'enableShellInRendering specifies whether to enable or disable the shell access in rendering process. Default: false. Kustomize remote bases requires shell access. Setting this field to true will enable shell in the rendering process and support pulling remote bases from public repositories.' - type: boolean - gitSyncDepth: - description: gitSyncDepth allows one to override the number of git commits to fetch. Must be no less than 0. Config Sync would do a full clone if this field is 0, and a shallow clone if this field is greater than 0. If this field is not provided, Config Sync would configure it automatically. - format: int64 - minimum: 0 - type: integer - reconcileTimeout: - description: 'reconcileTimeout allows one to override the threshold for how long to wait for all resources to reconcile before giving up. Default: 5m. Use string to specify this field value, like "30s", "5m". More details about valid inputs: https://pkg.go.dev/time#ParseDuration. Recommended reconcileTimeout range is from "10s" to "1h".' - type: string - resources: - description: resources allow one to override the resource requirements for the containers in a reconciler pod. - items: - description: ContainerResourcesSpec allows to override the resource requirements for a container + ociStatus: + description: ociStatus contains fields describing the status of an OCI source of truth. properties: - containerName: - description: containerName specifies the name of a container whose resource requirements will be overridden. Must be "reconciler", "git-sync", "hydration-controller", or "oci-sync". - pattern: ^(reconciler|git-sync|hydration-controller|oci-sync)$ + dir: + description: 'dir is the absolute path of the directory that contains the local resources. Default: the root directory of the repository' type: string - cpuLimit: - anyOf: - - type: integer - - type: string - description: cpuLimit allows one to override the CPU limit of a container - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - cpuRequest: - anyOf: - - type: integer - - type: string - description: cpuRequest allows one to override the CPU request of a container - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - memoryLimit: - anyOf: - - type: integer - - type: string - description: memoryLimit allows one to override the memory limit of a container - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - memoryRequest: - anyOf: - - type: integer - - type: string - description: memoryRequest allows one to override the memory request of a container - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true + image: + description: image is the OCI image repository URL for the package to sync from. + type: string + required: + - dir + - image type: object - type: array - statusMode: - description: statusMode controls whether the actuation status such as apply failed or not should be embedded into the ResourceGroup object. Must be "enabled" or "disabled". If set to "enabled", it increases the size of the ResourceGroup object. - pattern: ^(enabled|disabled|)$ - type: string - type: object - sourceFormat: - description: "sourceFormat specifies how the repository is formatted. See documentation for specifics of what these options do. \n Must be one of hierarchy, unstructured. Optional. Set to hierarchy if not specified. \n The validation of this is case-sensitive." - pattern: ^(hierarchy|unstructured|)$ - type: string - sourceType: - default: git - description: "sourceType specifies the type of the source of truth. \n Must be one of git, oci, helm. Optional. Set to git if not specified." - pattern: ^(git|oci|helm)$ - type: string - type: object - status: - description: RootSyncStatus defines the observed state of RootSync - properties: - conditions: - description: conditions represents the latest available observations of the RootSync's current state. - items: - description: RootSyncCondition describes the state of a RootSync at a certain point. + type: object + sync: + description: sync contains fields describing the status of syncing resources from the source of truth to the cluster. properties: commit: - description: hash of the source of truth. It can be a git commit hash, or an OCI image digest. + description: hash of the source of truth that is rendered. It can be a git commit hash, or an OCI image digest. type: string - errorSourceRefs: - description: errorSourceRefs track the origination(s) of errors when the condition type is Syncing. - items: - description: ErrorSource indicates the origination of errors. - type: string - type: array errorSummary: - description: errorSummary summarizes the errors in the `errors` field when the condition type is Reconciling or Stalled, and summarizes the errors referred in the `errorsSourceRefs` field when the condition type is Syncing. + description: errorSummary summarizes the errors encountered during the process of syncing the resources. properties: errorCountAfterTruncation: description: errorCountAfterTruncation tracks the number of errors in the `Errors` field. @@ -964,7 +610,7 @@ spec: type: boolean type: object errors: - description: errors is a list of errors that occurred in the process. This field is used to track errors when the condition type is Reconciling or Stalled. When the condition type is Syncing, the `errorSourceRefs` field is used instead to avoid duplicating errors between `status.conditions` and `status.rendering|source|sync`. + description: errors is a list of any errors that occurred while applying the resources from the change indicated by Commit. items: description: ConfigSyncError represents an error that occurs while parsing, applying, or remediating a resource. properties: @@ -989,9 +635,9 @@ spec: version: type: string required: - - group - - kind - - version + - group + - kind + - version type: object name: description: name is the name of the affected K8S resource. This field may be empty for errors that are not associated with a specific resource. @@ -1005,368 +651,722 @@ spec: type: object type: array required: - - code - - errorMessage + - code + - errorMessage type: object type: array - lastTransitionTime: - description: Last time the condition transitioned from one status to another. + gitStatus: + description: gitStatus contains fields describing the status of a Git source of truth. + properties: + branch: + description: branch is the git branch being fetched + type: string + dir: + description: 'dir is the path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository' + type: string + repo: + description: repo is the git repository URL being synced from. + type: string + revision: + description: revision is the git revision (tag, ref, or commit) being fetched. + type: string + required: + - branch + - dir + - repo + - revision + type: object + lastUpdate: + description: lastUpdate is the timestamp of when this status was last updated by a reconciler. format: date-time nullable: true type: string - lastUpdateTime: - description: The last time this condition was updated. - format: date-time - nullable: true + ociStatus: + description: ociStatus contains fields describing the status of an OCI source of truth. + properties: + dir: + description: 'dir is the absolute path of the directory that contains the local resources. Default: the root directory of the repository' + type: string + image: + description: image is the OCI image repository URL for the package to sync from. + type: string + required: + - dir + - image + type: object + type: object + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .status.rendering.commit + name: RenderingCommit + type: string + - jsonPath: .status.rendering.errorSummary.totalCount + name: RenderingErrorCount + type: integer + - jsonPath: .status.source.commit + name: SourceCommit + type: string + - jsonPath: .status.source.errorSummary.totalCount + name: SourceErrorCount + type: integer + - jsonPath: .status.sync.commit + name: SyncCommit + type: string + - jsonPath: .status.sync.errorSummary.totalCount + name: SyncErrorCount + type: integer + name: v1beta1 + schema: + openAPIV3Schema: + description: RootSync is the Schema for the rootsyncs API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: RootSyncSpec defines the desired state of RootSync + properties: + git: + description: git contains configuration specific to importing resources from a Git repo. + properties: + auth: + description: auth is the type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, or none. The validation of this is case-sensitive. Required. + enum: + - ssh + - cookiefile + - gcenode + - gcpserviceaccount + - token + - none type: string - message: - description: A human readable message indicating details about the transition. + branch: + description: 'branch is the git branch to checkout. Default: "master".' type: string - reason: - description: The reason for the condition's last transition. + dir: + description: 'dir is the absolute path of the directory that contains the local resources. Default: the root directory of the repo.' type: string - status: - description: status of the condition, one of True, False, Unknown. + gcpServiceAccountEmail: + description: 'gcpServiceAccountEmail specifies the GCP service account used to annotate the RootSync/RepoSync controller Kubernetes Service Account. Note: The field is used when secretType: gcpServiceAccount.' type: string - type: - description: type of RootSync condition. + noSSLVerify: + description: 'noSSLVerify specifies whether to enable or disable the SSL certificate verification. Default: false. If noSSLVerify is set to true, it tells Git to skip the SSL certificate verification.' + type: boolean + period: + description: 'period is the time duration between consecutive syncs. Default: 15s. Note to developers that customers specify this value using string (https://golang.org/pkg/time/#Duration.String) like "3s" in their Custom Resource YAML. However, time.Duration is at a nanosecond granularity, and it is easy to introduce a bug where it looks like the code is dealing with seconds but its actually nanoseconds (or vice versa).' type: string - required: - - status - - type - type: object - type: array - lastSyncedCommit: - description: lastSyncedCommit describes the most recent hash that is successfully synced. It can be a git commit hash, or an OCI image digest. - type: string - observedGeneration: - description: observedGeneration is the most recent generation observed for the sync resource. It corresponds to the it's generation, which is updated on mutation by the API Server. - format: int64 - type: integer - reconciler: - description: reconciler is the name of the reconciler process which corresponds to the sync resource. - type: string - rendering: - description: rendering contains fields describing the status of rendering resources from the source of truth. - properties: - commit: - description: hash of the source of truth that is rendered. It can be a git commit hash, or an OCI image digest. - type: string - errorSummary: - description: errorSummary summarizes the errors encountered during the process of rendering the source of truth. - properties: - errorCountAfterTruncation: - description: errorCountAfterTruncation tracks the number of errors in the `Errors` field. - type: integer - totalCount: - description: totalCount tracks the total number of errors. - type: integer - truncated: - description: truncated indicates whether the `Errors` field includes all the errors. If `true`, the `Errors` field does not includes all the errors. If `false`, the `Errors` field includes all the errors. The size limit of a RootSync/RepoSync object is 2MiB. The status update would fail with the `ResourceExhausted` rpc error if there are too many errors. - type: boolean - type: object - errors: - description: errors is a list of any errors that occurred while rendering the source of truth. - items: - description: ConfigSyncError represents an error that occurs while parsing, applying, or remediating a resource. + proxy: + description: proxy specifies an HTTPS proxy for accessing the Git repo. Only has an effect when secretType is one of ("cookiefile", "none", "token"). When secretType is "cookiefile" or "token", if your HTTPS proxy URL contains sensitive information such as a username or password and you need to hide the sensitive information, you can leave this field empty and add the URL for the HTTPS proxy into the same Secret used for the Git credential via `kubectl create secret ... --from-literal=https_proxy=HTTPS_PROXY_URL`. Optional. + type: string + repo: + description: repo is the git repository URL to sync from. Required. + type: string + revision: + description: 'revision is the git revision (tag, ref or commit) to fetch. Default: "HEAD".' + type: string + secretRef: + description: secretRef is the secret used to connect to the Git source of truth. properties: - code: - description: code is the error code of this particular error. Error codes are numeric strings, like "1012". + name: + description: name represents the secret name. type: string - errorMessage: - description: errorMessage describes the error that occurred. - type: string - errorResources: - description: errorResources describes the resources associated with this error, if any. - items: - description: ResourceRef contains the identification bits of a single managed resource. - properties: - gvk: - description: gvk is the GroupVersionKind of the affected K8S resource. This field may be empty for errors that are not associated with a specific resource. - properties: - group: - type: string - kind: - type: string - version: - type: string - required: - - group - - kind - - version - type: object - name: - description: name is the name of the affected K8S resource. This field may be empty for errors that are not associated with a specific resource. - type: string - namespace: - description: namespace is the namespace of the affected K8S resource. This field may be empty for errors that are associated with a cluster-scoped resource or not associated with a specific resource. - type: string - sourcePath: - description: sourcePath is the repo-relative slash path to where the config is defined. This field may be empty for errors that are not associated with a specific config file. - type: string - type: object - type: array - required: - - code - - errorMessage type: object - type: array - gitStatus: - description: gitStatus contains fields describing the status of a Git source of truth. - properties: - branch: - description: branch is the git branch being fetched - type: string - dir: - description: 'dir is the path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository' - type: string - repo: - description: repo is the git repository URL being synced from. - type: string - revision: - description: revision is the git revision (tag, ref, or commit) being fetched. - type: string - required: - - branch - - dir + required: + - auth - repo - - revision - type: object - lastUpdate: - description: lastUpdate is the timestamp of when this status was last updated by a reconciler. - format: date-time - nullable: true - type: string - message: - description: Human-readable message describes details about the rendering status. - type: string - ociStatus: - description: ociStatus contains fields describing the status of an OCI source of truth. - properties: - dir: - description: 'dir is the absolute path of the directory that contains the local resources. Default: the root directory of the repository' - type: string - image: - description: image is the OCI image repository URL for the package to sync from. + type: object + helm: + description: helm contains configuration specific to importing resources from a Helm repo. + properties: + auth: + description: auth specifies the type to authenticate to the Helm repository. Must be one of secret, gcpserviceaccount, or none. The validation of this is case-sensitive. Required. + enum: + - none + - gcpserviceaccount + - token + type: string + chart: + description: chart is a Helm chart name. Required. + type: string + gcpServiceAccountEmail: + description: 'gcpServiceAccountEmail specifies the GCP service account used to annotate the RootSync/RepoSync controller Kubernetes Service Account. Note: The field is used when spec.helm.auth: gcpserviceaccount.' + type: string + includeCRDs: + description: 'includeCRDs specifies if Helm template should also generate CustomResourceDefinitions. If IncludeCRDs is set to false, no CustomeResourceDefinition will be generated. Default: false.' + type: boolean + namespace: + description: namespace sets the target namespace for a release + type: string + period: + description: 'period is the time duration between consecutive syncs. Default: 15s. Use string to specify this field value, like "30s", "5m". More details about valid inputs: https://pkg.go.dev/time#ParseDuration. Chart will not be re-synced if version is specified and it is not "latest"' + type: string + releaseName: + description: releaseName is the name of the Helm release. + type: string + repo: + description: repo is the helm repository URL to sync from. Required. + type: string + secretRef: + description: secretRef holds the authentication secret for accessing the Helm repository. + properties: + name: + description: name represents the secret name. + type: string + type: object + values: + description: values to use instead of default values that accompany the chart + type: object + valuesFiles: + description: valuesFiles is a list of path to Helm value files. Values files must be in the same repository with the Helm chart. And the paths here are absolute path from the root directory of the repository + items: type: string - required: - - dir + type: array + version: + description: version is the chart version. If this is not specified, the latest version is used + type: string + required: + - auth + - chart + - repo + type: object + oci: + description: oci contains configuration specific to importing resources from an OCI package. + properties: + auth: + description: auth is the type of secret configured for access to the OCI package. Must be one of gcenode, gcpserviceaccount, or none. The validation of this is case-sensitive. Required. + enum: + - gcenode + - gcpserviceaccount + - none + type: string + dir: + description: 'dir is the absolute path of the directory that contains the local resources. Default: the root directory of the image.' + type: string + gcpServiceAccountEmail: + description: 'gcpServiceAccountEmail specifies the GCP service account used to annotate the RootSync/RepoSync controller Kubernetes Service Account. Note: The field is used when secretType: gcpServiceAccount.' + type: string + image: + description: 'image is the OCI image repository URL for the package to sync from. e.g. `LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME`. The image can be pulled by TAG or by DIGEST if it is specified in PACKAGE_NAME. - Pull by tag: `LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME:TAG`. - Pull by digest: `LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME@sha256:DIGEST`. If neither TAG nor DIGEST is specified, it pulls with the `latest` tag by default. Required' + type: string + period: + description: 'period is the time duration between consecutive syncs. Default: 15s. Note to developers that customers specify this value using string (https://golang.org/pkg/time/#Duration.String) like "3s" in their Custom Resource YAML. However, time.Duration is at a nanosecond granularity, and it is easy to introduce a bug where it looks like the code is dealing with seconds but its actually nanoseconds (or vice versa).' + type: string + required: + - auth - image - type: object - type: object - source: - description: source contains fields describing the status of a *Sync's source of truth. - properties: - commit: - description: hash of the source of truth that is rendered. It can be a git commit hash, or an OCI image digest. - type: string - errorSummary: - description: errorSummary summarizes the errors encountered during the process of reading from the source of truth. + type: object + override: + description: override allows to override the settings for a root reconciler. + nullable: true + properties: + enableShellInRendering: + description: 'enableShellInRendering specifies whether to enable or disable the shell access in rendering process. Default: false. Kustomize remote bases requires shell access. Setting this field to true will enable shell in the rendering process and support pulling remote bases from public repositories.' + type: boolean + gitSyncDepth: + description: gitSyncDepth allows one to override the number of git commits to fetch. Must be no less than 0. Config Sync would do a full clone if this field is 0, and a shallow clone if this field is greater than 0. If this field is not provided, Config Sync would configure it automatically. + format: int64 + minimum: 0 + type: integer + reconcileTimeout: + description: 'reconcileTimeout allows one to override the threshold for how long to wait for all resources to reconcile before giving up. Default: 5m. Use string to specify this field value, like "30s", "5m". More details about valid inputs: https://pkg.go.dev/time#ParseDuration. Recommended reconcileTimeout range is from "10s" to "1h".' + type: string + resources: + description: resources allow one to override the resource requirements for the containers in a reconciler pod. + items: + description: ContainerResourcesSpec allows to override the resource requirements for a container + properties: + containerName: + description: containerName specifies the name of a container whose resource requirements will be overridden. Must be "reconciler", "git-sync", "hydration-controller", or "oci-sync". + pattern: ^(reconciler|git-sync|hydration-controller|oci-sync)$ + type: string + cpuLimit: + anyOf: + - type: integer + - type: string + description: cpuLimit allows one to override the CPU limit of a container + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + cpuRequest: + anyOf: + - type: integer + - type: string + description: cpuRequest allows one to override the CPU request of a container + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + memoryLimit: + anyOf: + - type: integer + - type: string + description: memoryLimit allows one to override the memory limit of a container + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + memoryRequest: + anyOf: + - type: integer + - type: string + description: memoryRequest allows one to override the memory request of a container + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + type: array + statusMode: + description: statusMode controls whether the actuation status such as apply failed or not should be embedded into the ResourceGroup object. Must be "enabled" or "disabled". If set to "enabled", it increases the size of the ResourceGroup object. + pattern: ^(enabled|disabled|)$ + type: string + type: object + sourceFormat: + description: "sourceFormat specifies how the repository is formatted. See documentation for specifics of what these options do. \n Must be one of hierarchy, unstructured. Optional. Set to hierarchy if not specified. \n The validation of this is case-sensitive." + pattern: ^(hierarchy|unstructured|)$ + type: string + sourceType: + default: git + description: "sourceType specifies the type of the source of truth. \n Must be one of git, oci, helm. Optional. Set to git if not specified." + pattern: ^(git|oci|helm)$ + type: string + type: object + status: + description: RootSyncStatus defines the observed state of RootSync + properties: + conditions: + description: conditions represents the latest available observations of the RootSync's current state. + items: + description: RootSyncCondition describes the state of a RootSync at a certain point. properties: - errorCountAfterTruncation: - description: errorCountAfterTruncation tracks the number of errors in the `Errors` field. - type: integer - totalCount: - description: totalCount tracks the total number of errors. - type: integer - truncated: - description: truncated indicates whether the `Errors` field includes all the errors. If `true`, the `Errors` field does not includes all the errors. If `false`, the `Errors` field includes all the errors. The size limit of a RootSync/RepoSync object is 2MiB. The status update would fail with the `ResourceExhausted` rpc error if there are too many errors. - type: boolean - type: object - errors: - description: errors is a list of any errors that occurred while reading from the source of truth. - items: - description: ConfigSyncError represents an error that occurs while parsing, applying, or remediating a resource. - properties: - code: - description: code is the error code of this particular error. Error codes are numeric strings, like "1012". - type: string - errorMessage: - description: errorMessage describes the error that occurred. + commit: + description: hash of the source of truth. It can be a git commit hash, or an OCI image digest. + type: string + errorSourceRefs: + description: errorSourceRefs track the origination(s) of errors when the condition type is Syncing. + items: + description: ErrorSource indicates the origination of errors. type: string - errorResources: - description: errorResources describes the resources associated with this error, if any. - items: - description: ResourceRef contains the identification bits of a single managed resource. - properties: - gvk: - description: gvk is the GroupVersionKind of the affected K8S resource. This field may be empty for errors that are not associated with a specific resource. + type: array + errorSummary: + description: errorSummary summarizes the errors in the `errors` field when the condition type is Reconciling or Stalled, and summarizes the errors referred in the `errorsSourceRefs` field when the condition type is Syncing. + properties: + errorCountAfterTruncation: + description: errorCountAfterTruncation tracks the number of errors in the `Errors` field. + type: integer + totalCount: + description: totalCount tracks the total number of errors. + type: integer + truncated: + description: truncated indicates whether the `Errors` field includes all the errors. If `true`, the `Errors` field does not includes all the errors. If `false`, the `Errors` field includes all the errors. The size limit of a RootSync/RepoSync object is 2MiB. The status update would fail with the `ResourceExhausted` rpc error if there are too many errors. + type: boolean + type: object + errors: + description: errors is a list of errors that occurred in the process. This field is used to track errors when the condition type is Reconciling or Stalled. When the condition type is Syncing, the `errorSourceRefs` field is used instead to avoid duplicating errors between `status.conditions` and `status.rendering|source|sync`. + items: + description: ConfigSyncError represents an error that occurs while parsing, applying, or remediating a resource. + properties: + code: + description: code is the error code of this particular error. Error codes are numeric strings, like "1012". + type: string + errorMessage: + description: errorMessage describes the error that occurred. + type: string + errorResources: + description: errorResources describes the resources associated with this error, if any. + items: + description: ResourceRef contains the identification bits of a single managed resource. properties: - group: + gvk: + description: gvk is the GroupVersionKind of the affected K8S resource. This field may be empty for errors that are not associated with a specific resource. + properties: + group: + type: string + kind: + type: string + version: + type: string + required: + - group + - kind + - version + type: object + name: + description: name is the name of the affected K8S resource. This field may be empty for errors that are not associated with a specific resource. type: string - kind: + namespace: + description: namespace is the namespace of the affected K8S resource. This field may be empty for errors that are associated with a cluster-scoped resource or not associated with a specific resource. type: string - version: + sourcePath: + description: sourcePath is the repo-relative slash path to where the config is defined. This field may be empty for errors that are not associated with a specific config file. type: string - required: - - group - - kind - - version type: object - name: - description: name is the name of the affected K8S resource. This field may be empty for errors that are not associated with a specific resource. - type: string - namespace: - description: namespace is the namespace of the affected K8S resource. This field may be empty for errors that are associated with a cluster-scoped resource or not associated with a specific resource. - type: string - sourcePath: - description: sourcePath is the repo-relative slash path to where the config is defined. This field may be empty for errors that are not associated with a specific config file. - type: string - type: object - type: array - required: - - code - - errorMessage - type: object - type: array - gitStatus: - description: gitStatus contains fields describing the status of a Git source of truth. - properties: - branch: - description: branch is the git branch being fetched + type: array + required: + - code + - errorMessage + type: object + type: array + lastTransitionTime: + description: Last time the condition transitioned from one status to another. + format: date-time + nullable: true type: string - dir: - description: 'dir is the path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository' + lastUpdateTime: + description: The last time this condition was updated. + format: date-time + nullable: true type: string - repo: - description: repo is the git repository URL being synced from. + message: + description: A human readable message indicating details about the transition. type: string - revision: - description: revision is the git revision (tag, ref, or commit) being fetched. + reason: + description: The reason for the condition's last transition. type: string - required: - - branch - - dir - - repo - - revision - type: object - lastUpdate: - description: lastUpdate is the timestamp of when this status was last updated by a reconciler. - format: date-time - nullable: true - type: string - ociStatus: - description: ociStatus contains fields describing the status of an OCI source of truth. - properties: - dir: - description: 'dir is the absolute path of the directory that contains the local resources. Default: the root directory of the repository' + status: + description: status of the condition, one of True, False, Unknown. type: string - image: - description: image is the OCI image repository URL for the package to sync from. + type: + description: type of RootSync condition. type: string required: - - dir - - image - type: object - type: object - sync: - description: sync contains fields describing the status of syncing resources from the source of truth to the cluster. - properties: - commit: - description: hash of the source of truth that is rendered. It can be a git commit hash, or an OCI image digest. - type: string - errorSummary: - description: errorSummary summarizes the errors encountered during the process of syncing the resources. - properties: - errorCountAfterTruncation: - description: errorCountAfterTruncation tracks the number of errors in the `Errors` field. - type: integer - totalCount: - description: totalCount tracks the total number of errors. - type: integer - truncated: - description: truncated indicates whether the `Errors` field includes all the errors. If `true`, the `Errors` field does not includes all the errors. If `false`, the `Errors` field includes all the errors. The size limit of a RootSync/RepoSync object is 2MiB. The status update would fail with the `ResourceExhausted` rpc error if there are too many errors. - type: boolean + - status + - type type: object - errors: - description: errors is a list of any errors that occurred while applying the resources from the change indicated by Commit. - items: - description: ConfigSyncError represents an error that occurs while parsing, applying, or remediating a resource. + type: array + lastSyncedCommit: + description: lastSyncedCommit describes the most recent hash that is successfully synced. It can be a git commit hash, or an OCI image digest. + type: string + observedGeneration: + description: observedGeneration is the most recent generation observed for the sync resource. It corresponds to the it's generation, which is updated on mutation by the API Server. + format: int64 + type: integer + reconciler: + description: reconciler is the name of the reconciler process which corresponds to the sync resource. + type: string + rendering: + description: rendering contains fields describing the status of rendering resources from the source of truth. + properties: + commit: + description: hash of the source of truth that is rendered. It can be a git commit hash, or an OCI image digest. + type: string + errorSummary: + description: errorSummary summarizes the errors encountered during the process of rendering the source of truth. + properties: + errorCountAfterTruncation: + description: errorCountAfterTruncation tracks the number of errors in the `Errors` field. + type: integer + totalCount: + description: totalCount tracks the total number of errors. + type: integer + truncated: + description: truncated indicates whether the `Errors` field includes all the errors. If `true`, the `Errors` field does not includes all the errors. If `false`, the `Errors` field includes all the errors. The size limit of a RootSync/RepoSync object is 2MiB. The status update would fail with the `ResourceExhausted` rpc error if there are too many errors. + type: boolean + type: object + errors: + description: errors is a list of any errors that occurred while rendering the source of truth. + items: + description: ConfigSyncError represents an error that occurs while parsing, applying, or remediating a resource. + properties: + code: + description: code is the error code of this particular error. Error codes are numeric strings, like "1012". + type: string + errorMessage: + description: errorMessage describes the error that occurred. + type: string + errorResources: + description: errorResources describes the resources associated with this error, if any. + items: + description: ResourceRef contains the identification bits of a single managed resource. + properties: + gvk: + description: gvk is the GroupVersionKind of the affected K8S resource. This field may be empty for errors that are not associated with a specific resource. + properties: + group: + type: string + kind: + type: string + version: + type: string + required: + - group + - kind + - version + type: object + name: + description: name is the name of the affected K8S resource. This field may be empty for errors that are not associated with a specific resource. + type: string + namespace: + description: namespace is the namespace of the affected K8S resource. This field may be empty for errors that are associated with a cluster-scoped resource or not associated with a specific resource. + type: string + sourcePath: + description: sourcePath is the repo-relative slash path to where the config is defined. This field may be empty for errors that are not associated with a specific config file. + type: string + type: object + type: array + required: + - code + - errorMessage + type: object + type: array + gitStatus: + description: gitStatus contains fields describing the status of a Git source of truth. properties: - code: - description: code is the error code of this particular error. Error codes are numeric strings, like "1012". + branch: + description: branch is the git branch being fetched type: string - errorMessage: - description: errorMessage describes the error that occurred. + dir: + description: 'dir is the path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository' + type: string + repo: + description: repo is the git repository URL being synced from. + type: string + revision: + description: revision is the git revision (tag, ref, or commit) being fetched. type: string - errorResources: - description: errorResources describes the resources associated with this error, if any. - items: - description: ResourceRef contains the identification bits of a single managed resource. - properties: - gvk: - description: gvk is the GroupVersionKind of the affected K8S resource. This field may be empty for errors that are not associated with a specific resource. - properties: - group: - type: string - kind: - type: string - version: - type: string - required: - - group - - kind - - version - type: object - name: - description: name is the name of the affected K8S resource. This field may be empty for errors that are not associated with a specific resource. - type: string - namespace: - description: namespace is the namespace of the affected K8S resource. This field may be empty for errors that are associated with a cluster-scoped resource or not associated with a specific resource. - type: string - sourcePath: - description: sourcePath is the repo-relative slash path to where the config is defined. This field may be empty for errors that are not associated with a specific config file. - type: string - type: object - type: array required: - - code - - errorMessage + - branch + - dir + - repo + - revision type: object - type: array - gitStatus: - description: gitStatus contains fields describing the status of a Git source of truth. - properties: - branch: - description: branch is the git branch being fetched - type: string - dir: - description: 'dir is the path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository' - type: string - repo: - description: repo is the git repository URL being synced from. - type: string - revision: - description: revision is the git revision (tag, ref, or commit) being fetched. - type: string - required: - - branch - - dir - - repo - - revision - type: object - lastUpdate: - description: lastUpdate is the timestamp of when this status was last updated by a reconciler. - format: date-time - nullable: true - type: string - ociStatus: - description: ociStatus contains fields describing the status of an OCI source of truth. - properties: - dir: - description: 'dir is the absolute path of the directory that contains the local resources. Default: the root directory of the repository' - type: string - image: - description: image is the OCI image repository URL for the package to sync from. - type: string - required: - - dir - - image - type: object - type: object - type: object - type: object - served: true - storage: true - subresources: - status: {} + lastUpdate: + description: lastUpdate is the timestamp of when this status was last updated by a reconciler. + format: date-time + nullable: true + type: string + message: + description: Human-readable message describes details about the rendering status. + type: string + ociStatus: + description: ociStatus contains fields describing the status of an OCI source of truth. + properties: + dir: + description: 'dir is the absolute path of the directory that contains the local resources. Default: the root directory of the repository' + type: string + image: + description: image is the OCI image repository URL for the package to sync from. + type: string + required: + - dir + - image + type: object + type: object + source: + description: source contains fields describing the status of a *Sync's source of truth. + properties: + commit: + description: hash of the source of truth that is rendered. It can be a git commit hash, or an OCI image digest. + type: string + errorSummary: + description: errorSummary summarizes the errors encountered during the process of reading from the source of truth. + properties: + errorCountAfterTruncation: + description: errorCountAfterTruncation tracks the number of errors in the `Errors` field. + type: integer + totalCount: + description: totalCount tracks the total number of errors. + type: integer + truncated: + description: truncated indicates whether the `Errors` field includes all the errors. If `true`, the `Errors` field does not includes all the errors. If `false`, the `Errors` field includes all the errors. The size limit of a RootSync/RepoSync object is 2MiB. The status update would fail with the `ResourceExhausted` rpc error if there are too many errors. + type: boolean + type: object + errors: + description: errors is a list of any errors that occurred while reading from the source of truth. + items: + description: ConfigSyncError represents an error that occurs while parsing, applying, or remediating a resource. + properties: + code: + description: code is the error code of this particular error. Error codes are numeric strings, like "1012". + type: string + errorMessage: + description: errorMessage describes the error that occurred. + type: string + errorResources: + description: errorResources describes the resources associated with this error, if any. + items: + description: ResourceRef contains the identification bits of a single managed resource. + properties: + gvk: + description: gvk is the GroupVersionKind of the affected K8S resource. This field may be empty for errors that are not associated with a specific resource. + properties: + group: + type: string + kind: + type: string + version: + type: string + required: + - group + - kind + - version + type: object + name: + description: name is the name of the affected K8S resource. This field may be empty for errors that are not associated with a specific resource. + type: string + namespace: + description: namespace is the namespace of the affected K8S resource. This field may be empty for errors that are associated with a cluster-scoped resource or not associated with a specific resource. + type: string + sourcePath: + description: sourcePath is the repo-relative slash path to where the config is defined. This field may be empty for errors that are not associated with a specific config file. + type: string + type: object + type: array + required: + - code + - errorMessage + type: object + type: array + gitStatus: + description: gitStatus contains fields describing the status of a Git source of truth. + properties: + branch: + description: branch is the git branch being fetched + type: string + dir: + description: 'dir is the path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository' + type: string + repo: + description: repo is the git repository URL being synced from. + type: string + revision: + description: revision is the git revision (tag, ref, or commit) being fetched. + type: string + required: + - branch + - dir + - repo + - revision + type: object + lastUpdate: + description: lastUpdate is the timestamp of when this status was last updated by a reconciler. + format: date-time + nullable: true + type: string + ociStatus: + description: ociStatus contains fields describing the status of an OCI source of truth. + properties: + dir: + description: 'dir is the absolute path of the directory that contains the local resources. Default: the root directory of the repository' + type: string + image: + description: image is the OCI image repository URL for the package to sync from. + type: string + required: + - dir + - image + type: object + type: object + sync: + description: sync contains fields describing the status of syncing resources from the source of truth to the cluster. + properties: + commit: + description: hash of the source of truth that is rendered. It can be a git commit hash, or an OCI image digest. + type: string + errorSummary: + description: errorSummary summarizes the errors encountered during the process of syncing the resources. + properties: + errorCountAfterTruncation: + description: errorCountAfterTruncation tracks the number of errors in the `Errors` field. + type: integer + totalCount: + description: totalCount tracks the total number of errors. + type: integer + truncated: + description: truncated indicates whether the `Errors` field includes all the errors. If `true`, the `Errors` field does not includes all the errors. If `false`, the `Errors` field includes all the errors. The size limit of a RootSync/RepoSync object is 2MiB. The status update would fail with the `ResourceExhausted` rpc error if there are too many errors. + type: boolean + type: object + errors: + description: errors is a list of any errors that occurred while applying the resources from the change indicated by Commit. + items: + description: ConfigSyncError represents an error that occurs while parsing, applying, or remediating a resource. + properties: + code: + description: code is the error code of this particular error. Error codes are numeric strings, like "1012". + type: string + errorMessage: + description: errorMessage describes the error that occurred. + type: string + errorResources: + description: errorResources describes the resources associated with this error, if any. + items: + description: ResourceRef contains the identification bits of a single managed resource. + properties: + gvk: + description: gvk is the GroupVersionKind of the affected K8S resource. This field may be empty for errors that are not associated with a specific resource. + properties: + group: + type: string + kind: + type: string + version: + type: string + required: + - group + - kind + - version + type: object + name: + description: name is the name of the affected K8S resource. This field may be empty for errors that are not associated with a specific resource. + type: string + namespace: + description: namespace is the namespace of the affected K8S resource. This field may be empty for errors that are associated with a cluster-scoped resource or not associated with a specific resource. + type: string + sourcePath: + description: sourcePath is the repo-relative slash path to where the config is defined. This field may be empty for errors that are not associated with a specific config file. + type: string + type: object + type: array + required: + - code + - errorMessage + type: object + type: array + gitStatus: + description: gitStatus contains fields describing the status of a Git source of truth. + properties: + branch: + description: branch is the git branch being fetched + type: string + dir: + description: 'dir is the path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository' + type: string + repo: + description: repo is the git repository URL being synced from. + type: string + revision: + description: revision is the git revision (tag, ref, or commit) being fetched. + type: string + required: + - branch + - dir + - repo + - revision + type: object + lastUpdate: + description: lastUpdate is the timestamp of when this status was last updated by a reconciler. + format: date-time + nullable: true + type: string + ociStatus: + description: ociStatus contains fields describing the status of an OCI source of truth. + properties: + dir: + description: 'dir is the absolute path of the directory that contains the local resources. Default: the root directory of the repository' + type: string + image: + description: image is the OCI image repository URL for the package to sync from. + type: string + required: + - dir + - image + type: object + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/nephio/core/nephio-operator/app/controller/clusterrole-approval.yaml b/nephio/core/nephio-operator/app/controller/clusterrole-approval.yaml index 485aaad..b902eed 100644 --- a/nephio/core/nephio-operator/app/controller/clusterrole-approval.yaml +++ b/nephio/core/nephio-operator/app/controller/clusterrole-approval.yaml @@ -12,31 +12,31 @@ metadata: app.kubernetes.io/version: tbd name: nephio-controller-approval-role rules: -- apiGroups: - - porch.kpt.dev - resources: - - packagerevisions - - packagerevisions/status - - packagerevisions/approval - verbs: - - get - - list - - watch - - patch - - update -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch -- apiGroups: - - config.porch.kpt.dev - resources: - - packagevariants - - packagevariants/status - verbs: - - get - - list - - watch + - apiGroups: + - porch.kpt.dev + resources: + - packagerevisions + - packagerevisions/status + - packagerevisions/approval + verbs: + - get + - list + - watch + - patch + - update + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + - apiGroups: + - config.porch.kpt.dev + resources: + - packagevariants + - packagevariants/status + verbs: + - get + - list + - watch diff --git a/nephio/core/nephio-operator/app/controller/clusterrole-bootstrap.yaml b/nephio/core/nephio-operator/app/controller/clusterrole-bootstrap.yaml index c9b56d8..374421f 100644 --- a/nephio/core/nephio-operator/app/controller/clusterrole-bootstrap.yaml +++ b/nephio/core/nephio-operator/app/controller/clusterrole-bootstrap.yaml @@ -12,44 +12,44 @@ metadata: app.kubernetes.io/version: tbd name: nephio-controller-bootstrap-role rules: -- apiGroups: - - cluster.x-k8s.io - resources: - - clusters - verbs: - - get - - list - - watch -- apiGroups: - - '*' - resources: - - secrets - verbs: - - get - - list - - watch -- apiGroups: - - porch.kpt.dev - resources: - - packagerevisionresources - - packagerevisions - verbs: - - get - - list - - watch -- apiGroups: - - config.porch.kpt.dev - resources: - - repositories - verbs: - - get - - list - - watch -- apiGroups: - - porch.kpt.dev - resources: - - packagerevisionresources/status - - packagerevisions/status - - packagerevisions/approval - verbs: - - get + - apiGroups: + - cluster.x-k8s.io + resources: + - clusters + verbs: + - get + - list + - watch + - apiGroups: + - '*' + resources: + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - porch.kpt.dev + resources: + - packagerevisionresources + - packagerevisions + verbs: + - get + - list + - watch + - apiGroups: + - config.porch.kpt.dev + resources: + - repositories + verbs: + - get + - list + - watch + - apiGroups: + - porch.kpt.dev + resources: + - packagerevisionresources/status + - packagerevisions/status + - packagerevisions/approval + verbs: + - get diff --git a/nephio/core/nephio-operator/app/controller/clusterrole-network.yaml b/nephio/core/nephio-operator/app/controller/clusterrole-network.yaml index a6279b9..cadb131 100644 --- a/nephio/core/nephio-operator/app/controller/clusterrole-network.yaml +++ b/nephio/core/nephio-operator/app/controller/clusterrole-network.yaml @@ -12,159 +12,159 @@ metadata: app.kubernetes.io/version: tbd name: nephio-controller-network-role rules: -- apiGroups: - - inv.nephio.org - resources: - - links - - nodes - - endpoints - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - infra.nephio.org - resources: - - links/status - - nodes/status - - endpoints/status - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - ipam.resource.nephio.org - resources: - - networkinstances - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - ipam.resource.nephio.org - resources: - - networkinstances/status - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - vlan.resource.nephio.org - resources: - - vlanindices - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - vlan.resource.nephio.org - resources: - - vlanindices/status - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - config.nephio.org - resources: - - networks - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - config.nephio.org - resources: - - networks/status - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - infra.nephio.org - resources: - - networks - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - infra.nephio.org - resources: - - networks/status - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - config.nephio.org - resources: - - networks - - networks/status - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - infra.nephio.org - resources: - - networks - - networks/status - - repositories - - repositories/status - - tokens - - tokens/status - - workloadclusters - - workloadclusters/status - verbs: - - get - - list - - watch - - update - - patch - - create - - delete + - apiGroups: + - inv.nephio.org + resources: + - links + - nodes + - endpoints + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - infra.nephio.org + resources: + - links/status + - nodes/status + - endpoints/status + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - ipam.resource.nephio.org + resources: + - networkinstances + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - ipam.resource.nephio.org + resources: + - networkinstances/status + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - vlan.resource.nephio.org + resources: + - vlanindices + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - vlan.resource.nephio.org + resources: + - vlanindices/status + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - config.nephio.org + resources: + - networks + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - config.nephio.org + resources: + - networks/status + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - infra.nephio.org + resources: + - networks + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - infra.nephio.org + resources: + - networks/status + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - config.nephio.org + resources: + - networks + - networks/status + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - infra.nephio.org + resources: + - networks + - networks/status + - repositories + - repositories/status + - tokens + - tokens/status + - workloadclusters + - workloadclusters/status + verbs: + - get + - list + - watch + - update + - patch + - create + - delete diff --git a/nephio/core/nephio-operator/app/controller/clusterrole-porch.yaml b/nephio/core/nephio-operator/app/controller/clusterrole-porch.yaml index 8231d34..8990727 100644 --- a/nephio/core/nephio-operator/app/controller/clusterrole-porch.yaml +++ b/nephio/core/nephio-operator/app/controller/clusterrole-porch.yaml @@ -12,62 +12,62 @@ metadata: app.kubernetes.io/version: tbd name: nephio-controller-porch-role rules: -- apiGroups: - - porch.kpt.dev - resources: - - packagerevisionresources - - packagerevisions - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - porch.kpt.dev - resources: - - packagerevisionresources/status - - packagerevisions/status - - packagerevisions/approval - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - config.nephio.org - resources: - - networks - - networks/status - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - infra.nephio.org - resources: - - networks - - networks/status - - repositories - - repositories/status - - tokens - - tokens/status - - workloadclusters - - workloadclusters/status - verbs: - - get - - list - - watch - - update - - patch - - create - - delete + - apiGroups: + - porch.kpt.dev + resources: + - packagerevisionresources + - packagerevisions + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - porch.kpt.dev + resources: + - packagerevisionresources/status + - packagerevisions/status + - packagerevisions/approval + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - config.nephio.org + resources: + - networks + - networks/status + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - infra.nephio.org + resources: + - networks + - networks/status + - repositories + - repositories/status + - tokens + - tokens/status + - workloadclusters + - workloadclusters/status + verbs: + - get + - list + - watch + - update + - patch + - create + - delete diff --git a/nephio/core/nephio-operator/app/controller/clusterrole-repository.yaml b/nephio/core/nephio-operator/app/controller/clusterrole-repository.yaml index 149a51d..241c0ff 100644 --- a/nephio/core/nephio-operator/app/controller/clusterrole-repository.yaml +++ b/nephio/core/nephio-operator/app/controller/clusterrole-repository.yaml @@ -12,35 +12,35 @@ metadata: app.kubernetes.io/version: tbd name: nephio-controller-repository-role rules: -- apiGroups: - - '*' - resources: - - services - verbs: - - get - - list - - watch -- apiGroups: - - infra.nephio.org - resources: - - repositories - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - infra.nephio.org - resources: - - repositories/status - verbs: - - get - - list - - watch - - update - - patch - - create - - delete + - apiGroups: + - '*' + resources: + - services + verbs: + - get + - list + - watch + - apiGroups: + - infra.nephio.org + resources: + - repositories + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - infra.nephio.org + resources: + - repositories/status + verbs: + - get + - list + - watch + - update + - patch + - create + - delete diff --git a/nephio/core/nephio-operator/app/controller/clusterrole-token.yaml b/nephio/core/nephio-operator/app/controller/clusterrole-token.yaml index 8a64ab3..8f08800 100644 --- a/nephio/core/nephio-operator/app/controller/clusterrole-token.yaml +++ b/nephio/core/nephio-operator/app/controller/clusterrole-token.yaml @@ -12,47 +12,47 @@ metadata: app.kubernetes.io/version: tbd name: nephio-controller-token-role rules: -- apiGroups: - - '*' - resources: - - services - verbs: - - get - - list - - watch -- apiGroups: - - infra.nephio.org - resources: - - tokens - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - infra.nephio.org - resources: - - tokens/status - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - "" - resources: - - secrets - verbs: - - get - - list - - watch - - update - - patch - - create - - delete + - apiGroups: + - '*' + resources: + - services + verbs: + - get + - list + - watch + - apiGroups: + - infra.nephio.org + resources: + - tokens + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - infra.nephio.org + resources: + - tokens/status + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch + - update + - patch + - create + - delete diff --git a/nephio/core/nephio-operator/app/controller/clusterrolebinding-approval.yaml b/nephio/core/nephio-operator/app/controller/clusterrolebinding-approval.yaml index a07907a..641614d 100644 --- a/nephio/core/nephio-operator/app/controller/clusterrolebinding-approval.yaml +++ b/nephio/core/nephio-operator/app/controller/clusterrolebinding-approval.yaml @@ -16,6 +16,6 @@ roleRef: kind: ClusterRole name: nephio-controller-approval-role subjects: -- kind: ServiceAccount - name: nephio-controller - namespace: nephio-system + - kind: ServiceAccount + name: nephio-controller + namespace: nephio-system diff --git a/nephio/core/nephio-operator/app/controller/clusterrolebinding-bootstrap.yaml b/nephio/core/nephio-operator/app/controller/clusterrolebinding-bootstrap.yaml index 5f0c698..168e212 100644 --- a/nephio/core/nephio-operator/app/controller/clusterrolebinding-bootstrap.yaml +++ b/nephio/core/nephio-operator/app/controller/clusterrolebinding-bootstrap.yaml @@ -16,6 +16,6 @@ roleRef: kind: ClusterRole name: nephio-controller-bootstrap-role subjects: -- kind: ServiceAccount - name: nephio-controller - namespace: nephio-system + - kind: ServiceAccount + name: nephio-controller + namespace: nephio-system diff --git a/nephio/core/nephio-operator/app/controller/clusterrolebinding-controller.yaml b/nephio/core/nephio-operator/app/controller/clusterrolebinding-controller.yaml index b33abe8..1351bd0 100644 --- a/nephio/core/nephio-operator/app/controller/clusterrolebinding-controller.yaml +++ b/nephio/core/nephio-operator/app/controller/clusterrolebinding-controller.yaml @@ -16,6 +16,6 @@ roleRef: kind: ClusterRole name: nephio-controller-controller-role subjects: -- kind: ServiceAccount - name: nephio-controller - namespace: nephio-system + - kind: ServiceAccount + name: nephio-controller + namespace: nephio-system diff --git a/nephio/core/nephio-operator/app/controller/clusterrolebinding-network.yaml b/nephio/core/nephio-operator/app/controller/clusterrolebinding-network.yaml index 9778f6a..e40a9f2 100644 --- a/nephio/core/nephio-operator/app/controller/clusterrolebinding-network.yaml +++ b/nephio/core/nephio-operator/app/controller/clusterrolebinding-network.yaml @@ -16,6 +16,6 @@ roleRef: kind: ClusterRole name: nephio-controller-network-role subjects: -- kind: ServiceAccount - name: nephio-controller - namespace: nephio-system + - kind: ServiceAccount + name: nephio-controller + namespace: nephio-system diff --git a/nephio/core/nephio-operator/app/controller/clusterrolebinding-porch.yaml b/nephio/core/nephio-operator/app/controller/clusterrolebinding-porch.yaml index 7b53294..7cacc14 100644 --- a/nephio/core/nephio-operator/app/controller/clusterrolebinding-porch.yaml +++ b/nephio/core/nephio-operator/app/controller/clusterrolebinding-porch.yaml @@ -16,6 +16,6 @@ roleRef: kind: ClusterRole name: nephio-controller-porch-role subjects: -- kind: ServiceAccount - name: nephio-controller - namespace: nephio-system + - kind: ServiceAccount + name: nephio-controller + namespace: nephio-system diff --git a/nephio/core/nephio-operator/app/controller/clusterrolebinding-repository.yaml b/nephio/core/nephio-operator/app/controller/clusterrolebinding-repository.yaml index 0304fe7..4759cf2 100644 --- a/nephio/core/nephio-operator/app/controller/clusterrolebinding-repository.yaml +++ b/nephio/core/nephio-operator/app/controller/clusterrolebinding-repository.yaml @@ -16,6 +16,6 @@ roleRef: kind: ClusterRole name: nephio-controller-repository-role subjects: -- kind: ServiceAccount - name: nephio-controller - namespace: nephio-system + - kind: ServiceAccount + name: nephio-controller + namespace: nephio-system diff --git a/nephio/core/nephio-operator/app/controller/clusterrolebinding-token.yaml b/nephio/core/nephio-operator/app/controller/clusterrolebinding-token.yaml index b809ec8..bb9ee75 100644 --- a/nephio/core/nephio-operator/app/controller/clusterrolebinding-token.yaml +++ b/nephio/core/nephio-operator/app/controller/clusterrolebinding-token.yaml @@ -16,6 +16,6 @@ roleRef: kind: ClusterRole name: nephio-controller-token-role subjects: -- kind: ServiceAccount - name: nephio-controller - namespace: nephio-system + - kind: ServiceAccount + name: nephio-controller + namespace: nephio-system diff --git a/nephio/core/nephio-operator/app/controller/deployment-controller.yaml b/nephio/core/nephio-operator/app/controller/deployment-controller.yaml index a99c282..aacaaf9 100644 --- a/nephio/core/nephio-operator/app/controller/deployment-controller.yaml +++ b/nephio/core/nephio-operator/app/controller/deployment-controller.yaml @@ -26,92 +26,92 @@ spec: namespace: nephio-system spec: containers: - - args: - - --secure-listen-address=0.0.0.0:8443 - - --upstream=http://127.0.0.1:8080/ - - --logtostderr=true - - --v=10 - image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0 - name: kube-rbac-proxy - ports: - - containerPort: 8443 - name: https - resources: {} - - args: - - --health-probe-bind-address=:8081 - - --metrics-bind-address=127.0.0.1:8080 - - --leader-elect - command: - - /manager - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: POD_IP - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.podIP - - name: POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - - name: NODE_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: spec.nodeName - - name: NODE_IP - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.hostIP - - name: GIT_URL - value: http://172.18.0.200:3000 - - name: GIT_NAMESPACE - value: gitea - - name: ENABLE_APPROVAL - value: "true" - - name: ENABLE_REPOSITORIES - value: "true" - - name: ENABLE_BOOTSTRAPSECRETS - value: "true" - - name: ENABLE_BOOTSTRAPPACKAGES - value: "true" - - name: ENABLE_GENERICSPECIALIZER - value: "true" - - name: ENABLE_NETWORKS - value: "true" - - name: CLIENT_PROXY_ADDRESS - value: resource-backend-controller-grpc-svc.backend-system.svc.cluster.local:9999 - image: docker.io/nephio/nephio-operator:v2.0.0 - livenessProbe: - httpGet: - path: /healthz - port: 8081 - initialDelaySeconds: 15 - periodSeconds: 20 - name: controller - readinessProbe: - httpGet: - path: /readyz - port: 8081 - initialDelaySeconds: 5 - periodSeconds: 10 - resources: - limits: - cpu: 500m - memory: 128Mi - requests: - cpu: 10m - memory: 64Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL + - args: + - --secure-listen-address=0.0.0.0:8443 + - --upstream=http://127.0.0.1:8080/ + - --logtostderr=true + - --v=10 + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0 + name: kube-rbac-proxy + ports: + - containerPort: 8443 + name: https + resources: {} + - args: + - --health-probe-bind-address=:8081 + - --metrics-bind-address=127.0.0.1:8080 + - --leader-elect + command: + - /manager + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + - name: NODE_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.hostIP + - name: GIT_URL + value: http://172.18.0.200:3000 + - name: GIT_NAMESPACE + value: gitea + - name: ENABLE_APPROVAL + value: "true" + - name: ENABLE_REPOSITORIES + value: "true" + - name: ENABLE_BOOTSTRAPSECRETS + value: "true" + - name: ENABLE_BOOTSTRAPPACKAGES + value: "true" + - name: ENABLE_GENERICSPECIALIZER + value: "true" + - name: ENABLE_NETWORKS + value: "true" + - name: CLIENT_PROXY_ADDRESS + value: resource-backend-controller-grpc-svc.backend-system.svc.cluster.local:9999 + image: docker.io/nephio/nephio-operator:v2.0.0 + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: controller + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 10m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL serviceAccountName: nephio-controller status: {} diff --git a/nephio/core/nephio-operator/app/controller/deployment-token-controller.yaml b/nephio/core/nephio-operator/app/controller/deployment-token-controller.yaml index c6e3444..b3b61e4 100644 --- a/nephio/core/nephio-operator/app/controller/deployment-token-controller.yaml +++ b/nephio/core/nephio-operator/app/controller/deployment-token-controller.yaml @@ -26,80 +26,80 @@ spec: namespace: nephio-system spec: containers: - - args: - - --secure-listen-address=0.0.0.0:8443 - - --upstream=http://127.0.0.1:8080/ - - --logtostderr=true - - --v=10 - image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0 - name: kube-rbac-proxy - ports: - - containerPort: 8443 - name: https - resources: {} - - args: - - --health-probe-bind-address=:8081 - - --metrics-bind-address=127.0.0.1:8080 - - --leader-elect - command: - - /manager - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: POD_IP - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.podIP - - name: POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - - name: NODE_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: spec.nodeName - - name: NODE_IP - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.hostIP - - name: GIT_URL - value: http://172.18.0.200:3000 - - name: GIT_NAMESPACE - value: gitea - - name: ENABLE_TOKENS - value: "true" - image: docker.io/nephio/nephio-operator:v2.0.0 - livenessProbe: - httpGet: - path: /healthz - port: 8081 - initialDelaySeconds: 15 - periodSeconds: 20 - name: controller - readinessProbe: - httpGet: - path: /readyz - port: 8081 - initialDelaySeconds: 5 - periodSeconds: 10 - resources: - limits: - cpu: 500m - memory: 128Mi - requests: - cpu: 10m - memory: 64Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL + - args: + - --secure-listen-address=0.0.0.0:8443 + - --upstream=http://127.0.0.1:8080/ + - --logtostderr=true + - --v=10 + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0 + name: kube-rbac-proxy + ports: + - containerPort: 8443 + name: https + resources: {} + - args: + - --health-probe-bind-address=:8081 + - --metrics-bind-address=127.0.0.1:8080 + - --leader-elect + command: + - /manager + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + - name: NODE_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.hostIP + - name: GIT_URL + value: http://172.18.0.200:3000 + - name: GIT_NAMESPACE + value: gitea + - name: ENABLE_TOKENS + value: "true" + image: docker.io/nephio/nephio-operator:v2.0.0 + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: controller + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 10m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL serviceAccountName: nephio-controller status: {} diff --git a/nephio/core/nephio-operator/app/controller/role-leader-election.yaml b/nephio/core/nephio-operator/app/controller/role-leader-election.yaml index 197e028..b761501 100644 --- a/nephio/core/nephio-operator/app/controller/role-leader-election.yaml +++ b/nephio/core/nephio-operator/app/controller/role-leader-election.yaml @@ -13,34 +13,34 @@ metadata: name: nephio-controller-leader-election-role namespace: nephio-system rules: -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch diff --git a/nephio/core/nephio-operator/app/controller/rolebinding-leader-election.yaml b/nephio/core/nephio-operator/app/controller/rolebinding-leader-election.yaml index aeb4d38..0a6c297 100644 --- a/nephio/core/nephio-operator/app/controller/rolebinding-leader-election.yaml +++ b/nephio/core/nephio-operator/app/controller/rolebinding-leader-election.yaml @@ -17,6 +17,6 @@ roleRef: kind: Role name: nephio-controller-leader-election-role subjects: -- kind: ServiceAccount - name: nephio-controller - namespace: nephio-system + - kind: ServiceAccount + name: nephio-controller + namespace: nephio-system diff --git a/nephio/core/nephio-operator/crd/bases/config.nephio.org_networks.yaml b/nephio/core/nephio-operator/crd/bases/config.nephio.org_networks.yaml index c0c57c1..77c4a02 100644 --- a/nephio/core/nephio-operator/crd/bases/config.nephio.org_networks.yaml +++ b/nephio/core/nephio-operator/crd/bases/config.nephio.org_networks.yaml @@ -1,4 +1,3 @@ ---- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -10,129 +9,103 @@ spec: group: config.nephio.org names: categories: - - nephio - - config + - nephio + - config kind: Network listKind: NetworkList plural: networks singular: network scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: REPO_STATUS - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Network is the Schema for the Network API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: NetworkSpec defines the desired state of Network Configuration - properties: - config: - description: Config defines the configuration to be applied to a target - device - type: object - x-kubernetes-preserve-unknown-fields: true - lifecycle: - description: Lifecycle determines the lifecycle policies the resource - e.g. delete is orphan or delete will follow - properties: - deletionPolicy: - default: delete - description: DeletionPolicy specifies what will happen to the - underlying resource when this resource is deleted - either "delete" - or "orphan" the resource. - enum: - - delete - - orphan - type: string - type: object - type: object - status: - description: NetworkStatus defines the observed state of Network - properties: - conditions: - description: Conditions of the resource. - items: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: REPO_STATUS + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Network is the Schema for the Network API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: NetworkSpec defines the desired state of Network Configuration + properties: + config: + description: Config defines the configuration to be applied to a target device + type: object + x-kubernetes-preserve-unknown-fields: true + lifecycle: + description: Lifecycle determines the lifecycle policies the resource e.g. delete is orphan or delete will follow properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. + deletionPolicy: + default: delete + description: DeletionPolicy specifies what will happen to the underlying resource when this resource is deleted - either "delete" or "orphan" the resource. enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + - delete + - orphan type: string - required: - - lastTransitionTime - - message - - reason - - status - - type type: object - type: array - lastAppliedConfig: - description: LastAppliedConfig defines the configuration that was - last applied to the target device - type: object - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: object + status: + description: NetworkStatus defines the observed state of Network + properties: + conditions: + description: Conditions of the resource. + items: + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + lastAppliedConfig: + description: LastAppliedConfig defines the configuration that was last applied to the target device + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/nephio/core/nephio-operator/crd/bases/infra.nephio.org_clustercontexts.yaml b/nephio/core/nephio-operator/crd/bases/infra.nephio.org_clustercontexts.yaml index ebd4522..831c8bf 100644 --- a/nephio/core/nephio-operator/crd/bases/infra.nephio.org_clustercontexts.yaml +++ b/nephio/core/nephio-operator/crd/bases/infra.nephio.org_clustercontexts.yaml @@ -1,4 +1,3 @@ ---- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -15,47 +14,42 @@ spec: singular: clustercontext scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: ClusterContext is the Schema for the clustercontexts API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ClusterContextSpec defines the desired state of ClusterContext - properties: - cniConfig: - description: CNIConfig contains the details of CNI configuration for - this cluster - properties: - cniType: - type: string - masterInterface: - type: string - required: - - cniType - - masterInterface - type: object - siteCode: - description: SiteCode identifies this cluster's location - type: string - type: object - status: - description: ClusterContextStatus defines the observed state of ClusterContext - type: object - type: object - served: true - storage: true - subresources: - status: {} + - name: v1alpha1 + schema: + openAPIV3Schema: + description: ClusterContext is the Schema for the clustercontexts API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ClusterContextSpec defines the desired state of ClusterContext + properties: + cniConfig: + description: CNIConfig contains the details of CNI configuration for this cluster + properties: + cniType: + type: string + masterInterface: + type: string + required: + - cniType + - masterInterface + type: object + siteCode: + description: SiteCode identifies this cluster's location + type: string + type: object + status: + description: ClusterContextStatus defines the observed state of ClusterContext + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/nephio/core/nephio-operator/crd/bases/infra.nephio.org_networkconfigs.yaml b/nephio/core/nephio-operator/crd/bases/infra.nephio.org_networkconfigs.yaml index f8348ad..37ab980 100644 --- a/nephio/core/nephio-operator/crd/bases/infra.nephio.org_networkconfigs.yaml +++ b/nephio/core/nephio-operator/crd/bases/infra.nephio.org_networkconfigs.yaml @@ -1,4 +1,3 @@ ---- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -10,135 +9,113 @@ spec: group: infra.nephio.org names: categories: - - nephio - - network + - nephio + - network kind: NetworkConfig listKind: NetworkConfigList plural: networkconfigs singular: networkconfig scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: REPO_STATUS - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: NetworkConfig is the Schema for the Network API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: NetworkConfigSpec defines the desired state of NetworkConfig - properties: - prefixLengths: - description: PrefixLengths define the prefix lengths for ipv4 and - ipv6 configuration elements - properties: - ipv4: - description: IPv4 defines the ipv4 prefixlengths - properties: - interfaceExternal: - default: 24 - type: integer - interfaceInternal: - default: 31 - type: integer - pool: - default: 16 - type: integer - type: object - ipv6: - description: IPv6 defines the ipv6 prefixlengths + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: REPO_STATUS + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: NetworkConfig is the Schema for the Network API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: NetworkConfigSpec defines the desired state of NetworkConfig + properties: + prefixLengths: + description: PrefixLengths define the prefix lengths for ipv4 and ipv6 configuration elements + properties: + ipv4: + description: IPv4 defines the ipv4 prefixlengths + properties: + interfaceExternal: + default: 24 + type: integer + interfaceInternal: + default: 31 + type: integer + pool: + default: 16 + type: integer + type: object + ipv6: + description: IPv6 defines the ipv6 prefixlengths + properties: + interfaceExternal: + default: 64 + type: integer + interfaceInternal: + default: 127 + type: integer + pool: + default: 48 + type: integer + type: object + type: object + type: object + status: + description: NetworkStatus defines the observed state of Network + properties: + conditions: + description: Conditions of the resource. + items: properties: - interfaceExternal: - default: 64 - type: integer - interfaceInternal: - default: 127 - type: integer - pool: - default: 48 + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type type: object - type: object - type: object - status: - description: NetworkStatus defines the observed state of Network - properties: - conditions: - description: Conditions of the resource. - items: - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - type: object - type: object - served: true - storage: true - subresources: {} + type: array + type: object + type: object + served: true + storage: true + subresources: {} diff --git a/nephio/core/nephio-operator/crd/bases/infra.nephio.org_networks.yaml b/nephio/core/nephio-operator/crd/bases/infra.nephio.org_networks.yaml index e821fcb..2acf70d 100644 --- a/nephio/core/nephio-operator/crd/bases/infra.nephio.org_networks.yaml +++ b/nephio/core/nephio-operator/crd/bases/infra.nephio.org_networks.yaml @@ -1,4 +1,3 @@ ---- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -10,324 +9,251 @@ spec: group: infra.nephio.org names: categories: - - nephio - - network + - nephio + - network kind: Network listKind: NetworkList plural: networks singular: network scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: READY - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Network is the Schema for the Network API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: NetworkSpec defines the desired state of Network - properties: - bridgeDomains: - description: BridgeDomains define a set of logical ports that share - the same flooding or broadcast characteristics. Like a virtual LAN - (VLAN), a bridge domain spans one or more ports of multiple devices. - items: - properties: - interfaces: - description: Interfaces defines the interfaces belonging to - the bridge domain - items: - properties: - attachmentType: - description: 'AttachmentType defines the interface attachement: - vlan or none' - enum: - - none - - vlan - type: string - bridgeDomainName: - description: BridgeDomainName defines the name of the - bridgeDomain belonging to the interface - type: string - interfaceName: - description: InterfaceName defines the name of the interface - type: string - kind: - default: interface - description: Kind defines the kind of interface. Attached - to a routing table both interface and bridgedomain interfaces - are allowed. In a BridgeDomain only regular interfaces - are allowed - enum: - - interface - - bridgedomain - type: string - nodeName: - description: NodeName defines the name of the node the - interface belongs to interface - type: string - selector: - description: Selector defines the selector criterias for - the interface selection - properties: - matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector - that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, - NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. - If the operator is In or NotIn, the values - array must be non-empty. If the operator is - Exists or DoesNotExist, the values array must - be empty. This array is replaced during a - strategic merge patch. - items: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: READY + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Network is the Schema for the Network API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: NetworkSpec defines the desired state of Network + properties: + bridgeDomains: + description: BridgeDomains define a set of logical ports that share the same flooding or broadcast characteristics. Like a virtual LAN (VLAN), a bridge domain spans one or more ports of multiple devices. + items: + properties: + interfaces: + description: Interfaces defines the interfaces belonging to the bridge domain + items: + properties: + attachmentType: + description: 'AttachmentType defines the interface attachement: vlan or none' + enum: + - none + - vlan + type: string + bridgeDomainName: + description: BridgeDomainName defines the name of the bridgeDomain belonging to the interface + type: string + interfaceName: + description: InterfaceName defines the name of the interface + type: string + kind: + default: interface + description: Kind defines the kind of interface. Attached to a routing table both interface and bridgedomain interfaces are allowed. In a BridgeDomain only regular interfaces are allowed + enum: + - interface + - bridgedomain + type: string + nodeName: + description: NodeName defines the name of the node the interface belongs to interface + type: string + selector: + description: Selector defines the selector criterias for the interface selection + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string - type: array - required: - - key - - operator + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field - is "key", the operator is "In", and the values array - contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - required: - - kind - type: object - type: array - name: - description: Name defines the name of the bridge domain - type: string - required: - - name - type: object - type: array - routingTables: - description: RoutingTables defines a set of routes belonging to a - given routing instance Multiple routing tables are also called virtual - routing instances. Each virtual routing instance can hold overlapping - IP information A routing table supports both ipv4 and ipv6 - items: - properties: - interfaces: - description: Interfaces defines the interfaces belonging to - the routing table - items: - properties: - attachmentType: - description: 'AttachmentType defines the interface attachement: - vlan or none' - enum: - - none - - vlan - type: string - bridgeDomainName: - description: BridgeDomainName defines the name of the - bridgeDomain belonging to the interface - type: string - interfaceName: - description: InterfaceName defines the name of the interface - type: string - kind: - default: interface - description: Kind defines the kind of interface. Attached - to a routing table both interface and bridgedomain interfaces - are allowed. In a BridgeDomain only regular interfaces - are allowed - enum: - - interface - - bridgedomain - type: string - nodeName: - description: NodeName defines the name of the node the - interface belongs to interface - type: string - selector: - description: Selector defines the selector criterias for - the interface selection - properties: - matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector - that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, - NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. - If the operator is In or NotIn, the values - array must be non-empty. If the operator is - Exists or DoesNotExist, the values array must - be empty. This array is replaced during a - strategic merge patch. - items: + type: object + x-kubernetes-map-type: atomic + required: + - kind + type: object + type: array + name: + description: Name defines the name of the bridge domain + type: string + required: + - name + type: object + type: array + routingTables: + description: RoutingTables defines a set of routes belonging to a given routing instance Multiple routing tables are also called virtual routing instances. Each virtual routing instance can hold overlapping IP information A routing table supports both ipv4 and ipv6 + items: + properties: + interfaces: + description: Interfaces defines the interfaces belonging to the routing table + items: + properties: + attachmentType: + description: 'AttachmentType defines the interface attachement: vlan or none' + enum: + - none + - vlan + type: string + bridgeDomainName: + description: BridgeDomainName defines the name of the bridgeDomain belonging to the interface + type: string + interfaceName: + description: InterfaceName defines the name of the interface + type: string + kind: + default: interface + description: Kind defines the kind of interface. Attached to a routing table both interface and bridgedomain interfaces are allowed. In a BridgeDomain only regular interfaces are allowed + enum: + - interface + - bridgedomain + type: string + nodeName: + description: NodeName defines the name of the node the interface belongs to interface + type: string + selector: + description: Selector defines the selector criterias for the interface selection + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string - type: array - required: - - key - - operator + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field - is "key", the operator is "In", and the values array - contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - required: - - kind - type: object - type: array - name: - description: Name defines the name of the routing table - type: string - prefixes: - description: Prefixes defines the prefixes belonging to the - routing table - items: - properties: - labels: - additionalProperties: + type: object + x-kubernetes-map-type: atomic + required: + - kind + type: object + type: array + name: + description: Name defines the name of the routing table + type: string + prefixes: + description: Prefixes defines the prefixes belonging to the routing table + items: + properties: + labels: + additionalProperties: + type: string + description: Labels as user defined labels + type: object + prefix: + description: Prefix defines the ip cidr in prefix notation. + pattern: (([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/(([0-9])|([1-2][0-9])|(3[0-2]))|((:|[0-9a-fA-F]{0,4}):)([0-9a-fA-F]{0,4}:){0,5}((([0-9a-fA-F]{0,4}:)?(:|[0-9a-fA-F]{0,4}))|(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])))(/(([0-9])|([0-9]{2})|(1[0-1][0-9])|(12[0-8]))) type: string - description: Labels as user defined labels - type: object - prefix: - description: Prefix defines the ip cidr in prefix notation. - pattern: (([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/(([0-9])|([1-2][0-9])|(3[0-2]))|((:|[0-9a-fA-F]{0,4}):)([0-9a-fA-F]{0,4}:){0,5}((([0-9a-fA-F]{0,4}:)?(:|[0-9a-fA-F]{0,4}))|(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])))(/(([0-9])|([0-9]{2})|(1[0-1][0-9])|(12[0-8]))) - type: string - required: - - prefix - type: object - type: array - required: - - name - - prefixes - type: object - type: array - topology: - description: Topology defines the topology to which this network applies - type: string - required: - - topology - type: object - status: - description: NetworkStatus defines the observed state of Network - properties: - conditions: - description: Conditions of the resource. - items: - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} + required: + - prefix + type: object + type: array + required: + - name + - prefixes + type: object + type: array + topology: + description: Topology defines the topology to which this network applies + type: string + required: + - topology + type: object + status: + description: NetworkStatus defines the observed state of Network + properties: + conditions: + description: Conditions of the resource. + items: + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/nephio/core/nephio-operator/crd/bases/infra.nephio.org_repositories.yaml b/nephio/core/nephio-operator/crd/bases/infra.nephio.org_repositories.yaml index be90aa4..5bdaf2f 100644 --- a/nephio/core/nephio-operator/crd/bases/infra.nephio.org_repositories.yaml +++ b/nephio/core/nephio-operator/crd/bases/infra.nephio.org_repositories.yaml @@ -1,4 +1,3 @@ ---- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -15,144 +14,119 @@ spec: singular: repository scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: REPO_STATUS - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Repository is the Schema for the repository API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: RepositorySpec defines the desired state of Repository - properties: - defaultBranch: - description: DefaultBranch of the repository (used when initializes - and in template) - type: string - description: - description: Description of the repository to create - type: string - gitignores: - description: Gitignores defines the Gitignores of the repository - type: string - issueLabels: - description: IssueLabels defines the Issue Label set to use - type: string - license: - description: License to use - type: string - lifecycle: - description: Lifecycle determines the deletion lifecycle policies - the resource will follow - properties: - deletionPolicy: - default: delete - description: DeletionPolicy specifies what will happen to the - underlying resource when this resource is deleted - either "delete" - or "orphan" the resource. - enum: - - delete - - orphan - type: string - type: object - private: - description: Private defines whether the repository is private - type: boolean - readme: - description: Readme of the repository to create - type: string - trustModel: - description: TrustModel of the repository - enum: - - default - - collaborator - - committer - - collaboratorcommitter - type: string - type: object - status: - description: RepositoryStatus defines the observed state of Repository - properties: - conditions: - description: Conditions of the resource. - items: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: REPO_STATUS + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Repository is the Schema for the repository API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: RepositorySpec defines the desired state of Repository + properties: + defaultBranch: + description: DefaultBranch of the repository (used when initializes and in template) + type: string + description: + description: Description of the repository to create + type: string + gitignores: + description: Gitignores defines the Gitignores of the repository + type: string + issueLabels: + description: IssueLabels defines the Issue Label set to use + type: string + license: + description: License to use + type: string + lifecycle: + description: Lifecycle determines the deletion lifecycle policies the resource will follow properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. + deletionPolicy: + default: delete + description: DeletionPolicy specifies what will happen to the underlying resource when this resource is deleted - either "delete" or "orphan" the resource. enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + - delete + - orphan type: string - required: - - lastTransitionTime - - message - - reason - - status - - type type: object - type: array - url: - description: URL is the url for the repo - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + private: + description: Private defines whether the repository is private + type: boolean + readme: + description: Readme of the repository to create + type: string + trustModel: + description: TrustModel of the repository + enum: + - default + - collaborator + - committer + - collaboratorcommitter + type: string + type: object + status: + description: RepositoryStatus defines the observed state of Repository + properties: + conditions: + description: Conditions of the resource. + items: + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + url: + description: URL is the url for the repo + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/nephio/core/nephio-operator/crd/bases/infra.nephio.org_tokens.yaml b/nephio/core/nephio-operator/crd/bases/infra.nephio.org_tokens.yaml index 4a421ee..7b2ad1a 100644 --- a/nephio/core/nephio-operator/crd/bases/infra.nephio.org_tokens.yaml +++ b/nephio/core/nephio-operator/crd/bases/infra.nephio.org_tokens.yaml @@ -1,4 +1,3 @@ ---- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -15,111 +14,87 @@ spec: singular: token scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: REPO_TOKEN_STATUS - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Token is the Schema for the repository token API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: TokenSpec defines the desired state of Token - properties: - lifecycle: - description: Lifecycle determines the deletion lifecycle policies - the resource will follow - properties: - deletionPolicy: - default: delete - description: DeletionPolicy specifies what will happen to the - underlying resource when this resource is deleted - either "delete" - or "orphan" the resource. - enum: - - delete - - orphan - type: string - type: object - type: object - status: - description: TokenStatus defines the observed state of the Token - properties: - conditions: - description: Conditions of the resource. - items: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: REPO_TOKEN_STATUS + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Token is the Schema for the repository token API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: TokenSpec defines the desired state of Token + properties: + lifecycle: + description: Lifecycle determines the deletion lifecycle policies the resource will follow properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. + deletionPolicy: + default: delete + description: DeletionPolicy specifies what will happen to the underlying resource when this resource is deleted - either "delete" or "orphan" the resource. enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + - delete + - orphan type: string - required: - - lastTransitionTime - - message - - reason - - status - - type type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: object + status: + description: TokenStatus defines the observed state of the Token + properties: + conditions: + description: Conditions of the resource. + items: + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/nephio/core/nephio-operator/crd/bases/infra.nephio.org_workloadclusters.yaml b/nephio/core/nephio-operator/crd/bases/infra.nephio.org_workloadclusters.yaml index bf1c5dc..0566583 100644 --- a/nephio/core/nephio-operator/crd/bases/infra.nephio.org_workloadclusters.yaml +++ b/nephio/core/nephio-operator/crd/bases/infra.nephio.org_workloadclusters.yaml @@ -1,4 +1,3 @@ ---- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -15,44 +14,39 @@ spec: singular: workloadcluster scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: WorkloadCluster is the Schema for the clustercontexts API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: WorkloadClusterSpec defines the desired state of WorkloadCluster - properties: - clusterName: - description: ClusterName is the unique name for this cluster - type: string - cnis: - description: CNIs defines the CNIs required for the workload cluster - items: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: WorkloadCluster is the Schema for the clustercontexts API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: WorkloadClusterSpec defines the desired state of WorkloadCluster + properties: + clusterName: + description: ClusterName is the unique name for this cluster type: string - type: array - masterInterface: - description: MasterInterface define the master interface for secondary - networking in the nodes on the cluster - type: string - type: object - status: - description: WorkloadClusterStatus defines the observed state of WorkloadCluster - type: object - type: object - served: true - storage: true - subresources: - status: {} + cnis: + description: CNIs defines the CNIs required for the workload cluster + items: + type: string + type: array + masterInterface: + description: MasterInterface define the master interface for secondary networking in the nodes on the cluster + type: string + type: object + status: + description: WorkloadClusterStatus defines the observed state of WorkloadCluster + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/nephio/core/nephio-operator/crd/bases/req.nephio.org_capacities.yaml b/nephio/core/nephio-operator/crd/bases/req.nephio.org_capacities.yaml index db2c947..5469b46 100644 --- a/nephio/core/nephio-operator/crd/bases/req.nephio.org_capacities.yaml +++ b/nephio/core/nephio-operator/crd/bases/req.nephio.org_capacities.yaml @@ -1,4 +1,3 @@ ---- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -15,55 +14,46 @@ spec: singular: capacity scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - maxDownlinkThroughput: - anyOf: - - type: integer - - type: string - description: MaxDownlinkThroughput defines the max downlink dataplane - throughput - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - maxNFConnections: - description: MaxNFConnections defines the max NF(s) that can be connected - to this NF/device - type: integer - maxSessions: - description: MaxSessions defines the max sessions of the control plane - expressed in unit of 1000s - type: integer - maxSubscribers: - description: MaxSubscribers defines the max subscribers expressed - in unit of 1000s - type: integer - maxUplinkThroughput: - anyOf: - - type: integer - - type: string - description: MaxUplinkThroughput defines the max uplink dataplane - throughput - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - status: - type: object - type: object - served: true - storage: true + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + maxDownlinkThroughput: + anyOf: + - type: integer + - type: string + description: MaxDownlinkThroughput defines the max downlink dataplane throughput + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + maxNFConnections: + description: MaxNFConnections defines the max NF(s) that can be connected to this NF/device + type: integer + maxSessions: + description: MaxSessions defines the max sessions of the control plane expressed in unit of 1000s + type: integer + maxSubscribers: + description: MaxSubscribers defines the max subscribers expressed in unit of 1000s + type: integer + maxUplinkThroughput: + anyOf: + - type: integer + - type: string + description: MaxUplinkThroughput defines the max uplink dataplane throughput + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + type: object + status: + type: object + type: object + served: true + storage: true diff --git a/nephio/core/nephio-operator/crd/bases/req.nephio.org_datanetworknames.yaml b/nephio/core/nephio-operator/crd/bases/req.nephio.org_datanetworknames.yaml index b6e26dd..4550cbd 100644 --- a/nephio/core/nephio-operator/crd/bases/req.nephio.org_datanetworknames.yaml +++ b/nephio/core/nephio-operator/crd/bases/req.nephio.org_datanetworknames.yaml @@ -1,4 +1,3 @@ ---- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -15,65 +14,56 @@ spec: singular: datanetworkname scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - networkInstanceReference: - description: NetworkInstance defines the networkInstance context to - which this DNN belongs - properties: - name: - description: Name is unique within a namespace to reference a - nfClass. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: Namespace is the namespace of the referent. This - field is required when referring to a Namespace-scoped resource - and MUST be unset when referring to a Cluster-scoped resource. - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - required: - - name - type: object - pools: - description: Pools defines the parameters of the IP pool associated - with the DNN - items: + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + networkInstanceReference: + description: NetworkInstance defines the networkInstance context to which this DNN belongs properties: name: - description: Name defines the name of the pool + description: Name is unique within a namespace to reference a nfClass. maxLength: 253 minLength: 1 type: string - prefixLength: - description: PrefixLength define the size of the pool - type: integer + namespace: + description: Namespace is the namespace of the referent. This field is required when referring to a Namespace-scoped resource and MUST be unset when referring to a Cluster-scoped resource. + maxLength: 63 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + type: string + required: + - name type: object - type: array - required: - - networkInstanceReference - type: object - status: - type: object - type: object - served: true - storage: true + pools: + description: Pools defines the parameters of the IP pool associated with the DNN + items: + properties: + name: + description: Name defines the name of the pool + maxLength: 253 + minLength: 1 + type: string + prefixLength: + description: PrefixLength define the size of the pool + type: integer + type: object + type: array + required: + - networkInstanceReference + type: object + status: + type: object + type: object + served: true + storage: true diff --git a/nephio/core/nephio-operator/crd/bases/req.nephio.org_datanetworks.yaml b/nephio/core/nephio-operator/crd/bases/req.nephio.org_datanetworks.yaml index d8783ed..241929d 100644 --- a/nephio/core/nephio-operator/crd/bases/req.nephio.org_datanetworks.yaml +++ b/nephio/core/nephio-operator/crd/bases/req.nephio.org_datanetworks.yaml @@ -1,4 +1,3 @@ ---- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -15,180 +14,137 @@ spec: singular: datanetwork scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - networkInstance: - description: NetworkInstance defines the networkInstance context to - which this DNN belongs Name and optionally Namespace is used here - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - pools: - description: Pools defines the parameters of the IP pool associated - with the DNN - items: + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + networkInstance: + description: NetworkInstance defines the networkInstance context to which this DNN belongs Name and optionally Namespace is used here properties: - ipFamily: - description: IPFamily defines the ip family of the pool - enum: - - ipv4 - - ipv6 + apiVersion: + description: API version of the referent. type: string - name: - description: Name defines the name of the pool - maxLength: 253 - minLength: 1 + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - prefixLength: - description: PrefixLength define the size of the pool - type: integer - type: object - type: array - required: - - networkInstance - type: object - status: - properties: - pools: - description: Pools contains the statuses of individual pools - items: - properties: - ipClaim: - description: IPClaim holds the result of the IP claim belonging - to the pool - properties: - conditions: - description: Conditions of the resource. - items: - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the - condition transitioned from one status to another. - This should be when the underlying condition changed. If - that is not known, then using the time when the - API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty - string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, - if .metadata.generation is currently 12, but the - .status.conditions[x].observedGeneration is 9, the - condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier - indicating the reason for the condition's last transition. - Producers of specific condition types may define - expected values and meanings for this field, and - whether the values are considered a guaranteed API. - The value should be a CamelCase string. This field - may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, - False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in - foo.example.com/CamelCase. --- Many .condition.type - values are consistent across resources like Available, - but because arbitrary conditions can be useful (see - .node.status.conditions), the ability to deconflict - is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - expiryTime: - description: ExpiryTime defines when the claim expires - type: string - gateway: - description: Gateway defines the gateway IP for the claimed - prefix Gateway is only relevant for prefix kind = network - type: string - prefix: - description: Prefix defines the prefix, claimed through - the IPAM backend - type: string - type: object name: - description: Name of the pool + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string type: object - type: array - type: object - type: object - served: true - storage: true + x-kubernetes-map-type: atomic + pools: + description: Pools defines the parameters of the IP pool associated with the DNN + items: + properties: + ipFamily: + description: IPFamily defines the ip family of the pool + enum: + - ipv4 + - ipv6 + type: string + name: + description: Name defines the name of the pool + maxLength: 253 + minLength: 1 + type: string + prefixLength: + description: PrefixLength define the size of the pool + type: integer + type: object + type: array + required: + - networkInstance + type: object + status: + properties: + pools: + description: Pools contains the statuses of individual pools + items: + properties: + ipClaim: + description: IPClaim holds the result of the IP claim belonging to the pool + properties: + conditions: + description: Conditions of the resource. + items: + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + expiryTime: + description: ExpiryTime defines when the claim expires + type: string + gateway: + description: Gateway defines the gateway IP for the claimed prefix Gateway is only relevant for prefix kind = network + type: string + prefix: + description: Prefix defines the prefix, claimed through the IPAM backend + type: string + type: object + name: + description: Name of the pool + type: string + type: object + type: array + type: object + type: object + served: true + storage: true diff --git a/nephio/core/nephio-operator/crd/bases/req.nephio.org_interfaces.yaml b/nephio/core/nephio-operator/crd/bases/req.nephio.org_interfaces.yaml index 20d1b80..82cd656 100644 --- a/nephio/core/nephio-operator/crd/bases/req.nephio.org_interfaces.yaml +++ b/nephio/core/nephio-operator/crd/bases/req.nephio.org_interfaces.yaml @@ -1,4 +1,3 @@ ---- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -15,250 +14,188 @@ spec: singular: interface scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: TBD how do we distinguish the loopback from the vnic(s) - properties: - attachmentType: - description: AttachmentType defines if the interface is attached using - a vlan or not - enum: - - none - - vlan - type: string - cniType: - description: CNIType defines the cniType that is used to attach the - interface to the pod - enum: - - sriov - - ipvlan - - macvlan - type: string - ipFamilyPolicy: - description: IpFamilyPolicy defines the ip family policy on this interface - to determine single stack, dual stack - enum: - - none - - ipv6-only - - ipv4-only - - dual-stack - type: string - networkInstance: - description: NetworkInstance defines the networkInstance to which - this interface belongs Name and optionally Namespace is used here - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - required: - - networkInstance - type: object - status: - properties: - ipClaimStatus: - items: - description: IPClaimStatus defines the observed state of IPClaim + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: TBD how do we distinguish the loopback from the vnic(s) + properties: + attachmentType: + description: AttachmentType defines if the interface is attached using a vlan or not + enum: + - none + - vlan + type: string + cniType: + description: CNIType defines the cniType that is used to attach the interface to the pod + enum: + - sriov + - ipvlan + - macvlan + type: string + ipFamilyPolicy: + description: IpFamilyPolicy defines the ip family policy on this interface to determine single stack, dual stack + enum: + - none + - ipv6-only + - ipv4-only + - dual-stack + type: string + networkInstance: + description: NetworkInstance defines the networkInstance to which this interface belongs Name and optionally Namespace is used here + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - networkInstance + type: object + status: + properties: + ipClaimStatus: + items: + description: IPClaimStatus defines the observed state of IPClaim + properties: + conditions: + description: Conditions of the resource. + items: + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + expiryTime: + description: ExpiryTime defines when the claim expires + type: string + gateway: + description: Gateway defines the gateway IP for the claimed prefix Gateway is only relevant for prefix kind = network + type: string + prefix: + description: Prefix defines the prefix, claimed through the IPAM backend + type: string + type: object + type: array + vlanClaimStatus: + description: VLANClaimStatus defines the observed state of VLANClaim properties: conditions: description: Conditions of the resource. items: properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should - be when the underlying condition changed. If that is - not known, then using the time when the API field changed - is acceptable. + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. + description: message is a human readable message indicating details about the transition. This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, - if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the - current state of the instance. + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier - indicating the reason for the condition's last transition. - Producers of specific condition types may define expected - values and meanings for this field, and whether the - values are considered a guaranteed API. The value should - be a CamelCase string. This field may not be empty. + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string status: - description: status of the condition, one of True, False, - Unknown. + description: status of the condition, one of True, False, Unknown. enum: - - "True" - - "False" - - Unknown + - "True" + - "False" + - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across - resources like Available, but because arbitrary conditions - can be useful (see .node.status.conditions), the ability - to deconflict is important. The regex it matches is - (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - lastTransitionTime + - message + - reason + - status + - type type: object type: array expiryTime: - description: ExpiryTime defines when the claim expires - type: string - gateway: - description: Gateway defines the gateway IP for the claimed - prefix Gateway is only relevant for prefix kind = network + description: ExpiryTime indicated when the claim expires type: string - prefix: - description: Prefix defines the prefix, claimed through the - IPAM backend + vlanID: + description: VLANID defines the vlan ID, claimed through the VLAN backend + type: integer + vlanRange: + description: VLANRange defines the vlan range, claimed through the VLAN backend type: string type: object - type: array - vlanClaimStatus: - description: VLANClaimStatus defines the observed state of VLANClaim - properties: - conditions: - description: Conditions of the resource. - items: - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be - when the underlying condition changed. If that is not - known, then using the time when the API field changed - is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if - .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the - current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values - and meanings for this field, and whether the values are - considered a guaranteed API. The value should be a CamelCase - string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, - Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across - resources like Available, but because arbitrary conditions - can be useful (see .node.status.conditions), the ability - to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - expiryTime: - description: ExpiryTime indicated when the claim expires - type: string - vlanID: - description: VLANID defines the vlan ID, claimed through the VLAN - backend - type: integer - vlanRange: - description: VLANRange defines the vlan range, claimed through - the VLAN backend - type: string - type: object - type: object - type: object - served: true - storage: true + type: object + type: object + served: true + storage: true diff --git a/nephio/core/nephio-operator/crd/bases/workload.nephio.org_amfdeployments.yaml b/nephio/core/nephio-operator/crd/bases/workload.nephio.org_amfdeployments.yaml index fc5d62e..0cc1b87 100644 --- a/nephio/core/nephio-operator/crd/bases/workload.nephio.org_amfdeployments.yaml +++ b/nephio/core/nephio-operator/crd/bases/workload.nephio.org_amfdeployments.yaml @@ -1,4 +1,3 @@ ---- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -15,386 +14,284 @@ spec: singular: amfdeployment scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - capacity: - description: capacity defines the capacity characteristics of the - NF deployment - properties: - maxDownlinkThroughput: - anyOf: - - type: integer - - type: string - description: MaxDownlinkThroughput defines the max downlink dataplane - throughput - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - maxNFConnections: - description: MaxNFConnections defines the max NF(s) that can be - connected to this NF/device - type: integer - maxSessions: - description: MaxSessions defines the max sessions of the control - plane expressed in unit of 1000s - type: integer - maxSubscribers: - description: MaxSubscribers defines the max subscribers expressed - in unit of 1000s - type: integer - maxUplinkThroughput: - anyOf: - - type: integer - - type: string - description: MaxUplinkThroughput defines the max uplink dataplane - throughput - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - configRefs: - description: configRef defines addiitonal configuration references - the nf depends upon - items: - description: "ObjectReference contains enough information to let - you inspect or modify the referred object. --- New uses of this - type are discouraged because of difficulty describing its usage - when embedded in APIs. 1. Ignored fields. It includes many fields - which are not generally honored. For instance, ResourceVersion - and FieldPath are both very rarely valid in actual usage. 2. Invalid - usage help. It is impossible to add specific help for individual - usage. In most embedded usages, there are particular restrictions - like, \"must refer only to types A and B\" or \"UID not honored\" - or \"name must be restricted\". Those cannot be well described - when embedded. 3. Inconsistent validation. Because the usages - are different, the validation rules are different by usage, which - makes it hard for users to predict what will happen. 4. The fields - are both imprecise and overly precise. Kind is not a precise - mapping to a URL. This can produce ambiguity during interpretation - and require a REST mapping. In most cases, the dependency is - on the group,resource tuple and the version of the actual struct - is irrelevant. 5. We cannot easily change it. Because this type - is embedded in many locations, updates to this type will affect - numerous schemas. Don't make new APIs embed an underspecified - API type they do not control. \n Instead of using this type, create - a locally provided and used type that is well-focused on your - reference. For example, ServiceReferences for admission registration: - https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 - ." + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + capacity: + description: capacity defines the capacity characteristics of the NF deployment properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - type: array - interfaces: - description: Interfaces defines the interfaces associated with the - NF deployment - items: - description: InterfaceConfig defines the configuration of the interface - properties: - ipv4: - description: IPv4 defines the ipv4 configuration of the interface - properties: - address: - description: Address defines the IPv4 address and prefix - length in CIDR notation [IP prefix, range IPv4 with host - bits] - type: string - gateway: - description: Gateway defines the IPv4 address associated - to the interface as a gateway - type: string - required: - - address - type: object - ipv6: - description: IPv6Config defines the ipv6 configuration of the - interface - properties: - address: - description: Address defines the IPv6 address and prefix - length in CIDR notation [IP prefix, range IPv6 with host - bits] - type: string - gateway: - description: Gateway defines the IPv6 address associated - to the interface as a gateway - type: string - required: - - address - type: object - name: - description: Name defines the name of the interface - maxLength: 253 - minLength: 1 - type: string - vlanID: - description: VLANID defines the specific vlan id associated - on this interface + maxDownlinkThroughput: + anyOf: + - type: integer + - type: string + description: MaxDownlinkThroughput defines the max downlink dataplane throughput + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + maxNFConnections: + description: MaxNFConnections defines the max NF(s) that can be connected to this NF/device + type: integer + maxSessions: + description: MaxSessions defines the max sessions of the control plane expressed in unit of 1000s type: integer - required: - - name + maxSubscribers: + description: MaxSubscribers defines the max subscribers expressed in unit of 1000s + type: integer + maxUplinkThroughput: + anyOf: + - type: integer + - type: string + description: MaxUplinkThroughput defines the max uplink dataplane throughput + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true type: object - type: array - networkInstances: - description: NetworkInstances defines the network instances associated - with the NF deployment - items: - description: A networkInstance is a Layer 3 forwarding construct - such as a virtual routing and forwarding (VRF) instance, - properties: - bgp: - description: BGP defines the BGP configuration associated with - the network instance - properties: - autonomousSystem: - description: AutonomousSystem defines the AS number of the - bgp process - type: integer - bgpNeighbors: - description: BGPNeigbors defines the configuration of the - BGP neighbor - items: - properties: - address: - description: Address defines the IPv4 or IPv6 address - of the BGP neighbor - type: string - name: - description: BGP interface name, MUST match the one - use in InterfaceConfig - type: string - peerAS: - description: PeerAS defines the AS number of the bgp - peer - type: integer - required: - - address - - peerAS - type: object - type: array - routerID: - description: RouterID defines the router ID of the bgp process - type: string - required: - - autonomousSystem - - bgpNeighbors - - routerID - type: object - dataNetworks: - description: DataNetworks defines the data networks assocated - with the network instance - items: - description: A DataNetwork defines the Data Network name defined - by 3GPP + configRefs: + description: configRef defines addiitonal configuration references the nf depends upon + items: + description: "ObjectReference contains enough information to let you inspect or modify the referred object. --- New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular restrictions like, \"must refer only to types A and B\" or \"UID not honored\" or \"name must be restricted\". Those cannot be well described when embedded. 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple and the version of the actual struct is irrelevant. 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. \n Instead of using this type, create a locally provided and used type that is well-focused on your reference. For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 ." + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + type: array + interfaces: + description: Interfaces defines the interfaces associated with the NF deployment + items: + description: InterfaceConfig defines the configuration of the interface + properties: + ipv4: + description: IPv4 defines the ipv4 configuration of the interface + properties: + address: + description: Address defines the IPv4 address and prefix length in CIDR notation [IP prefix, range IPv4 with host bits] + type: string + gateway: + description: Gateway defines the IPv4 address associated to the interface as a gateway + type: string + required: + - address + type: object + ipv6: + description: IPv6Config defines the ipv6 configuration of the interface properties: - name: - description: Name defines the name of the data network - maxLength: 253 - minLength: 1 + address: + description: Address defines the IPv6 address and prefix length in CIDR notation [IP prefix, range IPv6 with host bits] + type: string + gateway: + description: Gateway defines the IPv6 address associated to the interface as a gateway type: string - pool: - description: Pool defines the list of address pools associated - with the data network + required: + - address + type: object + name: + description: Name defines the name of the interface + maxLength: 253 + minLength: 1 + type: string + vlanID: + description: VLANID defines the specific vlan id associated on this interface + type: integer + required: + - name + type: object + type: array + networkInstances: + description: NetworkInstances defines the network instances associated with the NF deployment + items: + description: A networkInstance is a Layer 3 forwarding construct such as a virtual routing and forwarding (VRF) instance, + properties: + bgp: + description: BGP defines the BGP configuration associated with the network instance + properties: + autonomousSystem: + description: AutonomousSystem defines the AS number of the bgp process + type: integer + bgpNeighbors: + description: BGPNeigbors defines the configuration of the BGP neighbor items: properties: - prefix: - description: Prefix defines the ip cidr in prefix - notation. It is defines as a subnet - pattern: (([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/(([0-9])|([1-2][0-9])|(3[0-2]))|((:|[0-9a-fA-F]{0,4}):)([0-9a-fA-F]{0,4}:){0,5}((([0-9a-fA-F]{0,4}:)?(:|[0-9a-fA-F]{0,4}))|(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])))(/(([0-9])|([0-9]{2})|(1[0-1][0-9])|(12[0-8]))) + address: + description: Address defines the IPv4 or IPv6 address of the BGP neighbor type: string + name: + description: BGP interface name, MUST match the one use in InterfaceConfig + type: string + peerAS: + description: PeerAS defines the AS number of the bgp peer + type: integer required: - - prefix + - address + - peerAS type: object type: array - type: object - type: array - interfaces: - description: interfaces defines the interfaces associated with - the network instance - items: - type: string - type: array - name: - description: Name defines the name of the network instance - maxLength: 253 - minLength: 1 - type: string - peers: - description: Peers defines the peer configuration associated - with the network instance - items: - description: A PeerConfig defines the peer configuration - properties: - ipv4: - description: IPv4 defines the ipv4 configuration of the - peer - properties: - address: - description: Address defines the IPv4 address and - prefix length in CIDR notation [IP prefix, range - IPv4 with host bits] - type: string - gateway: - description: Gateway defines the IPv4 address associated - to the interface as a gateway - type: string - required: - - address - type: object - ipv6: - description: IPv6 defines the ipv6 configuration of the - peer - properties: - address: - description: Address defines the IPv6 address and - prefix length in CIDR notation [IP prefix, range - IPv6 with host bits] - type: string - gateway: - description: Gateway defines the IPv6 address associated - to the interface as a gateway - type: string - required: - - address - type: object - name: - description: Name defines the name of the data network - maxLength: 253 - minLength: 1 + routerID: + description: RouterID defines the router ID of the bgp process type: string + required: + - autonomousSystem + - bgpNeighbors + - routerID type: object - type: array - required: - - name - type: object - type: array - type: object - status: - properties: - conditions: - description: Conditions define the current state of the NF deployment - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - observedGeneration: - description: The generation observed by the deployment controller. - format: int32 - type: integer - required: - - observedGeneration - type: object - type: object - served: true - storage: true - subresources: - status: {} + dataNetworks: + description: DataNetworks defines the data networks assocated with the network instance + items: + description: A DataNetwork defines the Data Network name defined by 3GPP + properties: + name: + description: Name defines the name of the data network + maxLength: 253 + minLength: 1 + type: string + pool: + description: Pool defines the list of address pools associated with the data network + items: + properties: + prefix: + description: Prefix defines the ip cidr in prefix notation. It is defines as a subnet + pattern: (([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/(([0-9])|([1-2][0-9])|(3[0-2]))|((:|[0-9a-fA-F]{0,4}):)([0-9a-fA-F]{0,4}:){0,5}((([0-9a-fA-F]{0,4}:)?(:|[0-9a-fA-F]{0,4}))|(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])))(/(([0-9])|([0-9]{2})|(1[0-1][0-9])|(12[0-8]))) + type: string + required: + - prefix + type: object + type: array + type: object + type: array + interfaces: + description: interfaces defines the interfaces associated with the network instance + items: + type: string + type: array + name: + description: Name defines the name of the network instance + maxLength: 253 + minLength: 1 + type: string + peers: + description: Peers defines the peer configuration associated with the network instance + items: + description: A PeerConfig defines the peer configuration + properties: + ipv4: + description: IPv4 defines the ipv4 configuration of the peer + properties: + address: + description: Address defines the IPv4 address and prefix length in CIDR notation [IP prefix, range IPv4 with host bits] + type: string + gateway: + description: Gateway defines the IPv4 address associated to the interface as a gateway + type: string + required: + - address + type: object + ipv6: + description: IPv6 defines the ipv6 configuration of the peer + properties: + address: + description: Address defines the IPv6 address and prefix length in CIDR notation [IP prefix, range IPv6 with host bits] + type: string + gateway: + description: Gateway defines the IPv6 address associated to the interface as a gateway + type: string + required: + - address + type: object + name: + description: Name defines the name of the data network + maxLength: 253 + minLength: 1 + type: string + type: object + type: array + required: + - name + type: object + type: array + type: object + status: + properties: + conditions: + description: Conditions define the current state of the NF deployment + items: + description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + observedGeneration: + description: The generation observed by the deployment controller. + format: int32 + type: integer + required: + - observedGeneration + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/nephio/core/nephio-operator/crd/bases/workload.nephio.org_smfdeployments.yaml b/nephio/core/nephio-operator/crd/bases/workload.nephio.org_smfdeployments.yaml index 50c7627..b7b7c7a 100644 --- a/nephio/core/nephio-operator/crd/bases/workload.nephio.org_smfdeployments.yaml +++ b/nephio/core/nephio-operator/crd/bases/workload.nephio.org_smfdeployments.yaml @@ -1,4 +1,3 @@ ---- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -15,386 +14,284 @@ spec: singular: smfdeployment scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - capacity: - description: capacity defines the capacity characteristics of the - NF deployment - properties: - maxDownlinkThroughput: - anyOf: - - type: integer - - type: string - description: MaxDownlinkThroughput defines the max downlink dataplane - throughput - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - maxNFConnections: - description: MaxNFConnections defines the max NF(s) that can be - connected to this NF/device - type: integer - maxSessions: - description: MaxSessions defines the max sessions of the control - plane expressed in unit of 1000s - type: integer - maxSubscribers: - description: MaxSubscribers defines the max subscribers expressed - in unit of 1000s - type: integer - maxUplinkThroughput: - anyOf: - - type: integer - - type: string - description: MaxUplinkThroughput defines the max uplink dataplane - throughput - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - configRefs: - description: configRef defines addiitonal configuration references - the nf depends upon - items: - description: "ObjectReference contains enough information to let - you inspect or modify the referred object. --- New uses of this - type are discouraged because of difficulty describing its usage - when embedded in APIs. 1. Ignored fields. It includes many fields - which are not generally honored. For instance, ResourceVersion - and FieldPath are both very rarely valid in actual usage. 2. Invalid - usage help. It is impossible to add specific help for individual - usage. In most embedded usages, there are particular restrictions - like, \"must refer only to types A and B\" or \"UID not honored\" - or \"name must be restricted\". Those cannot be well described - when embedded. 3. Inconsistent validation. Because the usages - are different, the validation rules are different by usage, which - makes it hard for users to predict what will happen. 4. The fields - are both imprecise and overly precise. Kind is not a precise - mapping to a URL. This can produce ambiguity during interpretation - and require a REST mapping. In most cases, the dependency is - on the group,resource tuple and the version of the actual struct - is irrelevant. 5. We cannot easily change it. Because this type - is embedded in many locations, updates to this type will affect - numerous schemas. Don't make new APIs embed an underspecified - API type they do not control. \n Instead of using this type, create - a locally provided and used type that is well-focused on your - reference. For example, ServiceReferences for admission registration: - https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 - ." + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + capacity: + description: capacity defines the capacity characteristics of the NF deployment properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - type: array - interfaces: - description: Interfaces defines the interfaces associated with the - NF deployment - items: - description: InterfaceConfig defines the configuration of the interface - properties: - ipv4: - description: IPv4 defines the ipv4 configuration of the interface - properties: - address: - description: Address defines the IPv4 address and prefix - length in CIDR notation [IP prefix, range IPv4 with host - bits] - type: string - gateway: - description: Gateway defines the IPv4 address associated - to the interface as a gateway - type: string - required: - - address - type: object - ipv6: - description: IPv6Config defines the ipv6 configuration of the - interface - properties: - address: - description: Address defines the IPv6 address and prefix - length in CIDR notation [IP prefix, range IPv6 with host - bits] - type: string - gateway: - description: Gateway defines the IPv6 address associated - to the interface as a gateway - type: string - required: - - address - type: object - name: - description: Name defines the name of the interface - maxLength: 253 - minLength: 1 - type: string - vlanID: - description: VLANID defines the specific vlan id associated - on this interface + maxDownlinkThroughput: + anyOf: + - type: integer + - type: string + description: MaxDownlinkThroughput defines the max downlink dataplane throughput + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + maxNFConnections: + description: MaxNFConnections defines the max NF(s) that can be connected to this NF/device + type: integer + maxSessions: + description: MaxSessions defines the max sessions of the control plane expressed in unit of 1000s type: integer - required: - - name + maxSubscribers: + description: MaxSubscribers defines the max subscribers expressed in unit of 1000s + type: integer + maxUplinkThroughput: + anyOf: + - type: integer + - type: string + description: MaxUplinkThroughput defines the max uplink dataplane throughput + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true type: object - type: array - networkInstances: - description: NetworkInstances defines the network instances associated - with the NF deployment - items: - description: A networkInstance is a Layer 3 forwarding construct - such as a virtual routing and forwarding (VRF) instance, - properties: - bgp: - description: BGP defines the BGP configuration associated with - the network instance - properties: - autonomousSystem: - description: AutonomousSystem defines the AS number of the - bgp process - type: integer - bgpNeighbors: - description: BGPNeigbors defines the configuration of the - BGP neighbor - items: - properties: - address: - description: Address defines the IPv4 or IPv6 address - of the BGP neighbor - type: string - name: - description: BGP interface name, MUST match the one - use in InterfaceConfig - type: string - peerAS: - description: PeerAS defines the AS number of the bgp - peer - type: integer - required: - - address - - peerAS - type: object - type: array - routerID: - description: RouterID defines the router ID of the bgp process - type: string - required: - - autonomousSystem - - bgpNeighbors - - routerID - type: object - dataNetworks: - description: DataNetworks defines the data networks assocated - with the network instance - items: - description: A DataNetwork defines the Data Network name defined - by 3GPP + configRefs: + description: configRef defines addiitonal configuration references the nf depends upon + items: + description: "ObjectReference contains enough information to let you inspect or modify the referred object. --- New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular restrictions like, \"must refer only to types A and B\" or \"UID not honored\" or \"name must be restricted\". Those cannot be well described when embedded. 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple and the version of the actual struct is irrelevant. 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. \n Instead of using this type, create a locally provided and used type that is well-focused on your reference. For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 ." + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + type: array + interfaces: + description: Interfaces defines the interfaces associated with the NF deployment + items: + description: InterfaceConfig defines the configuration of the interface + properties: + ipv4: + description: IPv4 defines the ipv4 configuration of the interface + properties: + address: + description: Address defines the IPv4 address and prefix length in CIDR notation [IP prefix, range IPv4 with host bits] + type: string + gateway: + description: Gateway defines the IPv4 address associated to the interface as a gateway + type: string + required: + - address + type: object + ipv6: + description: IPv6Config defines the ipv6 configuration of the interface properties: - name: - description: Name defines the name of the data network - maxLength: 253 - minLength: 1 + address: + description: Address defines the IPv6 address and prefix length in CIDR notation [IP prefix, range IPv6 with host bits] + type: string + gateway: + description: Gateway defines the IPv6 address associated to the interface as a gateway type: string - pool: - description: Pool defines the list of address pools associated - with the data network + required: + - address + type: object + name: + description: Name defines the name of the interface + maxLength: 253 + minLength: 1 + type: string + vlanID: + description: VLANID defines the specific vlan id associated on this interface + type: integer + required: + - name + type: object + type: array + networkInstances: + description: NetworkInstances defines the network instances associated with the NF deployment + items: + description: A networkInstance is a Layer 3 forwarding construct such as a virtual routing and forwarding (VRF) instance, + properties: + bgp: + description: BGP defines the BGP configuration associated with the network instance + properties: + autonomousSystem: + description: AutonomousSystem defines the AS number of the bgp process + type: integer + bgpNeighbors: + description: BGPNeigbors defines the configuration of the BGP neighbor items: properties: - prefix: - description: Prefix defines the ip cidr in prefix - notation. It is defines as a subnet - pattern: (([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/(([0-9])|([1-2][0-9])|(3[0-2]))|((:|[0-9a-fA-F]{0,4}):)([0-9a-fA-F]{0,4}:){0,5}((([0-9a-fA-F]{0,4}:)?(:|[0-9a-fA-F]{0,4}))|(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])))(/(([0-9])|([0-9]{2})|(1[0-1][0-9])|(12[0-8]))) + address: + description: Address defines the IPv4 or IPv6 address of the BGP neighbor type: string + name: + description: BGP interface name, MUST match the one use in InterfaceConfig + type: string + peerAS: + description: PeerAS defines the AS number of the bgp peer + type: integer required: - - prefix + - address + - peerAS type: object type: array - type: object - type: array - interfaces: - description: interfaces defines the interfaces associated with - the network instance - items: - type: string - type: array - name: - description: Name defines the name of the network instance - maxLength: 253 - minLength: 1 - type: string - peers: - description: Peers defines the peer configuration associated - with the network instance - items: - description: A PeerConfig defines the peer configuration - properties: - ipv4: - description: IPv4 defines the ipv4 configuration of the - peer - properties: - address: - description: Address defines the IPv4 address and - prefix length in CIDR notation [IP prefix, range - IPv4 with host bits] - type: string - gateway: - description: Gateway defines the IPv4 address associated - to the interface as a gateway - type: string - required: - - address - type: object - ipv6: - description: IPv6 defines the ipv6 configuration of the - peer - properties: - address: - description: Address defines the IPv6 address and - prefix length in CIDR notation [IP prefix, range - IPv6 with host bits] - type: string - gateway: - description: Gateway defines the IPv6 address associated - to the interface as a gateway - type: string - required: - - address - type: object - name: - description: Name defines the name of the data network - maxLength: 253 - minLength: 1 + routerID: + description: RouterID defines the router ID of the bgp process type: string + required: + - autonomousSystem + - bgpNeighbors + - routerID type: object - type: array - required: - - name - type: object - type: array - type: object - status: - properties: - conditions: - description: Conditions define the current state of the NF deployment - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - observedGeneration: - description: The generation observed by the deployment controller. - format: int32 - type: integer - required: - - observedGeneration - type: object - type: object - served: true - storage: true - subresources: - status: {} + dataNetworks: + description: DataNetworks defines the data networks assocated with the network instance + items: + description: A DataNetwork defines the Data Network name defined by 3GPP + properties: + name: + description: Name defines the name of the data network + maxLength: 253 + minLength: 1 + type: string + pool: + description: Pool defines the list of address pools associated with the data network + items: + properties: + prefix: + description: Prefix defines the ip cidr in prefix notation. It is defines as a subnet + pattern: (([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/(([0-9])|([1-2][0-9])|(3[0-2]))|((:|[0-9a-fA-F]{0,4}):)([0-9a-fA-F]{0,4}:){0,5}((([0-9a-fA-F]{0,4}:)?(:|[0-9a-fA-F]{0,4}))|(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])))(/(([0-9])|([0-9]{2})|(1[0-1][0-9])|(12[0-8]))) + type: string + required: + - prefix + type: object + type: array + type: object + type: array + interfaces: + description: interfaces defines the interfaces associated with the network instance + items: + type: string + type: array + name: + description: Name defines the name of the network instance + maxLength: 253 + minLength: 1 + type: string + peers: + description: Peers defines the peer configuration associated with the network instance + items: + description: A PeerConfig defines the peer configuration + properties: + ipv4: + description: IPv4 defines the ipv4 configuration of the peer + properties: + address: + description: Address defines the IPv4 address and prefix length in CIDR notation [IP prefix, range IPv4 with host bits] + type: string + gateway: + description: Gateway defines the IPv4 address associated to the interface as a gateway + type: string + required: + - address + type: object + ipv6: + description: IPv6 defines the ipv6 configuration of the peer + properties: + address: + description: Address defines the IPv6 address and prefix length in CIDR notation [IP prefix, range IPv6 with host bits] + type: string + gateway: + description: Gateway defines the IPv6 address associated to the interface as a gateway + type: string + required: + - address + type: object + name: + description: Name defines the name of the data network + maxLength: 253 + minLength: 1 + type: string + type: object + type: array + required: + - name + type: object + type: array + type: object + status: + properties: + conditions: + description: Conditions define the current state of the NF deployment + items: + description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + observedGeneration: + description: The generation observed by the deployment controller. + format: int32 + type: integer + required: + - observedGeneration + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/nephio/core/nephio-operator/crd/bases/workload.nephio.org_upfdeployments.yaml b/nephio/core/nephio-operator/crd/bases/workload.nephio.org_upfdeployments.yaml index 5839f61..508b7c3 100644 --- a/nephio/core/nephio-operator/crd/bases/workload.nephio.org_upfdeployments.yaml +++ b/nephio/core/nephio-operator/crd/bases/workload.nephio.org_upfdeployments.yaml @@ -1,4 +1,3 @@ ---- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -15,386 +14,284 @@ spec: singular: upfdeployment scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - capacity: - description: capacity defines the capacity characteristics of the - NF deployment - properties: - maxDownlinkThroughput: - anyOf: - - type: integer - - type: string - description: MaxDownlinkThroughput defines the max downlink dataplane - throughput - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - maxNFConnections: - description: MaxNFConnections defines the max NF(s) that can be - connected to this NF/device - type: integer - maxSessions: - description: MaxSessions defines the max sessions of the control - plane expressed in unit of 1000s - type: integer - maxSubscribers: - description: MaxSubscribers defines the max subscribers expressed - in unit of 1000s - type: integer - maxUplinkThroughput: - anyOf: - - type: integer - - type: string - description: MaxUplinkThroughput defines the max uplink dataplane - throughput - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - configRefs: - description: configRef defines addiitonal configuration references - the nf depends upon - items: - description: "ObjectReference contains enough information to let - you inspect or modify the referred object. --- New uses of this - type are discouraged because of difficulty describing its usage - when embedded in APIs. 1. Ignored fields. It includes many fields - which are not generally honored. For instance, ResourceVersion - and FieldPath are both very rarely valid in actual usage. 2. Invalid - usage help. It is impossible to add specific help for individual - usage. In most embedded usages, there are particular restrictions - like, \"must refer only to types A and B\" or \"UID not honored\" - or \"name must be restricted\". Those cannot be well described - when embedded. 3. Inconsistent validation. Because the usages - are different, the validation rules are different by usage, which - makes it hard for users to predict what will happen. 4. The fields - are both imprecise and overly precise. Kind is not a precise - mapping to a URL. This can produce ambiguity during interpretation - and require a REST mapping. In most cases, the dependency is - on the group,resource tuple and the version of the actual struct - is irrelevant. 5. We cannot easily change it. Because this type - is embedded in many locations, updates to this type will affect - numerous schemas. Don't make new APIs embed an underspecified - API type they do not control. \n Instead of using this type, create - a locally provided and used type that is well-focused on your - reference. For example, ServiceReferences for admission registration: - https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 - ." + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + capacity: + description: capacity defines the capacity characteristics of the NF deployment properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - type: array - interfaces: - description: Interfaces defines the interfaces associated with the - NF deployment - items: - description: InterfaceConfig defines the configuration of the interface - properties: - ipv4: - description: IPv4 defines the ipv4 configuration of the interface - properties: - address: - description: Address defines the IPv4 address and prefix - length in CIDR notation [IP prefix, range IPv4 with host - bits] - type: string - gateway: - description: Gateway defines the IPv4 address associated - to the interface as a gateway - type: string - required: - - address - type: object - ipv6: - description: IPv6Config defines the ipv6 configuration of the - interface - properties: - address: - description: Address defines the IPv6 address and prefix - length in CIDR notation [IP prefix, range IPv6 with host - bits] - type: string - gateway: - description: Gateway defines the IPv6 address associated - to the interface as a gateway - type: string - required: - - address - type: object - name: - description: Name defines the name of the interface - maxLength: 253 - minLength: 1 - type: string - vlanID: - description: VLANID defines the specific vlan id associated - on this interface + maxDownlinkThroughput: + anyOf: + - type: integer + - type: string + description: MaxDownlinkThroughput defines the max downlink dataplane throughput + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + maxNFConnections: + description: MaxNFConnections defines the max NF(s) that can be connected to this NF/device + type: integer + maxSessions: + description: MaxSessions defines the max sessions of the control plane expressed in unit of 1000s type: integer - required: - - name + maxSubscribers: + description: MaxSubscribers defines the max subscribers expressed in unit of 1000s + type: integer + maxUplinkThroughput: + anyOf: + - type: integer + - type: string + description: MaxUplinkThroughput defines the max uplink dataplane throughput + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true type: object - type: array - networkInstances: - description: NetworkInstances defines the network instances associated - with the NF deployment - items: - description: A networkInstance is a Layer 3 forwarding construct - such as a virtual routing and forwarding (VRF) instance, - properties: - bgp: - description: BGP defines the BGP configuration associated with - the network instance - properties: - autonomousSystem: - description: AutonomousSystem defines the AS number of the - bgp process - type: integer - bgpNeighbors: - description: BGPNeigbors defines the configuration of the - BGP neighbor - items: - properties: - address: - description: Address defines the IPv4 or IPv6 address - of the BGP neighbor - type: string - name: - description: BGP interface name, MUST match the one - use in InterfaceConfig - type: string - peerAS: - description: PeerAS defines the AS number of the bgp - peer - type: integer - required: - - address - - peerAS - type: object - type: array - routerID: - description: RouterID defines the router ID of the bgp process - type: string - required: - - autonomousSystem - - bgpNeighbors - - routerID - type: object - dataNetworks: - description: DataNetworks defines the data networks assocated - with the network instance - items: - description: A DataNetwork defines the Data Network name defined - by 3GPP + configRefs: + description: configRef defines addiitonal configuration references the nf depends upon + items: + description: "ObjectReference contains enough information to let you inspect or modify the referred object. --- New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs. 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage. 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular restrictions like, \"must refer only to types A and B\" or \"UID not honored\" or \"name must be restricted\". Those cannot be well described when embedded. 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen. 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple and the version of the actual struct is irrelevant. 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control. \n Instead of using this type, create a locally provided and used type that is well-focused on your reference. For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 ." + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + type: array + interfaces: + description: Interfaces defines the interfaces associated with the NF deployment + items: + description: InterfaceConfig defines the configuration of the interface + properties: + ipv4: + description: IPv4 defines the ipv4 configuration of the interface + properties: + address: + description: Address defines the IPv4 address and prefix length in CIDR notation [IP prefix, range IPv4 with host bits] + type: string + gateway: + description: Gateway defines the IPv4 address associated to the interface as a gateway + type: string + required: + - address + type: object + ipv6: + description: IPv6Config defines the ipv6 configuration of the interface properties: - name: - description: Name defines the name of the data network - maxLength: 253 - minLength: 1 + address: + description: Address defines the IPv6 address and prefix length in CIDR notation [IP prefix, range IPv6 with host bits] + type: string + gateway: + description: Gateway defines the IPv6 address associated to the interface as a gateway type: string - pool: - description: Pool defines the list of address pools associated - with the data network + required: + - address + type: object + name: + description: Name defines the name of the interface + maxLength: 253 + minLength: 1 + type: string + vlanID: + description: VLANID defines the specific vlan id associated on this interface + type: integer + required: + - name + type: object + type: array + networkInstances: + description: NetworkInstances defines the network instances associated with the NF deployment + items: + description: A networkInstance is a Layer 3 forwarding construct such as a virtual routing and forwarding (VRF) instance, + properties: + bgp: + description: BGP defines the BGP configuration associated with the network instance + properties: + autonomousSystem: + description: AutonomousSystem defines the AS number of the bgp process + type: integer + bgpNeighbors: + description: BGPNeigbors defines the configuration of the BGP neighbor items: properties: - prefix: - description: Prefix defines the ip cidr in prefix - notation. It is defines as a subnet - pattern: (([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/(([0-9])|([1-2][0-9])|(3[0-2]))|((:|[0-9a-fA-F]{0,4}):)([0-9a-fA-F]{0,4}:){0,5}((([0-9a-fA-F]{0,4}:)?(:|[0-9a-fA-F]{0,4}))|(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])))(/(([0-9])|([0-9]{2})|(1[0-1][0-9])|(12[0-8]))) + address: + description: Address defines the IPv4 or IPv6 address of the BGP neighbor type: string + name: + description: BGP interface name, MUST match the one use in InterfaceConfig + type: string + peerAS: + description: PeerAS defines the AS number of the bgp peer + type: integer required: - - prefix + - address + - peerAS type: object type: array - type: object - type: array - interfaces: - description: interfaces defines the interfaces associated with - the network instance - items: - type: string - type: array - name: - description: Name defines the name of the network instance - maxLength: 253 - minLength: 1 - type: string - peers: - description: Peers defines the peer configuration associated - with the network instance - items: - description: A PeerConfig defines the peer configuration - properties: - ipv4: - description: IPv4 defines the ipv4 configuration of the - peer - properties: - address: - description: Address defines the IPv4 address and - prefix length in CIDR notation [IP prefix, range - IPv4 with host bits] - type: string - gateway: - description: Gateway defines the IPv4 address associated - to the interface as a gateway - type: string - required: - - address - type: object - ipv6: - description: IPv6 defines the ipv6 configuration of the - peer - properties: - address: - description: Address defines the IPv6 address and - prefix length in CIDR notation [IP prefix, range - IPv6 with host bits] - type: string - gateway: - description: Gateway defines the IPv6 address associated - to the interface as a gateway - type: string - required: - - address - type: object - name: - description: Name defines the name of the data network - maxLength: 253 - minLength: 1 + routerID: + description: RouterID defines the router ID of the bgp process type: string + required: + - autonomousSystem + - bgpNeighbors + - routerID type: object - type: array - required: - - name - type: object - type: array - type: object - status: - properties: - conditions: - description: Conditions define the current state of the NF deployment - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - observedGeneration: - description: The generation observed by the deployment controller. - format: int32 - type: integer - required: - - observedGeneration - type: object - type: object - served: true - storage: true - subresources: - status: {} + dataNetworks: + description: DataNetworks defines the data networks assocated with the network instance + items: + description: A DataNetwork defines the Data Network name defined by 3GPP + properties: + name: + description: Name defines the name of the data network + maxLength: 253 + minLength: 1 + type: string + pool: + description: Pool defines the list of address pools associated with the data network + items: + properties: + prefix: + description: Prefix defines the ip cidr in prefix notation. It is defines as a subnet + pattern: (([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/(([0-9])|([1-2][0-9])|(3[0-2]))|((:|[0-9a-fA-F]{0,4}):)([0-9a-fA-F]{0,4}:){0,5}((([0-9a-fA-F]{0,4}:)?(:|[0-9a-fA-F]{0,4}))|(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])))(/(([0-9])|([0-9]{2})|(1[0-1][0-9])|(12[0-8]))) + type: string + required: + - prefix + type: object + type: array + type: object + type: array + interfaces: + description: interfaces defines the interfaces associated with the network instance + items: + type: string + type: array + name: + description: Name defines the name of the network instance + maxLength: 253 + minLength: 1 + type: string + peers: + description: Peers defines the peer configuration associated with the network instance + items: + description: A PeerConfig defines the peer configuration + properties: + ipv4: + description: IPv4 defines the ipv4 configuration of the peer + properties: + address: + description: Address defines the IPv4 address and prefix length in CIDR notation [IP prefix, range IPv4 with host bits] + type: string + gateway: + description: Gateway defines the IPv4 address associated to the interface as a gateway + type: string + required: + - address + type: object + ipv6: + description: IPv6 defines the ipv6 configuration of the peer + properties: + address: + description: Address defines the IPv6 address and prefix length in CIDR notation [IP prefix, range IPv6 with host bits] + type: string + gateway: + description: Gateway defines the IPv6 address associated to the interface as a gateway + type: string + required: + - address + type: object + name: + description: Name defines the name of the data network + maxLength: 253 + minLength: 1 + type: string + type: object + type: array + required: + - name + type: object + type: array + type: object + status: + properties: + conditions: + description: Conditions define the current state of the NF deployment + items: + description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + observedGeneration: + description: The generation observed by the deployment controller. + format: int32 + type: integer + required: + - observedGeneration + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/nephio/core/porch/0-packagerevs.yaml b/nephio/core/porch/0-packagerevs.yaml index f0d2bb7..5fbbe9e 100644 --- a/nephio/core/porch/0-packagerevs.yaml +++ b/nephio/core/porch/0-packagerevs.yaml @@ -14,27 +14,27 @@ spec: singular: packagerev scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: PackageRev - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: PackageRevSpec defines the desired state of PackageRev - type: object - status: - description: PackageRevStatus defines the observed state of PackageRev - type: object - type: object - served: true - storage: true - subresources: - status: {} + - name: v1alpha1 + schema: + openAPIV3Schema: + description: PackageRev + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: PackageRevSpec defines the desired state of PackageRev + type: object + status: + description: PackageRevStatus defines the observed state of PackageRev + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/nephio/core/porch/0-packagevariants.yaml b/nephio/core/porch/0-packagevariants.yaml index 1e3be55..c912f49 100644 --- a/nephio/core/porch/0-packagevariants.yaml +++ b/nephio/core/porch/0-packagevariants.yaml @@ -14,305 +14,305 @@ spec: singular: packagevariant scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: PackageVariant represents an upstream and downstream porch package pair. The upstream package should already exist. The PackageVariant controller is responsible for creating the downstream package revisions based on the spec. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: PackageVariantSpec defines the desired state of PackageVariant - properties: - adoptionPolicy: - type: string - annotations: - additionalProperties: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: PackageVariant represents an upstream and downstream porch package pair. The upstream package should already exist. The PackageVariant controller is responsible for creating the downstream package revisions based on the spec. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: PackageVariantSpec defines the desired state of PackageVariant + properties: + adoptionPolicy: type: string - type: object - deletionPolicy: - type: string - downstream: - properties: - package: + annotations: + additionalProperties: type: string - repo: - type: string - type: object - injectors: - items: - description: InjectionSelector specifies how to select in-cluster objects for resolving injection points. + type: object + deletionPolicy: + type: string + downstream: properties: - group: + package: type: string - kind: + repo: type: string - name: - type: string - version: - type: string - required: - - name type: object - type: array - labels: - additionalProperties: - type: string - type: object - packageContext: - description: PackageContext defines the data to be added or removed from the kptfile.kpt.dev ConfigMap during reconciliation. - properties: - data: - additionalProperties: - type: string + injectors: + items: + description: InjectionSelector specifies how to select in-cluster objects for resolving injection points. + properties: + group: + type: string + kind: + type: string + name: + type: string + version: + type: string + required: + - name type: object - removeKeys: - items: - type: string - type: array - type: object - pipeline: - description: Pipeline declares a pipeline of functions used to mutate or validate resources. - properties: - mutators: - description: Mutators defines a list of of KRM functions that mutate resources. - items: - description: Function specifies a KRM function. - properties: - configMap: - additionalProperties: + type: array + labels: + additionalProperties: + type: string + type: object + packageContext: + description: PackageContext defines the data to be added or removed from the kptfile.kpt.dev ConfigMap during reconciliation. + properties: + data: + additionalProperties: + type: string + type: object + removeKeys: + items: + type: string + type: array + type: object + pipeline: + description: Pipeline declares a pipeline of functions used to mutate or validate resources. + properties: + mutators: + description: Mutators defines a list of of KRM functions that mutate resources. + items: + description: Function specifies a KRM function. + properties: + configMap: + additionalProperties: + type: string + description: '`ConfigMap` is a convenient way to specify a function config of kind ConfigMap.' + type: object + configPath: + description: '`ConfigPath` specifies a slash-delimited relative path to a file in the current directory containing a KRM resource used as the function config. This resource is excluded when resolving ''sources'', and as a result cannot be operated on by the pipeline.' type: string - description: '`ConfigMap` is a convenient way to specify a function config of kind ConfigMap.' - type: object - configPath: - description: '`ConfigPath` specifies a slash-delimited relative path to a file in the current directory containing a KRM resource used as the function config. This resource is excluded when resolving ''sources'', and as a result cannot be operated on by the pipeline.' - type: string - exclude: - description: '`Exclude` are used to specify resources on which the function should NOT be executed. If not specified, all resources selected by `Selectors` are selected.' - items: - description: Selector specifies the selection criteria please update IsEmpty method if more properties are added - properties: - annotations: - additionalProperties: + exclude: + description: '`Exclude` are used to specify resources on which the function should NOT be executed. If not specified, all resources selected by `Selectors` are selected.' + items: + description: Selector specifies the selection criteria please update IsEmpty method if more properties are added + properties: + annotations: + additionalProperties: + type: string + description: Annotations on the target resources + type: object + apiVersion: + description: APIVersion of the target resources type: string - description: Annotations on the target resources - type: object - apiVersion: - description: APIVersion of the target resources - type: string - kind: - description: Kind of the target resources - type: string - labels: - additionalProperties: + kind: + description: Kind of the target resources type: string - description: Labels on the target resources - type: object - name: - description: Name of the target resources - type: string - namespace: - description: Namespace of the target resources - type: string - type: object - type: array - exec: - description: "Exec specifies the function binary executable. The executable can be fully qualified or it must exists in the $PATH e.g: \n exec: set-namespace exec: /usr/local/bin/my-custom-fn" - type: string - image: - description: "`Image` specifies the function container image. It can either be fully qualified, e.g.: \n image: gcr.io/kpt-fn/set-labels \n Optionally, kpt can be configured to use a image registry host-path that will be used to resolve the image path in case the image path is missing (Defaults to gcr.io/kpt-fn). e.g. The following resolves to gcr.io/kpt-fn/set-labels: \n image: set-labels" - type: string - name: - description: '`Name` is used to uniquely identify the function declaration this is primarily used for merging function declaration with upstream counterparts' - type: string - selectors: - description: '`Selectors` are used to specify resources on which the function should be executed if not specified, all resources are selected' - items: - description: Selector specifies the selection criteria please update IsEmpty method if more properties are added - properties: - annotations: - additionalProperties: + labels: + additionalProperties: + type: string + description: Labels on the target resources + type: object + name: + description: Name of the target resources type: string - description: Annotations on the target resources - type: object - apiVersion: - description: APIVersion of the target resources - type: string - kind: - description: Kind of the target resources - type: string - labels: - additionalProperties: + namespace: + description: Namespace of the target resources type: string - description: Labels on the target resources - type: object - name: - description: Name of the target resources - type: string - namespace: - description: Namespace of the target resources - type: string - type: object - type: array - type: object - type: array - validators: - description: Validators defines a list of KRM functions that validate resources. Validators are not permitted to mutate resources. - items: - description: Function specifies a KRM function. - properties: - configMap: - additionalProperties: + type: object + type: array + exec: + description: "Exec specifies the function binary executable. The executable can be fully qualified or it must exists in the $PATH e.g: \n exec: set-namespace exec: /usr/local/bin/my-custom-fn" type: string - description: '`ConfigMap` is a convenient way to specify a function config of kind ConfigMap.' - type: object - configPath: - description: '`ConfigPath` specifies a slash-delimited relative path to a file in the current directory containing a KRM resource used as the function config. This resource is excluded when resolving ''sources'', and as a result cannot be operated on by the pipeline.' - type: string - exclude: - description: '`Exclude` are used to specify resources on which the function should NOT be executed. If not specified, all resources selected by `Selectors` are selected.' - items: - description: Selector specifies the selection criteria please update IsEmpty method if more properties are added - properties: - annotations: - additionalProperties: + image: + description: "`Image` specifies the function container image. It can either be fully qualified, e.g.: \n image: gcr.io/kpt-fn/set-labels \n Optionally, kpt can be configured to use a image registry host-path that will be used to resolve the image path in case the image path is missing (Defaults to gcr.io/kpt-fn). e.g. The following resolves to gcr.io/kpt-fn/set-labels: \n image: set-labels" + type: string + name: + description: '`Name` is used to uniquely identify the function declaration this is primarily used for merging function declaration with upstream counterparts' + type: string + selectors: + description: '`Selectors` are used to specify resources on which the function should be executed if not specified, all resources are selected' + items: + description: Selector specifies the selection criteria please update IsEmpty method if more properties are added + properties: + annotations: + additionalProperties: + type: string + description: Annotations on the target resources + type: object + apiVersion: + description: APIVersion of the target resources type: string - description: Annotations on the target resources - type: object - apiVersion: - description: APIVersion of the target resources - type: string - kind: - description: Kind of the target resources - type: string - labels: - additionalProperties: + kind: + description: Kind of the target resources type: string - description: Labels on the target resources - type: object - name: - description: Name of the target resources - type: string - namespace: - description: Namespace of the target resources - type: string - type: object - type: array - exec: - description: "Exec specifies the function binary executable. The executable can be fully qualified or it must exists in the $PATH e.g: \n exec: set-namespace exec: /usr/local/bin/my-custom-fn" - type: string - image: - description: "`Image` specifies the function container image. It can either be fully qualified, e.g.: \n image: gcr.io/kpt-fn/set-labels \n Optionally, kpt can be configured to use a image registry host-path that will be used to resolve the image path in case the image path is missing (Defaults to gcr.io/kpt-fn). e.g. The following resolves to gcr.io/kpt-fn/set-labels: \n image: set-labels" - type: string - name: - description: '`Name` is used to uniquely identify the function declaration this is primarily used for merging function declaration with upstream counterparts' - type: string - selectors: - description: '`Selectors` are used to specify resources on which the function should be executed if not specified, all resources are selected' - items: - description: Selector specifies the selection criteria please update IsEmpty method if more properties are added - properties: - annotations: - additionalProperties: + labels: + additionalProperties: + type: string + description: Labels on the target resources + type: object + name: + description: Name of the target resources type: string - description: Annotations on the target resources - type: object - apiVersion: - description: APIVersion of the target resources - type: string - kind: - description: Kind of the target resources - type: string - labels: - additionalProperties: + namespace: + description: Namespace of the target resources type: string - description: Labels on the target resources - type: object - name: - description: Name of the target resources - type: string - namespace: - description: Namespace of the target resources - type: string + type: object + type: array + type: object + type: array + validators: + description: Validators defines a list of KRM functions that validate resources. Validators are not permitted to mutate resources. + items: + description: Function specifies a KRM function. + properties: + configMap: + additionalProperties: + type: string + description: '`ConfigMap` is a convenient way to specify a function config of kind ConfigMap.' type: object - type: array - type: object - type: array - type: object - upstream: - properties: - package: - type: string - repo: - type: string - revision: - type: string - type: object - type: object - status: - description: PackageVariantStatus defines the observed state of PackageVariant - properties: - conditions: - description: Conditions describes the reconciliation state of the object. - items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + configPath: + description: '`ConfigPath` specifies a slash-delimited relative path to a file in the current directory containing a KRM resource used as the function config. This resource is excluded when resolving ''sources'', and as a result cannot be operated on by the pipeline.' + type: string + exclude: + description: '`Exclude` are used to specify resources on which the function should NOT be executed. If not specified, all resources selected by `Selectors` are selected.' + items: + description: Selector specifies the selection criteria please update IsEmpty method if more properties are added + properties: + annotations: + additionalProperties: + type: string + description: Annotations on the target resources + type: object + apiVersion: + description: APIVersion of the target resources + type: string + kind: + description: Kind of the target resources + type: string + labels: + additionalProperties: + type: string + description: Labels on the target resources + type: object + name: + description: Name of the target resources + type: string + namespace: + description: Namespace of the target resources + type: string + type: object + type: array + exec: + description: "Exec specifies the function binary executable. The executable can be fully qualified or it must exists in the $PATH e.g: \n exec: set-namespace exec: /usr/local/bin/my-custom-fn" + type: string + image: + description: "`Image` specifies the function container image. It can either be fully qualified, e.g.: \n image: gcr.io/kpt-fn/set-labels \n Optionally, kpt can be configured to use a image registry host-path that will be used to resolve the image path in case the image path is missing (Defaults to gcr.io/kpt-fn). e.g. The following resolves to gcr.io/kpt-fn/set-labels: \n image: set-labels" + type: string + name: + description: '`Name` is used to uniquely identify the function declaration this is primarily used for merging function declaration with upstream counterparts' + type: string + selectors: + description: '`Selectors` are used to specify resources on which the function should be executed if not specified, all resources are selected' + items: + description: Selector specifies the selection criteria please update IsEmpty method if more properties are added + properties: + annotations: + additionalProperties: + type: string + description: Annotations on the target resources + type: object + apiVersion: + description: APIVersion of the target resources + type: string + kind: + description: Kind of the target resources + type: string + labels: + additionalProperties: + type: string + description: Labels on the target resources + type: object + name: + description: Name of the target resources + type: string + namespace: + description: Namespace of the target resources + type: string + type: object + type: array + type: object + type: array + type: object + upstream: properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + package: type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + repo: type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + revision: type: string - required: - - lastTransitionTime - - message - - reason - - status - - type type: object - type: array - downstreamTargets: - description: DownstreamTargets contains the downstream targets that the PackageVariant either created or adopted. - items: - properties: - name: - type: string - type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: object + status: + description: PackageVariantStatus defines the observed state of PackageVariant + properties: + conditions: + description: Conditions describes the reconciliation state of the object. + items: + description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + downstreamTargets: + description: DownstreamTargets contains the downstream targets that the PackageVariant either created or adopted. + items: + properties: + name: + type: string + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/nephio/core/porch/0-packagevariantsets.yaml b/nephio/core/porch/0-packagevariantsets.yaml index 1b32942..558271e 100644 --- a/nephio/core/porch/0-packagevariantsets.yaml +++ b/nephio/core/porch/0-packagevariantsets.yaml @@ -14,706 +14,706 @@ spec: singular: packagevariantset scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: PackageVariantSet represents an upstream package revision and a way to target specific downstream repositories where a variant of the upstream package should be created. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: PackageVariantSetSpec defines the desired state of PackageVariantSet - properties: - adoptionPolicy: - type: string - annotations: - additionalProperties: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: PackageVariantSet represents an upstream package revision and a way to target specific downstream repositories where a variant of the upstream package should be created. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: PackageVariantSetSpec defines the desired state of PackageVariantSet + properties: + adoptionPolicy: type: string - type: object - deletionPolicy: - type: string - labels: - additionalProperties: + annotations: + additionalProperties: + type: string + type: object + deletionPolicy: type: string - type: object - targets: - items: - properties: - objects: - description: 'option 3: a selector against a set of arbitrary objects' - properties: - repoName: - properties: - fromField: - type: string - value: - type: string - type: object - selectors: - items: + labels: + additionalProperties: + type: string + type: object + targets: + items: + properties: + objects: + description: 'option 3: a selector against a set of arbitrary objects' + properties: + repoName: properties: - annotations: - additionalProperties: - type: string - description: Annotations on the target resources - type: object - apiVersion: - description: APIVersion of the target resources + fromField: type: string - kind: - description: Kind of the target resources + value: type: string - labelSelector: - description: Labels on the target resources - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - items: + type: object + selectors: + items: + properties: + annotations: + additionalProperties: + type: string + description: Annotations on the target resources + type: object + apiVersion: + description: APIVersion of the target resources + type: string + kind: + description: Kind of the target resources + type: string + labelSelector: + description: Labels on the target resources + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string - type: array - required: - - key - - operator + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - name: - description: Name of the target resources + type: object + name: + description: Name of the target resources + type: string + namespace: + description: Namespace of the target resources + type: string + type: object + type: array + type: object + package: + description: 'option 1: an explicit repo/package name pair' + properties: + name: + type: string + repo: + type: string + type: object + packageName: + description: For options 2 and 3, PackageName specifies how to create the name of the package variant + properties: + baseName: + properties: + fromField: type: string - namespace: - description: Namespace of the target resources + value: type: string type: object - type: array - type: object + namePrefix: + properties: + fromField: + type: string + value: + type: string + type: object + nameSuffix: + properties: + fromField: + type: string + value: + type: string + type: object + type: object + repositories: + description: 'option 2: a label selector against a set of repositories' + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + type: object + type: array + upstream: + properties: package: - description: 'option 1: an explicit repo/package name pair' properties: name: type: string repo: type: string type: object - packageName: - description: For options 2 and 3, PackageName specifies how to create the name of the package variant - properties: - baseName: - properties: - fromField: - type: string - value: - type: string - type: object - namePrefix: - properties: - fromField: - type: string - value: - type: string - type: object - nameSuffix: - properties: - fromField: - type: string - value: - type: string - type: object - type: object - repositories: - description: 'option 2: a label selector against a set of repositories' - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object + ref: + type: string + revision: + type: string type: object - type: array - upstream: - properties: - package: + type: object + status: + description: PackageVariantSetStatus defines the observed state of PackageVariantSet + properties: + conditions: + description: Conditions describes the reconciliation state of the object. + items: + description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - name: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time type: string - repo: + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type type: object - ref: - type: string - revision: - type: string - type: object - type: object - status: - description: PackageVariantSetStatus defines the observed state of PackageVariantSet - properties: - conditions: - description: Conditions describes the reconciliation state of the object. - items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - type: object - type: object - served: false - storage: false - subresources: - status: {} - - name: v1alpha2 - schema: - openAPIV3Schema: - description: PackageVariantSet represents an upstream package revision and a way to target specific downstream repositories where a variant of the upstream package should be created. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: PackageVariantSetSpec defines the desired state of PackageVariantSet - properties: - targets: - items: - properties: - objectSelector: - description: 'option 3: a selector against a set of arbitrary objects' - properties: - apiVersion: - description: APIVersion of the target resources - type: string - kind: - description: Kind of the target resources - type: string - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - items: + type: array + type: object + type: object + served: false + storage: false + subresources: + status: {} + - name: v1alpha2 + schema: + openAPIV3Schema: + description: PackageVariantSet represents an upstream package revision and a way to target specific downstream repositories where a variant of the upstream package should be created. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: PackageVariantSetSpec defines the desired state of PackageVariantSet + properties: + targets: + items: + properties: + objectSelector: + description: 'option 3: a selector against a set of arbitrary objects' + properties: + apiVersion: + description: APIVersion of the target resources + type: string + kind: + description: Kind of the target resources + type: string + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. type: string - type: array - required: - - key - - operator + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object - type: array - matchLabels: - additionalProperties: + name: + description: Name of the target resource type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + repositories: + description: 'Exactly one of Repositories, RepositorySeletor, and ObjectSelector must be populated option 1: an explicit repositories and package names' + items: + properties: + name: + description: Name contains the name of the Repository resource, which must be in the same namespace as the PackageVariantSet resource. + type: string + packageNames: + description: PackageNames contains names to use for package instances in this repository; that is, the same upstream will be instantiated multiple times using these names. + items: + type: string + type: array + required: + - name type: object - name: - description: Name of the target resource - type: string - type: object - repositories: - description: 'Exactly one of Repositories, RepositorySeletor, and ObjectSelector must be populated option 1: an explicit repositories and package names' - items: + type: array + repositorySelector: + description: 'option 2: a label selector against a set of repositories' properties: - name: - description: Name contains the name of the Repository resource, which must be in the same namespace as the PackageVariantSet resource. - type: string - packageNames: - description: PackageNames contains names to use for package instances in this repository; that is, the same upstream will be instantiated multiple times using these names. + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: - type: string + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - name + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object type: object - type: array - repositorySelector: - description: 'option 2: a label selector against a set of repositories' - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - items: + template: + description: Template specifies how to generate a PackageVariant from a target + properties: + adoptionPolicy: + description: AdoptionPolicy allows overriding the PackageVariant adoption policy + type: string + annotationExprs: + description: AnnotationsExprs allows specifying the spec.Annotations field of the generated PackageVariant using CEL to dynamically create the keys and values. Entries in this field take precedent over those with the same keys that are present in Annotations. + items: + description: MapExpr is used for various fields to calculate map entries. Only one of Key and KeyExpr may be specified; similarly only on of Value and ValueExpr may be specified. + properties: + key: type: string - type: array - required: - - key - - operator + keyExpr: + type: string + value: + type: string + valueExpr: + type: string + type: object + type: array + annotations: + additionalProperties: + type: string + description: Annotations allows specifying the spec.Annotations field of the generated PackageVariant type: object - type: array - matchLabels: - additionalProperties: + deletionPolicy: + description: DeletionPolicy allows overriding the PackageVariant deletion policy type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - template: - description: Template specifies how to generate a PackageVariant from a target - properties: - adoptionPolicy: - description: AdoptionPolicy allows overriding the PackageVariant adoption policy - type: string - annotationExprs: - description: AnnotationsExprs allows specifying the spec.Annotations field of the generated PackageVariant using CEL to dynamically create the keys and values. Entries in this field take precedent over those with the same keys that are present in Annotations. - items: - description: MapExpr is used for various fields to calculate map entries. Only one of Key and KeyExpr may be specified; similarly only on of Value and ValueExpr may be specified. + downstream: + description: Downstream allows overriding the default downstream package and repository name properties: - key: + package: type: string - keyExpr: + packageExpr: type: string - value: + repo: type: string - valueExpr: + repoExpr: type: string type: object - type: array - annotations: - additionalProperties: - type: string - description: Annotations allows specifying the spec.Annotations field of the generated PackageVariant - type: object - deletionPolicy: - description: DeletionPolicy allows overriding the PackageVariant deletion policy - type: string - downstream: - description: Downstream allows overriding the default downstream package and repository name - properties: - package: - type: string - packageExpr: - type: string - repo: - type: string - repoExpr: + injectors: + description: Injectors allows specifying the spec.Injectors field of the generated PackageVariant + items: + description: InjectionSelectorTemplate is used to calculate the injectors field of the resulting package variants. Exactly one of the Name and NameExpr fields must be specified. The other fields are optional. + properties: + group: + type: string + kind: + type: string + name: + type: string + nameExpr: + type: string + version: + type: string + type: object + type: array + labelExprs: + description: LabelsExprs allows specifying the spec.Labels field of the generated PackageVariant using CEL to dynamically create the keys and values. Entries in this field take precedent over those with the same keys that are present in Labels. + items: + description: MapExpr is used for various fields to calculate map entries. Only one of Key and KeyExpr may be specified; similarly only on of Value and ValueExpr may be specified. + properties: + key: + type: string + keyExpr: + type: string + value: + type: string + valueExpr: + type: string + type: object + type: array + labels: + additionalProperties: type: string - type: object - injectors: - description: Injectors allows specifying the spec.Injectors field of the generated PackageVariant - items: - description: InjectionSelectorTemplate is used to calculate the injectors field of the resulting package variants. Exactly one of the Name and NameExpr fields must be specified. The other fields are optional. - properties: - group: - type: string - kind: - type: string - name: - type: string - nameExpr: - type: string - version: - type: string + description: Labels allows specifying the spec.Labels field of the generated PackageVariant type: object - type: array - labelExprs: - description: LabelsExprs allows specifying the spec.Labels field of the generated PackageVariant using CEL to dynamically create the keys and values. Entries in this field take precedent over those with the same keys that are present in Labels. - items: - description: MapExpr is used for various fields to calculate map entries. Only one of Key and KeyExpr may be specified; similarly only on of Value and ValueExpr may be specified. + packageContext: + description: PackageContext allows specifying the spec.PackageContext field of the generated PackageVariant properties: - key: - type: string - keyExpr: - type: string - value: - type: string - valueExpr: - type: string - type: object - type: array - labels: - additionalProperties: - type: string - description: Labels allows specifying the spec.Labels field of the generated PackageVariant - type: object - packageContext: - description: PackageContext allows specifying the spec.PackageContext field of the generated PackageVariant - properties: - data: - additionalProperties: - type: string - type: object - dataExprs: - items: - description: MapExpr is used for various fields to calculate map entries. Only one of Key and KeyExpr may be specified; similarly only on of Value and ValueExpr may be specified. - properties: - key: - type: string - keyExpr: - type: string - value: - type: string - valueExpr: - type: string + data: + additionalProperties: + type: string type: object - type: array - removeKeyExprs: - items: - type: string - type: array - removeKeys: - items: - type: string - type: array - type: object - pipeline: - description: Pipeline allows specifying the spec.Pipeline field of the generated PackageVariant - properties: - mutators: - description: Mutators is used to caculate the pipeline.mutators field of the resulting package variants. - items: - description: FunctionTemplate is used in generating KRM function pipeline entries; that is, it is used to generate Kptfile Function objects. - properties: - configMap: - additionalProperties: + dataExprs: + items: + description: MapExpr is used for various fields to calculate map entries. Only one of Key and KeyExpr may be specified; similarly only on of Value and ValueExpr may be specified. + properties: + key: + type: string + keyExpr: + type: string + value: + type: string + valueExpr: type: string - description: '`ConfigMap` is a convenient way to specify a function config of kind ConfigMap.' - type: object - configMapExprs: - description: ConfigMapExprs allows use of CEL to dynamically create the keys and values in the function config ConfigMap. Entries in this field take precedent over those with the same keys that are present in ConfigMap. - items: - description: MapExpr is used for various fields to calculate map entries. Only one of Key and KeyExpr may be specified; similarly only on of Value and ValueExpr may be specified. - properties: - key: - type: string - keyExpr: - type: string - value: - type: string - valueExpr: - type: string + type: object + type: array + removeKeyExprs: + items: + type: string + type: array + removeKeys: + items: + type: string + type: array + type: object + pipeline: + description: Pipeline allows specifying the spec.Pipeline field of the generated PackageVariant + properties: + mutators: + description: Mutators is used to caculate the pipeline.mutators field of the resulting package variants. + items: + description: FunctionTemplate is used in generating KRM function pipeline entries; that is, it is used to generate Kptfile Function objects. + properties: + configMap: + additionalProperties: + type: string + description: '`ConfigMap` is a convenient way to specify a function config of kind ConfigMap.' type: object - type: array - configPath: - description: '`ConfigPath` specifies a slash-delimited relative path to a file in the current directory containing a KRM resource used as the function config. This resource is excluded when resolving ''sources'', and as a result cannot be operated on by the pipeline.' - type: string - exclude: - description: '`Exclude` are used to specify resources on which the function should NOT be executed. If not specified, all resources selected by `Selectors` are selected.' - items: - description: Selector specifies the selection criteria please update IsEmpty method if more properties are added - properties: - annotations: - additionalProperties: + configMapExprs: + description: ConfigMapExprs allows use of CEL to dynamically create the keys and values in the function config ConfigMap. Entries in this field take precedent over those with the same keys that are present in ConfigMap. + items: + description: MapExpr is used for various fields to calculate map entries. Only one of Key and KeyExpr may be specified; similarly only on of Value and ValueExpr may be specified. + properties: + key: type: string - description: Annotations on the target resources - type: object - apiVersion: - description: APIVersion of the target resources - type: string - kind: - description: Kind of the target resources - type: string - labels: - additionalProperties: + keyExpr: type: string - description: Labels on the target resources - type: object - name: - description: Name of the target resources - type: string - namespace: - description: Namespace of the target resources - type: string - type: object - type: array - exec: - description: "Exec specifies the function binary executable. The executable can be fully qualified or it must exists in the $PATH e.g: \n exec: set-namespace exec: /usr/local/bin/my-custom-fn" - type: string - image: - description: "`Image` specifies the function container image. It can either be fully qualified, e.g.: \n image: gcr.io/kpt-fn/set-labels \n Optionally, kpt can be configured to use a image registry host-path that will be used to resolve the image path in case the image path is missing (Defaults to gcr.io/kpt-fn). e.g. The following resolves to gcr.io/kpt-fn/set-labels: \n image: set-labels" - type: string - name: - description: '`Name` is used to uniquely identify the function declaration this is primarily used for merging function declaration with upstream counterparts' - type: string - selectors: - description: '`Selectors` are used to specify resources on which the function should be executed if not specified, all resources are selected' - items: - description: Selector specifies the selection criteria please update IsEmpty method if more properties are added - properties: - annotations: - additionalProperties: + value: type: string - description: Annotations on the target resources - type: object - apiVersion: - description: APIVersion of the target resources - type: string - kind: - description: Kind of the target resources - type: string - labels: - additionalProperties: + valueExpr: type: string - description: Labels on the target resources - type: object - name: - description: Name of the target resources - type: string - namespace: - description: Namespace of the target resources - type: string - type: object - type: array - type: object - type: array - validators: - description: Validators is used to caculate the pipeline.validators field of the resulting package variants. - items: - description: FunctionTemplate is used in generating KRM function pipeline entries; that is, it is used to generate Kptfile Function objects. - properties: - configMap: - additionalProperties: + type: object + type: array + configPath: + description: '`ConfigPath` specifies a slash-delimited relative path to a file in the current directory containing a KRM resource used as the function config. This resource is excluded when resolving ''sources'', and as a result cannot be operated on by the pipeline.' type: string - description: '`ConfigMap` is a convenient way to specify a function config of kind ConfigMap.' - type: object - configMapExprs: - description: ConfigMapExprs allows use of CEL to dynamically create the keys and values in the function config ConfigMap. Entries in this field take precedent over those with the same keys that are present in ConfigMap. - items: - description: MapExpr is used for various fields to calculate map entries. Only one of Key and KeyExpr may be specified; similarly only on of Value and ValueExpr may be specified. - properties: - key: - type: string - keyExpr: - type: string - value: - type: string - valueExpr: - type: string - type: object - type: array - configPath: - description: '`ConfigPath` specifies a slash-delimited relative path to a file in the current directory containing a KRM resource used as the function config. This resource is excluded when resolving ''sources'', and as a result cannot be operated on by the pipeline.' - type: string - exclude: - description: '`Exclude` are used to specify resources on which the function should NOT be executed. If not specified, all resources selected by `Selectors` are selected.' - items: - description: Selector specifies the selection criteria please update IsEmpty method if more properties are added - properties: - annotations: - additionalProperties: + exclude: + description: '`Exclude` are used to specify resources on which the function should NOT be executed. If not specified, all resources selected by `Selectors` are selected.' + items: + description: Selector specifies the selection criteria please update IsEmpty method if more properties are added + properties: + annotations: + additionalProperties: + type: string + description: Annotations on the target resources + type: object + apiVersion: + description: APIVersion of the target resources type: string - description: Annotations on the target resources - type: object - apiVersion: - description: APIVersion of the target resources - type: string - kind: - description: Kind of the target resources - type: string - labels: - additionalProperties: + kind: + description: Kind of the target resources type: string - description: Labels on the target resources - type: object - name: - description: Name of the target resources - type: string - namespace: - description: Namespace of the target resources - type: string - type: object - type: array - exec: - description: "Exec specifies the function binary executable. The executable can be fully qualified or it must exists in the $PATH e.g: \n exec: set-namespace exec: /usr/local/bin/my-custom-fn" - type: string - image: - description: "`Image` specifies the function container image. It can either be fully qualified, e.g.: \n image: gcr.io/kpt-fn/set-labels \n Optionally, kpt can be configured to use a image registry host-path that will be used to resolve the image path in case the image path is missing (Defaults to gcr.io/kpt-fn). e.g. The following resolves to gcr.io/kpt-fn/set-labels: \n image: set-labels" - type: string - name: - description: '`Name` is used to uniquely identify the function declaration this is primarily used for merging function declaration with upstream counterparts' - type: string - selectors: - description: '`Selectors` are used to specify resources on which the function should be executed if not specified, all resources are selected' - items: - description: Selector specifies the selection criteria please update IsEmpty method if more properties are added - properties: - annotations: - additionalProperties: + labels: + additionalProperties: + type: string + description: Labels on the target resources + type: object + name: + description: Name of the target resources + type: string + namespace: + description: Namespace of the target resources + type: string + type: object + type: array + exec: + description: "Exec specifies the function binary executable. The executable can be fully qualified or it must exists in the $PATH e.g: \n exec: set-namespace exec: /usr/local/bin/my-custom-fn" + type: string + image: + description: "`Image` specifies the function container image. It can either be fully qualified, e.g.: \n image: gcr.io/kpt-fn/set-labels \n Optionally, kpt can be configured to use a image registry host-path that will be used to resolve the image path in case the image path is missing (Defaults to gcr.io/kpt-fn). e.g. The following resolves to gcr.io/kpt-fn/set-labels: \n image: set-labels" + type: string + name: + description: '`Name` is used to uniquely identify the function declaration this is primarily used for merging function declaration with upstream counterparts' + type: string + selectors: + description: '`Selectors` are used to specify resources on which the function should be executed if not specified, all resources are selected' + items: + description: Selector specifies the selection criteria please update IsEmpty method if more properties are added + properties: + annotations: + additionalProperties: + type: string + description: Annotations on the target resources + type: object + apiVersion: + description: APIVersion of the target resources + type: string + kind: + description: Kind of the target resources + type: string + labels: + additionalProperties: + type: string + description: Labels on the target resources + type: object + name: + description: Name of the target resources type: string - description: Annotations on the target resources - type: object - apiVersion: - description: APIVersion of the target resources - type: string - kind: - description: Kind of the target resources - type: string - labels: - additionalProperties: + namespace: + description: Namespace of the target resources type: string - description: Labels on the target resources - type: object - name: - description: Name of the target resources - type: string - namespace: - description: Namespace of the target resources - type: string + type: object + type: array + type: object + type: array + validators: + description: Validators is used to caculate the pipeline.validators field of the resulting package variants. + items: + description: FunctionTemplate is used in generating KRM function pipeline entries; that is, it is used to generate Kptfile Function objects. + properties: + configMap: + additionalProperties: + type: string + description: '`ConfigMap` is a convenient way to specify a function config of kind ConfigMap.' type: object - type: array - type: object - type: array - type: object - type: object - type: object - type: array - upstream: - properties: - package: - type: string - repo: - type: string - revision: - type: string - type: object - type: object - status: - description: PackageVariantSetStatus defines the observed state of PackageVariantSet - properties: - conditions: - description: Conditions describes the reconciliation state of the object. - items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + configMapExprs: + description: ConfigMapExprs allows use of CEL to dynamically create the keys and values in the function config ConfigMap. Entries in this field take precedent over those with the same keys that are present in ConfigMap. + items: + description: MapExpr is used for various fields to calculate map entries. Only one of Key and KeyExpr may be specified; similarly only on of Value and ValueExpr may be specified. + properties: + key: + type: string + keyExpr: + type: string + value: + type: string + valueExpr: + type: string + type: object + type: array + configPath: + description: '`ConfigPath` specifies a slash-delimited relative path to a file in the current directory containing a KRM resource used as the function config. This resource is excluded when resolving ''sources'', and as a result cannot be operated on by the pipeline.' + type: string + exclude: + description: '`Exclude` are used to specify resources on which the function should NOT be executed. If not specified, all resources selected by `Selectors` are selected.' + items: + description: Selector specifies the selection criteria please update IsEmpty method if more properties are added + properties: + annotations: + additionalProperties: + type: string + description: Annotations on the target resources + type: object + apiVersion: + description: APIVersion of the target resources + type: string + kind: + description: Kind of the target resources + type: string + labels: + additionalProperties: + type: string + description: Labels on the target resources + type: object + name: + description: Name of the target resources + type: string + namespace: + description: Namespace of the target resources + type: string + type: object + type: array + exec: + description: "Exec specifies the function binary executable. The executable can be fully qualified or it must exists in the $PATH e.g: \n exec: set-namespace exec: /usr/local/bin/my-custom-fn" + type: string + image: + description: "`Image` specifies the function container image. It can either be fully qualified, e.g.: \n image: gcr.io/kpt-fn/set-labels \n Optionally, kpt can be configured to use a image registry host-path that will be used to resolve the image path in case the image path is missing (Defaults to gcr.io/kpt-fn). e.g. The following resolves to gcr.io/kpt-fn/set-labels: \n image: set-labels" + type: string + name: + description: '`Name` is used to uniquely identify the function declaration this is primarily used for merging function declaration with upstream counterparts' + type: string + selectors: + description: '`Selectors` are used to specify resources on which the function should be executed if not specified, all resources are selected' + items: + description: Selector specifies the selection criteria please update IsEmpty method if more properties are added + properties: + annotations: + additionalProperties: + type: string + description: Annotations on the target resources + type: object + apiVersion: + description: APIVersion of the target resources + type: string + kind: + description: Kind of the target resources + type: string + labels: + additionalProperties: + type: string + description: Labels on the target resources + type: object + name: + description: Name of the target resources + type: string + namespace: + description: Namespace of the target resources + type: string + type: object + type: array + type: object + type: array + type: object + type: object + type: object + type: array + upstream: properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + package: type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + repo: type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + revision: type: string - required: - - lastTransitionTime - - message - - reason - - status - - type type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: object + status: + description: PackageVariantSetStatus defines the observed state of PackageVariantSet + properties: + conditions: + description: Conditions describes the reconciliation state of the object. + items: + description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/nephio/core/porch/0-repositories.yaml b/nephio/core/porch/0-repositories.yaml index ecd0ce4..0d4504a 100644 --- a/nephio/core/porch/0-repositories.yaml +++ b/nephio/core/porch/0-repositories.yaml @@ -14,253 +14,253 @@ spec: singular: repository scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.type - name: Type - type: string - - jsonPath: .spec.content - name: Content - type: string - - jsonPath: .spec.deployment - name: Deployment - type: boolean - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: Ready - type: string - - jsonPath: .spec['git','oci']['repo','registry'] - name: Address - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Repository - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: "RepositorySpec defines the desired state of Repository \n Notes: - deployment repository - in KRM API ConfigSync would be configured directly? (or via this API)" - properties: - content: - description: 'Content stored in the repository (i.e. Function, Package - the literal values correspond to the API resource names). TODO: support repository with mixed content?' - type: string - deployment: - description: The repository is a deployment repository; final packages in this repository are deployment ready. - type: boolean - description: - description: User-friendly description of the repository - type: string - git: - description: Git repository details. Required if `type` is `git`. Ignored if `type` is not `git`. - properties: - branch: - description: Name of the branch containing the packages. Finalized packages will be committed to this branch (if the repository allows write access). If unspecified, defaults to "main". - type: string - createBranch: - description: CreateBranch specifies if Porch should create the package branch if it doesn't exist. - type: boolean - directory: - description: Directory within the Git repository where the packages are stored. A subdirectory of this directory containing a Kptfile is considered a package. If unspecified, defaults to root directory. - type: string - repo: - description: 'Address of the Git repository, for example: `https://github.com/GoogleCloudPlatform/blueprints.git`' - type: string - secretRef: - description: Reference to secret containing authentication credentials. - properties: - name: - description: Name of the secret. The secret is expected to be located in the same namespace as the resource containing the reference. - type: string - required: - - name - type: object - required: - - repo - type: object - mutators: - description: '`Mutators` specifies list of functions to be added to the list of package''s mutators on changes to the packages in the repository to ensure the packages meet constraints enforced by the mutators associated with the repository. Based on the Kubernetest Admission Controllers (https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/). The functions will be evaluated in the order specified in the list.' - items: + - additionalPrinterColumns: + - jsonPath: .spec.type + name: Type + type: string + - jsonPath: .spec.content + name: Content + type: string + - jsonPath: .spec.deployment + name: Deployment + type: boolean + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: Ready + type: string + - jsonPath: .spec['git','oci']['repo','registry'] + name: Address + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Repository + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: "RepositorySpec defines the desired state of Repository \n Notes: - deployment repository - in KRM API ConfigSync would be configured directly? (or via this API)" + properties: + content: + description: 'Content stored in the repository (i.e. Function, Package - the literal values correspond to the API resource names). TODO: support repository with mixed content?' + type: string + deployment: + description: The repository is a deployment repository; final packages in this repository are deployment ready. + type: boolean + description: + description: User-friendly description of the repository + type: string + git: + description: Git repository details. Required if `type` is `git`. Ignored if `type` is not `git`. properties: - configMap: - additionalProperties: - type: string - description: '`ConfigMap` specifies the function config (https://kpt.dev/reference/cli/fn/eval/).' - type: object - functionRef: - description: '`FunctionRef` specifies the function by reference to a Function resource. Mutually exclusive with `Image`.' + branch: + description: Name of the branch containing the packages. Finalized packages will be committed to this branch (if the repository allows write access). If unspecified, defaults to "main". + type: string + createBranch: + description: CreateBranch specifies if Porch should create the package branch if it doesn't exist. + type: boolean + directory: + description: Directory within the Git repository where the packages are stored. A subdirectory of this directory containing a Kptfile is considered a package. If unspecified, defaults to root directory. + type: string + repo: + description: 'Address of the Git repository, for example: `https://github.com/GoogleCloudPlatform/blueprints.git`' + type: string + secretRef: + description: Reference to secret containing authentication credentials. properties: name: - description: '`Name` is the name of the `Function` resource referenced. The resource is expected to be within the same namespace.' + description: Name of the secret. The secret is expected to be located in the same namespace as the resource containing the reference. type: string required: - - name + - name type: object - image: - description: '`Image` specifies the function image, such as `gcr.io/kpt-fn/gatekeeper:v0.2`. Use of `Image` is mutually exclusive with `FunctionRef`.' - type: string + required: + - repo type: object - type: array - oci: - description: OCI repository details. Required if `type` is `oci`. Ignored if `type` is not `oci`. - properties: - registry: - description: Registry is the address of the OCI registry - type: string - secretRef: - description: Reference to secret containing authentication credentials. - properties: - name: - description: Name of the secret. The secret is expected to be located in the same namespace as the resource containing the reference. - type: string - required: - - name - type: object - required: - - registry - type: object - type: - description: Type of the repository (i.e. git, OCI) - type: string - upstream: - description: Upstream is the default upstream repository for packages in this repository. Specifying it per repository allows simpler UX when creating packages. - properties: - git: - description: Git repository details. Required if `type` is `git`. Must be unspecified if `type` is not `git`. + mutators: + description: '`Mutators` specifies list of functions to be added to the list of package''s mutators on changes to the packages in the repository to ensure the packages meet constraints enforced by the mutators associated with the repository. Based on the Kubernetest Admission Controllers (https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/). The functions will be evaluated in the order specified in the list.' + items: properties: - branch: - description: Name of the branch containing the packages. Finalized packages will be committed to this branch (if the repository allows write access). If unspecified, defaults to "main". - type: string - createBranch: - description: CreateBranch specifies if Porch should create the package branch if it doesn't exist. - type: boolean - directory: - description: Directory within the Git repository where the packages are stored. A subdirectory of this directory containing a Kptfile is considered a package. If unspecified, defaults to root directory. - type: string - repo: - description: 'Address of the Git repository, for example: `https://github.com/GoogleCloudPlatform/blueprints.git`' - type: string - secretRef: - description: Reference to secret containing authentication credentials. - properties: - name: - description: Name of the secret. The secret is expected to be located in the same namespace as the resource containing the reference. - type: string - required: - - name + configMap: + additionalProperties: + type: string + description: '`ConfigMap` specifies the function config (https://kpt.dev/reference/cli/fn/eval/).' type: object - required: - - repo - type: object - oci: - description: OCI repository details. Required if `type` is `oci`. Must be unspecified if `type` is not `oci`. - properties: - registry: - description: Registry is the address of the OCI registry - type: string - secretRef: - description: Reference to secret containing authentication credentials. + functionRef: + description: '`FunctionRef` specifies the function by reference to a Function resource. Mutually exclusive with `Image`.' properties: name: - description: Name of the secret. The secret is expected to be located in the same namespace as the resource containing the reference. + description: '`Name` is the name of the `Function` resource referenced. The resource is expected to be within the same namespace.' type: string required: - - name + - name type: object - required: - - registry - type: object - repositoryRef: - description: RepositoryRef contains a reference to an existing Repository resource to be used as the default upstream repository. - properties: - name: - description: Name of the Repository resource referenced. + image: + description: '`Image` specifies the function image, such as `gcr.io/kpt-fn/gatekeeper:v0.2`. Use of `Image` is mutually exclusive with `FunctionRef`.' type: string - required: - - name type: object - type: - description: Type of the repository (i.e. git, OCI). If empty, repositoryRef will be used. - type: string - type: object - validators: - description: '`Validators` specifies list of functions to be added to the list of package''s validators on changes to the packages in the repository to ensure the packages meet constraints enforced by the validators associated with the repository. Based on the Kubernetest Admission Controllers (https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/). The functions will be evaluated in the order specified in the list.' - items: + type: array + oci: + description: OCI repository details. Required if `type` is `oci`. Ignored if `type` is not `oci`. properties: - configMap: - additionalProperties: - type: string - description: '`ConfigMap` specifies the function config (https://kpt.dev/reference/cli/fn/eval/).' - type: object - functionRef: - description: '`FunctionRef` specifies the function by reference to a Function resource. Mutually exclusive with `Image`.' + registry: + description: Registry is the address of the OCI registry + type: string + secretRef: + description: Reference to secret containing authentication credentials. properties: name: - description: '`Name` is the name of the `Function` resource referenced. The resource is expected to be within the same namespace.' + description: Name of the secret. The secret is expected to be located in the same namespace as the resource containing the reference. type: string required: - - name + - name type: object - image: - description: '`Image` specifies the function image, such as `gcr.io/kpt-fn/gatekeeper:v0.2`. Use of `Image` is mutually exclusive with `FunctionRef`.' - type: string + required: + - registry type: object - type: array - type: object - status: - description: RepositoryStatus defines the observed state of Repository - properties: - conditions: - description: Conditions describes the reconciliation state of the object. - items: - description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + type: + description: Type of the repository (i.e. git, OCI) + type: string + upstream: + description: Upstream is the default upstream repository for packages in this repository. Specifying it per repository allows simpler UX when creating packages. properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string + git: + description: Git repository details. Required if `type` is `git`. Must be unspecified if `type` is not `git`. + properties: + branch: + description: Name of the branch containing the packages. Finalized packages will be committed to this branch (if the repository allows write access). If unspecified, defaults to "main". + type: string + createBranch: + description: CreateBranch specifies if Porch should create the package branch if it doesn't exist. + type: boolean + directory: + description: Directory within the Git repository where the packages are stored. A subdirectory of this directory containing a Kptfile is considered a package. If unspecified, defaults to root directory. + type: string + repo: + description: 'Address of the Git repository, for example: `https://github.com/GoogleCloudPlatform/blueprints.git`' + type: string + secretRef: + description: Reference to secret containing authentication credentials. + properties: + name: + description: Name of the secret. The secret is expected to be located in the same namespace as the resource containing the reference. + type: string + required: + - name + type: object + required: + - repo + type: object + oci: + description: OCI repository details. Required if `type` is `oci`. Must be unspecified if `type` is not `oci`. + properties: + registry: + description: Registry is the address of the OCI registry + type: string + secretRef: + description: Reference to secret containing authentication credentials. + properties: + name: + description: Name of the secret. The secret is expected to be located in the same namespace as the resource containing the reference. + type: string + required: + - name + type: object + required: + - registry + type: object + repositoryRef: + description: RepositoryRef contains a reference to an existing Repository resource to be used as the default upstream repository. + properties: + name: + description: Name of the Repository resource referenced. + type: string + required: + - name + type: object type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + description: Type of the repository (i.e. git, OCI). If empty, repositoryRef will be used. type: string - required: - - lastTransitionTime - - message - - reason - - status - - type type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} + validators: + description: '`Validators` specifies list of functions to be added to the list of package''s validators on changes to the packages in the repository to ensure the packages meet constraints enforced by the validators associated with the repository. Based on the Kubernetest Admission Controllers (https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/). The functions will be evaluated in the order specified in the list.' + items: + properties: + configMap: + additionalProperties: + type: string + description: '`ConfigMap` specifies the function config (https://kpt.dev/reference/cli/fn/eval/).' + type: object + functionRef: + description: '`FunctionRef` specifies the function by reference to a Function resource. Mutually exclusive with `Image`.' + properties: + name: + description: '`Name` is the name of the `Function` resource referenced. The resource is expected to be within the same namespace.' + type: string + required: + - name + type: object + image: + description: '`Image` specifies the function image, such as `gcr.io/kpt-fn/gatekeeper:v0.2`. Use of `Image` is mutually exclusive with `FunctionRef`.' + type: string + type: object + type: array + type: object + status: + description: RepositoryStatus defines the observed state of Repository + properties: + conditions: + description: Conditions describes the reconciliation state of the object. + items: + description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/nephio/core/porch/7-auth-reader.yaml b/nephio/core/porch/7-auth-reader.yaml index b4b8199..8b1dee5 100644 --- a/nephio/core/porch/7-auth-reader.yaml +++ b/nephio/core/porch/7-auth-reader.yaml @@ -21,6 +21,6 @@ roleRef: kind: Role name: extension-apiserver-authentication-reader subjects: -- kind: ServiceAccount - name: porch-server - namespace: porch-system + - kind: ServiceAccount + name: porch-server + namespace: porch-system diff --git a/nephio/core/porch/8-auth-delegator.yaml b/nephio/core/porch/8-auth-delegator.yaml index 10a0c78..d6f38d4 100644 --- a/nephio/core/porch/8-auth-delegator.yaml +++ b/nephio/core/porch/8-auth-delegator.yaml @@ -20,6 +20,6 @@ roleRef: kind: ClusterRole name: system:auth-delegator subjects: -- kind: ServiceAccount - name: porch-server - namespace: porch-system + - kind: ServiceAccount + name: porch-server + namespace: porch-system diff --git a/nephio/core/porch/9-porch-controller-clusterrole.yaml b/nephio/core/porch/9-porch-controller-clusterrole.yaml index 3787bb6..17af69d 100644 --- a/nephio/core/porch/9-porch-controller-clusterrole.yaml +++ b/nephio/core/porch/9-porch-controller-clusterrole.yaml @@ -4,22 +4,22 @@ metadata: creationTimestamp: null name: porch-controllers rules: -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - create - - delete - - get - - list - - patch - - update - - watch + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create + - delete + - get + - list + - patch + - update + - watch diff --git a/nephio/core/porch/9-porch-controller-packagevariants-clusterrole.yaml b/nephio/core/porch/9-porch-controller-packagevariants-clusterrole.yaml index acea26b..0d39a7f 100644 --- a/nephio/core/porch/9-porch-controller-packagevariants-clusterrole.yaml +++ b/nephio/core/porch/9-porch-controller-packagevariants-clusterrole.yaml @@ -4,53 +4,53 @@ metadata: creationTimestamp: null name: porch-controllers-packagevariants rules: -- apiGroups: - - config.porch.kpt.dev - resources: - - packagevariants - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - config.porch.kpt.dev - resources: - - packagevariants/finalizers - verbs: - - update -- apiGroups: - - config.porch.kpt.dev - resources: - - packagevariants/status - verbs: - - get - - patch - - update -- apiGroups: - - porch.kpt.dev - resources: - - packagerevisionresources - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - porch.kpt.dev - resources: - - packagerevisions - verbs: - - create - - delete - - get - - list - - patch - - update - - watch + - apiGroups: + - config.porch.kpt.dev + resources: + - packagevariants + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - config.porch.kpt.dev + resources: + - packagevariants/finalizers + verbs: + - update + - apiGroups: + - config.porch.kpt.dev + resources: + - packagevariants/status + verbs: + - get + - patch + - update + - apiGroups: + - porch.kpt.dev + resources: + - packagerevisionresources + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - porch.kpt.dev + resources: + - packagerevisions + verbs: + - create + - delete + - get + - list + - patch + - update + - watch diff --git a/nephio/core/porch/9-porch-controller-packagevariants-clusterrolebinding.yaml b/nephio/core/porch/9-porch-controller-packagevariants-clusterrolebinding.yaml index 381393e..c0de165 100644 --- a/nephio/core/porch/9-porch-controller-packagevariants-clusterrolebinding.yaml +++ b/nephio/core/porch/9-porch-controller-packagevariants-clusterrolebinding.yaml @@ -20,6 +20,6 @@ roleRef: kind: ClusterRole name: porch-controllers-packagevariants subjects: -- kind: ServiceAccount - name: porch-controllers - namespace: porch-system + - kind: ServiceAccount + name: porch-controllers + namespace: porch-system diff --git a/nephio/core/porch/9-porch-controller-packagevariantsets-clusterrole.yaml b/nephio/core/porch/9-porch-controller-packagevariantsets-clusterrole.yaml index ca1b0c6..636764e 100644 --- a/nephio/core/porch/9-porch-controller-packagevariantsets-clusterrole.yaml +++ b/nephio/core/porch/9-porch-controller-packagevariantsets-clusterrole.yaml @@ -4,47 +4,47 @@ metadata: creationTimestamp: null name: porch-controllers-packagevariantsets rules: -- apiGroups: - - '*' - resources: - - '*' - verbs: - - list -- apiGroups: - - config.porch.kpt.dev - resources: - - packagevariants - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - config.porch.kpt.dev - resources: - - packagevariantsets - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - config.porch.kpt.dev - resources: - - packagevariantsets/finalizers - verbs: - - update -- apiGroups: - - config.porch.kpt.dev - resources: - - packagevariantsets/status - verbs: - - get - - patch - - update + - apiGroups: + - '*' + resources: + - '*' + verbs: + - list + - apiGroups: + - config.porch.kpt.dev + resources: + - packagevariants + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - config.porch.kpt.dev + resources: + - packagevariantsets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - config.porch.kpt.dev + resources: + - packagevariantsets/finalizers + verbs: + - update + - apiGroups: + - config.porch.kpt.dev + resources: + - packagevariantsets/status + verbs: + - get + - patch + - update diff --git a/nephio/core/porch/9-porch-controller-packagevariantsets-clusterrolebinding.yaml b/nephio/core/porch/9-porch-controller-packagevariantsets-clusterrolebinding.yaml index 0e9403b..a993005 100644 --- a/nephio/core/porch/9-porch-controller-packagevariantsets-clusterrolebinding.yaml +++ b/nephio/core/porch/9-porch-controller-packagevariantsets-clusterrolebinding.yaml @@ -20,6 +20,6 @@ roleRef: kind: ClusterRole name: porch-controllers-packagevariantsets subjects: -- kind: ServiceAccount - name: porch-controllers - namespace: porch-system + - kind: ServiceAccount + name: porch-controllers + namespace: porch-system diff --git a/nephio/core/workload-crds/package-context.yaml b/nephio/core/workload-crds/package-context.yaml index 9616abf..6c33d9e 100644 --- a/nephio/core/workload-crds/package-context.yaml +++ b/nephio/core/workload-crds/package-context.yaml @@ -5,4 +5,4 @@ metadata: annotations: config.kubernetes.io/local-config: "true" data: - name: example \ No newline at end of file + name: example diff --git a/nephio/core/workload-crds/ref.nephio.org_configs.yaml b/nephio/core/workload-crds/ref.nephio.org_configs.yaml index 7e2b950..29d64cb 100644 --- a/nephio/core/workload-crds/ref.nephio.org_configs.yaml +++ b/nephio/core/workload-crds/ref.nephio.org_configs.yaml @@ -1,4 +1,3 @@ ---- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -15,31 +14,27 @@ spec: singular: config scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: Config is the Schema for the ConfigRef API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ConfigSpec defines the structure for config reference specification - properties: - config: - description: Config is the embedded config - type: object - x-kubernetes-preserve-unknown-fields: true - type: object - type: object - served: true - storage: true + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Config is the Schema for the ConfigRef API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ConfigSpec defines the structure for config reference specification + properties: + config: + description: Config is the embedded config + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: object + served: true + storage: true diff --git a/nephio/core/workload-crds/workload.nephio.org_nfconfigs.yaml b/nephio/core/workload-crds/workload.nephio.org_nfconfigs.yaml index dcf1f08..29a4812 100644 --- a/nephio/core/workload-crds/workload.nephio.org_nfconfigs.yaml +++ b/nephio/core/workload-crds/workload.nephio.org_nfconfigs.yaml @@ -1,4 +1,3 @@ ---- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -14,36 +13,32 @@ spec: singular: nfconfig scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - properties: - configRefs: - description: Config is the embedded config - items: - type: object + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + configRefs: + description: Config is the embedded config + items: + type: object + x-kubernetes-preserve-unknown-fields: true + type: array x-kubernetes-preserve-unknown-fields: true - type: array - x-kubernetes-preserve-unknown-fields: true - type: object - status: - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: object + status: + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/nephio/core/workload-crds/workload.nephio.org_nfdeployments.yaml b/nephio/core/workload-crds/workload.nephio.org_nfdeployments.yaml index 2da8299..0c134a1 100644 --- a/nephio/core/workload-crds/workload.nephio.org_nfdeployments.yaml +++ b/nephio/core/workload-crds/workload.nephio.org_nfdeployments.yaml @@ -1,4 +1,3 @@ ---- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -15,343 +14,275 @@ spec: singular: nfdeployment scope: Namespaced versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: NFDeploymentSpec defines the characteristics of a deployment - of a network function - properties: - capacity: - description: capacity defines the capacity characteristics of the - NF deployment - properties: - maxDownlinkThroughput: - anyOf: - - type: integer - - type: string - description: MaxDownlinkThroughput defines the max downlink dataplane - throughput - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - maxNFConnections: - description: MaxNFConnections defines the max NF(s) that can be - connected to this NF/device - type: integer - maxSessions: - description: MaxSessions defines the max sessions of the control - plane expressed in unit of 1000s - type: integer - maxSubscribers: - description: MaxSubscribers defines the max subscribers expressed - in unit of 1000s - type: integer - maxUplinkThroughput: - anyOf: - - type: integer - - type: string - description: MaxUplinkThroughput defines the max uplink dataplane - throughput - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - interfaces: - description: Interfaces defines the interfaces associated with the - NF deployment - items: - description: InterfaceConfig defines the configuration of the interface + - name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: NFDeploymentSpec defines the characteristics of a deployment of a network function + properties: + capacity: + description: capacity defines the capacity characteristics of the NF deployment properties: - ipv4: - description: IPv4 defines the ipv4 configuration of the interface - properties: - address: - description: Address defines the IPv4 address and prefix - length in CIDR notation [IP prefix, range IPv4 with host - bits] - type: string - gateway: - description: Gateway defines the IPv4 address associated - to the interface as a gateway - type: string - required: - - address - type: object - ipv6: - description: IPv6Config defines the ipv6 configuration of the - interface - properties: - address: - description: Address defines the IPv6 address and prefix - length in CIDR notation [IP prefix, range IPv6 with host - bits] - type: string - gateway: - description: Gateway defines the IPv6 address associated - to the interface as a gateway - type: string - required: - - address - type: object - name: - description: Name defines the name of the interface - maxLength: 253 - minLength: 1 - type: string - vlanID: - description: VLANID defines the specific vlan id associated - on this interface + maxDownlinkThroughput: + anyOf: + - type: integer + - type: string + description: MaxDownlinkThroughput defines the max downlink dataplane throughput + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + maxNFConnections: + description: MaxNFConnections defines the max NF(s) that can be connected to this NF/device + type: integer + maxSessions: + description: MaxSessions defines the max sessions of the control plane expressed in unit of 1000s + type: integer + maxSubscribers: + description: MaxSubscribers defines the max subscribers expressed in unit of 1000s type: integer - required: - - name + maxUplinkThroughput: + anyOf: + - type: integer + - type: string + description: MaxUplinkThroughput defines the max uplink dataplane throughput + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true type: object - type: array - networkInstances: - description: NetworkInstances defines the network instances associated - with the NF deployment - items: - description: A networkInstance is a Layer 3 forwarding construct - such as a virtual routing and forwarding (VRF) instance, - properties: - bgp: - description: BGP defines the BGP configuration associated with - the network instance - properties: - autonomousSystem: - description: AutonomousSystem defines the AS number of the - bgp process - type: integer - bgpNeighbors: - description: BGPNeigbors defines the configuration of the - BGP neighbor - items: - properties: - address: - description: Address defines the IPv4 or IPv6 address - of the BGP neighbor - type: string - name: - description: BGP interface name, MUST match the one - use in InterfaceConfig - type: string - peerAS: - description: PeerAS defines the AS number of the bgp - peer - type: integer - required: - - address - - peerAS - type: object - type: array - routerID: - description: RouterID defines the router ID of the bgp process - type: string - required: - - autonomousSystem - - bgpNeighbors - - routerID - type: object - dataNetworks: - description: DataNetworks defines the data networks assocated - with the network instance - items: - description: A DataNetwork defines the Data Network name defined - by 3GPP + interfaces: + description: Interfaces defines the interfaces associated with the NF deployment + items: + description: InterfaceConfig defines the configuration of the interface + properties: + ipv4: + description: IPv4 defines the ipv4 configuration of the interface + properties: + address: + description: Address defines the IPv4 address and prefix length in CIDR notation [IP prefix, range IPv4 with host bits] + type: string + gateway: + description: Gateway defines the IPv4 address associated to the interface as a gateway + type: string + required: + - address + type: object + ipv6: + description: IPv6Config defines the ipv6 configuration of the interface properties: - name: - description: Name defines the name of the data network - maxLength: 253 - minLength: 1 + address: + description: Address defines the IPv6 address and prefix length in CIDR notation [IP prefix, range IPv6 with host bits] type: string - pool: - description: Pool defines the list of address pools associated - with the data network + gateway: + description: Gateway defines the IPv6 address associated to the interface as a gateway + type: string + required: + - address + type: object + name: + description: Name defines the name of the interface + maxLength: 253 + minLength: 1 + type: string + vlanID: + description: VLANID defines the specific vlan id associated on this interface + type: integer + required: + - name + type: object + type: array + networkInstances: + description: NetworkInstances defines the network instances associated with the NF deployment + items: + description: A networkInstance is a Layer 3 forwarding construct such as a virtual routing and forwarding (VRF) instance, + properties: + bgp: + description: BGP defines the BGP configuration associated with the network instance + properties: + autonomousSystem: + description: AutonomousSystem defines the AS number of the bgp process + type: integer + bgpNeighbors: + description: BGPNeigbors defines the configuration of the BGP neighbor items: properties: - prefix: - description: Prefix defines the ip cidr in prefix - notation. It is defines as a subnet - pattern: (([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/(([0-9])|([1-2][0-9])|(3[0-2]))|((:|[0-9a-fA-F]{0,4}):)([0-9a-fA-F]{0,4}:){0,5}((([0-9a-fA-F]{0,4}:)?(:|[0-9a-fA-F]{0,4}))|(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])))(/(([0-9])|([0-9]{2})|(1[0-1][0-9])|(12[0-8]))) + address: + description: Address defines the IPv4 or IPv6 address of the BGP neighbor + type: string + name: + description: BGP interface name, MUST match the one use in InterfaceConfig type: string + peerAS: + description: PeerAS defines the AS number of the bgp peer + type: integer required: - - prefix + - address + - peerAS type: object type: array - type: object - type: array - interfaces: - description: interfaces defines the interfaces associated with - the network instance - items: - type: string - type: array - name: - description: Name defines the name of the network instance - maxLength: 253 - minLength: 1 - type: string - peers: - description: Peers defines the peer configuration associated - with the network instance - items: - description: A PeerConfig defines the peer configuration - properties: - ipv4: - description: IPv4 defines the ipv4 configuration of the - peer - properties: - address: - description: Address defines the IPv4 address and - prefix length in CIDR notation [IP prefix, range - IPv4 with host bits] - type: string - gateway: - description: Gateway defines the IPv4 address associated - to the interface as a gateway - type: string - required: - - address - type: object - ipv6: - description: IPv6 defines the ipv6 configuration of the - peer - properties: - address: - description: Address defines the IPv6 address and - prefix length in CIDR notation [IP prefix, range - IPv6 with host bits] - type: string - gateway: - description: Gateway defines the IPv6 address associated - to the interface as a gateway - type: string - required: - - address - type: object - name: - description: Name defines the name of the data network - maxLength: 253 - minLength: 1 + routerID: + description: RouterID defines the router ID of the bgp process type: string + required: + - autonomousSystem + - bgpNeighbors + - routerID type: object - type: array - required: - - name - type: object - type: array - parametersRefs: - description: ParametersRefs defines addiitonal KRM parmeter references - the nf depends upon - items: - properties: - apiVersion: - description: APIVersion of the target resources - type: string - kind: - description: Kind of the target resources - type: string - name: - description: Name of the target resource - type: string - type: object - type: array - provider: - description: provider defines which provider implement this NFDeployment - type: string - type: object - status: - description: NFDeploymentStatus defines the observed state of nf deployment - properties: - conditions: - description: Conditions define the current state of the NF deployment - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - observedGeneration: - description: The generation observed by the deployment controller. - format: int32 - type: integer - required: - - observedGeneration - type: object - type: object - served: true - storage: true - subresources: - status: {} + dataNetworks: + description: DataNetworks defines the data networks assocated with the network instance + items: + description: A DataNetwork defines the Data Network name defined by 3GPP + properties: + name: + description: Name defines the name of the data network + maxLength: 253 + minLength: 1 + type: string + pool: + description: Pool defines the list of address pools associated with the data network + items: + properties: + prefix: + description: Prefix defines the ip cidr in prefix notation. It is defines as a subnet + pattern: (([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/(([0-9])|([1-2][0-9])|(3[0-2]))|((:|[0-9a-fA-F]{0,4}):)([0-9a-fA-F]{0,4}:){0,5}((([0-9a-fA-F]{0,4}:)?(:|[0-9a-fA-F]{0,4}))|(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])))(/(([0-9])|([0-9]{2})|(1[0-1][0-9])|(12[0-8]))) + type: string + required: + - prefix + type: object + type: array + type: object + type: array + interfaces: + description: interfaces defines the interfaces associated with the network instance + items: + type: string + type: array + name: + description: Name defines the name of the network instance + maxLength: 253 + minLength: 1 + type: string + peers: + description: Peers defines the peer configuration associated with the network instance + items: + description: A PeerConfig defines the peer configuration + properties: + ipv4: + description: IPv4 defines the ipv4 configuration of the peer + properties: + address: + description: Address defines the IPv4 address and prefix length in CIDR notation [IP prefix, range IPv4 with host bits] + type: string + gateway: + description: Gateway defines the IPv4 address associated to the interface as a gateway + type: string + required: + - address + type: object + ipv6: + description: IPv6 defines the ipv6 configuration of the peer + properties: + address: + description: Address defines the IPv6 address and prefix length in CIDR notation [IP prefix, range IPv6 with host bits] + type: string + gateway: + description: Gateway defines the IPv6 address associated to the interface as a gateway + type: string + required: + - address + type: object + name: + description: Name defines the name of the data network + maxLength: 253 + minLength: 1 + type: string + type: object + type: array + required: + - name + type: object + type: array + parametersRefs: + description: ParametersRefs defines addiitonal KRM parmeter references the nf depends upon + items: + properties: + apiVersion: + description: APIVersion of the target resources + type: string + kind: + description: Kind of the target resources + type: string + name: + description: Name of the target resource + type: string + type: object + type: array + provider: + description: provider defines which provider implement this NFDeployment + type: string + type: object + status: + description: NFDeploymentStatus defines the observed state of nf deployment + properties: + conditions: + description: Conditions define the current state of the NF deployment + items: + description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + observedGeneration: + description: The generation observed by the deployment controller. + format: int32 + type: integer + required: + - observedGeneration + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/nephio/optional/flux-helm-controllers/clusterrole.yaml b/nephio/optional/flux-helm-controllers/clusterrole.yaml index dad832d..79c73ae 100644 --- a/nephio/optional/flux-helm-controllers/clusterrole.yaml +++ b/nephio/optional/flux-helm-controllers/clusterrole.yaml @@ -59,69 +59,69 @@ metadata: app.kubernetes.io/version: "2.0.0" app.kubernetes.io/part-of: flux rules: -- apiGroups: ['source.toolkit.fluxcd.io'] - resources: ['*'] - verbs: ['*'] -- apiGroups: ['kustomize.toolkit.fluxcd.io'] - resources: ['*'] - verbs: ['*'] -- apiGroups: ['helm.toolkit.fluxcd.io'] - resources: ['*'] - verbs: ['*'] -- apiGroups: ['notification.toolkit.fluxcd.io'] - resources: ['*'] - verbs: ['*'] -- apiGroups: ['image.toolkit.fluxcd.io'] - resources: ['*'] - verbs: ['*'] -- apiGroups: - - "" - resources: - - namespaces - - secrets - - configmaps - - serviceaccounts - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch -# required by leader election -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - "" - resources: - - configmaps/status - verbs: - - get - - update - - patch -- apiGroups: - - "coordination.k8s.io" - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - - delete + - apiGroups: ['source.toolkit.fluxcd.io'] + resources: ['*'] + verbs: ['*'] + - apiGroups: ['kustomize.toolkit.fluxcd.io'] + resources: ['*'] + verbs: ['*'] + - apiGroups: ['helm.toolkit.fluxcd.io'] + resources: ['*'] + verbs: ['*'] + - apiGroups: ['notification.toolkit.fluxcd.io'] + resources: ['*'] + verbs: ['*'] + - apiGroups: ['image.toolkit.fluxcd.io'] + resources: ['*'] + verbs: ['*'] + - apiGroups: + - "" + resources: + - namespaces + - secrets + - configmaps + - serviceaccounts + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + # required by leader election + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - "" + resources: + - configmaps/status + verbs: + - get + - update + - patch + - apiGroups: + - "coordination.k8s.io" + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete diff --git a/nephio/optional/flux-helm-controllers/clusterrolebinding.yaml b/nephio/optional/flux-helm-controllers/clusterrolebinding.yaml index 07aac21..8b05860 100644 --- a/nephio/optional/flux-helm-controllers/clusterrolebinding.yaml +++ b/nephio/optional/flux-helm-controllers/clusterrolebinding.yaml @@ -12,9 +12,9 @@ roleRef: kind: ClusterRole name: cluster-admin subjects: -- kind: ServiceAccount - name: helm-controller - namespace: flux-system + - kind: ServiceAccount + name: helm-controller + namespace: flux-system --- # Source: flux2/templates/crd-controller-clusterrolebinding.yaml apiVersion: rbac.authorization.k8s.io/v1 diff --git a/nephio/optional/flux-helm-controllers/deployment.yaml b/nephio/optional/flux-helm-controllers/deployment.yaml index a90fcb2..8377771 100644 --- a/nephio/optional/flux-helm-controllers/deployment.yaml +++ b/nephio/optional/flux-helm-controllers/deployment.yaml @@ -30,55 +30,55 @@ spec: spec: automountServiceAccountToken: true containers: - - args: - - --watch-all-namespaces=true - - --log-level=info - - --log-encoding=json - - --enable-leader-election - env: - - name: RUNTIME_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - image: ghcr.io/fluxcd/helm-controller:v0.35.0 - imagePullPolicy: IfNotPresent - livenessProbe: - httpGet: - path: /healthz - port: healthz - name: manager - ports: - - containerPort: 8080 - name: http-prom - - containerPort: 9440 - name: healthz - protocol: TCP - readinessProbe: - httpGet: - path: /readyz - port: healthz - resources: - limits: {} - requests: - cpu: 100m - memory: 64Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /tmp - name: temp + - args: + - --watch-all-namespaces=true + - --log-level=info + - --log-encoding=json + - --enable-leader-election + env: + - name: RUNTIME_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: ghcr.io/fluxcd/helm-controller:v0.35.0 + imagePullPolicy: IfNotPresent + livenessProbe: + httpGet: + path: /healthz + port: healthz + name: manager + ports: + - containerPort: 8080 + name: http-prom + - containerPort: 9440 + name: healthz + protocol: TCP + readinessProbe: + httpGet: + path: /readyz + port: healthz + resources: + limits: {} + requests: + cpu: 100m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + volumeMounts: + - mountPath: /tmp + name: temp serviceAccountName: helm-controller terminationGracePeriodSeconds: 600 volumes: - - emptyDir: {} - name: temp + - emptyDir: {} + name: temp --- # Source: flux2/templates/source-controller.yaml apiVersion: apps/v1 @@ -109,64 +109,64 @@ spec: spec: automountServiceAccountToken: true containers: - - args: - - --watch-all-namespaces=true - - --log-level=info - - --log-encoding=json - - --enable-leader-election - - --storage-path=/data - - --storage-adv-addr=source-controller.$(RUNTIME_NAMESPACE).svc.cluster.local. - env: - - name: RUNTIME_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - image: ghcr.io/fluxcd/source-controller:v1.0.1 - imagePullPolicy: IfNotPresent - livenessProbe: - httpGet: - path: /healthz - port: healthz - name: manager - ports: - - containerPort: 9090 - name: http - protocol: TCP - - containerPort: 8080 - name: http-prom - protocol: TCP - - containerPort: 9440 - name: healthz - protocol: TCP - readinessProbe: - httpGet: - path: / - port: http - resources: - limits: {} - requests: - cpu: 100m - memory: 64Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /data - name: data - - mountPath: /tmp - name: tmp + - args: + - --watch-all-namespaces=true + - --log-level=info + - --log-encoding=json + - --enable-leader-election + - --storage-path=/data + - --storage-adv-addr=source-controller.$(RUNTIME_NAMESPACE).svc.cluster.local. + env: + - name: RUNTIME_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: ghcr.io/fluxcd/source-controller:v1.0.1 + imagePullPolicy: IfNotPresent + livenessProbe: + httpGet: + path: /healthz + port: healthz + name: manager + ports: + - containerPort: 9090 + name: http + protocol: TCP + - containerPort: 8080 + name: http-prom + protocol: TCP + - containerPort: 9440 + name: healthz + protocol: TCP + readinessProbe: + httpGet: + path: / + port: http + resources: + limits: {} + requests: + cpu: 100m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + volumeMounts: + - mountPath: /data + name: data + - mountPath: /tmp + name: tmp securityContext: fsGroup: 1337 serviceAccountName: source-controller terminationGracePeriodSeconds: 10 volumes: - - emptyDir: {} - name: data - - emptyDir: {} - name: tmp + - emptyDir: {} + name: data + - emptyDir: {} + name: tmp diff --git a/nephio/optional/flux-helm-controllers/flux-crds.yaml b/nephio/optional/flux-helm-controllers/flux-crds.yaml index a1f7c78..090abdb 100644 --- a/nephio/optional/flux-helm-controllers/flux-crds.yaml +++ b/nephio/optional/flux-helm-controllers/flux-crds.yaml @@ -1,4 +1,3 @@ ---- # Source: flux2/templates/helm-controller.crds.yaml apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition @@ -18,914 +17,641 @@ spec: listKind: HelmReleaseList plural: helmreleases shortNames: - - hr + - hr singular: helmrelease scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v2beta1 - schema: - openAPIV3Schema: - description: HelmRelease is the Schema for the helmreleases API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: HelmReleaseSpec defines the desired state of a Helm release. - properties: - chart: - description: Chart defines the template of the v1beta2.HelmChart that - should be created for this HelmRelease. - properties: - metadata: - description: ObjectMeta holds the template for metadata like labels - and annotations. - properties: - annotations: - additionalProperties: - type: string - description: 'Annotations is an unstructured key value map - stored with a resource that may be set by external tools - to store and retrieve arbitrary metadata. They are not queryable - and should be preserved when modifying objects. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/' - type: object - labels: - additionalProperties: - type: string - description: 'Map of string keys and values that can be used - to organize and categorize (scope and select) objects. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/' - type: object - type: object - spec: - description: Spec holds the template for the v1beta2.HelmChartSpec - for this HelmRelease. - properties: - chart: - description: The name or path the Helm chart is available - at in the SourceRef. - type: string - interval: - description: Interval at which to check the v1beta2.Source - for updates. Defaults to 'HelmReleaseSpec.Interval'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - reconcileStrategy: - default: ChartVersion - description: Determines what enables the creation of a new - artifact. Valid values are ('ChartVersion', 'Revision'). - See the documentation of the values for an explanation on - their behavior. Defaults to ChartVersion when omitted. - enum: - - ChartVersion - - Revision - type: string - sourceRef: - description: The name and namespace of the v1beta2.Source - the chart is available at. - properties: - apiVersion: - description: APIVersion of the referent. - type: string - kind: - description: Kind of the referent. - enum: - - HelmRepository - - GitRepository - - Bucket - type: string - name: - description: Name of the referent. - maxLength: 253 - minLength: 1 + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + name: v2beta1 + schema: + openAPIV3Schema: + description: HelmRelease is the Schema for the helmreleases API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: HelmReleaseSpec defines the desired state of a Helm release. + properties: + chart: + description: Chart defines the template of the v1beta2.HelmChart that should be created for this HelmRelease. + properties: + metadata: + description: ObjectMeta holds the template for metadata like labels and annotations. + properties: + annotations: + additionalProperties: type: string - namespace: - description: Namespace of the referent. - maxLength: 63 - minLength: 1 + description: 'Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/' + type: object + labels: + additionalProperties: type: string - required: - - name - type: object - valuesFile: - description: Alternative values file to use as the default - chart values, expected to be a relative path in the SourceRef. - Deprecated in favor of ValuesFiles, for backwards compatibility - the file defined here is merged before the ValuesFiles items. - Ignored when omitted. - type: string - valuesFiles: - description: Alternative list of values files to use as the - chart values (values.yaml is not included by default), expected - to be a relative path in the SourceRef. Values files are - merged in the order of this list with the last file overriding - the first. Ignored when omitted. - items: + description: 'Map of string keys and values that can be used to organize and categorize (scope and select) objects. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/' + type: object + type: object + spec: + description: Spec holds the template for the v1beta2.HelmChartSpec for this HelmRelease. + properties: + chart: + description: The name or path the Helm chart is available at in the SourceRef. type: string - type: array - verify: - description: Verify contains the secret name containing the - trusted public keys used to verify the signature and specifies - which provider to use to check whether OCI image is authentic. - This field is only supported for OCI sources. Chart dependencies, - which are not bundled in the umbrella chart artifact, are - not verified. - properties: - provider: - default: cosign - description: Provider specifies the technology used to - sign the OCI Helm chart. - enum: - - cosign - type: string - secretRef: - description: SecretRef specifies the Kubernetes Secret - containing the trusted public keys. - properties: - name: - description: Name of the referent. - type: string - required: + interval: + description: Interval at which to check the v1beta2.Source for updates. Defaults to 'HelmReleaseSpec.Interval'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + reconcileStrategy: + default: ChartVersion + description: Determines what enables the creation of a new artifact. Valid values are ('ChartVersion', 'Revision'). See the documentation of the values for an explanation on their behavior. Defaults to ChartVersion when omitted. + enum: + - ChartVersion + - Revision + type: string + sourceRef: + description: The name and namespace of the v1beta2.Source the chart is available at. + properties: + apiVersion: + description: APIVersion of the referent. + type: string + kind: + description: Kind of the referent. + enum: + - HelmRepository + - GitRepository + - Bucket + type: string + name: + description: Name of the referent. + maxLength: 253 + minLength: 1 + type: string + namespace: + description: Namespace of the referent. + maxLength: 63 + minLength: 1 + type: string + required: - name - type: object - required: - - provider - type: object - version: - default: '*' - description: Version semver expression, ignored for charts - from v1beta2.GitRepository and v1beta2.Bucket sources. Defaults - to latest when omitted. - type: string - required: - - chart - - sourceRef - type: object - required: - - spec - type: object - dependsOn: - description: DependsOn may contain a meta.NamespacedObjectReference - slice with references to HelmRelease resources that must be ready - before this HelmRelease can be reconciled. - items: - description: NamespacedObjectReference contains enough information - to locate the referenced Kubernetes resource object in any namespace. - properties: - name: - description: Name of the referent. - type: string - namespace: - description: Namespace of the referent, when not specified it - acts as LocalObjectReference. - type: string + type: object + valuesFile: + description: Alternative values file to use as the default chart values, expected to be a relative path in the SourceRef. Deprecated in favor of ValuesFiles, for backwards compatibility the file defined here is merged before the ValuesFiles items. Ignored when omitted. + type: string + valuesFiles: + description: Alternative list of values files to use as the chart values (values.yaml is not included by default), expected to be a relative path in the SourceRef. Values files are merged in the order of this list with the last file overriding the first. Ignored when omitted. + items: + type: string + type: array + verify: + description: Verify contains the secret name containing the trusted public keys used to verify the signature and specifies which provider to use to check whether OCI image is authentic. This field is only supported for OCI sources. Chart dependencies, which are not bundled in the umbrella chart artifact, are not verified. + properties: + provider: + default: cosign + description: Provider specifies the technology used to sign the OCI Helm chart. + enum: + - cosign + type: string + secretRef: + description: SecretRef specifies the Kubernetes Secret containing the trusted public keys. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + required: + - provider + type: object + version: + default: '*' + description: Version semver expression, ignored for charts from v1beta2.GitRepository and v1beta2.Bucket sources. Defaults to latest when omitted. + type: string + required: + - chart + - sourceRef + type: object required: - - name + - spec type: object - type: array - install: - description: Install holds the configuration for Helm install actions - for this HelmRelease. - properties: - crds: - description: "CRDs upgrade CRDs from the Helm Chart's crds directory - according to the CRD upgrade policy provided here. Valid values - are `Skip`, `Create` or `CreateReplace`. Default is `Create` - and if omitted CRDs are installed but not updated. \n Skip: - do neither install nor replace (update) any CRDs. \n Create: - new CRDs are created, existing CRDs are neither updated nor - deleted. \n CreateReplace: new CRDs are created, existing CRDs - are updated (replaced) but not deleted. \n By default, CRDs - are applied (installed) during Helm install action. With this - option users can opt-in to CRD replace existing CRDs on Helm - install actions, which is not (yet) natively supported by Helm. - https://helm.sh/docs/chart_best_practices/custom_resource_definitions." - enum: - - Skip - - Create - - CreateReplace - type: string - createNamespace: - description: CreateNamespace tells the Helm install action to - create the HelmReleaseSpec.TargetNamespace if it does not exist - yet. On uninstall, the namespace will not be garbage collected. - type: boolean - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm install action. - type: boolean - disableOpenAPIValidation: - description: DisableOpenAPIValidation prevents the Helm install - action from validating rendered templates against the Kubernetes - OpenAPI Schema. - type: boolean - disableWait: - description: DisableWait disables the waiting for resources to - be ready after a Helm install has been performed. - type: boolean - disableWaitForJobs: - description: DisableWaitForJobs disables waiting for jobs to complete - after a Helm install has been performed. - type: boolean - remediation: - description: Remediation holds the remediation configuration for - when the Helm install action for the HelmRelease fails. The - default is to not perform any action. + dependsOn: + description: DependsOn may contain a meta.NamespacedObjectReference slice with references to HelmRelease resources that must be ready before this HelmRelease can be reconciled. + items: + description: NamespacedObjectReference contains enough information to locate the referenced Kubernetes resource object in any namespace. properties: - ignoreTestFailures: - description: IgnoreTestFailures tells the controller to skip - remediation when the Helm tests are run after an install - action but fail. Defaults to 'Test.IgnoreFailures'. - type: boolean - remediateLastFailure: - description: RemediateLastFailure tells the controller to - remediate the last failure, when no retries remain. Defaults - to 'false'. - type: boolean - retries: - description: Retries is the number of retries that should - be attempted on failures before bailing. Remediation, using - an uninstall, is performed between each attempt. Defaults - to '0', a negative integer equals to unlimited retries. - type: integer - type: object - replace: - description: Replace tells the Helm install action to re-use the - 'ReleaseName', but only if that name is a deleted release which - remains in the history. - type: boolean - skipCRDs: - description: "SkipCRDs tells the Helm install action to not install - any CRDs. By default, CRDs are installed if not already present. - \n Deprecated use CRD policy (`crds`) attribute with value `Skip` - instead." - type: boolean - timeout: - description: Timeout is the time to wait for any individual Kubernetes - operation (like Jobs for hooks) during the performance of a - Helm install action. Defaults to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - interval: - description: Interval at which to reconcile the Helm release. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - kubeConfig: - description: KubeConfig for reconciling the HelmRelease on a remote - cluster. When used in combination with HelmReleaseSpec.ServiceAccountName, - forces the controller to act on behalf of that Service Account at - the target cluster. If the --default-service-account flag is set, - its value will be used as a controller level fallback for when HelmReleaseSpec.ServiceAccountName - is empty. - properties: - secretRef: - description: SecretRef holds the name of a secret that contains - a key with the kubeconfig file as the value. If no key is set, - the key will default to 'value'. It is recommended that the - kubeconfig is self-contained, and the secret is regularly updated - if credentials such as a cloud-access-token expire. Cloud specific - `cmd-path` auth helpers will not function without adding binaries - and credentials to the Pod that is responsible for reconciling - Kubernetes resources. - properties: - key: - description: Key in the Secret, when not specified an implementation-specific - default key is used. - type: string name: - description: Name of the Secret. + description: Name of the referent. + type: string + namespace: + description: Namespace of the referent, when not specified it acts as LocalObjectReference. type: string required: - - name + - name type: object - required: - - secretRef - type: object - maxHistory: - description: MaxHistory is the number of revisions saved by Helm for - this HelmRelease. Use '0' for an unlimited number of revisions; - defaults to '10'. - type: integer - persistentClient: - description: "PersistentClient tells the controller to use a persistent - Kubernetes client for this release. When enabled, the client will - be reused for the duration of the reconciliation, instead of being - created and destroyed for each (step of a) Helm action. \n This - can improve performance, but may cause issues with some Helm charts - that for example do create Custom Resource Definitions during installation - outside Helm's CRD lifecycle hooks, which are then not observed - to be available by e.g. post-install hooks. \n If not set, it defaults - to true." - type: boolean - postRenderers: - description: PostRenderers holds an array of Helm PostRenderers, which - will be applied in order of their definition. - items: - description: PostRenderer contains a Helm PostRenderer specification. + type: array + install: + description: Install holds the configuration for Helm install actions for this HelmRelease. properties: - kustomize: - description: Kustomization to apply as PostRenderer. + crds: + description: "CRDs upgrade CRDs from the Helm Chart's crds directory according to the CRD upgrade policy provided here. Valid values are `Skip`, `Create` or `CreateReplace`. Default is `Create` and if omitted CRDs are installed but not updated. \n Skip: do neither install nor replace (update) any CRDs. \n Create: new CRDs are created, existing CRDs are neither updated nor deleted. \n CreateReplace: new CRDs are created, existing CRDs are updated (replaced) but not deleted. \n By default, CRDs are applied (installed) during Helm install action. With this option users can opt-in to CRD replace existing CRDs on Helm install actions, which is not (yet) natively supported by Helm. https://helm.sh/docs/chart_best_practices/custom_resource_definitions." + enum: + - Skip + - Create + - CreateReplace + type: string + createNamespace: + description: CreateNamespace tells the Helm install action to create the HelmReleaseSpec.TargetNamespace if it does not exist yet. On uninstall, the namespace will not be garbage collected. + type: boolean + disableHooks: + description: DisableHooks prevents hooks from running during the Helm install action. + type: boolean + disableOpenAPIValidation: + description: DisableOpenAPIValidation prevents the Helm install action from validating rendered templates against the Kubernetes OpenAPI Schema. + type: boolean + disableWait: + description: DisableWait disables the waiting for resources to be ready after a Helm install has been performed. + type: boolean + disableWaitForJobs: + description: DisableWaitForJobs disables waiting for jobs to complete after a Helm install has been performed. + type: boolean + remediation: + description: Remediation holds the remediation configuration for when the Helm install action for the HelmRelease fails. The default is to not perform any action. properties: - images: - description: Images is a list of (image name, new name, - new tag or digest) for changing image names, tags or digests. - This can also be achieved with a patch, but this operator - is simpler to specify. - items: - description: Image contains an image name, a new name, - a new tag or digest, which will replace the original - name and tag. - properties: - digest: - description: Digest is the value used to replace the - original image tag. If digest is present NewTag - value is ignored. - type: string - name: - description: Name is a tag-less image name. - type: string - newName: - description: NewName is the value used to replace - the original name. - type: string - newTag: - description: NewTag is the value used to replace the - original tag. - type: string - required: - - name - type: object - type: array - patches: - description: Strategic merge and JSON patches, defined as - inline YAML objects, capable of targeting objects based - on kind, label and annotation selectors. - items: - description: Patch contains an inline StrategicMerge or - JSON6902 patch, and the target the patch should be applied - to. - properties: - patch: - description: Patch contains an inline StrategicMerge - patch or an inline JSON6902 patch with an array - of operation objects. - type: string - target: - description: Target points to the resources that the - patch document should be applied to. - properties: - annotationSelector: - description: AnnotationSelector is a string that - follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: Group is the API group to select - resources from. Together with Version and Kind - it is capable of unambiguously identifying and/or - selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: Kind of the API Group to select resources - from. Together with Group and Version it is - capable of unambiguously identifying and/or - selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: LabelSelector is a string that follows - the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: Version of the API Group to select - resources from. Together with Group and Kind - it is capable of unambiguously identifying and/or - selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - required: - - patch - type: object - type: array - patchesJson6902: - description: JSON 6902 patches, defined as inline YAML objects. - items: - description: JSON6902Patch contains a JSON6902 patch and - the target the patch should be applied to. - properties: - patch: - description: Patch contains the JSON6902 patch document - with an array of operation objects. - items: - description: JSON6902 is a JSON6902 operation object. - https://datatracker.ietf.org/doc/html/rfc6902#section-4 + ignoreTestFailures: + description: IgnoreTestFailures tells the controller to skip remediation when the Helm tests are run after an install action but fail. Defaults to 'Test.IgnoreFailures'. + type: boolean + remediateLastFailure: + description: RemediateLastFailure tells the controller to remediate the last failure, when no retries remain. Defaults to 'false'. + type: boolean + retries: + description: Retries is the number of retries that should be attempted on failures before bailing. Remediation, using an uninstall, is performed between each attempt. Defaults to '0', a negative integer equals to unlimited retries. + type: integer + type: object + replace: + description: Replace tells the Helm install action to re-use the 'ReleaseName', but only if that name is a deleted release which remains in the history. + type: boolean + skipCRDs: + description: "SkipCRDs tells the Helm install action to not install any CRDs. By default, CRDs are installed if not already present. \n Deprecated use CRD policy (`crds`) attribute with value `Skip` instead." + type: boolean + timeout: + description: Timeout is the time to wait for any individual Kubernetes operation (like Jobs for hooks) during the performance of a Helm install action. Defaults to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + interval: + description: Interval at which to reconcile the Helm release. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + kubeConfig: + description: KubeConfig for reconciling the HelmRelease on a remote cluster. When used in combination with HelmReleaseSpec.ServiceAccountName, forces the controller to act on behalf of that Service Account at the target cluster. If the --default-service-account flag is set, its value will be used as a controller level fallback for when HelmReleaseSpec.ServiceAccountName is empty. + properties: + secretRef: + description: SecretRef holds the name of a secret that contains a key with the kubeconfig file as the value. If no key is set, the key will default to 'value'. It is recommended that the kubeconfig is self-contained, and the secret is regularly updated if credentials such as a cloud-access-token expire. Cloud specific `cmd-path` auth helpers will not function without adding binaries and credentials to the Pod that is responsible for reconciling Kubernetes resources. + properties: + key: + description: Key in the Secret, when not specified an implementation-specific default key is used. + type: string + name: + description: Name of the Secret. + type: string + required: + - name + type: object + required: + - secretRef + type: object + maxHistory: + description: MaxHistory is the number of revisions saved by Helm for this HelmRelease. Use '0' for an unlimited number of revisions; defaults to '10'. + type: integer + persistentClient: + description: "PersistentClient tells the controller to use a persistent Kubernetes client for this release. When enabled, the client will be reused for the duration of the reconciliation, instead of being created and destroyed for each (step of a) Helm action. \n This can improve performance, but may cause issues with some Helm charts that for example do create Custom Resource Definitions during installation outside Helm's CRD lifecycle hooks, which are then not observed to be available by e.g. post-install hooks. \n If not set, it defaults to true." + type: boolean + postRenderers: + description: PostRenderers holds an array of Helm PostRenderers, which will be applied in order of their definition. + items: + description: PostRenderer contains a Helm PostRenderer specification. + properties: + kustomize: + description: Kustomization to apply as PostRenderer. + properties: + images: + description: Images is a list of (image name, new name, new tag or digest) for changing image names, tags or digests. This can also be achieved with a patch, but this operator is simpler to specify. + items: + description: Image contains an image name, a new name, a new tag or digest, which will replace the original name and tag. + properties: + digest: + description: Digest is the value used to replace the original image tag. If digest is present NewTag value is ignored. + type: string + name: + description: Name is a tag-less image name. + type: string + newName: + description: NewName is the value used to replace the original name. + type: string + newTag: + description: NewTag is the value used to replace the original tag. + type: string + required: + - name + type: object + type: array + patches: + description: Strategic merge and JSON patches, defined as inline YAML objects, capable of targeting objects based on kind, label and annotation selectors. + items: + description: Patch contains an inline StrategicMerge or JSON6902 patch, and the target the patch should be applied to. + properties: + patch: + description: Patch contains an inline StrategicMerge patch or an inline JSON6902 patch with an array of operation objects. + type: string + target: + description: Target points to the resources that the patch document should be applied to. properties: - from: - description: From contains a JSON-pointer value - that references a location within the target - document where the operation is performed. - The meaning of the value depends on the value - of Op, and is NOT taken into account by all - operations. + annotationSelector: + description: AnnotationSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource annotations. + type: string + group: + description: Group is the API group to select resources from. Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: Kind of the API Group to select resources from. Together with Group and Version it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string - op: - description: Op indicates the operation to perform. - Its value MUST be one of "add", "remove", - "replace", "move", "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4 - enum: - - test - - remove - - add - - replace - - move - - copy + labelSelector: + description: LabelSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource labels. type: string - path: - description: Path contains the JSON-pointer - value that references a location within the - target document where the operation is performed. - The meaning of the value depends on the value - of Op. + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: Version of the API Group to select resources from. Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md type: string - value: - description: Value contains a valid JSON structure. - The meaning of the value depends on the value - of Op, and is NOT taken into account by all - operations. - x-kubernetes-preserve-unknown-fields: true - required: - - op - - path type: object - type: array - target: - description: Target points to the resources that the - patch document should be applied to. - properties: - annotationSelector: - description: AnnotationSelector is a string that - follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource annotations. - type: string - group: - description: Group is the API group to select - resources from. Together with Version and Kind - it is capable of unambiguously identifying and/or - selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - kind: - description: Kind of the API Group to select resources - from. Together with Group and Version it is - capable of unambiguously identifying and/or - selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - labelSelector: - description: LabelSelector is a string that follows - the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api - It matches with the resource labels. - type: string - name: - description: Name to match resources with. - type: string - namespace: - description: Namespace to select resources from. - type: string - version: - description: Version of the API Group to select - resources from. Together with Group and Kind - it is capable of unambiguously identifying and/or - selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md - type: string - type: object - required: - - patch - - target - type: object - type: array - patchesStrategicMerge: - description: Strategic merge patches, defined as inline - YAML objects. - items: - x-kubernetes-preserve-unknown-fields: true - type: array - type: object - type: object - type: array - releaseName: - description: ReleaseName used for the Helm release. Defaults to a - composition of '[TargetNamespace-]Name'. - maxLength: 53 - minLength: 1 - type: string - rollback: - description: Rollback holds the configuration for Helm rollback actions - for this HelmRelease. - properties: - cleanupOnFail: - description: CleanupOnFail allows deletion of new resources created - during the Helm rollback action when it fails. - type: boolean - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm rollback action. - type: boolean - disableWait: - description: DisableWait disables the waiting for resources to - be ready after a Helm rollback has been performed. - type: boolean - disableWaitForJobs: - description: DisableWaitForJobs disables waiting for jobs to complete - after a Helm rollback has been performed. - type: boolean - force: - description: Force forces resource updates through a replacement - strategy. - type: boolean - recreate: - description: Recreate performs pod restarts for the resource if - applicable. - type: boolean - timeout: - description: Timeout is the time to wait for any individual Kubernetes - operation (like Jobs for hooks) during the performance of a - Helm rollback action. Defaults to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - serviceAccountName: - description: The name of the Kubernetes service account to impersonate - when reconciling this HelmRelease. - type: string - storageNamespace: - description: StorageNamespace used for the Helm storage. Defaults - to the namespace of the HelmRelease. - maxLength: 63 - minLength: 1 - type: string - suspend: - description: Suspend tells the controller to suspend reconciliation - for this HelmRelease, it does not apply to already started reconciliations. - Defaults to false. - type: boolean - targetNamespace: - description: TargetNamespace to target when performing operations - for the HelmRelease. Defaults to the namespace of the HelmRelease. - maxLength: 63 - minLength: 1 - type: string - test: - description: Test holds the configuration for Helm test actions for - this HelmRelease. - properties: - enable: - description: Enable enables Helm test actions for this HelmRelease - after an Helm install or upgrade action has been performed. - type: boolean - ignoreFailures: - description: IgnoreFailures tells the controller to skip remediation - when the Helm tests are run but fail. Can be overwritten for - tests run after install or upgrade actions in 'Install.IgnoreTestFailures' - and 'Upgrade.IgnoreTestFailures'. - type: boolean - timeout: - description: Timeout is the time to wait for any individual Kubernetes - operation during the performance of a Helm test action. Defaults - to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - timeout: - description: Timeout is the time to wait for any individual Kubernetes - operation (like Jobs for hooks) during the performance of a Helm - action. Defaults to '5m0s'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - uninstall: - description: Uninstall holds the configuration for Helm uninstall - actions for this HelmRelease. - properties: - deletionPropagation: - default: background - description: DeletionPropagation specifies the deletion propagation - policy when a Helm uninstall is performed. - enum: - - background - - foreground - - orphan - type: string - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm rollback action. - type: boolean - disableWait: - description: DisableWait disables waiting for all the resources - to be deleted after a Helm uninstall is performed. - type: boolean - keepHistory: - description: KeepHistory tells Helm to remove all associated resources - and mark the release as deleted, but retain the release history. - type: boolean - timeout: - description: Timeout is the time to wait for any individual Kubernetes - operation (like Jobs for hooks) during the performance of a - Helm uninstall action. Defaults to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - upgrade: - description: Upgrade holds the configuration for Helm upgrade actions - for this HelmRelease. - properties: - cleanupOnFail: - description: CleanupOnFail allows deletion of new resources created - during the Helm upgrade action when it fails. - type: boolean - crds: - description: "CRDs upgrade CRDs from the Helm Chart's crds directory - according to the CRD upgrade policy provided here. Valid values - are `Skip`, `Create` or `CreateReplace`. Default is `Skip` and - if omitted CRDs are neither installed nor upgraded. \n Skip: - do neither install nor replace (update) any CRDs. \n Create: - new CRDs are created, existing CRDs are neither updated nor - deleted. \n CreateReplace: new CRDs are created, existing CRDs - are updated (replaced) but not deleted. \n By default, CRDs - are not applied during Helm upgrade action. With this option - users can opt-in to CRD upgrade, which is not (yet) natively - supported by Helm. https://helm.sh/docs/chart_best_practices/custom_resource_definitions." - enum: - - Skip - - Create - - CreateReplace - type: string - disableHooks: - description: DisableHooks prevents hooks from running during the - Helm upgrade action. - type: boolean - disableOpenAPIValidation: - description: DisableOpenAPIValidation prevents the Helm upgrade - action from validating rendered templates against the Kubernetes - OpenAPI Schema. - type: boolean - disableWait: - description: DisableWait disables the waiting for resources to - be ready after a Helm upgrade has been performed. - type: boolean - disableWaitForJobs: - description: DisableWaitForJobs disables waiting for jobs to complete - after a Helm upgrade has been performed. - type: boolean - force: - description: Force forces resource updates through a replacement - strategy. - type: boolean - preserveValues: - description: PreserveValues will make Helm reuse the last release's - values and merge in overrides from 'Values'. Setting this flag - makes the HelmRelease non-declarative. - type: boolean - remediation: - description: Remediation holds the remediation configuration for - when the Helm upgrade action for the HelmRelease fails. The - default is to not perform any action. - properties: - ignoreTestFailures: - description: IgnoreTestFailures tells the controller to skip - remediation when the Helm tests are run after an upgrade - action but fail. Defaults to 'Test.IgnoreFailures'. - type: boolean - remediateLastFailure: - description: RemediateLastFailure tells the controller to - remediate the last failure, when no retries remain. Defaults - to 'false' unless 'Retries' is greater than 0. - type: boolean - retries: - description: Retries is the number of retries that should - be attempted on failures before bailing. Remediation, using - 'Strategy', is performed between each attempt. Defaults - to '0', a negative integer equals to unlimited retries. - type: integer - strategy: - description: Strategy to use for failure remediation. Defaults - to 'rollback'. - enum: - - rollback - - uninstall - type: string + required: + - patch + type: object + type: array + patchesJson6902: + description: JSON 6902 patches, defined as inline YAML objects. + items: + description: JSON6902Patch contains a JSON6902 patch and the target the patch should be applied to. + properties: + patch: + description: Patch contains the JSON6902 patch document with an array of operation objects. + items: + description: JSON6902 is a JSON6902 operation object. https://datatracker.ietf.org/doc/html/rfc6902#section-4 + properties: + from: + description: From contains a JSON-pointer value that references a location within the target document where the operation is performed. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations. + type: string + op: + description: Op indicates the operation to perform. Its value MUST be one of "add", "remove", "replace", "move", "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4 + enum: + - test + - remove + - add + - replace + - move + - copy + type: string + path: + description: Path contains the JSON-pointer value that references a location within the target document where the operation is performed. The meaning of the value depends on the value of Op. + type: string + value: + description: Value contains a valid JSON structure. The meaning of the value depends on the value of Op, and is NOT taken into account by all operations. + x-kubernetes-preserve-unknown-fields: true + required: + - op + - path + type: object + type: array + target: + description: Target points to the resources that the patch document should be applied to. + properties: + annotationSelector: + description: AnnotationSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource annotations. + type: string + group: + description: Group is the API group to select resources from. Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: Kind of the API Group to select resources from. Together with Group and Version it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: LabelSelector is a string that follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: Version of the API Group to select resources from. Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + required: + - patch + - target + type: object + type: array + patchesStrategicMerge: + description: Strategic merge patches, defined as inline YAML objects. + items: + x-kubernetes-preserve-unknown-fields: true + type: array + type: object type: object - timeout: - description: Timeout is the time to wait for any individual Kubernetes - operation (like Jobs for hooks) during the performance of a - Helm upgrade action. Defaults to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - type: object - values: - description: Values holds the values for this Helm release. - x-kubernetes-preserve-unknown-fields: true - valuesFrom: - description: ValuesFrom holds references to resources containing Helm - values for this HelmRelease, and information about how they should - be merged. - items: - description: ValuesReference contains a reference to a resource - containing Helm values, and optionally the key they can be found - at. + type: array + releaseName: + description: ReleaseName used for the Helm release. Defaults to a composition of '[TargetNamespace-]Name'. + maxLength: 53 + minLength: 1 + type: string + rollback: + description: Rollback holds the configuration for Helm rollback actions for this HelmRelease. properties: - kind: - description: Kind of the values referent, valid values are ('Secret', - 'ConfigMap'). - enum: - - Secret - - ConfigMap + cleanupOnFail: + description: CleanupOnFail allows deletion of new resources created during the Helm rollback action when it fails. + type: boolean + disableHooks: + description: DisableHooks prevents hooks from running during the Helm rollback action. + type: boolean + disableWait: + description: DisableWait disables the waiting for resources to be ready after a Helm rollback has been performed. + type: boolean + disableWaitForJobs: + description: DisableWaitForJobs disables waiting for jobs to complete after a Helm rollback has been performed. + type: boolean + force: + description: Force forces resource updates through a replacement strategy. + type: boolean + recreate: + description: Recreate performs pod restarts for the resource if applicable. + type: boolean + timeout: + description: Timeout is the time to wait for any individual Kubernetes operation (like Jobs for hooks) during the performance of a Helm rollback action. Defaults to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string - name: - description: Name of the values referent. Should reside in the - same namespace as the referring resource. - maxLength: 253 - minLength: 1 - type: string - optional: - description: Optional marks this ValuesReference as optional. - When set, a not found error for the values reference is ignored, - but any ValuesKey, TargetPath or transient error will still - result in a reconciliation failure. + type: object + serviceAccountName: + description: The name of the Kubernetes service account to impersonate when reconciling this HelmRelease. + type: string + storageNamespace: + description: StorageNamespace used for the Helm storage. Defaults to the namespace of the HelmRelease. + maxLength: 63 + minLength: 1 + type: string + suspend: + description: Suspend tells the controller to suspend reconciliation for this HelmRelease, it does not apply to already started reconciliations. Defaults to false. + type: boolean + targetNamespace: + description: TargetNamespace to target when performing operations for the HelmRelease. Defaults to the namespace of the HelmRelease. + maxLength: 63 + minLength: 1 + type: string + test: + description: Test holds the configuration for Helm test actions for this HelmRelease. + properties: + enable: + description: Enable enables Helm test actions for this HelmRelease after an Helm install or upgrade action has been performed. + type: boolean + ignoreFailures: + description: IgnoreFailures tells the controller to skip remediation when the Helm tests are run but fail. Can be overwritten for tests run after install or upgrade actions in 'Install.IgnoreTestFailures' and 'Upgrade.IgnoreTestFailures'. type: boolean - targetPath: - description: TargetPath is the YAML dot notation path the value - should be merged at. When set, the ValuesKey is expected to - be a single flat value. Defaults to 'None', which results - in the values getting merged at the root. - maxLength: 250 - pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$ - type: string - valuesKey: - description: ValuesKey is the data key where the values.yaml - or a specific value can be found at. Defaults to 'values.yaml'. - When set, must be a valid Data Key, consisting of alphanumeric - characters, '-', '_' or '.'. - maxLength: 253 - pattern: ^[\-._a-zA-Z0-9]+$ + timeout: + description: Timeout is the time to wait for any individual Kubernetes operation during the performance of a Helm test action. Defaults to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string - required: - - kind - - name type: object - type: array - required: - - chart - - interval - type: object - status: - default: - observedGeneration: -1 - description: HelmReleaseStatus defines the observed state of a HelmRelease. - properties: - conditions: - description: Conditions holds the conditions for the HelmRelease. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + timeout: + description: Timeout is the time to wait for any individual Kubernetes operation (like Jobs for hooks) during the performance of a Helm action. Defaults to '5m0s'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + uninstall: + description: Uninstall holds the configuration for Helm uninstall actions for this HelmRelease. properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + deletionPropagation: + default: background + description: DeletionPropagation specifies the deletion propagation policy when a Helm uninstall is performed. + enum: + - background + - foreground + - orphan type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. + disableHooks: + description: DisableHooks prevents hooks from running during the Helm rollback action. + type: boolean + disableWait: + description: DisableWait disables waiting for all the resources to be deleted after a Helm uninstall is performed. + type: boolean + keepHistory: + description: KeepHistory tells Helm to remove all associated resources and mark the release as deleted, but retain the release history. + type: boolean + timeout: + description: Timeout is the time to wait for any individual Kubernetes operation (like Jobs for hooks) during the performance of a Helm uninstall action. Defaults to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + upgrade: + description: Upgrade holds the configuration for Helm upgrade actions for this HelmRelease. + properties: + cleanupOnFail: + description: CleanupOnFail allows deletion of new resources created during the Helm upgrade action when it fails. + type: boolean + crds: + description: "CRDs upgrade CRDs from the Helm Chart's crds directory according to the CRD upgrade policy provided here. Valid values are `Skip`, `Create` or `CreateReplace`. Default is `Skip` and if omitted CRDs are neither installed nor upgraded. \n Skip: do neither install nor replace (update) any CRDs. \n Create: new CRDs are created, existing CRDs are neither updated nor deleted. \n CreateReplace: new CRDs are created, existing CRDs are updated (replaced) but not deleted. \n By default, CRDs are not applied during Helm upgrade action. With this option users can opt-in to CRD upgrade, which is not (yet) natively supported by Helm. https://helm.sh/docs/chart_best_practices/custom_resource_definitions." enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + - Skip + - Create + - CreateReplace + type: string + disableHooks: + description: DisableHooks prevents hooks from running during the Helm upgrade action. + type: boolean + disableOpenAPIValidation: + description: DisableOpenAPIValidation prevents the Helm upgrade action from validating rendered templates against the Kubernetes OpenAPI Schema. + type: boolean + disableWait: + description: DisableWait disables the waiting for resources to be ready after a Helm upgrade has been performed. + type: boolean + disableWaitForJobs: + description: DisableWaitForJobs disables waiting for jobs to complete after a Helm upgrade has been performed. + type: boolean + force: + description: Force forces resource updates through a replacement strategy. + type: boolean + preserveValues: + description: PreserveValues will make Helm reuse the last release's values and merge in overrides from 'Values'. Setting this flag makes the HelmRelease non-declarative. + type: boolean + remediation: + description: Remediation holds the remediation configuration for when the Helm upgrade action for the HelmRelease fails. The default is to not perform any action. + properties: + ignoreTestFailures: + description: IgnoreTestFailures tells the controller to skip remediation when the Helm tests are run after an upgrade action but fail. Defaults to 'Test.IgnoreFailures'. + type: boolean + remediateLastFailure: + description: RemediateLastFailure tells the controller to remediate the last failure, when no retries remain. Defaults to 'false' unless 'Retries' is greater than 0. + type: boolean + retries: + description: Retries is the number of retries that should be attempted on failures before bailing. Remediation, using 'Strategy', is performed between each attempt. Defaults to '0', a negative integer equals to unlimited retries. + type: integer + strategy: + description: Strategy to use for failure remediation. Defaults to 'rollback'. + enum: + - rollback + - uninstall + type: string + type: object + timeout: + description: Timeout is the time to wait for any individual Kubernetes operation (like Jobs for hooks) during the performance of a Helm upgrade action. Defaults to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string - required: - - lastTransitionTime - - message - - reason - - status - - type type: object - type: array - failures: - description: Failures is the reconciliation failure count against - the latest desired state. It is reset after a successful reconciliation. - format: int64 - type: integer - helmChart: - description: HelmChart is the namespaced name of the HelmChart resource - created by the controller for the HelmRelease. - type: string - installFailures: - description: InstallFailures is the install failure count against - the latest desired state. It is reset after a successful reconciliation. - format: int64 - type: integer - lastAppliedRevision: - description: LastAppliedRevision is the revision of the last successfully - applied source. - type: string - lastAttemptedRevision: - description: LastAttemptedRevision is the revision of the last reconciliation - attempt. - type: string - lastAttemptedValuesChecksum: - description: LastAttemptedValuesChecksum is the SHA1 checksum of the - values of the last reconciliation attempt. - type: string - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - lastReleaseRevision: - description: LastReleaseRevision is the revision of the last successful - Helm release. - type: integer - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - upgradeFailures: - description: UpgradeFailures is the upgrade failure count against - the latest desired state. It is reset after a successful reconciliation. - format: int64 - type: integer - type: object - type: object - served: true - storage: true - subresources: - status: {} + values: + description: Values holds the values for this Helm release. + x-kubernetes-preserve-unknown-fields: true + valuesFrom: + description: ValuesFrom holds references to resources containing Helm values for this HelmRelease, and information about how they should be merged. + items: + description: ValuesReference contains a reference to a resource containing Helm values, and optionally the key they can be found at. + properties: + kind: + description: Kind of the values referent, valid values are ('Secret', 'ConfigMap'). + enum: + - Secret + - ConfigMap + type: string + name: + description: Name of the values referent. Should reside in the same namespace as the referring resource. + maxLength: 253 + minLength: 1 + type: string + optional: + description: Optional marks this ValuesReference as optional. When set, a not found error for the values reference is ignored, but any ValuesKey, TargetPath or transient error will still result in a reconciliation failure. + type: boolean + targetPath: + description: TargetPath is the YAML dot notation path the value should be merged at. When set, the ValuesKey is expected to be a single flat value. Defaults to 'None', which results in the values getting merged at the root. + maxLength: 250 + pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$ + type: string + valuesKey: + description: ValuesKey is the data key where the values.yaml or a specific value can be found at. Defaults to 'values.yaml'. When set, must be a valid Data Key, consisting of alphanumeric characters, '-', '_' or '.'. + maxLength: 253 + pattern: ^[\-._a-zA-Z0-9]+$ + type: string + required: + - kind + - name + type: object + type: array + required: + - chart + - interval + type: object + status: + default: + observedGeneration: -1 + description: HelmReleaseStatus defines the observed state of a HelmRelease. + properties: + conditions: + description: Conditions holds the conditions for the HelmRelease. + items: + description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + failures: + description: Failures is the reconciliation failure count against the latest desired state. It is reset after a successful reconciliation. + format: int64 + type: integer + helmChart: + description: HelmChart is the namespaced name of the HelmChart resource created by the controller for the HelmRelease. + type: string + installFailures: + description: InstallFailures is the install failure count against the latest desired state. It is reset after a successful reconciliation. + format: int64 + type: integer + lastAppliedRevision: + description: LastAppliedRevision is the revision of the last successfully applied source. + type: string + lastAttemptedRevision: + description: LastAttemptedRevision is the revision of the last reconciliation attempt. + type: string + lastAttemptedValuesChecksum: + description: LastAttemptedValuesChecksum is the SHA1 checksum of the values of the last reconciliation attempt. + type: string + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change of the annotation value can be detected. + type: string + lastReleaseRevision: + description: LastReleaseRevision is the revision of the last successful Helm release. + type: integer + observedGeneration: + description: ObservedGeneration is the last observed generation. + format: int64 + type: integer + upgradeFailures: + description: UpgradeFailures is the upgrade failure count against the latest desired state. It is reset after a successful reconciliation. + format: int64 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} --- # Source: flux2/templates/source-controller.crds.yaml apiVersion: apiextensions.k8s.io/v1 @@ -948,501 +674,388 @@ spec: singular: bucket scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.endpoint - name: Endpoint - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: Bucket is the Schema for the buckets API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: BucketSpec defines the desired state of an S3 compatible - bucket - properties: - accessFrom: - description: AccessFrom defines an Access Control List for allowing - cross-namespace references to this object. - properties: - namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors - to which this ACL applies. Items in this list are evaluated - using a logical OR operation. - items: - description: NamespaceSelector selects the namespaces to which - this ACL applies. An empty map of MatchLabels matches all - namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: MatchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is - "key", the operator is "In", and the values array contains - only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - bucketName: - description: The bucket name. - type: string - endpoint: - description: The bucket endpoint address. - type: string - ignore: - description: Ignore overrides the set of excluded patterns in the - .sourceignore format (which is the same as .gitignore). If not provided, - a default will be used, consult the documentation for your version - to find out what those are. - type: string - insecure: - description: Insecure allows connecting to a non-TLS S3 HTTP endpoint. - type: boolean - interval: - description: The interval at which to check for bucket updates. - type: string - provider: - default: generic - description: The S3 compatible storage provider name, default ('generic'). - enum: - - generic - - aws - - gcp - type: string - region: - description: The bucket region. - type: string - secretRef: - description: The name of the secret containing authentication credentials - for the Bucket. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: This flag tells the controller to suspend the reconciliation - of this source. - type: boolean - timeout: - default: 60s - description: The timeout for download operations, defaults to 60s. - type: string - required: - - bucketName - - endpoint - - interval - type: object - status: - default: - observedGeneration: -1 - description: BucketStatus defines the observed state of a bucket - properties: - artifact: - description: Artifact represents the output of the last successful - Bucket sync. - properties: - checksum: - description: Checksum is the SHA256 checksum of the artifact. - type: string - lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to - the last update of this artifact. - format: date-time - type: string - path: - description: Path is the relative file path of this artifact. - type: string - revision: - description: Revision is a human readable identifier traceable - in the origin source system. It can be a Git commit SHA, Git - tag, a Helm index timestamp, a Helm chart version, etc. - type: string - url: - description: URL is the HTTP address of this artifact. - type: string - required: - - path - - url - type: object - conditions: - description: Conditions holds the conditions for the Bucket. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + - additionalPrinterColumns: + - jsonPath: .spec.endpoint + name: Endpoint + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: Bucket is the Schema for the buckets API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: BucketSpec defines the desired state of an S3 compatible bucket + properties: + accessFrom: + description: AccessFrom defines an Access Control List for allowing cross-namespace references to this object. properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. + namespaceSelectors: + description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in this list are evaluated using a logical OR operation. + items: + description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels matches all namespaces in a cluster. + properties: + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + type: array + required: + - namespaceSelectors + type: object + bucketName: + description: The bucket name. + type: string + endpoint: + description: The bucket endpoint address. + type: string + ignore: + description: Ignore overrides the set of excluded patterns in the .sourceignore format (which is the same as .gitignore). If not provided, a default will be used, consult the documentation for your version to find out what those are. + type: string + insecure: + description: Insecure allows connecting to a non-TLS S3 HTTP endpoint. + type: boolean + interval: + description: The interval at which to check for bucket updates. + type: string + provider: + default: generic + description: The S3 compatible storage provider name, default ('generic'). + enum: + - generic + - aws + - gcp + type: string + region: + description: The bucket region. + type: string + secretRef: + description: The name of the secret containing authentication credentials for the Bucket. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + suspend: + description: This flag tells the controller to suspend the reconciliation of this source. + type: boolean + timeout: + default: 60s + description: The timeout for download operations, defaults to 60s. + type: string + required: + - bucketName + - endpoint + - interval + type: object + status: + default: + observedGeneration: -1 + description: BucketStatus defines the observed state of a bucket + properties: + artifact: + description: Artifact represents the output of the last successful Bucket sync. + properties: + checksum: + description: Checksum is the SHA256 checksum of the artifact. + type: string + lastUpdateTime: + description: LastUpdateTime is the timestamp corresponding to the last update of this artifact. format: date-time type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + path: + description: Path is the relative file path of this artifact. + type: string + revision: + description: Revision is a human readable identifier traceable in the origin source system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm chart version, etc. + type: string + url: + description: URL is the HTTP address of this artifact. type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - path + - url type: object - type: array - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - url: - description: URL is the download link for the artifact output of the - last Bucket sync. - type: string - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.endpoint - name: Endpoint - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v1beta2 - schema: - openAPIV3Schema: - description: Bucket is the Schema for the buckets API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: BucketSpec specifies the required configuration to produce - an Artifact for an object storage bucket. - properties: - accessFrom: - description: 'AccessFrom specifies an Access Control List for allowing - cross-namespace references to this object. NOTE: Not implemented, - provisional as of https://github.com/fluxcd/flux2/pull/2092' - properties: - namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors - to which this ACL applies. Items in this list are evaluated - using a logical OR operation. - items: - description: NamespaceSelector selects the namespaces to which - this ACL applies. An empty map of MatchLabels matches all - namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: MatchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is - "key", the operator is "In", and the values array contains - only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - bucketName: - description: BucketName is the name of the object storage bucket. - type: string - endpoint: - description: Endpoint is the object storage address the BucketName - is located at. - type: string - ignore: - description: Ignore overrides the set of excluded patterns in the - .sourceignore format (which is the same as .gitignore). If not provided, - a default will be used, consult the documentation for your version - to find out what those are. - type: string - insecure: - description: Insecure allows connecting to a non-TLS HTTP Endpoint. - type: boolean - interval: - description: Interval at which to check the Endpoint for updates. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - provider: - default: generic - description: Provider of the object storage bucket. Defaults to 'generic', - which expects an S3 (API) compatible object storage. - enum: - - generic - - aws - - gcp - - azure - type: string - region: - description: Region of the Endpoint where the BucketName is located - in. - type: string - secretRef: - description: SecretRef specifies the Secret containing authentication - credentials for the Bucket. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: Suspend tells the controller to suspend the reconciliation - of this Bucket. - type: boolean - timeout: - default: 60s - description: Timeout for fetch operations, defaults to 60s. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ - type: string - required: - - bucketName - - endpoint - - interval - type: object - status: - default: - observedGeneration: -1 - description: BucketStatus records the observed state of a Bucket. - properties: - artifact: - description: Artifact represents the last successful Bucket reconciliation. - properties: - digest: - description: Digest is the digest of the file in the form of ':'. - pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ - type: string - lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to - the last update of the Artifact. - format: date-time - type: string - metadata: - additionalProperties: - type: string - description: Metadata holds upstream information such as OCI annotations. + conditions: + description: Conditions holds the conditions for the Bucket. + items: + description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type type: object - path: - description: Path is the relative file path of the Artifact. It - can be used to locate the file in the root of the Artifact storage - on the local file system of the controller managing the Source. - type: string - revision: - description: Revision is a human-readable identifier traceable - in the origin source system. It can be a Git commit SHA, Git - tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: URL is the HTTP address of the Artifact as exposed - by the controller managing the Source. It can be used to retrieve - the Artifact for consumption, e.g. by another controller applying - the Artifact contents. - type: string - required: - - lastUpdateTime - - path - - revision - - url - type: object - conditions: - description: Conditions holds the conditions for the Bucket. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + type: array + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change of the annotation value can be detected. + type: string + observedGeneration: + description: ObservedGeneration is the last observed generation. + format: int64 + type: integer + url: + description: URL is the download link for the artifact output of the last Bucket sync. + type: string + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .spec.endpoint + name: Endpoint + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + name: v1beta2 + schema: + openAPIV3Schema: + description: Bucket is the Schema for the buckets API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: BucketSpec specifies the required configuration to produce an Artifact for an object storage bucket. + properties: + accessFrom: + description: 'AccessFrom specifies an Access Control List for allowing cross-namespace references to this object. NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092' properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. + namespaceSelectors: + description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in this list are evaluated using a logical OR operation. + items: + description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels matches all namespaces in a cluster. + properties: + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + type: array + required: + - namespaceSelectors + type: object + bucketName: + description: BucketName is the name of the object storage bucket. + type: string + endpoint: + description: Endpoint is the object storage address the BucketName is located at. + type: string + ignore: + description: Ignore overrides the set of excluded patterns in the .sourceignore format (which is the same as .gitignore). If not provided, a default will be used, consult the documentation for your version to find out what those are. + type: string + insecure: + description: Insecure allows connecting to a non-TLS HTTP Endpoint. + type: boolean + interval: + description: Interval at which to check the Endpoint for updates. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + provider: + default: generic + description: Provider of the object storage bucket. Defaults to 'generic', which expects an S3 (API) compatible object storage. + enum: + - generic + - aws + - gcp + - azure + type: string + region: + description: Region of the Endpoint where the BucketName is located in. + type: string + secretRef: + description: SecretRef specifies the Secret containing authentication credentials for the Bucket. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + suspend: + description: Suspend tells the controller to suspend the reconciliation of this Bucket. + type: boolean + timeout: + default: 60s + description: Timeout for fetch operations, defaults to 60s. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ + type: string + required: + - bucketName + - endpoint + - interval + type: object + status: + default: + observedGeneration: -1 + description: BucketStatus records the observed state of a Bucket. + properties: + artifact: + description: Artifact represents the last successful Bucket reconciliation. + properties: + digest: + description: Digest is the digest of the file in the form of ':'. + pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ + type: string + lastUpdateTime: + description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. format: date-time type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. + metadata: + additionalProperties: + type: string + description: Metadata holds upstream information such as OCI annotations. + type: object + path: + description: Path is the relative file path of the Artifact. It can be used to locate the file in the root of the Artifact storage on the local file system of the controller managing the Source. + type: string + revision: + description: Revision is a human-readable identifier traceable in the origin source system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. + type: string + size: + description: Size is the number of bytes in the file. format: int64 - minimum: 0 type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + url: + description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact contents. type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - lastUpdateTime + - path + - revision + - url type: object - type: array - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation of - the Bucket object. - format: int64 - type: integer - observedIgnore: - description: ObservedIgnore is the observed exclusion patterns used - for constructing the source artifact. - type: string - url: - description: URL is the dynamic fetch link for the latest Artifact. - It is provided on a "best effort" basis, and using the precise BucketStatus.Artifact - data is recommended. - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + conditions: + description: Conditions holds the conditions for the Bucket. + items: + description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change of the annotation value can be detected. + type: string + observedGeneration: + description: ObservedGeneration is the last observed generation of the Bucket object. + format: int64 + type: integer + observedIgnore: + description: ObservedIgnore is the observed exclusion patterns used for constructing the source artifact. + type: string + url: + description: URL is the dynamic fetch link for the latest Artifact. It is provided on a "best effort" basis, and using the precise BucketStatus.Artifact data is recommended. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} --- # Source: flux2/templates/source-controller.crds.yaml apiVersion: apiextensions.k8s.io/v1 @@ -1463,1167 +1076,892 @@ spec: listKind: GitRepositoryList plural: gitrepositories shortNames: - - gitrepo + - gitrepo singular: gitrepository scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.url - name: URL - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v1 - schema: - openAPIV3Schema: - description: GitRepository is the Schema for the gitrepositories API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: GitRepositorySpec specifies the required configuration to - produce an Artifact for a Git repository. - properties: - ignore: - description: Ignore overrides the set of excluded patterns in the - .sourceignore format (which is the same as .gitignore). If not provided, - a default will be used, consult the documentation for your version - to find out what those are. - type: string - include: - description: Include specifies a list of GitRepository resources which - Artifacts should be included in the Artifact produced for this GitRepository. - items: - description: GitRepositoryInclude specifies a local reference to - a GitRepository which Artifact (sub-)contents must be included, - and where they should be placed. - properties: - fromPath: - description: FromPath specifies the path to copy contents from, - defaults to the root of the Artifact. - type: string - repository: - description: GitRepositoryRef specifies the GitRepository which - Artifact contents must be included. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - toPath: - description: ToPath specifies the path to copy contents to, - defaults to the name of the GitRepositoryRef. - type: string - required: - - repository - type: object - type: array - interval: - description: Interval at which to check the GitRepository for updates. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - recurseSubmodules: - description: RecurseSubmodules enables the initialization of all submodules - within the GitRepository as cloned from the URL, using their default - settings. - type: boolean - ref: - description: Reference specifies the Git reference to resolve and - monitor for changes, defaults to the 'master' branch. - properties: - branch: - description: Branch to check out, defaults to 'master' if no other - field is defined. - type: string - commit: - description: "Commit SHA to check out, takes precedence over all - reference fields. \n This can be combined with Branch to shallow - clone the branch, in which the commit is expected to exist." - type: string - name: - description: "Name of the reference to check out; takes precedence - over Branch, Tag and SemVer. \n It must be a valid Git reference: - https://git-scm.com/docs/git-check-ref-format#_description Examples: - \"refs/heads/main\", \"refs/tags/v0.1.0\", \"refs/pull/420/head\", - \"refs/merge-requests/1/head\"" - type: string - semver: - description: SemVer tag expression to check out, takes precedence - over Tag. - type: string - tag: - description: Tag to check out, takes precedence over Branch. - type: string - type: object - secretRef: - description: SecretRef specifies the Secret containing authentication - credentials for the GitRepository. For HTTPS repositories the Secret - must contain 'username' and 'password' fields for basic auth or - 'bearerToken' field for token auth. For SSH repositories the Secret - must contain 'identity' and 'known_hosts' fields. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: Suspend tells the controller to suspend the reconciliation - of this GitRepository. - type: boolean - timeout: - default: 60s - description: Timeout for Git operations like cloning, defaults to - 60s. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ - type: string - url: - description: URL specifies the Git repository URL, it can be an HTTP/S - or SSH address. - pattern: ^(http|https|ssh)://.*$ - type: string - verify: - description: Verification specifies the configuration to verify the - Git commit signature(s). - properties: - mode: - description: Mode specifies what Git object should be verified, - currently ('head'). - enum: - - head - type: string - secretRef: - description: SecretRef specifies the Secret containing the public - keys of trusted Git authors. + - additionalPrinterColumns: + - jsonPath: .spec.url + name: URL + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + name: v1 + schema: + openAPIV3Schema: + description: GitRepository is the Schema for the gitrepositories API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: GitRepositorySpec specifies the required configuration to produce an Artifact for a Git repository. + properties: + ignore: + description: Ignore overrides the set of excluded patterns in the .sourceignore format (which is the same as .gitignore). If not provided, a default will be used, consult the documentation for your version to find out what those are. + type: string + include: + description: Include specifies a list of GitRepository resources which Artifacts should be included in the Artifact produced for this GitRepository. + items: + description: GitRepositoryInclude specifies a local reference to a GitRepository which Artifact (sub-)contents must be included, and where they should be placed. properties: - name: - description: Name of the referent. + fromPath: + description: FromPath specifies the path to copy contents from, defaults to the root of the Artifact. + type: string + repository: + description: GitRepositoryRef specifies the GitRepository which Artifact contents must be included. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + toPath: + description: ToPath specifies the path to copy contents to, defaults to the name of the GitRepositoryRef. type: string required: - - name + - repository type: object - required: - - mode - - secretRef - type: object - required: - - interval - - url - type: object - status: - default: - observedGeneration: -1 - description: GitRepositoryStatus records the observed state of a Git repository. - properties: - artifact: - description: Artifact represents the last successful GitRepository - reconciliation. - properties: - digest: - description: Digest is the digest of the file in the form of ':'. - pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ - type: string - lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to - the last update of the Artifact. - format: date-time - type: string - metadata: - additionalProperties: + type: array + interval: + description: Interval at which to check the GitRepository for updates. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + recurseSubmodules: + description: RecurseSubmodules enables the initialization of all submodules within the GitRepository as cloned from the URL, using their default settings. + type: boolean + ref: + description: Reference specifies the Git reference to resolve and monitor for changes, defaults to the 'master' branch. + properties: + branch: + description: Branch to check out, defaults to 'master' if no other field is defined. type: string - description: Metadata holds upstream information such as OCI annotations. - type: object - path: - description: Path is the relative file path of the Artifact. It - can be used to locate the file in the root of the Artifact storage - on the local file system of the controller managing the Source. - type: string - revision: - description: Revision is a human-readable identifier traceable - in the origin source system. It can be a Git commit SHA, Git - tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: URL is the HTTP address of the Artifact as exposed - by the controller managing the Source. It can be used to retrieve - the Artifact for consumption, e.g. by another controller applying - the Artifact contents. - type: string - required: - - lastUpdateTime - - path - - revision - - url - type: object - conditions: - description: Conditions holds the conditions for the GitRepository. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + commit: + description: "Commit SHA to check out, takes precedence over all reference fields. \n This can be combined with Branch to shallow clone the branch, in which the commit is expected to exist." + type: string + name: + description: "Name of the reference to check out; takes precedence over Branch, Tag and SemVer. \n It must be a valid Git reference: https://git-scm.com/docs/git-check-ref-format#_description Examples: \"refs/heads/main\", \"refs/tags/v0.1.0\", \"refs/pull/420/head\", \"refs/merge-requests/1/head\"" + type: string + semver: + description: SemVer tag expression to check out, takes precedence over Tag. + type: string + tag: + description: Tag to check out, takes precedence over Branch. + type: string + type: object + secretRef: + description: SecretRef specifies the Secret containing authentication credentials for the GitRepository. For HTTPS repositories the Secret must contain 'username' and 'password' fields for basic auth or 'bearerToken' field for token auth. For SSH repositories the Secret must contain 'identity' and 'known_hosts' fields. properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + name: + description: Name of the referent. type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. + required: + - name + type: object + suspend: + description: Suspend tells the controller to suspend the reconciliation of this GitRepository. + type: boolean + timeout: + default: 60s + description: Timeout for Git operations like cloning, defaults to 60s. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ + type: string + url: + description: URL specifies the Git repository URL, it can be an HTTP/S or SSH address. + pattern: ^(http|https|ssh)://.*$ + type: string + verify: + description: Verification specifies the configuration to verify the Git commit signature(s). + properties: + mode: + description: Mode specifies what Git object should be verified, currently ('head'). enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + - head type: string + secretRef: + description: SecretRef specifies the Secret containing the public keys of trusted Git authors. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object required: - - lastTransitionTime - - message - - reason - - status - - type + - mode + - secretRef type: object - type: array - includedArtifacts: - description: IncludedArtifacts contains a list of the last successfully - included Artifacts as instructed by GitRepositorySpec.Include. - items: - description: Artifact represents the output of a Source reconciliation. + required: + - interval + - url + type: object + status: + default: + observedGeneration: -1 + description: GitRepositoryStatus records the observed state of a Git repository. + properties: + artifact: + description: Artifact represents the last successful GitRepository reconciliation. properties: digest: - description: Digest is the digest of the file in the form of - ':'. + description: Digest is the digest of the file in the form of ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to - the last update of the Artifact. + description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. format: date-time type: string metadata: additionalProperties: type: string - description: Metadata holds upstream information such as OCI - annotations. + description: Metadata holds upstream information such as OCI annotations. type: object path: - description: Path is the relative file path of the Artifact. - It can be used to locate the file in the root of the Artifact - storage on the local file system of the controller managing - the Source. + description: Path is the relative file path of the Artifact. It can be used to locate the file in the root of the Artifact storage on the local file system of the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable - in the origin source system. It can be a Git commit SHA, Git - tag, a Helm chart version, etc. + description: Revision is a human-readable identifier traceable in the origin source system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed - by the controller managing the Source. It can be used to retrieve - the Artifact for consumption, e.g. by another controller applying - the Artifact contents. + description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact contents. type: string required: - - lastUpdateTime - - path - - revision - - url + - lastUpdateTime + - path + - revision + - url type: object - type: array - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation of - the GitRepository object. - format: int64 - type: integer - observedIgnore: - description: ObservedIgnore is the observed exclusion patterns used - for constructing the source artifact. - type: string - observedInclude: - description: ObservedInclude is the observed list of GitRepository - resources used to produce the current Artifact. - items: - description: GitRepositoryInclude specifies a local reference to - a GitRepository which Artifact (sub-)contents must be included, - and where they should be placed. - properties: - fromPath: - description: FromPath specifies the path to copy contents from, - defaults to the root of the Artifact. - type: string - repository: - description: GitRepositoryRef specifies the GitRepository which - Artifact contents must be included. - properties: - name: - description: Name of the referent. + conditions: + description: Conditions holds the conditions for the GitRepository. + items: + description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + includedArtifacts: + description: IncludedArtifacts contains a list of the last successfully included Artifacts as instructed by GitRepositorySpec.Include. + items: + description: Artifact represents the output of a Source reconciliation. + properties: + digest: + description: Digest is the digest of the file in the form of ':'. + pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ + type: string + lastUpdateTime: + description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + format: date-time + type: string + metadata: + additionalProperties: type: string - required: - - name - type: object - toPath: - description: ToPath specifies the path to copy contents to, - defaults to the name of the GitRepositoryRef. - type: string - required: - - repository - type: object - type: array - observedRecurseSubmodules: - description: ObservedRecurseSubmodules is the observed resource submodules - configuration used to produce the current Artifact. - type: boolean - type: object - type: object - served: true - storage: true - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.url - name: URL - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - deprecated: true - deprecationWarning: v1beta1 GitRepository is deprecated, upgrade to v1 - name: v1beta1 - schema: - openAPIV3Schema: - description: GitRepository is the Schema for the gitrepositories API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: GitRepositorySpec defines the desired state of a Git repository. - properties: - accessFrom: - description: AccessFrom defines an Access Control List for allowing - cross-namespace references to this object. - properties: - namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors - to which this ACL applies. Items in this list are evaluated - using a logical OR operation. - items: - description: NamespaceSelector selects the namespaces to which - this ACL applies. An empty map of MatchLabels matches all - namespaces in a cluster. - properties: - matchLabels: - additionalProperties: + description: Metadata holds upstream information such as OCI annotations. + type: object + path: + description: Path is the relative file path of the Artifact. It can be used to locate the file in the root of the Artifact storage on the local file system of the controller managing the Source. + type: string + revision: + description: Revision is a human-readable identifier traceable in the origin source system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. + type: string + size: + description: Size is the number of bytes in the file. + format: int64 + type: integer + url: + description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact contents. + type: string + required: + - lastUpdateTime + - path + - revision + - url + type: object + type: array + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change of the annotation value can be detected. + type: string + observedGeneration: + description: ObservedGeneration is the last observed generation of the GitRepository object. + format: int64 + type: integer + observedIgnore: + description: ObservedIgnore is the observed exclusion patterns used for constructing the source artifact. + type: string + observedInclude: + description: ObservedInclude is the observed list of GitRepository resources used to produce the current Artifact. + items: + description: GitRepositoryInclude specifies a local reference to a GitRepository which Artifact (sub-)contents must be included, and where they should be placed. + properties: + fromPath: + description: FromPath specifies the path to copy contents from, defaults to the root of the Artifact. + type: string + repository: + description: GitRepositoryRef specifies the GitRepository which Artifact contents must be included. + properties: + name: + description: Name of the referent. type: string - description: MatchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is - "key", the operator is "In", and the values array contains - only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - gitImplementation: - default: go-git - description: Determines which git client library to use. Defaults - to go-git, valid values are ('go-git', 'libgit2'). - enum: - - go-git - - libgit2 - type: string - ignore: - description: Ignore overrides the set of excluded patterns in the - .sourceignore format (which is the same as .gitignore). If not provided, - a default will be used, consult the documentation for your version - to find out what those are. - type: string - include: - description: Extra git repositories to map into the repository - items: - description: GitRepositoryInclude defines a source with a from and - to path. + required: + - name + type: object + toPath: + description: ToPath specifies the path to copy contents to, defaults to the name of the GitRepositoryRef. + type: string + required: + - repository + type: object + type: array + observedRecurseSubmodules: + description: ObservedRecurseSubmodules is the observed resource submodules configuration used to produce the current Artifact. + type: boolean + type: object + type: object + served: true + storage: true + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .spec.url + name: URL + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + deprecated: true + deprecationWarning: v1beta1 GitRepository is deprecated, upgrade to v1 + name: v1beta1 + schema: + openAPIV3Schema: + description: GitRepository is the Schema for the gitrepositories API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: GitRepositorySpec defines the desired state of a Git repository. + properties: + accessFrom: + description: AccessFrom defines an Access Control List for allowing cross-namespace references to this object. properties: - fromPath: - description: The path to copy contents from, defaults to the - root directory. - type: string - repository: - description: Reference to a GitRepository to include. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - toPath: - description: The path to copy contents to, defaults to the name - of the source ref. - type: string + namespaceSelectors: + description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in this list are evaluated using a logical OR operation. + items: + description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels matches all namespaces in a cluster. + properties: + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + type: array required: - - repository + - namespaceSelectors type: object - type: array - interval: - description: The interval at which to check for repository updates. - type: string - recurseSubmodules: - description: When enabled, after the clone is created, initializes - all submodules within, using their default settings. This option - is available only when using the 'go-git' GitImplementation. - type: boolean - ref: - description: The Git reference to checkout and monitor for changes, - defaults to master branch. - properties: - branch: - description: The Git branch to checkout, defaults to master. - type: string - commit: - description: The Git commit SHA to checkout, if specified Tag - filters will be ignored. - type: string - semver: - description: The Git tag semver expression, takes precedence over - Tag. - type: string - tag: - description: The Git tag to checkout, takes precedence over Branch. - type: string - type: object - secretRef: - description: The secret name containing the Git credentials. For HTTPS - repositories the secret must contain username and password fields. - For SSH repositories the secret must contain identity and known_hosts - fields. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: This flag tells the controller to suspend the reconciliation - of this source. - type: boolean - timeout: - default: 60s - description: The timeout for remote Git operations like cloning, defaults - to 60s. - type: string - url: - description: The repository URL, can be a HTTP/S or SSH address. - pattern: ^(http|https|ssh)://.*$ - type: string - verify: - description: Verify OpenPGP signature for the Git commit HEAD points - to. - properties: - mode: - description: Mode describes what git object should be verified, - currently ('head'). - enum: - - head - type: string - secretRef: - description: The secret name containing the public keys of all - trusted Git authors. + gitImplementation: + default: go-git + description: Determines which git client library to use. Defaults to go-git, valid values are ('go-git', 'libgit2'). + enum: + - go-git + - libgit2 + type: string + ignore: + description: Ignore overrides the set of excluded patterns in the .sourceignore format (which is the same as .gitignore). If not provided, a default will be used, consult the documentation for your version to find out what those are. + type: string + include: + description: Extra git repositories to map into the repository + items: + description: GitRepositoryInclude defines a source with a from and to path. properties: - name: - description: Name of the referent. + fromPath: + description: The path to copy contents from, defaults to the root directory. type: string - required: - - name - type: object - required: - - mode - type: object - required: - - interval - - url - type: object - status: - default: - observedGeneration: -1 - description: GitRepositoryStatus defines the observed state of a Git repository. - properties: - artifact: - description: Artifact represents the output of the last successful - repository sync. - properties: - checksum: - description: Checksum is the SHA256 checksum of the artifact. - type: string - lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to - the last update of this artifact. - format: date-time - type: string - path: - description: Path is the relative file path of this artifact. - type: string - revision: - description: Revision is a human readable identifier traceable - in the origin source system. It can be a Git commit SHA, Git - tag, a Helm index timestamp, a Helm chart version, etc. - type: string - url: - description: URL is the HTTP address of this artifact. - type: string - required: - - path - - url - type: object - conditions: - description: Conditions holds the conditions for the GitRepository. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + repository: + description: Reference to a GitRepository to include. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + toPath: + description: The path to copy contents to, defaults to the name of the source ref. + type: string + required: + - repository + type: object + type: array + interval: + description: The interval at which to check for repository updates. + type: string + recurseSubmodules: + description: When enabled, after the clone is created, initializes all submodules within, using their default settings. This option is available only when using the 'go-git' GitImplementation. + type: boolean + ref: + description: The Git reference to checkout and monitor for changes, defaults to master branch. properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + branch: + description: The Git branch to checkout, defaults to master. type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. + commit: + description: The Git commit SHA to checkout, if specified Tag filters will be ignored. + type: string + semver: + description: The Git tag semver expression, takes precedence over Tag. + type: string + tag: + description: The Git tag to checkout, takes precedence over Branch. + type: string + type: object + secretRef: + description: The secret name containing the Git credentials. For HTTPS repositories the secret must contain username and password fields. For SSH repositories the secret must contain identity and known_hosts fields. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + suspend: + description: This flag tells the controller to suspend the reconciliation of this source. + type: boolean + timeout: + default: 60s + description: The timeout for remote Git operations like cloning, defaults to 60s. + type: string + url: + description: The repository URL, can be a HTTP/S or SSH address. + pattern: ^(http|https|ssh)://.*$ + type: string + verify: + description: Verify OpenPGP signature for the Git commit HEAD points to. + properties: + mode: + description: Mode describes what git object should be verified, currently ('head'). enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + - head type: string + secretRef: + description: The secret name containing the public keys of all trusted Git authors. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object required: - - lastTransitionTime - - message - - reason - - status - - type + - mode type: object - type: array - includedArtifacts: - description: IncludedArtifacts represents the included artifacts from - the last successful repository sync. - items: - description: Artifact represents the output of a source synchronisation. + required: + - interval + - url + type: object + status: + default: + observedGeneration: -1 + description: GitRepositoryStatus defines the observed state of a Git repository. + properties: + artifact: + description: Artifact represents the output of the last successful repository sync. properties: checksum: description: Checksum is the SHA256 checksum of the artifact. type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to - the last update of this artifact. + description: LastUpdateTime is the timestamp corresponding to the last update of this artifact. format: date-time type: string path: description: Path is the relative file path of this artifact. type: string revision: - description: Revision is a human readable identifier traceable - in the origin source system. It can be a Git commit SHA, Git - tag, a Helm index timestamp, a Helm chart version, etc. + description: Revision is a human readable identifier traceable in the origin source system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm chart version, etc. type: string url: description: URL is the HTTP address of this artifact. type: string required: - - path - - url + - path + - url type: object - type: array - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - url: - description: URL is the download link for the artifact output of the - last repository sync. - type: string - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.url - name: URL - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - deprecated: true - deprecationWarning: v1beta2 GitRepository is deprecated, upgrade to v1 - name: v1beta2 - schema: - openAPIV3Schema: - description: GitRepository is the Schema for the gitrepositories API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: GitRepositorySpec specifies the required configuration to - produce an Artifact for a Git repository. - properties: - accessFrom: - description: 'AccessFrom specifies an Access Control List for allowing - cross-namespace references to this object. NOTE: Not implemented, - provisional as of https://github.com/fluxcd/flux2/pull/2092' - properties: - namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors - to which this ACL applies. Items in this list are evaluated - using a logical OR operation. - items: - description: NamespaceSelector selects the namespaces to which - this ACL applies. An empty map of MatchLabels matches all - namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: MatchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is - "key", the operator is "In", and the values array contains - only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - gitImplementation: - default: go-git - description: 'GitImplementation specifies which Git client library - implementation to use. Defaults to ''go-git'', valid values are - (''go-git'', ''libgit2''). Deprecated: gitImplementation is deprecated - now that ''go-git'' is the only supported implementation.' - enum: - - go-git - - libgit2 - type: string - ignore: - description: Ignore overrides the set of excluded patterns in the - .sourceignore format (which is the same as .gitignore). If not provided, - a default will be used, consult the documentation for your version - to find out what those are. - type: string - include: - description: Include specifies a list of GitRepository resources which - Artifacts should be included in the Artifact produced for this GitRepository. - items: - description: GitRepositoryInclude specifies a local reference to - a GitRepository which Artifact (sub-)contents must be included, - and where they should be placed. + conditions: + description: Conditions holds the conditions for the GitRepository. + items: + description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + includedArtifacts: + description: IncludedArtifacts represents the included artifacts from the last successful repository sync. + items: + description: Artifact represents the output of a source synchronisation. + properties: + checksum: + description: Checksum is the SHA256 checksum of the artifact. + type: string + lastUpdateTime: + description: LastUpdateTime is the timestamp corresponding to the last update of this artifact. + format: date-time + type: string + path: + description: Path is the relative file path of this artifact. + type: string + revision: + description: Revision is a human readable identifier traceable in the origin source system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm chart version, etc. + type: string + url: + description: URL is the HTTP address of this artifact. + type: string + required: + - path + - url + type: object + type: array + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change of the annotation value can be detected. + type: string + observedGeneration: + description: ObservedGeneration is the last observed generation. + format: int64 + type: integer + url: + description: URL is the download link for the artifact output of the last repository sync. + type: string + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .spec.url + name: URL + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + deprecated: true + deprecationWarning: v1beta2 GitRepository is deprecated, upgrade to v1 + name: v1beta2 + schema: + openAPIV3Schema: + description: GitRepository is the Schema for the gitrepositories API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: GitRepositorySpec specifies the required configuration to produce an Artifact for a Git repository. + properties: + accessFrom: + description: 'AccessFrom specifies an Access Control List for allowing cross-namespace references to this object. NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092' properties: - fromPath: - description: FromPath specifies the path to copy contents from, - defaults to the root of the Artifact. - type: string - repository: - description: GitRepositoryRef specifies the GitRepository which - Artifact contents must be included. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - toPath: - description: ToPath specifies the path to copy contents to, - defaults to the name of the GitRepositoryRef. - type: string + namespaceSelectors: + description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in this list are evaluated using a logical OR operation. + items: + description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels matches all namespaces in a cluster. + properties: + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + type: array required: - - repository + - namespaceSelectors type: object - type: array - interval: - description: Interval at which to check the GitRepository for updates. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - recurseSubmodules: - description: RecurseSubmodules enables the initialization of all submodules - within the GitRepository as cloned from the URL, using their default - settings. - type: boolean - ref: - description: Reference specifies the Git reference to resolve and - monitor for changes, defaults to the 'master' branch. - properties: - branch: - description: Branch to check out, defaults to 'master' if no other - field is defined. - type: string - commit: - description: "Commit SHA to check out, takes precedence over all - reference fields. \n This can be combined with Branch to shallow - clone the branch, in which the commit is expected to exist." - type: string - name: - description: "Name of the reference to check out; takes precedence - over Branch, Tag and SemVer. \n It must be a valid Git reference: - https://git-scm.com/docs/git-check-ref-format#_description Examples: - \"refs/heads/main\", \"refs/tags/v0.1.0\", \"refs/pull/420/head\", - \"refs/merge-requests/1/head\"" - type: string - semver: - description: SemVer tag expression to check out, takes precedence - over Tag. - type: string - tag: - description: Tag to check out, takes precedence over Branch. - type: string - type: object - secretRef: - description: SecretRef specifies the Secret containing authentication - credentials for the GitRepository. For HTTPS repositories the Secret - must contain 'username' and 'password' fields for basic auth or - 'bearerToken' field for token auth. For SSH repositories the Secret - must contain 'identity' and 'known_hosts' fields. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: Suspend tells the controller to suspend the reconciliation - of this GitRepository. - type: boolean - timeout: - default: 60s - description: Timeout for Git operations like cloning, defaults to - 60s. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ - type: string - url: - description: URL specifies the Git repository URL, it can be an HTTP/S - or SSH address. - pattern: ^(http|https|ssh)://.*$ - type: string - verify: - description: Verification specifies the configuration to verify the - Git commit signature(s). - properties: - mode: - description: Mode specifies what Git object should be verified, - currently ('head'). - enum: - - head - type: string - secretRef: - description: SecretRef specifies the Secret containing the public - keys of trusted Git authors. + gitImplementation: + default: go-git + description: 'GitImplementation specifies which Git client library implementation to use. Defaults to ''go-git'', valid values are (''go-git'', ''libgit2''). Deprecated: gitImplementation is deprecated now that ''go-git'' is the only supported implementation.' + enum: + - go-git + - libgit2 + type: string + ignore: + description: Ignore overrides the set of excluded patterns in the .sourceignore format (which is the same as .gitignore). If not provided, a default will be used, consult the documentation for your version to find out what those are. + type: string + include: + description: Include specifies a list of GitRepository resources which Artifacts should be included in the Artifact produced for this GitRepository. + items: + description: GitRepositoryInclude specifies a local reference to a GitRepository which Artifact (sub-)contents must be included, and where they should be placed. properties: - name: - description: Name of the referent. + fromPath: + description: FromPath specifies the path to copy contents from, defaults to the root of the Artifact. + type: string + repository: + description: GitRepositoryRef specifies the GitRepository which Artifact contents must be included. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + toPath: + description: ToPath specifies the path to copy contents to, defaults to the name of the GitRepositoryRef. type: string required: - - name + - repository type: object - required: - - mode - - secretRef - type: object - required: - - interval - - url - type: object - status: - default: - observedGeneration: -1 - description: GitRepositoryStatus records the observed state of a Git repository. - properties: - artifact: - description: Artifact represents the last successful GitRepository - reconciliation. - properties: - digest: - description: Digest is the digest of the file in the form of ':'. - pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ - type: string - lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to - the last update of the Artifact. - format: date-time - type: string - metadata: - additionalProperties: + type: array + interval: + description: Interval at which to check the GitRepository for updates. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + recurseSubmodules: + description: RecurseSubmodules enables the initialization of all submodules within the GitRepository as cloned from the URL, using their default settings. + type: boolean + ref: + description: Reference specifies the Git reference to resolve and monitor for changes, defaults to the 'master' branch. + properties: + branch: + description: Branch to check out, defaults to 'master' if no other field is defined. type: string - description: Metadata holds upstream information such as OCI annotations. - type: object - path: - description: Path is the relative file path of the Artifact. It - can be used to locate the file in the root of the Artifact storage - on the local file system of the controller managing the Source. - type: string - revision: - description: Revision is a human-readable identifier traceable - in the origin source system. It can be a Git commit SHA, Git - tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: URL is the HTTP address of the Artifact as exposed - by the controller managing the Source. It can be used to retrieve - the Artifact for consumption, e.g. by another controller applying - the Artifact contents. - type: string - required: - - lastUpdateTime - - path - - revision - - url - type: object - conditions: - description: Conditions holds the conditions for the GitRepository. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + commit: + description: "Commit SHA to check out, takes precedence over all reference fields. \n This can be combined with Branch to shallow clone the branch, in which the commit is expected to exist." + type: string + name: + description: "Name of the reference to check out; takes precedence over Branch, Tag and SemVer. \n It must be a valid Git reference: https://git-scm.com/docs/git-check-ref-format#_description Examples: \"refs/heads/main\", \"refs/tags/v0.1.0\", \"refs/pull/420/head\", \"refs/merge-requests/1/head\"" + type: string + semver: + description: SemVer tag expression to check out, takes precedence over Tag. + type: string + tag: + description: Tag to check out, takes precedence over Branch. + type: string + type: object + secretRef: + description: SecretRef specifies the Secret containing authentication credentials for the GitRepository. For HTTPS repositories the Secret must contain 'username' and 'password' fields for basic auth or 'bearerToken' field for token auth. For SSH repositories the Secret must contain 'identity' and 'known_hosts' fields. properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + name: + description: Name of the referent. type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. + required: + - name + type: object + suspend: + description: Suspend tells the controller to suspend the reconciliation of this GitRepository. + type: boolean + timeout: + default: 60s + description: Timeout for Git operations like cloning, defaults to 60s. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ + type: string + url: + description: URL specifies the Git repository URL, it can be an HTTP/S or SSH address. + pattern: ^(http|https|ssh)://.*$ + type: string + verify: + description: Verification specifies the configuration to verify the Git commit signature(s). + properties: + mode: + description: Mode specifies what Git object should be verified, currently ('head'). enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + - head type: string + secretRef: + description: SecretRef specifies the Secret containing the public keys of trusted Git authors. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object required: - - lastTransitionTime - - message - - reason - - status - - type + - mode + - secretRef type: object - type: array - contentConfigChecksum: - description: "ContentConfigChecksum is a checksum of all the configurations - related to the content of the source artifact: - .spec.ignore - - .spec.recurseSubmodules - .spec.included and the checksum of the - included artifacts observed in .status.observedGeneration version - of the object. This can be used to determine if the content of the - included repository has changed. It has the format of `:`, - for example: `sha256:`. \n Deprecated: Replaced with explicit - fields for observed artifact content config in the status." - type: string - includedArtifacts: - description: IncludedArtifacts contains a list of the last successfully - included Artifacts as instructed by GitRepositorySpec.Include. - items: - description: Artifact represents the output of a Source reconciliation. + required: + - interval + - url + type: object + status: + default: + observedGeneration: -1 + description: GitRepositoryStatus records the observed state of a Git repository. + properties: + artifact: + description: Artifact represents the last successful GitRepository reconciliation. properties: digest: - description: Digest is the digest of the file in the form of - ':'. + description: Digest is the digest of the file in the form of ':'. pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ type: string lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to - the last update of the Artifact. + description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. format: date-time type: string metadata: additionalProperties: type: string - description: Metadata holds upstream information such as OCI - annotations. + description: Metadata holds upstream information such as OCI annotations. type: object path: - description: Path is the relative file path of the Artifact. - It can be used to locate the file in the root of the Artifact - storage on the local file system of the controller managing - the Source. + description: Path is the relative file path of the Artifact. It can be used to locate the file in the root of the Artifact storage on the local file system of the controller managing the Source. type: string revision: - description: Revision is a human-readable identifier traceable - in the origin source system. It can be a Git commit SHA, Git - tag, a Helm chart version, etc. + description: Revision is a human-readable identifier traceable in the origin source system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. type: string size: description: Size is the number of bytes in the file. format: int64 type: integer url: - description: URL is the HTTP address of the Artifact as exposed - by the controller managing the Source. It can be used to retrieve - the Artifact for consumption, e.g. by another controller applying - the Artifact contents. + description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact contents. type: string required: - - lastUpdateTime - - path - - revision - - url + - lastUpdateTime + - path + - revision + - url type: object - type: array - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation of - the GitRepository object. - format: int64 - type: integer - observedIgnore: - description: ObservedIgnore is the observed exclusion patterns used - for constructing the source artifact. - type: string - observedInclude: - description: ObservedInclude is the observed list of GitRepository - resources used to to produce the current Artifact. - items: - description: GitRepositoryInclude specifies a local reference to - a GitRepository which Artifact (sub-)contents must be included, - and where they should be placed. - properties: - fromPath: - description: FromPath specifies the path to copy contents from, - defaults to the root of the Artifact. - type: string - repository: - description: GitRepositoryRef specifies the GitRepository which - Artifact contents must be included. - properties: - name: - description: Name of the referent. + conditions: + description: Conditions holds the conditions for the GitRepository. + items: + description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + contentConfigChecksum: + description: "ContentConfigChecksum is a checksum of all the configurations related to the content of the source artifact: - .spec.ignore - .spec.recurseSubmodules - .spec.included and the checksum of the included artifacts observed in .status.observedGeneration version of the object. This can be used to determine if the content of the included repository has changed. It has the format of `:`, for example: `sha256:`. \n Deprecated: Replaced with explicit fields for observed artifact content config in the status." + type: string + includedArtifacts: + description: IncludedArtifacts contains a list of the last successfully included Artifacts as instructed by GitRepositorySpec.Include. + items: + description: Artifact represents the output of a Source reconciliation. + properties: + digest: + description: Digest is the digest of the file in the form of ':'. + pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ + type: string + lastUpdateTime: + description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. + format: date-time + type: string + metadata: + additionalProperties: type: string - required: - - name - type: object - toPath: - description: ToPath specifies the path to copy contents to, - defaults to the name of the GitRepositoryRef. - type: string - required: - - repository - type: object - type: array - observedRecurseSubmodules: - description: ObservedRecurseSubmodules is the observed resource submodules - configuration used to produce the current Artifact. - type: boolean - url: - description: URL is the dynamic fetch link for the latest Artifact. - It is provided on a "best effort" basis, and using the precise GitRepositoryStatus.Artifact - data is recommended. - type: string - type: object - type: object - served: true - storage: false - subresources: - status: {} + description: Metadata holds upstream information such as OCI annotations. + type: object + path: + description: Path is the relative file path of the Artifact. It can be used to locate the file in the root of the Artifact storage on the local file system of the controller managing the Source. + type: string + revision: + description: Revision is a human-readable identifier traceable in the origin source system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. + type: string + size: + description: Size is the number of bytes in the file. + format: int64 + type: integer + url: + description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact contents. + type: string + required: + - lastUpdateTime + - path + - revision + - url + type: object + type: array + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change of the annotation value can be detected. + type: string + observedGeneration: + description: ObservedGeneration is the last observed generation of the GitRepository object. + format: int64 + type: integer + observedIgnore: + description: ObservedIgnore is the observed exclusion patterns used for constructing the source artifact. + type: string + observedInclude: + description: ObservedInclude is the observed list of GitRepository resources used to to produce the current Artifact. + items: + description: GitRepositoryInclude specifies a local reference to a GitRepository which Artifact (sub-)contents must be included, and where they should be placed. + properties: + fromPath: + description: FromPath specifies the path to copy contents from, defaults to the root of the Artifact. + type: string + repository: + description: GitRepositoryRef specifies the GitRepository which Artifact contents must be included. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + toPath: + description: ToPath specifies the path to copy contents to, defaults to the name of the GitRepositoryRef. + type: string + required: + - repository + type: object + type: array + observedRecurseSubmodules: + description: ObservedRecurseSubmodules is the observed resource submodules configuration used to produce the current Artifact. + type: boolean + url: + description: URL is the dynamic fetch link for the latest Artifact. It is provided on a "best effort" basis, and using the precise GitRepositoryStatus.Artifact data is recommended. + type: string + type: object + type: object + served: true + storage: false + subresources: + status: {} --- # Source: flux2/templates/source-controller.crds.yaml apiVersion: apiextensions.k8s.io/v1 @@ -2644,582 +1982,444 @@ spec: listKind: HelmChartList plural: helmcharts shortNames: - - hc + - hc singular: helmchart scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.chart - name: Chart - type: string - - jsonPath: .spec.version - name: Version - type: string - - jsonPath: .spec.sourceRef.kind - name: Source Kind - type: string - - jsonPath: .spec.sourceRef.name - name: Source Name - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: HelmChart is the Schema for the helmcharts API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: HelmChartSpec defines the desired state of a Helm chart. - properties: - accessFrom: - description: AccessFrom defines an Access Control List for allowing - cross-namespace references to this object. - properties: - namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors - to which this ACL applies. Items in this list are evaluated - using a logical OR operation. - items: - description: NamespaceSelector selects the namespaces to which - this ACL applies. An empty map of MatchLabels matches all - namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: MatchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is - "key", the operator is "In", and the values array contains - only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - chart: - description: The name or path the Helm chart is available at in the - SourceRef. - type: string - interval: - description: The interval at which to check the Source for updates. - type: string - reconcileStrategy: - default: ChartVersion - description: Determines what enables the creation of a new artifact. - Valid values are ('ChartVersion', 'Revision'). See the documentation - of the values for an explanation on their behavior. Defaults to - ChartVersion when omitted. - enum: - - ChartVersion - - Revision - type: string - sourceRef: - description: The reference to the Source the chart is available at. - properties: - apiVersion: - description: APIVersion of the referent. - type: string - kind: - description: Kind of the referent, valid values are ('HelmRepository', - 'GitRepository', 'Bucket'). - enum: - - HelmRepository - - GitRepository - - Bucket - type: string - name: - description: Name of the referent. - type: string - required: - - kind - - name - type: object - suspend: - description: This flag tells the controller to suspend the reconciliation - of this source. - type: boolean - valuesFile: - description: Alternative values file to use as the default chart values, - expected to be a relative path in the SourceRef. Deprecated in favor - of ValuesFiles, for backwards compatibility the file defined here - is merged before the ValuesFiles items. Ignored when omitted. - type: string - valuesFiles: - description: Alternative list of values files to use as the chart - values (values.yaml is not included by default), expected to be - a relative path in the SourceRef. Values files are merged in the - order of this list with the last file overriding the first. Ignored - when omitted. - items: - type: string - type: array - version: - default: '*' - description: The chart version semver expression, ignored for charts - from GitRepository and Bucket sources. Defaults to latest when omitted. - type: string - required: - - chart - - interval - - sourceRef - type: object - status: - default: - observedGeneration: -1 - description: HelmChartStatus defines the observed state of the HelmChart. - properties: - artifact: - description: Artifact represents the output of the last successful - chart sync. - properties: - checksum: - description: Checksum is the SHA256 checksum of the artifact. - type: string - lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to - the last update of this artifact. - format: date-time - type: string - path: - description: Path is the relative file path of this artifact. - type: string - revision: - description: Revision is a human readable identifier traceable - in the origin source system. It can be a Git commit SHA, Git - tag, a Helm index timestamp, a Helm chart version, etc. - type: string - url: - description: URL is the HTTP address of this artifact. - type: string - required: - - path - - url - type: object - conditions: - description: Conditions holds the conditions for the HelmChart. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + - additionalPrinterColumns: + - jsonPath: .spec.chart + name: Chart + type: string + - jsonPath: .spec.version + name: Version + type: string + - jsonPath: .spec.sourceRef.kind + name: Source Kind + type: string + - jsonPath: .spec.sourceRef.name + name: Source Name + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: HelmChart is the Schema for the helmcharts API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: HelmChartSpec defines the desired state of a Helm chart. + properties: + accessFrom: + description: AccessFrom defines an Access Control List for allowing cross-namespace references to this object. properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time + namespaceSelectors: + description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in this list are evaluated using a logical OR operation. + items: + description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels matches all namespaces in a cluster. + properties: + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + type: array + required: + - namespaceSelectors + type: object + chart: + description: The name or path the Helm chart is available at in the SourceRef. + type: string + interval: + description: The interval at which to check the Source for updates. + type: string + reconcileStrategy: + default: ChartVersion + description: Determines what enables the creation of a new artifact. Valid values are ('ChartVersion', 'Revision'). See the documentation of the values for an explanation on their behavior. Defaults to ChartVersion when omitted. + enum: + - ChartVersion + - Revision + type: string + sourceRef: + description: The reference to the Source the chart is available at. + properties: + apiVersion: + description: APIVersion of the referent. type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. + kind: + description: Kind of the referent, valid values are ('HelmRepository', 'GitRepository', 'Bucket'). enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + - HelmRepository + - GitRepository + - Bucket + type: string + name: + description: Name of the referent. type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - kind + - name type: object - type: array - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - url: - description: URL is the download link for the last chart pulled. - type: string - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.chart - name: Chart - type: string - - jsonPath: .spec.version - name: Version - type: string - - jsonPath: .spec.sourceRef.kind - name: Source Kind - type: string - - jsonPath: .spec.sourceRef.name - name: Source Name - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v1beta2 - schema: - openAPIV3Schema: - description: HelmChart is the Schema for the helmcharts API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: HelmChartSpec specifies the desired state of a Helm chart. - properties: - accessFrom: - description: 'AccessFrom specifies an Access Control List for allowing - cross-namespace references to this object. NOTE: Not implemented, - provisional as of https://github.com/fluxcd/flux2/pull/2092' - properties: - namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors - to which this ACL applies. Items in this list are evaluated - using a logical OR operation. - items: - description: NamespaceSelector selects the namespaces to which - this ACL applies. An empty map of MatchLabels matches all - namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: MatchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is - "key", the operator is "In", and the values array contains - only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - chart: - description: Chart is the name or path the Helm chart is available - at in the SourceRef. - type: string - interval: - description: Interval is the interval at which to check the Source - for updates. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - reconcileStrategy: - default: ChartVersion - description: ReconcileStrategy determines what enables the creation - of a new artifact. Valid values are ('ChartVersion', 'Revision'). - See the documentation of the values for an explanation on their - behavior. Defaults to ChartVersion when omitted. - enum: - - ChartVersion - - Revision - type: string - sourceRef: - description: SourceRef is the reference to the Source the chart is - available at. - properties: - apiVersion: - description: APIVersion of the referent. - type: string - kind: - description: Kind of the referent, valid values are ('HelmRepository', - 'GitRepository', 'Bucket'). - enum: - - HelmRepository - - GitRepository - - Bucket - type: string - name: - description: Name of the referent. - type: string - required: - - kind - - name - type: object - suspend: - description: Suspend tells the controller to suspend the reconciliation - of this source. - type: boolean - valuesFile: - description: ValuesFile is an alternative values file to use as the - default chart values, expected to be a relative path in the SourceRef. - Deprecated in favor of ValuesFiles, for backwards compatibility - the file specified here is merged before the ValuesFiles items. - Ignored when omitted. - type: string - valuesFiles: - description: ValuesFiles is an alternative list of values files to - use as the chart values (values.yaml is not included by default), - expected to be a relative path in the SourceRef. Values files are - merged in the order of this list with the last file overriding the - first. Ignored when omitted. - items: - type: string - type: array - verify: - description: Verify contains the secret name containing the trusted - public keys used to verify the signature and specifies which provider - to use to check whether OCI image is authentic. This field is only - supported when using HelmRepository source with spec.type 'oci'. - Chart dependencies, which are not bundled in the umbrella chart - artifact, are not verified. - properties: - provider: - default: cosign - description: Provider specifies the technology used to sign the - OCI Artifact. - enum: - - cosign - type: string - secretRef: - description: SecretRef specifies the Kubernetes Secret containing - the trusted public keys. + suspend: + description: This flag tells the controller to suspend the reconciliation of this source. + type: boolean + valuesFile: + description: Alternative values file to use as the default chart values, expected to be a relative path in the SourceRef. Deprecated in favor of ValuesFiles, for backwards compatibility the file defined here is merged before the ValuesFiles items. Ignored when omitted. + type: string + valuesFiles: + description: Alternative list of values files to use as the chart values (values.yaml is not included by default), expected to be a relative path in the SourceRef. Values files are merged in the order of this list with the last file overriding the first. Ignored when omitted. + items: + type: string + type: array + version: + default: '*' + description: The chart version semver expression, ignored for charts from GitRepository and Bucket sources. Defaults to latest when omitted. + type: string + required: + - chart + - interval + - sourceRef + type: object + status: + default: + observedGeneration: -1 + description: HelmChartStatus defines the observed state of the HelmChart. + properties: + artifact: + description: Artifact represents the output of the last successful chart sync. + properties: + checksum: + description: Checksum is the SHA256 checksum of the artifact. + type: string + lastUpdateTime: + description: LastUpdateTime is the timestamp corresponding to the last update of this artifact. + format: date-time + type: string + path: + description: Path is the relative file path of this artifact. + type: string + revision: + description: Revision is a human readable identifier traceable in the origin source system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm chart version, etc. + type: string + url: + description: URL is the HTTP address of this artifact. + type: string + required: + - path + - url + type: object + conditions: + description: Conditions holds the conditions for the HelmChart. + items: + description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: - name: - description: Name of the referent. + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - - name + - lastTransitionTime + - message + - reason + - status + - type type: object - required: - - provider - type: object - version: - default: '*' - description: Version is the chart version semver expression, ignored - for charts from GitRepository and Bucket sources. Defaults to latest - when omitted. - type: string - required: - - chart - - interval - - sourceRef - type: object - status: - default: - observedGeneration: -1 - description: HelmChartStatus records the observed state of the HelmChart. - properties: - artifact: - description: Artifact represents the output of the last successful - reconciliation. - properties: - digest: - description: Digest is the digest of the file in the form of ':'. - pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ - type: string - lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to - the last update of the Artifact. - format: date-time + type: array + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change of the annotation value can be detected. + type: string + observedGeneration: + description: ObservedGeneration is the last observed generation. + format: int64 + type: integer + url: + description: URL is the download link for the last chart pulled. + type: string + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .spec.chart + name: Chart + type: string + - jsonPath: .spec.version + name: Version + type: string + - jsonPath: .spec.sourceRef.kind + name: Source Kind + type: string + - jsonPath: .spec.sourceRef.name + name: Source Name + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + name: v1beta2 + schema: + openAPIV3Schema: + description: HelmChart is the Schema for the helmcharts API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: HelmChartSpec specifies the desired state of a Helm chart. + properties: + accessFrom: + description: 'AccessFrom specifies an Access Control List for allowing cross-namespace references to this object. NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092' + properties: + namespaceSelectors: + description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in this list are evaluated using a logical OR operation. + items: + description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels matches all namespaces in a cluster. + properties: + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + type: array + required: + - namespaceSelectors + type: object + chart: + description: Chart is the name or path the Helm chart is available at in the SourceRef. + type: string + interval: + description: Interval is the interval at which to check the Source for updates. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + reconcileStrategy: + default: ChartVersion + description: ReconcileStrategy determines what enables the creation of a new artifact. Valid values are ('ChartVersion', 'Revision'). See the documentation of the values for an explanation on their behavior. Defaults to ChartVersion when omitted. + enum: + - ChartVersion + - Revision + type: string + sourceRef: + description: SourceRef is the reference to the Source the chart is available at. + properties: + apiVersion: + description: APIVersion of the referent. + type: string + kind: + description: Kind of the referent, valid values are ('HelmRepository', 'GitRepository', 'Bucket'). + enum: + - HelmRepository + - GitRepository + - Bucket + type: string + name: + description: Name of the referent. + type: string + required: + - kind + - name + type: object + suspend: + description: Suspend tells the controller to suspend the reconciliation of this source. + type: boolean + valuesFile: + description: ValuesFile is an alternative values file to use as the default chart values, expected to be a relative path in the SourceRef. Deprecated in favor of ValuesFiles, for backwards compatibility the file specified here is merged before the ValuesFiles items. Ignored when omitted. + type: string + valuesFiles: + description: ValuesFiles is an alternative list of values files to use as the chart values (values.yaml is not included by default), expected to be a relative path in the SourceRef. Values files are merged in the order of this list with the last file overriding the first. Ignored when omitted. + items: type: string - metadata: - additionalProperties: + type: array + verify: + description: Verify contains the secret name containing the trusted public keys used to verify the signature and specifies which provider to use to check whether OCI image is authentic. This field is only supported when using HelmRepository source with spec.type 'oci'. Chart dependencies, which are not bundled in the umbrella chart artifact, are not verified. + properties: + provider: + default: cosign + description: Provider specifies the technology used to sign the OCI Artifact. + enum: + - cosign type: string - description: Metadata holds upstream information such as OCI annotations. - type: object - path: - description: Path is the relative file path of the Artifact. It - can be used to locate the file in the root of the Artifact storage - on the local file system of the controller managing the Source. - type: string - revision: - description: Revision is a human-readable identifier traceable - in the origin source system. It can be a Git commit SHA, Git - tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: URL is the HTTP address of the Artifact as exposed - by the controller managing the Source. It can be used to retrieve - the Artifact for consumption, e.g. by another controller applying - the Artifact contents. - type: string - required: - - lastUpdateTime - - path - - revision - - url - type: object - conditions: - description: Conditions holds the conditions for the HelmChart. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + secretRef: + description: SecretRef specifies the Kubernetes Secret containing the trusted public keys. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + required: + - provider + type: object + version: + default: '*' + description: Version is the chart version semver expression, ignored for charts from GitRepository and Bucket sources. Defaults to latest when omitted. + type: string + required: + - chart + - interval + - sourceRef + type: object + status: + default: + observedGeneration: -1 + description: HelmChartStatus records the observed state of the HelmChart. + properties: + artifact: + description: Artifact represents the output of the last successful reconciliation. properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. + digest: + description: Digest is the digest of the file in the form of ':'. + pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ + type: string + lastUpdateTime: + description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. format: date-time type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. + metadata: + additionalProperties: + type: string + description: Metadata holds upstream information such as OCI annotations. + type: object + path: + description: Path is the relative file path of the Artifact. It can be used to locate the file in the root of the Artifact storage on the local file system of the controller managing the Source. + type: string + revision: + description: Revision is a human-readable identifier traceable in the origin source system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. + type: string + size: + description: Size is the number of bytes in the file. format: int64 - minimum: 0 type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + url: + description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact contents. type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - lastUpdateTime + - path + - revision + - url type: object - type: array - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - observedChartName: - description: ObservedChartName is the last observed chart name as - specified by the resolved chart reference. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation of - the HelmChart object. - format: int64 - type: integer - observedSourceArtifactRevision: - description: ObservedSourceArtifactRevision is the last observed Artifact.Revision - of the HelmChartSpec.SourceRef. - type: string - url: - description: URL is the dynamic fetch link for the latest Artifact. - It is provided on a "best effort" basis, and using the precise BucketStatus.Artifact - data is recommended. - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + conditions: + description: Conditions holds the conditions for the HelmChart. + items: + description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change of the annotation value can be detected. + type: string + observedChartName: + description: ObservedChartName is the last observed chart name as specified by the resolved chart reference. + type: string + observedGeneration: + description: ObservedGeneration is the last observed generation of the HelmChart object. + format: int64 + type: integer + observedSourceArtifactRevision: + description: ObservedSourceArtifactRevision is the last observed Artifact.Revision of the HelmChartSpec.SourceRef. + type: string + url: + description: URL is the dynamic fetch link for the latest Artifact. It is provided on a "best effort" basis, and using the precise BucketStatus.Artifact data is recommended. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} --- # Source: flux2/templates/source-controller.crds.yaml apiVersion: apiextensions.k8s.io/v1 @@ -3240,491 +2440,367 @@ spec: listKind: HelmRepositoryList plural: helmrepositories shortNames: - - helmrepo + - helmrepo singular: helmrepository scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.url - name: URL - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: HelmRepository is the Schema for the helmrepositories API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: HelmRepositorySpec defines the reference to a Helm repository. - properties: - accessFrom: - description: AccessFrom defines an Access Control List for allowing - cross-namespace references to this object. - properties: - namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors - to which this ACL applies. Items in this list are evaluated - using a logical OR operation. - items: - description: NamespaceSelector selects the namespaces to which - this ACL applies. An empty map of MatchLabels matches all - namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: MatchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is - "key", the operator is "In", and the values array contains - only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - interval: - description: The interval at which to check the upstream for updates. - type: string - passCredentials: - description: PassCredentials allows the credentials from the SecretRef - to be passed on to a host that does not match the host as defined - in URL. This may be required if the host of the advertised chart - URLs in the index differ from the defined URL. Enabling this should - be done with caution, as it can potentially result in credentials - getting stolen in a MITM-attack. - type: boolean - secretRef: - description: The name of the secret containing authentication credentials - for the Helm repository. For HTTP/S basic auth the secret must contain - username and password fields. For TLS the secret must contain a - certFile and keyFile, and/or caFile fields. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: This flag tells the controller to suspend the reconciliation - of this source. - type: boolean - timeout: - default: 60s - description: The timeout of index downloading, defaults to 60s. - type: string - url: - description: The Helm repository URL, a valid URL contains at least - a protocol and host. - type: string - required: - - interval - - url - type: object - status: - default: - observedGeneration: -1 - description: HelmRepositoryStatus defines the observed state of the HelmRepository. - properties: - artifact: - description: Artifact represents the output of the last successful - repository sync. - properties: - checksum: - description: Checksum is the SHA256 checksum of the artifact. - type: string - lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to - the last update of this artifact. - format: date-time - type: string - path: - description: Path is the relative file path of this artifact. - type: string - revision: - description: Revision is a human readable identifier traceable - in the origin source system. It can be a Git commit SHA, Git - tag, a Helm index timestamp, a Helm chart version, etc. - type: string - url: - description: URL is the HTTP address of this artifact. - type: string - required: - - path + - additionalPrinterColumns: + - jsonPath: .spec.url + name: URL + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: HelmRepository is the Schema for the helmrepositories API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: HelmRepositorySpec defines the reference to a Helm repository. + properties: + accessFrom: + description: AccessFrom defines an Access Control List for allowing cross-namespace references to this object. + properties: + namespaceSelectors: + description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in this list are evaluated using a logical OR operation. + items: + description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels matches all namespaces in a cluster. + properties: + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + type: array + required: + - namespaceSelectors + type: object + interval: + description: The interval at which to check the upstream for updates. + type: string + passCredentials: + description: PassCredentials allows the credentials from the SecretRef to be passed on to a host that does not match the host as defined in URL. This may be required if the host of the advertised chart URLs in the index differ from the defined URL. Enabling this should be done with caution, as it can potentially result in credentials getting stolen in a MITM-attack. + type: boolean + secretRef: + description: The name of the secret containing authentication credentials for the Helm repository. For HTTP/S basic auth the secret must contain username and password fields. For TLS the secret must contain a certFile and keyFile, and/or caFile fields. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + suspend: + description: This flag tells the controller to suspend the reconciliation of this source. + type: boolean + timeout: + default: 60s + description: The timeout of index downloading, defaults to 60s. + type: string + url: + description: The Helm repository URL, a valid URL contains at least a protocol and host. + type: string + required: + - interval - url - type: object - conditions: - description: Conditions holds the conditions for the HelmRepository. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + type: object + status: + default: + observedGeneration: -1 + description: HelmRepositoryStatus defines the observed state of the HelmRepository. + properties: + artifact: + description: Artifact represents the output of the last successful repository sync. properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. + checksum: + description: Checksum is the SHA256 checksum of the artifact. + type: string + lastUpdateTime: + description: LastUpdateTime is the timestamp corresponding to the last update of this artifact. format: date-time type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + path: + description: Path is the relative file path of this artifact. + type: string + revision: + description: Revision is a human readable identifier traceable in the origin source system. It can be a Git commit SHA, Git tag, a Helm index timestamp, a Helm chart version, etc. + type: string + url: + description: URL is the HTTP address of this artifact. type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - path + - url type: object - type: array - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - url: - description: URL is the download link for the last index fetched. - type: string - type: object - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.url - name: URL - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v1beta2 - schema: - openAPIV3Schema: - description: HelmRepository is the Schema for the helmrepositories API. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: HelmRepositorySpec specifies the required configuration to - produce an Artifact for a Helm repository index YAML. - properties: - accessFrom: - description: 'AccessFrom specifies an Access Control List for allowing - cross-namespace references to this object. NOTE: Not implemented, - provisional as of https://github.com/fluxcd/flux2/pull/2092' - properties: - namespaceSelectors: - description: NamespaceSelectors is the list of namespace selectors - to which this ACL applies. Items in this list are evaluated - using a logical OR operation. - items: - description: NamespaceSelector selects the namespaces to which - this ACL applies. An empty map of MatchLabels matches all - namespaces in a cluster. - properties: - matchLabels: - additionalProperties: - type: string - description: MatchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is - "key", the operator is "In", and the values array contains - only "value". The requirements are ANDed. - type: object - type: object - type: array - required: - - namespaceSelectors - type: object - interval: - description: Interval at which to check the URL for updates. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - passCredentials: - description: PassCredentials allows the credentials from the SecretRef - to be passed on to a host that does not match the host as defined - in URL. This may be required if the host of the advertised chart - URLs in the index differ from the defined URL. Enabling this should - be done with caution, as it can potentially result in credentials - getting stolen in a MITM-attack. - type: boolean - provider: - default: generic - description: Provider used for authentication, can be 'aws', 'azure', - 'gcp' or 'generic'. This field is optional, and only taken into - account if the .spec.type field is set to 'oci'. When not specified, - defaults to 'generic'. - enum: - - generic - - aws - - azure - - gcp - type: string - secretRef: - description: SecretRef specifies the Secret containing authentication - credentials for the HelmRepository. For HTTP/S basic auth the secret - must contain 'username' and 'password' fields. For TLS the secret - must contain a 'certFile' and 'keyFile', and/or 'caFile' fields. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - suspend: - description: Suspend tells the controller to suspend the reconciliation - of this HelmRepository. - type: boolean - timeout: - default: 60s - description: Timeout is used for the index fetch operation for an - HTTPS helm repository, and for remote OCI Repository operations - like pulling for an OCI helm repository. Its default value is 60s. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ - type: string - type: - description: Type of the HelmRepository. When this field is set to "oci", - the URL field value must be prefixed with "oci://". - enum: - - default - - oci - type: string - url: - description: URL of the Helm repository, a valid URL contains at least - a protocol and host. - type: string - required: - - interval - - url - type: object - status: - default: - observedGeneration: -1 - description: HelmRepositoryStatus records the observed state of the HelmRepository. - properties: - artifact: - description: Artifact represents the last successful HelmRepository - reconciliation. - properties: - digest: - description: Digest is the digest of the file in the form of ':'. - pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ - type: string - lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to - the last update of the Artifact. - format: date-time - type: string - metadata: - additionalProperties: - type: string - description: Metadata holds upstream information such as OCI annotations. + conditions: + description: Conditions holds the conditions for the HelmRepository. + items: + description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type type: object - path: - description: Path is the relative file path of the Artifact. It - can be used to locate the file in the root of the Artifact storage - on the local file system of the controller managing the Source. - type: string - revision: - description: Revision is a human-readable identifier traceable - in the origin source system. It can be a Git commit SHA, Git - tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: URL is the HTTP address of the Artifact as exposed - by the controller managing the Source. It can be used to retrieve - the Artifact for consumption, e.g. by another controller applying - the Artifact contents. - type: string - required: - - lastUpdateTime - - path - - revision + type: array + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change of the annotation value can be detected. + type: string + observedGeneration: + description: ObservedGeneration is the last observed generation. + format: int64 + type: integer + url: + description: URL is the download link for the last index fetched. + type: string + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .spec.url + name: URL + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + name: v1beta2 + schema: + openAPIV3Schema: + description: HelmRepository is the Schema for the helmrepositories API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: HelmRepositorySpec specifies the required configuration to produce an Artifact for a Helm repository index YAML. + properties: + accessFrom: + description: 'AccessFrom specifies an Access Control List for allowing cross-namespace references to this object. NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092' + properties: + namespaceSelectors: + description: NamespaceSelectors is the list of namespace selectors to which this ACL applies. Items in this list are evaluated using a logical OR operation. + items: + description: NamespaceSelector selects the namespaces to which this ACL applies. An empty map of MatchLabels matches all namespaces in a cluster. + properties: + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + type: array + required: + - namespaceSelectors + type: object + interval: + description: Interval at which to check the URL for updates. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + passCredentials: + description: PassCredentials allows the credentials from the SecretRef to be passed on to a host that does not match the host as defined in URL. This may be required if the host of the advertised chart URLs in the index differ from the defined URL. Enabling this should be done with caution, as it can potentially result in credentials getting stolen in a MITM-attack. + type: boolean + provider: + default: generic + description: Provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'. This field is optional, and only taken into account if the .spec.type field is set to 'oci'. When not specified, defaults to 'generic'. + enum: + - generic + - aws + - azure + - gcp + type: string + secretRef: + description: SecretRef specifies the Secret containing authentication credentials for the HelmRepository. For HTTP/S basic auth the secret must contain 'username' and 'password' fields. For TLS the secret must contain a 'certFile' and 'keyFile', and/or 'caFile' fields. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + suspend: + description: Suspend tells the controller to suspend the reconciliation of this HelmRepository. + type: boolean + timeout: + default: 60s + description: Timeout is used for the index fetch operation for an HTTPS helm repository, and for remote OCI Repository operations like pulling for an OCI helm repository. Its default value is 60s. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ + type: string + type: + description: Type of the HelmRepository. When this field is set to "oci", the URL field value must be prefixed with "oci://". + enum: + - default + - oci + type: string + url: + description: URL of the Helm repository, a valid URL contains at least a protocol and host. + type: string + required: + - interval - url - type: object - conditions: - description: Conditions holds the conditions for the HelmRepository. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + type: object + status: + default: + observedGeneration: -1 + description: HelmRepositoryStatus records the observed state of the HelmRepository. + properties: + artifact: + description: Artifact represents the last successful HelmRepository reconciliation. properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. + digest: + description: Digest is the digest of the file in the form of ':'. + pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ + type: string + lastUpdateTime: + description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. format: date-time type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. + metadata: + additionalProperties: + type: string + description: Metadata holds upstream information such as OCI annotations. + type: object + path: + description: Path is the relative file path of the Artifact. It can be used to locate the file in the root of the Artifact storage on the local file system of the controller managing the Source. + type: string + revision: + description: Revision is a human-readable identifier traceable in the origin source system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. + type: string + size: + description: Size is the number of bytes in the file. format: int64 - minimum: 0 type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + url: + description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact contents. type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - lastUpdateTime + - path + - revision + - url type: object - type: array - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation of - the HelmRepository object. - format: int64 - type: integer - url: - description: URL is the dynamic fetch link for the latest Artifact. - It is provided on a "best effort" basis, and using the precise HelmRepositoryStatus.Artifact - data is recommended. - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + conditions: + description: Conditions holds the conditions for the HelmRepository. + items: + description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change of the annotation value can be detected. + type: string + observedGeneration: + description: ObservedGeneration is the last observed generation of the HelmRepository object. + format: int64 + type: integer + url: + description: URL is the dynamic fetch link for the latest Artifact. It is provided on a "best effort" basis, and using the precise HelmRepositoryStatus.Artifact data is recommended. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} --- # Source: flux2/templates/source-controller.crds.yaml apiVersion: apiextensions.k8s.io/v1 @@ -3745,346 +2821,259 @@ spec: listKind: OCIRepositoryList plural: ocirepositories shortNames: - - ocirepo + - ocirepo singular: ocirepository scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .spec.url - name: URL - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta2 - schema: - openAPIV3Schema: - description: OCIRepository is the Schema for the ocirepositories API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: OCIRepositorySpec defines the desired state of OCIRepository - properties: - certSecretRef: - description: "CertSecretRef can be given the name of a secret containing - either or both of \n - a PEM-encoded client certificate (`certFile`) - and private key (`keyFile`); - a PEM-encoded CA certificate (`caFile`) - \n and whichever are supplied, will be used for connecting to the - registry. The client cert and key are useful if you are authenticating - with a certificate; the CA cert is useful if you are using a self-signed - server certificate." - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - ignore: - description: Ignore overrides the set of excluded patterns in the - .sourceignore format (which is the same as .gitignore). If not provided, - a default will be used, consult the documentation for your version - to find out what those are. - type: string - insecure: - description: Insecure allows connecting to a non-TLS HTTP container - registry. - type: boolean - interval: - description: The interval at which to check for image updates. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ - type: string - layerSelector: - description: LayerSelector specifies which layer should be extracted - from the OCI artifact. When not specified, the first layer found - in the artifact is selected. - properties: - mediaType: - description: MediaType specifies the OCI media type of the layer - which should be extracted from the OCI Artifact. The first layer - matching this type is selected. - type: string - operation: - description: Operation specifies how the selected layer should - be processed. By default, the layer compressed content is extracted - to storage. When the operation is set to 'copy', the layer compressed - content is persisted to storage as it is. - enum: - - extract - - copy - type: string - type: object - provider: - default: generic - description: The provider used for authentication, can be 'aws', 'azure', - 'gcp' or 'generic'. When not specified, defaults to 'generic'. - enum: - - generic - - aws - - azure - - gcp - type: string - ref: - description: The OCI reference to pull and monitor for changes, defaults - to the latest tag. - properties: - digest: - description: Digest is the image digest to pull, takes precedence - over SemVer. The value should be in the format 'sha256:'. - type: string - semver: - description: SemVer is the range of tags to pull selecting the - latest within the range, takes precedence over Tag. - type: string - tag: - description: Tag is the image tag to pull, defaults to latest. - type: string - type: object - secretRef: - description: SecretRef contains the secret name containing the registry - login credentials to resolve image metadata. The secret must be - of type kubernetes.io/dockerconfigjson. - properties: - name: - description: Name of the referent. - type: string - required: - - name - type: object - serviceAccountName: - description: 'ServiceAccountName is the name of the Kubernetes ServiceAccount - used to authenticate the image pull if the service account has attached - pull secrets. For more information: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account' - type: string - suspend: - description: This flag tells the controller to suspend the reconciliation - of this source. - type: boolean - timeout: - default: 60s - description: The timeout for remote OCI Repository operations like - pulling, defaults to 60s. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ - type: string - url: - description: URL is a reference to an OCI artifact repository hosted - on a remote container registry. - pattern: ^oci://.*$ - type: string - verify: - description: Verify contains the secret name containing the trusted - public keys used to verify the signature and specifies which provider - to use to check whether OCI image is authentic. - properties: - provider: - default: cosign - description: Provider specifies the technology used to sign the - OCI Artifact. - enum: - - cosign - type: string - secretRef: - description: SecretRef specifies the Kubernetes Secret containing - the trusted public keys. - properties: - name: - description: Name of the referent. - type: string - required: + - additionalPrinterColumns: + - jsonPath: .spec.url + name: URL + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta2 + schema: + openAPIV3Schema: + description: OCIRepository is the Schema for the ocirepositories API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: OCIRepositorySpec defines the desired state of OCIRepository + properties: + certSecretRef: + description: "CertSecretRef can be given the name of a secret containing either or both of \n - a PEM-encoded client certificate (`certFile`) and private key (`keyFile`); - a PEM-encoded CA certificate (`caFile`) \n and whichever are supplied, will be used for connecting to the registry. The client cert and key are useful if you are authenticating with a certificate; the CA cert is useful if you are using a self-signed server certificate." + properties: + name: + description: Name of the referent. + type: string + required: - name - type: object - required: - - provider - type: object - required: - - interval - - url - type: object - status: - default: - observedGeneration: -1 - description: OCIRepositoryStatus defines the observed state of OCIRepository - properties: - artifact: - description: Artifact represents the output of the last successful - OCI Repository sync. - properties: - digest: - description: Digest is the digest of the file in the form of ':'. - pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ - type: string - lastUpdateTime: - description: LastUpdateTime is the timestamp corresponding to - the last update of the Artifact. - format: date-time - type: string - metadata: - additionalProperties: + type: object + ignore: + description: Ignore overrides the set of excluded patterns in the .sourceignore format (which is the same as .gitignore). If not provided, a default will be used, consult the documentation for your version to find out what those are. + type: string + insecure: + description: Insecure allows connecting to a non-TLS HTTP container registry. + type: boolean + interval: + description: The interval at which to check for image updates. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + layerSelector: + description: LayerSelector specifies which layer should be extracted from the OCI artifact. When not specified, the first layer found in the artifact is selected. + properties: + mediaType: + description: MediaType specifies the OCI media type of the layer which should be extracted from the OCI Artifact. The first layer matching this type is selected. type: string - description: Metadata holds upstream information such as OCI annotations. - type: object - path: - description: Path is the relative file path of the Artifact. It - can be used to locate the file in the root of the Artifact storage - on the local file system of the controller managing the Source. - type: string - revision: - description: Revision is a human-readable identifier traceable - in the origin source system. It can be a Git commit SHA, Git - tag, a Helm chart version, etc. - type: string - size: - description: Size is the number of bytes in the file. - format: int64 - type: integer - url: - description: URL is the HTTP address of the Artifact as exposed - by the controller managing the Source. It can be used to retrieve - the Artifact for consumption, e.g. by another controller applying - the Artifact contents. - type: string - required: - - lastUpdateTime - - path - - revision + operation: + description: Operation specifies how the selected layer should be processed. By default, the layer compressed content is extracted to storage. When the operation is set to 'copy', the layer compressed content is persisted to storage as it is. + enum: + - extract + - copy + type: string + type: object + provider: + default: generic + description: The provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'. When not specified, defaults to 'generic'. + enum: + - generic + - aws + - azure + - gcp + type: string + ref: + description: The OCI reference to pull and monitor for changes, defaults to the latest tag. + properties: + digest: + description: Digest is the image digest to pull, takes precedence over SemVer. The value should be in the format 'sha256:'. + type: string + semver: + description: SemVer is the range of tags to pull selecting the latest within the range, takes precedence over Tag. + type: string + tag: + description: Tag is the image tag to pull, defaults to latest. + type: string + type: object + secretRef: + description: SecretRef contains the secret name containing the registry login credentials to resolve image metadata. The secret must be of type kubernetes.io/dockerconfigjson. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + serviceAccountName: + description: 'ServiceAccountName is the name of the Kubernetes ServiceAccount used to authenticate the image pull if the service account has attached pull secrets. For more information: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account' + type: string + suspend: + description: This flag tells the controller to suspend the reconciliation of this source. + type: boolean + timeout: + default: 60s + description: The timeout for remote OCI Repository operations like pulling, defaults to 60s. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ + type: string + url: + description: URL is a reference to an OCI artifact repository hosted on a remote container registry. + pattern: ^oci://.*$ + type: string + verify: + description: Verify contains the secret name containing the trusted public keys used to verify the signature and specifies which provider to use to check whether OCI image is authentic. + properties: + provider: + default: cosign + description: Provider specifies the technology used to sign the OCI Artifact. + enum: + - cosign + type: string + secretRef: + description: SecretRef specifies the Kubernetes Secret containing the trusted public keys. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + required: + - provider + type: object + required: + - interval - url - type: object - conditions: - description: Conditions holds the conditions for the OCIRepository. - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + type: object + status: + default: + observedGeneration: -1 + description: OCIRepositoryStatus defines the observed state of OCIRepository + properties: + artifact: + description: Artifact represents the output of the last successful OCI Repository sync. properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. + digest: + description: Digest is the digest of the file in the form of ':'. + pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ + type: string + lastUpdateTime: + description: LastUpdateTime is the timestamp corresponding to the last update of the Artifact. format: date-time type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. + metadata: + additionalProperties: + type: string + description: Metadata holds upstream information such as OCI annotations. + type: object + path: + description: Path is the relative file path of the Artifact. It can be used to locate the file in the root of the Artifact storage on the local file system of the controller managing the Source. + type: string + revision: + description: Revision is a human-readable identifier traceable in the origin source system. It can be a Git commit SHA, Git tag, a Helm chart version, etc. + type: string + size: + description: Size is the number of bytes in the file. format: int64 - minimum: 0 type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + url: + description: URL is the HTTP address of the Artifact as exposed by the controller managing the Source. It can be used to retrieve the Artifact for consumption, e.g. by another controller applying the Artifact contents. type: string required: - - lastTransitionTime - - message - - reason - - status - - type + - lastUpdateTime + - path + - revision + - url type: object - type: array - contentConfigChecksum: - description: "ContentConfigChecksum is a checksum of all the configurations - related to the content of the source artifact: - .spec.ignore - - .spec.layerSelector observed in .status.observedGeneration version - of the object. This can be used to determine if the content configuration - has changed and the artifact needs to be rebuilt. It has the format - of `:`, for example: `sha256:`. \n Deprecated: - Replaced with explicit fields for observed artifact content config - in the status." - type: string - lastHandledReconcileAt: - description: LastHandledReconcileAt holds the value of the most recent - reconcile request value, so a change of the annotation value can - be detected. - type: string - observedGeneration: - description: ObservedGeneration is the last observed generation. - format: int64 - type: integer - observedIgnore: - description: ObservedIgnore is the observed exclusion patterns used - for constructing the source artifact. - type: string - observedLayerSelector: - description: ObservedLayerSelector is the observed layer selector - used for constructing the source artifact. - properties: - mediaType: - description: MediaType specifies the OCI media type of the layer - which should be extracted from the OCI Artifact. The first layer - matching this type is selected. - type: string - operation: - description: Operation specifies how the selected layer should - be processed. By default, the layer compressed content is extracted - to storage. When the operation is set to 'copy', the layer compressed - content is persisted to storage as it is. - enum: - - extract - - copy - type: string - type: object - url: - description: URL is the download link for the artifact output of the - last OCI Repository sync. - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + conditions: + description: Conditions holds the conditions for the OCIRepository. + items: + description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + contentConfigChecksum: + description: "ContentConfigChecksum is a checksum of all the configurations related to the content of the source artifact: - .spec.ignore - .spec.layerSelector observed in .status.observedGeneration version of the object. This can be used to determine if the content configuration has changed and the artifact needs to be rebuilt. It has the format of `:`, for example: `sha256:`. \n Deprecated: Replaced with explicit fields for observed artifact content config in the status." + type: string + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent reconcile request value, so a change of the annotation value can be detected. + type: string + observedGeneration: + description: ObservedGeneration is the last observed generation. + format: int64 + type: integer + observedIgnore: + description: ObservedIgnore is the observed exclusion patterns used for constructing the source artifact. + type: string + observedLayerSelector: + description: ObservedLayerSelector is the observed layer selector used for constructing the source artifact. + properties: + mediaType: + description: MediaType specifies the OCI media type of the layer which should be extracted from the OCI Artifact. The first layer matching this type is selected. + type: string + operation: + description: Operation specifies how the selected layer should be processed. By default, the layer compressed content is extracted to storage. When the operation is set to 'copy', the layer compressed content is persisted to storage as it is. + enum: + - extract + - copy + type: string + type: object + url: + description: URL is the download link for the artifact output of the last OCI Repository sync. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/nephio/optional/flux-helm-controllers/service.yaml b/nephio/optional/flux-helm-controllers/service.yaml index c7dd5b3..f04a4e5 100644 --- a/nephio/optional/flux-helm-controllers/service.yaml +++ b/nephio/optional/flux-helm-controllers/service.yaml @@ -11,10 +11,10 @@ metadata: namespace: flux-system spec: ports: - - name: http - port: 80 - protocol: TCP - targetPort: http + - name: http + port: 80 + protocol: TCP + targetPort: http selector: app: source-controller type: ClusterIP diff --git a/nephio/optional/network-config/app/controller/clusterrole-network.yaml b/nephio/optional/network-config/app/controller/clusterrole-network.yaml index 13a76bf..7e4e937 100644 --- a/nephio/optional/network-config/app/controller/clusterrole-network.yaml +++ b/nephio/optional/network-config/app/controller/clusterrole-network.yaml @@ -12,27 +12,27 @@ metadata: app.kubernetes.io/version: tbd name: network-config-controller-network-role rules: -- apiGroups: - - config.nephio.org - resources: - - networks - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - config.nephio.org - resources: - - networks/status - verbs: - - get - - list - - watch - - update - - patch - - create - - delete + - apiGroups: + - config.nephio.org + resources: + - networks + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - config.nephio.org + resources: + - networks/status + verbs: + - get + - list + - watch + - update + - patch + - create + - delete diff --git a/nephio/optional/network-config/app/controller/clusterrole-target.yaml b/nephio/optional/network-config/app/controller/clusterrole-target.yaml index eacb3e2..ca05b5b 100644 --- a/nephio/optional/network-config/app/controller/clusterrole-target.yaml +++ b/nephio/optional/network-config/app/controller/clusterrole-target.yaml @@ -12,35 +12,35 @@ metadata: app.kubernetes.io/version: tbd name: network-config-controller-target-role rules: -- apiGroups: - - '*' - resources: - - secrets - verbs: - - get - - list - - watch -- apiGroups: - - inv.nephio.org - resources: - - targets - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - inv.nephio.org - resources: - - targets/status - verbs: - - get - - list - - watch - - update - - patch - - create - - delete + - apiGroups: + - '*' + resources: + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - inv.nephio.org + resources: + - targets + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - inv.nephio.org + resources: + - targets/status + verbs: + - get + - list + - watch + - update + - patch + - create + - delete diff --git a/nephio/optional/network-config/app/controller/clusterrolebinding-controller.yaml b/nephio/optional/network-config/app/controller/clusterrolebinding-controller.yaml index 81bb48d..0ed184d 100644 --- a/nephio/optional/network-config/app/controller/clusterrolebinding-controller.yaml +++ b/nephio/optional/network-config/app/controller/clusterrolebinding-controller.yaml @@ -16,6 +16,6 @@ roleRef: kind: ClusterRole name: network-config-controller-controller-role subjects: -- kind: ServiceAccount - name: network-config-controller - namespace: network-config + - kind: ServiceAccount + name: network-config-controller + namespace: network-config diff --git a/nephio/optional/network-config/app/controller/clusterrolebinding-network.yaml b/nephio/optional/network-config/app/controller/clusterrolebinding-network.yaml index 1fe8d5e..54db1c9 100644 --- a/nephio/optional/network-config/app/controller/clusterrolebinding-network.yaml +++ b/nephio/optional/network-config/app/controller/clusterrolebinding-network.yaml @@ -16,6 +16,6 @@ roleRef: kind: ClusterRole name: network-config-controller-network-role subjects: -- kind: ServiceAccount - name: network-config-controller - namespace: network-config + - kind: ServiceAccount + name: network-config-controller + namespace: network-config diff --git a/nephio/optional/network-config/app/controller/clusterrolebinding-target.yaml b/nephio/optional/network-config/app/controller/clusterrolebinding-target.yaml index b6f6393..13ca340 100644 --- a/nephio/optional/network-config/app/controller/clusterrolebinding-target.yaml +++ b/nephio/optional/network-config/app/controller/clusterrolebinding-target.yaml @@ -16,6 +16,6 @@ roleRef: kind: ClusterRole name: network-config-controller-target-role subjects: -- kind: ServiceAccount - name: network-config-controller - namespace: network-config + - kind: ServiceAccount + name: network-config-controller + namespace: network-config diff --git a/nephio/optional/network-config/app/controller/deployment-controller.yaml b/nephio/optional/network-config/app/controller/deployment-controller.yaml index 0a0ab03..675a7f1 100644 --- a/nephio/optional/network-config/app/controller/deployment-controller.yaml +++ b/nephio/optional/network-config/app/controller/deployment-controller.yaml @@ -26,78 +26,78 @@ spec: namespace: network-config spec: containers: - - args: - - --secure-listen-address=0.0.0.0:8443 - - --upstream=http://127.0.0.1:8080/ - - --logtostderr=true - - --v=10 - image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0 - name: kube-rbac-proxy - ports: - - containerPort: 8443 - name: https - resources: {} - - args: - - --health-probe-bind-address=:8081 - - --metrics-bind-address=127.0.0.1:8080 - - --leader-elect - command: - - /manager - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: POD_IP - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.podIP - - name: POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - - name: NODE_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: spec.nodeName - - name: NODE_IP - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.hostIP - - name: ENABLE_TARGETS - value: "true" - - name: ENABLE_NETWORKCONFIGS - value: "true" - image: docker.io/nephio/network-config-operator:v2.0.0 - livenessProbe: - httpGet: - path: /healthz - port: 8081 - initialDelaySeconds: 15 - periodSeconds: 20 - name: controller - readinessProbe: - httpGet: - path: /readyz - port: 8081 - initialDelaySeconds: 5 - periodSeconds: 10 - resources: - limits: - cpu: 500m - memory: 128Mi - requests: - cpu: 10m - memory: 64Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL + - args: + - --secure-listen-address=0.0.0.0:8443 + - --upstream=http://127.0.0.1:8080/ + - --logtostderr=true + - --v=10 + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0 + name: kube-rbac-proxy + ports: + - containerPort: 8443 + name: https + resources: {} + - args: + - --health-probe-bind-address=:8081 + - --metrics-bind-address=127.0.0.1:8080 + - --leader-elect + command: + - /manager + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + - name: NODE_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.hostIP + - name: ENABLE_TARGETS + value: "true" + - name: ENABLE_NETWORKCONFIGS + value: "true" + image: docker.io/nephio/network-config-operator:v2.0.0 + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: controller + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 10m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL serviceAccountName: network-config-controller status: {} diff --git a/nephio/optional/network-config/app/controller/role-leader-election.yaml b/nephio/optional/network-config/app/controller/role-leader-election.yaml index 49bd59b..1ab6cef 100644 --- a/nephio/optional/network-config/app/controller/role-leader-election.yaml +++ b/nephio/optional/network-config/app/controller/role-leader-election.yaml @@ -13,34 +13,34 @@ metadata: name: network-config-controller-leader-election-role namespace: network-config rules: -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch diff --git a/nephio/optional/network-config/app/controller/rolebinding-leader-election.yaml b/nephio/optional/network-config/app/controller/rolebinding-leader-election.yaml index 893a076..c76fd1a 100644 --- a/nephio/optional/network-config/app/controller/rolebinding-leader-election.yaml +++ b/nephio/optional/network-config/app/controller/rolebinding-leader-election.yaml @@ -17,6 +17,6 @@ roleRef: kind: Role name: network-config-controller-leader-election-role subjects: -- kind: ServiceAccount - name: network-config-controller - namespace: network-config + - kind: ServiceAccount + name: network-config-controller + namespace: network-config diff --git a/nephio/optional/resource-backend/app/controller/clusterrole-controller.yaml b/nephio/optional/resource-backend/app/controller/clusterrole-controller.yaml index 8432be7..83cd666 100644 --- a/nephio/optional/resource-backend/app/controller/clusterrole-controller.yaml +++ b/nephio/optional/resource-backend/app/controller/clusterrole-controller.yaml @@ -12,82 +12,82 @@ metadata: app.kubernetes.io/version: tbd name: resource-backend-controller-controller-role rules: -- apiGroups: - - '*' - resources: - - events - - configmaps - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - inv.nephio.org - resources: - - endpoints - - endpoints/status - - links - - links/status - - nodes - - nodes/status - - targets - - targets/status - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - ipam.resource.nephio.org - resources: - - ipclaims - - ipclaims/status - - ipprefixes - - ipprefixes/status - - networkinstances - - networkinstances/status - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - topo.nephio.org - resources: - - rawtopologies - - rawtopologies/status - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - vlan.resource.nephio.org - resources: - - vlanclaims - - vlanclaims/status - - vlanindices - - vlanindices/status - - vlans - - vlans/status - verbs: - - get - - list - - watch - - update - - patch - - create - - delete + - apiGroups: + - '*' + resources: + - events + - configmaps + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - inv.nephio.org + resources: + - endpoints + - endpoints/status + - links + - links/status + - nodes + - nodes/status + - targets + - targets/status + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - ipam.resource.nephio.org + resources: + - ipclaims + - ipclaims/status + - ipprefixes + - ipprefixes/status + - networkinstances + - networkinstances/status + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - topo.nephio.org + resources: + - rawtopologies + - rawtopologies/status + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - vlan.resource.nephio.org + resources: + - vlanclaims + - vlanclaims/status + - vlanindices + - vlanindices/status + - vlans + - vlans/status + verbs: + - get + - list + - watch + - update + - patch + - create + - delete diff --git a/nephio/optional/resource-backend/app/controller/clusterrolebinding-controller.yaml b/nephio/optional/resource-backend/app/controller/clusterrolebinding-controller.yaml index 39c7bc0..69a7f74 100644 --- a/nephio/optional/resource-backend/app/controller/clusterrolebinding-controller.yaml +++ b/nephio/optional/resource-backend/app/controller/clusterrolebinding-controller.yaml @@ -16,6 +16,6 @@ roleRef: kind: ClusterRole name: resource-backend-controller-controller-role subjects: -- kind: ServiceAccount - name: resource-backend-controller - namespace: backend-system + - kind: ServiceAccount + name: resource-backend-controller + namespace: backend-system diff --git a/nephio/optional/resource-backend/app/controller/deployment-controller.yaml b/nephio/optional/resource-backend/app/controller/deployment-controller.yaml index a94c603..fe76e7b 100644 --- a/nephio/optional/resource-backend/app/controller/deployment-controller.yaml +++ b/nephio/optional/resource-backend/app/controller/deployment-controller.yaml @@ -28,90 +28,90 @@ spec: namespace: backend-system spec: containers: - - args: - - --secure-listen-address=0.0.0.0:8443 - - --upstream=http://127.0.0.1:8080/ - - --logtostderr=true - - --v=10 - image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0 - name: kube-rbac-proxy - ports: - - containerPort: 8443 - name: https - resources: {} - - args: - - --health-probe-bind-address=:8081 - - --metrics-bind-address=127.0.0.1:8080 - - --leader-elect - command: - - /manager - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: POD_IP - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.podIP - - name: POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - - name: NODE_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: spec.nodeName - - name: NODE_IP - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.hostIP - - name: RESOURCE_BACKEND - value: 127.0.0.1:9999 - - name: ENABLE_IPCLAIM - value: "true" - - name: ENABLE_NETWORKINSTANCE - value: "true" - - name: ENABLE_IPPREFIX - value: "true" - - name: ENABLE_VLANCLAIM - value: "true" - - name: ENABLE_VLANINDEX - value: "true" - - name: ENABLE_VLAN - value: "true" - - name: ENABLE_RAWTOPOLOGIES - value: "true" - image: docker.io/nephio/resource-backend-controller:v2.0.0 - livenessProbe: - httpGet: - path: /healthz - port: 8081 - initialDelaySeconds: 15 - periodSeconds: 20 - name: controller - readinessProbe: - httpGet: - path: /readyz - port: 8081 - initialDelaySeconds: 5 - periodSeconds: 10 - resources: - limits: - cpu: 500m - memory: 128Mi - requests: - cpu: 10m - memory: 64Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL + - args: + - --secure-listen-address=0.0.0.0:8443 + - --upstream=http://127.0.0.1:8080/ + - --logtostderr=true + - --v=10 + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0 + name: kube-rbac-proxy + ports: + - containerPort: 8443 + name: https + resources: {} + - args: + - --health-probe-bind-address=:8081 + - --metrics-bind-address=127.0.0.1:8080 + - --leader-elect + command: + - /manager + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + - name: NODE_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.hostIP + - name: RESOURCE_BACKEND + value: 127.0.0.1:9999 + - name: ENABLE_IPCLAIM + value: "true" + - name: ENABLE_NETWORKINSTANCE + value: "true" + - name: ENABLE_IPPREFIX + value: "true" + - name: ENABLE_VLANCLAIM + value: "true" + - name: ENABLE_VLANINDEX + value: "true" + - name: ENABLE_VLAN + value: "true" + - name: ENABLE_RAWTOPOLOGIES + value: "true" + image: docker.io/nephio/resource-backend-controller:v2.0.0 + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: controller + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 10m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL serviceAccountName: resource-backend-controller status: {} diff --git a/nephio/optional/resource-backend/app/controller/grpc/service-grpc.yaml b/nephio/optional/resource-backend/app/controller/grpc/service-grpc.yaml index c3b27b2..4584ab0 100644 --- a/nephio/optional/resource-backend/app/controller/grpc/service-grpc.yaml +++ b/nephio/optional/resource-backend/app/controller/grpc/service-grpc.yaml @@ -15,9 +15,9 @@ metadata: namespace: backend-system spec: ports: - - name: grpc - port: 9999 - protocol: TCP - targetPort: 9999 + - name: grpc + port: 9999 + protocol: TCP + targetPort: 9999 selector: fn.kptgen.dev/grpc: resource-backend-controller diff --git a/nephio/optional/resource-backend/app/controller/role-leader-election.yaml b/nephio/optional/resource-backend/app/controller/role-leader-election.yaml index 43b2d19..ac46d4c 100644 --- a/nephio/optional/resource-backend/app/controller/role-leader-election.yaml +++ b/nephio/optional/resource-backend/app/controller/role-leader-election.yaml @@ -13,34 +13,34 @@ metadata: name: resource-backend-controller-leader-election-role namespace: backend-system rules: -- apiGroups: - - '*' - resources: - - configmaps - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - '*' - resources: - - events - verbs: - - create - - patch + - apiGroups: + - '*' + resources: + - configmaps + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - '*' + resources: + - events + verbs: + - create + - patch diff --git a/nephio/optional/resource-backend/app/controller/rolebinding-leader-election.yaml b/nephio/optional/resource-backend/app/controller/rolebinding-leader-election.yaml index e846ad3..3c02bb3 100644 --- a/nephio/optional/resource-backend/app/controller/rolebinding-leader-election.yaml +++ b/nephio/optional/resource-backend/app/controller/rolebinding-leader-election.yaml @@ -17,6 +17,6 @@ roleRef: kind: Role name: resource-backend-controller-leader-election-role subjects: -- kind: ServiceAccount - name: resource-backend-controller - namespace: backend-system + - kind: ServiceAccount + name: resource-backend-controller + namespace: backend-system diff --git a/nephio/optional/resource-backend/crd/bases/inv.nephio.org_endpoints.yaml b/nephio/optional/resource-backend/crd/bases/inv.nephio.org_endpoints.yaml index fc23303..b7cb438 100644 --- a/nephio/optional/resource-backend/crd/bases/inv.nephio.org_endpoints.yaml +++ b/nephio/optional/resource-backend/crd/bases/inv.nephio.org_endpoints.yaml @@ -9,135 +9,135 @@ spec: group: inv.nephio.org names: categories: - - nephio - - inv + - nephio + - inv kind: Endpoint listKind: EndpointList plural: endpoints singular: endpoint scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: READY - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Endpoint is the Schema for the vlan API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: EndpointSpec defines the desired state of Endpoint - properties: - interfaceName: - type: string - labels: - additionalProperties: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: READY + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Endpoint is the Schema for the vlan API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: EndpointSpec defines the desired state of Endpoint + properties: + interfaceName: type: string - description: Labels as user defined labels - type: object - lacpFallback: - description: LacpFallback defines if the link is part of a lag mutually exclusive with Lag parameter - type: boolean - multiHoming: - description: MultiHoming defines if the endpoint is multi-homed - type: boolean - multiHomingName: - description: MultiHomingName defines the name of the multi-homing - type: string - nodeName: - type: string - parametersRef: - description: ParametersRef points to the vendor or implementation specific params for the network. - properties: - apiVersion: - description: API version of the referent. + labels: + additionalProperties: type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - provider: - description: Provider specifies the provider implementing this network. - type: string - required: - - interfaceName - - nodeName - - provider - type: object - status: - description: EndpointStatus defines the observed state of Endpoint - properties: - conditions: - description: Conditions of the resource. - items: + description: Labels as user defined labels + type: object + lacpFallback: + description: LacpFallback defines if the link is part of a lag mutually exclusive with Lag parameter + type: boolean + multiHoming: + description: MultiHoming defines if the endpoint is multi-homed + type: boolean + multiHomingName: + description: MultiHomingName defines the name of the multi-homing + type: string + nodeName: + type: string + parametersRef: + description: ParametersRef points to the vendor or implementation specific params for the network. properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time + apiVersion: + description: API version of the referent. type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string - required: - - lastTransitionTime - - message - - reason - - status - - type type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} + x-kubernetes-map-type: atomic + provider: + description: Provider specifies the provider implementing this network. + type: string + required: + - interfaceName + - nodeName + - provider + type: object + status: + description: EndpointStatus defines the observed state of Endpoint + properties: + conditions: + description: Conditions of the resource. + items: + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/nephio/optional/resource-backend/crd/bases/inv.nephio.org_links.yaml b/nephio/optional/resource-backend/crd/bases/inv.nephio.org_links.yaml index 7feaf18..610b57a 100644 --- a/nephio/optional/resource-backend/crd/bases/inv.nephio.org_links.yaml +++ b/nephio/optional/resource-backend/crd/bases/inv.nephio.org_links.yaml @@ -9,141 +9,141 @@ spec: group: inv.nephio.org names: categories: - - nephio - - inv + - nephio + - inv kind: Link listKind: LinkList plural: links singular: link scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: READY - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Link is the Schema for the vlan API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: LinkSpec defines the desired state of Link - properties: - endpoints: - description: Endpoints define the node + interface endpoints associated with this link - items: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: READY + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Link is the Schema for the vlan API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: LinkSpec defines the desired state of Link + properties: + endpoints: + description: Endpoints define the node + interface endpoints associated with this link + items: + properties: + interfaceName: + type: string + nodeName: + type: string + required: + - interfaceName + - nodeName + type: object + maxItems: 2 + minItems: 2 + type: array + labels: + additionalProperties: + type: string + description: Labels as user defined labels + type: object + lacp: + description: Lacp defines if the lag enabled LACP + type: boolean + lag: + description: lag defines if the link is a lag mutually exclusive with LagMember parameter + type: boolean + lagMember: + description: LagMember defines if the link is part of a lag mutually exclusive with Lag parameter + type: boolean + parametersRef: + description: ParametersRef points to the vendor or implementation specific params for the network. properties: - interfaceName: + apiVersion: + description: API version of the referent. type: string - nodeName: + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' type: string - required: - - interfaceName - - nodeName - type: object - maxItems: 2 - minItems: 2 - type: array - labels: - additionalProperties: - type: string - description: Labels as user defined labels - type: object - lacp: - description: Lacp defines if the lag enabled LACP - type: boolean - lag: - description: lag defines if the link is a lag mutually exclusive with LagMember parameter - type: boolean - lagMember: - description: LagMember defines if the link is part of a lag mutually exclusive with Lag parameter - type: boolean - parametersRef: - description: ParametersRef points to the vendor or implementation specific params for the network. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - required: - - endpoints - type: object - status: - description: LinkStatus defines the observed state of Link - properties: - conditions: - description: Conditions of the resource. - items: - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string - required: - - lastTransitionTime - - message - - reason - - status - - type type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} + x-kubernetes-map-type: atomic + required: + - endpoints + type: object + status: + description: LinkStatus defines the observed state of Link + properties: + conditions: + description: Conditions of the resource. + items: + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/nephio/optional/resource-backend/crd/bases/inv.nephio.org_nodes.yaml b/nephio/optional/resource-backend/crd/bases/inv.nephio.org_nodes.yaml index f2c3897..901cb38 100644 --- a/nephio/optional/resource-backend/crd/bases/inv.nephio.org_nodes.yaml +++ b/nephio/optional/resource-backend/crd/bases/inv.nephio.org_nodes.yaml @@ -9,130 +9,130 @@ spec: group: inv.nephio.org names: categories: - - nephio - - inv + - nephio + - inv kind: Node listKind: NodeList plural: nodes singular: node scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: READY - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Node is the Schema for the vlan API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: NodeSpec defines the desired state of Node - properties: - address: - type: string - labels: - additionalProperties: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: READY + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Node is the Schema for the vlan API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: NodeSpec defines the desired state of Node + properties: + address: type: string - description: Labels as user defined labels - type: object - location: - description: Location provider the location information where this resource is located - properties: - latitude: + labels: + additionalProperties: type: string - longitude: - type: string - type: object - parametersRef: - description: ParametersRef points to the vendor or implementation specific params for the network. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - provider: - description: Provider specifies the provider implementing this network. - type: string - required: - - provider - type: object - status: - description: NodeStatus defines the observed state of Node - properties: - conditions: - description: Conditions of the resource. - items: + description: Labels as user defined labels + type: object + location: + description: Location provider the location information where this resource is located + properties: + latitude: + type: string + longitude: + type: string + type: object + parametersRef: + description: ParametersRef points to the vendor or implementation specific params for the network. properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string - required: - - lastTransitionTime - - message - - reason - - status - - type type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} + x-kubernetes-map-type: atomic + provider: + description: Provider specifies the provider implementing this network. + type: string + required: + - provider + type: object + status: + description: NodeStatus defines the observed state of Node + properties: + conditions: + description: Conditions of the resource. + items: + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/nephio/optional/resource-backend/crd/bases/inv.nephio.org_targets.yaml b/nephio/optional/resource-backend/crd/bases/inv.nephio.org_targets.yaml index e558a6b..76fc713 100644 --- a/nephio/optional/resource-backend/crd/bases/inv.nephio.org_targets.yaml +++ b/nephio/optional/resource-backend/crd/bases/inv.nephio.org_targets.yaml @@ -9,141 +9,141 @@ spec: group: inv.nephio.org names: categories: - - nephio - - inv + - nephio + - inv kind: Target listKind: TargetList plural: targets singular: target scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: READY - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: Target is the Schema for the vlan API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: TargetSpec defines the desired state of Target - properties: - address: - type: string - encoding: - enum: - - unknown - - JSON - - JSON_IETF - - bytes - - protobuf - - ASCII - type: string - insecure: - type: boolean - parametersRef: - description: ParametersRef points to the vendor or implementation specific params for the target. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - protocol: - enum: - - unknown - - gnmi - - netconf - type: string - provider: - description: Provider specifies the provider using this target. - type: string - secretName: - type: string - skipVerify: - type: boolean - tlsSecretName: - type: string - required: - - provider - - secretName - type: object - status: - description: TargetStatus defines the observed state of Target - properties: - conditions: - description: Conditions of the resource. - items: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: READY + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Target is the Schema for the vlan API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: TargetSpec defines the desired state of Target + properties: + address: + type: string + encoding: + enum: + - unknown + - JSON + - JSON_IETF + - bytes + - protobuf + - ASCII + type: string + insecure: + type: boolean + parametersRef: + description: ParametersRef points to the vendor or implementation specific params for the target. properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time + apiVersion: + description: API version of the referent. type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string - required: - - lastTransitionTime - - message - - reason - - status - - type type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} + x-kubernetes-map-type: atomic + protocol: + enum: + - unknown + - gnmi + - netconf + type: string + provider: + description: Provider specifies the provider using this target. + type: string + secretName: + type: string + skipVerify: + type: boolean + tlsSecretName: + type: string + required: + - provider + - secretName + type: object + status: + description: TargetStatus defines the observed state of Target + properties: + conditions: + description: Conditions of the resource. + items: + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/nephio/optional/resource-backend/crd/bases/ipam.resource.nephio.org_ipclaims.yaml b/nephio/optional/resource-backend/crd/bases/ipam.resource.nephio.org_ipclaims.yaml index 2fdc13a..ccd30d7 100644 --- a/nephio/optional/resource-backend/crd/bases/ipam.resource.nephio.org_ipclaims.yaml +++ b/nephio/optional/resource-backend/crd/bases/ipam.resource.nephio.org_ipclaims.yaml @@ -9,214 +9,214 @@ spec: group: ipam.resource.nephio.org names: categories: - - nephio - - resource + - nephio + - resource kind: IPClaim listKind: IPClaimList plural: ipclaims singular: ipclaim scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Synced')].status - name: SYNC - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: STATUS - type: string - - jsonPath: .spec.networkInstance.name - name: NETWORK-INSTANCE - type: string - - jsonPath: .spec.kind - name: KIND - type: string - - jsonPath: .spec.addressFamily - name: AF - type: string - - jsonPath: .spec.prefixLength - name: PREFIXLENGTH - type: string - - jsonPath: .spec.prefix - name: PREFIX-REQ - type: string - - jsonPath: .status.prefix - name: PREFIX-ALLOC - type: string - - jsonPath: .status.gateway - name: GATEWAY - type: string - - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: IPClaim is the Schema for the ipclaim API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: IPClaimSpec defines the desired state of IPClaim - properties: - addressFamily: - description: AddressFamily defines the address family for the IP claim - enum: - - ipv4 - - ipv6 - type: string - createPrefix: - description: CreatePrefix defines if this prefix must be created. Only used for non address prefixes e.g. non /32 ipv4 and non /128 ipv6 prefixes - type: boolean - index: - description: Index defines the index of the IP Claim, used to get a deterministic IP from a prefix If not present we claim a random prefix from a prefix - format: int32 - type: integer - kind: - default: network - description: Kind defines the kind of prefix for the IP Claim - network kind is used for physical, virtual nics on a device - loopback kind is used for loopback interfaces - pool kind is used for pools for dhcp/radius/bng/upf/etc - aggregate kind is used for claiming an aggregate prefix - enum: - - network - - loopback - - pool - - aggregate - type: string - labels: - additionalProperties: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Synced')].status + name: SYNC + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: STATUS + type: string + - jsonPath: .spec.networkInstance.name + name: NETWORK-INSTANCE + type: string + - jsonPath: .spec.kind + name: KIND + type: string + - jsonPath: .spec.addressFamily + name: AF + type: string + - jsonPath: .spec.prefixLength + name: PREFIXLENGTH + type: string + - jsonPath: .spec.prefix + name: PREFIX-REQ + type: string + - jsonPath: .status.prefix + name: PREFIX-ALLOC + type: string + - jsonPath: .status.gateway + name: GATEWAY + type: string + - jsonPath: .metadata.creationTimestamp + name: AGE + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: IPClaim is the Schema for the ipclaim API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: IPClaimSpec defines the desired state of IPClaim + properties: + addressFamily: + description: AddressFamily defines the address family for the IP claim + enum: + - ipv4 + - ipv6 type: string - description: Labels as user defined labels - type: object - networkInstance: - description: NetworkInstance defines the networkInstance context for the IP claim Name and optionally Namespace is used here - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + createPrefix: + description: CreatePrefix defines if this prefix must be created. Only used for non address prefixes e.g. non /32 ipv4 and non /128 ipv6 prefixes + type: boolean + index: + description: Index defines the index of the IP Claim, used to get a deterministic IP from a prefix If not present we claim a random prefix from a prefix + format: int32 + type: integer + kind: + default: network + description: Kind defines the kind of prefix for the IP Claim - network kind is used for physical, virtual nics on a device - loopback kind is used for loopback interfaces - pool kind is used for pools for dhcp/radius/bng/upf/etc - aggregate kind is used for claiming an aggregate prefix + enum: + - network + - loopback + - pool + - aggregate + type: string + labels: + additionalProperties: type: string - type: object - x-kubernetes-map-type: atomic - prefix: - description: Prefix defines the prefix for the IP claim Used for specific prefix claim or used as a hint for a dynamic prefix claim in case of restart - pattern: (([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/(([0-9])|([1-2][0-9])|(3[0-2]))|((:|[0-9a-fA-F]{0,4}):)([0-9a-fA-F]{0,4}:){0,5}((([0-9a-fA-F]{0,4}:)?(:|[0-9a-fA-F]{0,4}))|(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])))(/(([0-9])|([0-9]{2})|(1[0-1][0-9])|(12[0-8]))) - type: string - prefixLength: - description: PrefixLength defines the prefix length for the IP Claim If not present we use assume /32 for ipv4 and /128 for ipv6 - type: integer - selector: - description: Selector defines the selector criterias for the VLAN claim - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - required: - - kind - - networkInstance - type: object - status: - description: IPClaimStatus defines the observed state of IPClaim - properties: - conditions: - description: Conditions of the resource. - items: + description: Labels as user defined labels + type: object + networkInstance: + description: NetworkInstance defines the networkInstance context for the IP claim Name and optionally Namespace is used here properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time + apiVersion: + description: API version of the referent. type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + prefix: + description: Prefix defines the prefix for the IP claim Used for specific prefix claim or used as a hint for a dynamic prefix claim in case of restart + pattern: (([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/(([0-9])|([1-2][0-9])|(3[0-2]))|((:|[0-9a-fA-F]{0,4}):)([0-9a-fA-F]{0,4}:){0,5}((([0-9a-fA-F]{0,4}:)?(:|[0-9a-fA-F]{0,4}))|(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])))(/(([0-9])|([0-9]{2})|(1[0-1][0-9])|(12[0-8]))) + type: string + prefixLength: + description: PrefixLength defines the prefix length for the IP Claim If not present we use assume /32 for ipv4 and /128 for ipv6 + type: integer + selector: + description: Selector defines the selector criterias for the VLAN claim + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object type: object - type: array - expiryTime: - description: ExpiryTime defines when the claim expires - type: string - gateway: - description: Gateway defines the gateway IP for the claimed prefix Gateway is only relevant for prefix kind = network - type: string - prefix: - description: Prefix defines the prefix, claimed through the IPAM backend - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + x-kubernetes-map-type: atomic + required: + - kind + - networkInstance + type: object + status: + description: IPClaimStatus defines the observed state of IPClaim + properties: + conditions: + description: Conditions of the resource. + items: + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + expiryTime: + description: ExpiryTime defines when the claim expires + type: string + gateway: + description: Gateway defines the gateway IP for the claimed prefix Gateway is only relevant for prefix kind = network + type: string + prefix: + description: Prefix defines the prefix, claimed through the IPAM backend + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/nephio/optional/resource-backend/crd/bases/ipam.resource.nephio.org_ipprefixes.yaml b/nephio/optional/resource-backend/crd/bases/ipam.resource.nephio.org_ipprefixes.yaml index a01deca..e5fe6fe 100644 --- a/nephio/optional/resource-backend/crd/bases/ipam.resource.nephio.org_ipprefixes.yaml +++ b/nephio/optional/resource-backend/crd/bases/ipam.resource.nephio.org_ipprefixes.yaml @@ -9,156 +9,156 @@ spec: group: ipam.resource.nephio.org names: categories: - - nephio - - resource + - nephio + - resource kind: IPPrefix listKind: IPPrefixList plural: ipprefixes singular: ipprefix scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Synced')].status - name: SYNC - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: STATUS - type: string - - jsonPath: .spec.networkInstance.name - name: NETWORK-INSTANCE - type: string - - jsonPath: .spec.kind - name: KIND - type: string - - jsonPath: .spec.subnetName - name: SUBNET - type: string - - jsonPath: .spec.prefix - name: PREFIX-REQ - type: string - - jsonPath: .status.prefix - name: PREFIX-ALLOC - type: string - - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: IPPrefix is the Schema for the ipprefixes API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: IPPrefixSpec defines the desired state of IPPrefix - properties: - kind: - default: network - description: Kind defines the kind of prefix for the IP Claim - network kind is used for physical, virtual nics on a device - loopback kind is used for loopback interfaces - pool kind is used for pools for dhcp/radius/bng/upf/etc - aggregate kind is used for claiming an aggregate prefix - enum: - - network - - loopback - - pool - - aggregate - type: string - labels: - additionalProperties: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Synced')].status + name: SYNC + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: STATUS + type: string + - jsonPath: .spec.networkInstance.name + name: NETWORK-INSTANCE + type: string + - jsonPath: .spec.kind + name: KIND + type: string + - jsonPath: .spec.subnetName + name: SUBNET + type: string + - jsonPath: .spec.prefix + name: PREFIX-REQ + type: string + - jsonPath: .status.prefix + name: PREFIX-ALLOC + type: string + - jsonPath: .metadata.creationTimestamp + name: AGE + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: IPPrefix is the Schema for the ipprefixes API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: IPPrefixSpec defines the desired state of IPPrefix + properties: + kind: + default: network + description: Kind defines the kind of prefix for the IP Claim - network kind is used for physical, virtual nics on a device - loopback kind is used for loopback interfaces - pool kind is used for pools for dhcp/radius/bng/upf/etc - aggregate kind is used for claiming an aggregate prefix + enum: + - network + - loopback + - pool + - aggregate type: string - description: Labels as user defined labels - type: object - networkInstance: - description: NetworkInstance defines the networkInstance context for the IP prefix Name and optionally Namespace is used here - properties: - apiVersion: - description: API version of the referent. + labels: + additionalProperties: type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - prefix: - description: Prefix defines the ip cidr in prefix or address notation. - pattern: (([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/(([0-9])|([1-2][0-9])|(3[0-2]))|((:|[0-9a-fA-F]{0,4}):)([0-9a-fA-F]{0,4}:){0,5}((([0-9a-fA-F]{0,4}:)?(:|[0-9a-fA-F]{0,4}))|(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])))(/(([0-9])|([0-9]{2})|(1[0-1][0-9])|(12[0-8]))) - type: string - required: - - kind - - networkInstance - - prefix - type: object - status: - description: IPPrefixStatus defines the observed state of IPPrefix - properties: - conditions: - description: Conditions of the resource. - items: + description: Labels as user defined labels + type: object + networkInstance: + description: NetworkInstance defines the networkInstance context for the IP prefix Name and optionally Namespace is used here properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string - required: - - lastTransitionTime - - message - - reason - - status - - type type: object - type: array - prefix: - description: Prefix defines the prefix, claimed through the IPAM backend - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + x-kubernetes-map-type: atomic + prefix: + description: Prefix defines the ip cidr in prefix or address notation. + pattern: (([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/(([0-9])|([1-2][0-9])|(3[0-2]))|((:|[0-9a-fA-F]{0,4}):)([0-9a-fA-F]{0,4}:){0,5}((([0-9a-fA-F]{0,4}:)?(:|[0-9a-fA-F]{0,4}))|(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])))(/(([0-9])|([0-9]{2})|(1[0-1][0-9])|(12[0-8]))) + type: string + required: + - kind + - networkInstance + - prefix + type: object + status: + description: IPPrefixStatus defines the observed state of IPPrefix + properties: + conditions: + description: Conditions of the resource. + items: + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + prefix: + description: Prefix defines the prefix, claimed through the IPAM backend + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/nephio/optional/resource-backend/crd/bases/ipam.resource.nephio.org_networkinstances.yaml b/nephio/optional/resource-backend/crd/bases/ipam.resource.nephio.org_networkinstances.yaml index aa97ad9..637333a 100644 --- a/nephio/optional/resource-backend/crd/bases/ipam.resource.nephio.org_networkinstances.yaml +++ b/nephio/optional/resource-backend/crd/bases/ipam.resource.nephio.org_networkinstances.yaml @@ -9,144 +9,144 @@ spec: group: ipam.resource.nephio.org names: categories: - - nephio - - resource + - nephio + - resource kind: NetworkInstance listKind: NetworkInstanceList plural: networkinstances singular: networkinstance scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Synced')].status - name: SYNC - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: STATUS - type: string - - jsonPath: .metadata.name - name: NETWORK-INSTANCE - type: string - - jsonPath: .spec.prefixes[0].prefix - name: PREFIX0 - type: string - - jsonPath: .spec.prefixes[1].prefix - name: PREFIX1 - type: string - - jsonPath: .spec.prefixes[2].prefix - name: PREFIX2 - type: string - - jsonPath: .spec.prefixes[3].prefix - name: PREFIX3 - type: string - - jsonPath: .spec.prefixes[4].prefix - name: PREFIX4 - type: string - - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: NetworkInstance is the Schema for the networkinstances API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: NetworkInstanceSpec defines the desired state of NetworkInstance - properties: - prefixes: - description: Prefixes define the aggregate prefixes for the network instance A Network instance needs at least 1 prefix to be defined to become operational - items: - properties: - labels: - additionalProperties: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Synced')].status + name: SYNC + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: STATUS + type: string + - jsonPath: .metadata.name + name: NETWORK-INSTANCE + type: string + - jsonPath: .spec.prefixes[0].prefix + name: PREFIX0 + type: string + - jsonPath: .spec.prefixes[1].prefix + name: PREFIX1 + type: string + - jsonPath: .spec.prefixes[2].prefix + name: PREFIX2 + type: string + - jsonPath: .spec.prefixes[3].prefix + name: PREFIX3 + type: string + - jsonPath: .spec.prefixes[4].prefix + name: PREFIX4 + type: string + - jsonPath: .metadata.creationTimestamp + name: AGE + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: NetworkInstance is the Schema for the networkinstances API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: NetworkInstanceSpec defines the desired state of NetworkInstance + properties: + prefixes: + description: Prefixes define the aggregate prefixes for the network instance A Network instance needs at least 1 prefix to be defined to become operational + items: + properties: + labels: + additionalProperties: + type: string + description: Labels as user defined labels + type: object + prefix: + description: Prefix defines the ip cidr in prefix notation. + pattern: (([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/(([0-9])|([1-2][0-9])|(3[0-2]))|((:|[0-9a-fA-F]{0,4}):)([0-9a-fA-F]{0,4}:){0,5}((([0-9a-fA-F]{0,4}:)?(:|[0-9a-fA-F]{0,4}))|(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])))(/(([0-9])|([0-9]{2})|(1[0-1][0-9])|(12[0-8]))) type: string - description: Labels as user defined labels - type: object - prefix: - description: Prefix defines the ip cidr in prefix notation. - pattern: (([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/(([0-9])|([1-2][0-9])|(3[0-2]))|((:|[0-9a-fA-F]{0,4}):)([0-9a-fA-F]{0,4}:){0,5}((([0-9a-fA-F]{0,4}:)?(:|[0-9a-fA-F]{0,4}))|(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])))(/(([0-9])|([0-9]{2})|(1[0-1][0-9])|(12[0-8]))) - type: string - required: - - prefix - type: object - type: array - required: - - prefixes - type: object - status: - description: NetworkInstanceStatus defines the observed state of NetworkInstance - properties: - conditions: - description: Conditions of the resource. - items: - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - prefixes: - description: Prefixes defines the prefixes, claimed through the IPAM backend - items: - properties: - labels: - additionalProperties: + required: + - prefix + type: object + type: array + required: + - prefixes + type: object + status: + description: NetworkInstanceStatus defines the observed state of NetworkInstance + properties: + conditions: + description: Conditions of the resource. + items: + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time type: string - description: Labels as user defined labels - type: object - prefix: - description: Prefix defines the ip cidr in prefix notation. - pattern: (([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/(([0-9])|([1-2][0-9])|(3[0-2]))|((:|[0-9a-fA-F]{0,4}):)([0-9a-fA-F]{0,4}:){0,5}((([0-9a-fA-F]{0,4}:)?(:|[0-9a-fA-F]{0,4}))|(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])))(/(([0-9])|([0-9]{2})|(1[0-1][0-9])|(12[0-8]))) - type: string - required: - - prefix - type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + prefixes: + description: Prefixes defines the prefixes, claimed through the IPAM backend + items: + properties: + labels: + additionalProperties: + type: string + description: Labels as user defined labels + type: object + prefix: + description: Prefix defines the ip cidr in prefix notation. + pattern: (([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/(([0-9])|([1-2][0-9])|(3[0-2]))|((:|[0-9a-fA-F]{0,4}):)([0-9a-fA-F]{0,4}:){0,5}((([0-9a-fA-F]{0,4}:)?(:|[0-9a-fA-F]{0,4}))|(((25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9]?[0-9])))(/(([0-9])|([0-9]{2})|(1[0-1][0-9])|(12[0-8]))) + type: string + required: + - prefix + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/nephio/optional/resource-backend/crd/bases/topo.nephio.org_rawtopologies.yaml b/nephio/optional/resource-backend/crd/bases/topo.nephio.org_rawtopologies.yaml index e3613db..4d79c02 100644 --- a/nephio/optional/resource-backend/crd/bases/topo.nephio.org_rawtopologies.yaml +++ b/nephio/optional/resource-backend/crd/bases/topo.nephio.org_rawtopologies.yaml @@ -9,225 +9,225 @@ spec: group: topo.nephio.org names: categories: - - nephio - - inv + - nephio + - inv kind: RawTopology listKind: RawTopologyList plural: rawtopologies singular: rawtopology scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: READY - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: RawTopology is the Schema for the vlan API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: RawTopologySpec defines the desired state of RawTopology - properties: - labels: - additionalProperties: - type: string - description: Labels as user defined labels - type: object - links: - items: - properties: - endpoints: - items: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: READY + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: RawTopology is the Schema for the vlan API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: RawTopologySpec defines the desired state of RawTopology + properties: + labels: + additionalProperties: + type: string + description: Labels as user defined labels + type: object + links: + items: + properties: + endpoints: + items: + properties: + interfaceName: + type: string + labels: + additionalProperties: + type: string + description: Labels as user defined labels + type: object + lacpFallback: + description: LacpFallback defines if the link is part of a lag mutually exclusive with Lag parameter + type: boolean + multiHoming: + description: MultiHoming defines if the endpoint is multi-homed + type: boolean + multiHomingName: + description: MultiHomingName defines the name of the multi-homing + type: string + nodeName: + type: string + required: + - interfaceName + - nodeName + type: object + type: array + labels: + additionalProperties: + type: string + description: Labels as user defined labels + type: object + lacp: + description: Lacp defines if the lag enabled LACP + type: boolean + lag: + description: lag defines if the link is a lag mutually exclusive with LagMember parameter + type: boolean + lagMember: + description: LagMember defines if the link is part of a lag mutually exclusive with Lag parameter + type: boolean + parametersRef: + description: ParametersRef points to the vendor or implementation specific params for the network. properties: - interfaceName: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string - labels: - additionalProperties: - type: string - description: Labels as user defined labels - type: object - lacpFallback: - description: LacpFallback defines if the link is part of a lag mutually exclusive with Lag parameter - type: boolean - multiHoming: - description: MultiHoming defines if the endpoint is multi-homed - type: boolean - multiHomingName: - description: MultiHomingName defines the name of the multi-homing - type: string - nodeName: - type: string - required: - - interfaceName - - nodeName type: object - type: array - labels: - additionalProperties: - type: string - description: Labels as user defined labels - type: object - lacp: - description: Lacp defines if the lag enabled LACP - type: boolean - lag: - description: lag defines if the link is a lag mutually exclusive with LagMember parameter - type: boolean - lagMember: - description: LagMember defines if the link is part of a lag mutually exclusive with Lag parameter - type: boolean - parametersRef: - description: ParametersRef points to the vendor or implementation specific params for the network. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - required: - - endpoints - type: object - type: array - location: - description: Location provider the location information where this resource is located - properties: - latitude: - type: string - longitude: - type: string - type: object - nodes: - additionalProperties: + x-kubernetes-map-type: atomic + required: + - endpoints + type: object + type: array + location: + description: Location provider the location information where this resource is located properties: - address: + latitude: type: string - labels: - additionalProperties: - type: string - description: Labels as user defined labels - type: object - location: - description: Location provider the location information where this resource is located - properties: - latitude: - type: string - longitude: - type: string - type: object - parametersRef: - description: ParametersRef points to the vendor or implementation specific params for the network. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - provider: - description: Provider specifies the provider implementing this network. + longitude: type: string - required: - - provider type: object - description: Defaults *NodeProperties `json:"defaults,omitempty" yaml:"defaults,omitempty"` Kinds map[string]NodeProperties `json:"kinds,omitempty" yaml:"kinds,omitempty"` - type: object - required: - - links - - nodes - type: object - status: - description: RawTopologyStatus defines the observed state of RawTopology - properties: - conditions: - description: Conditions of the resource. - items: - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + nodes: + additionalProperties: + properties: + address: + type: string + labels: + additionalProperties: + type: string + description: Labels as user defined labels + type: object + location: + description: Location provider the location information where this resource is located + properties: + latitude: + type: string + longitude: + type: string + type: object + parametersRef: + description: ParametersRef points to the vendor or implementation specific params for the network. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + provider: + description: Provider specifies the provider implementing this network. + type: string + required: + - provider + type: object + description: Defaults *NodeProperties `json:"defaults,omitempty" yaml:"defaults,omitempty"` Kinds map[string]NodeProperties `json:"kinds,omitempty" yaml:"kinds,omitempty"` type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} + required: + - links + - nodes + type: object + status: + description: RawTopologyStatus defines the observed state of RawTopology + properties: + conditions: + description: Conditions of the resource. + items: + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/nephio/optional/resource-backend/crd/bases/vlan.resource.nephio.org_vlanclaims.yaml b/nephio/optional/resource-backend/crd/bases/vlan.resource.nephio.org_vlanclaims.yaml index a797400..c38a712 100644 --- a/nephio/optional/resource-backend/crd/bases/vlan.resource.nephio.org_vlanclaims.yaml +++ b/nephio/optional/resource-backend/crd/bases/vlan.resource.nephio.org_vlanclaims.yaml @@ -9,175 +9,175 @@ spec: group: vlan.resource.nephio.org names: categories: - - nephio - - resource + - nephio + - resource kind: VLANClaim listKind: VLANClaimList plural: vlanclaims singular: vlanclaim scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Synced')].status - name: SYNC - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: STATUS - type: string - - jsonPath: .spec.vlanID - name: VLAN-REQ - type: string - - jsonPath: .status.vlanID - name: VLAN-ALLOC - type: string - - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: VLANClaim is the Schema for the vlan claim API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: VLANClaimSpec defines the desired state of VLANClaim - properties: - labels: - additionalProperties: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Synced')].status + name: SYNC + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: STATUS + type: string + - jsonPath: .spec.vlanID + name: VLAN-REQ + type: string + - jsonPath: .status.vlanID + name: VLAN-ALLOC + type: string + - jsonPath: .metadata.creationTimestamp + name: AGE + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: VLANClaim is the Schema for the vlan claim API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: VLANClaimSpec defines the desired state of VLANClaim + properties: + labels: + additionalProperties: + type: string + description: Labels as user defined labels + type: object + range: + description: VLANRange defines the vlan range for the VLAN claim type: string - description: Labels as user defined labels - type: object - range: - description: VLANRange defines the vlan range for the VLAN claim - type: string - selector: - description: Selector defines the selector criterias for the VLAN claim - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - items: + selector: + description: Selector defines the selector criterias for the VLAN claim + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. type: string - type: array - required: - - key - - operator + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - vlanDatabase: - description: VLANIndex defines the vlan index for the VLAN Claim - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - vlanID: - description: VLANID defines the vlan for the VLAN claim - type: integer - required: - - vlanDatabase - type: object - status: - description: VLANClaimStatus defines the observed state of VLANClaim - properties: - conditions: - description: Conditions of the resource. - items: + type: object + x-kubernetes-map-type: atomic + vlanDatabase: + description: VLANIndex defines the vlan index for the VLAN Claim properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string - required: - - lastTransitionTime - - message - - reason - - status - - type type: object - type: array - expiryTime: - description: ExpiryTime indicated when the claim expires - type: string - vlanID: - description: VLANID defines the vlan ID, claimed through the VLAN backend - type: integer - vlanRange: - description: VLANRange defines the vlan range, claimed through the VLAN backend - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + x-kubernetes-map-type: atomic + vlanID: + description: VLANID defines the vlan for the VLAN claim + type: integer + required: + - vlanDatabase + type: object + status: + description: VLANClaimStatus defines the observed state of VLANClaim + properties: + conditions: + description: Conditions of the resource. + items: + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + expiryTime: + description: ExpiryTime indicated when the claim expires + type: string + vlanID: + description: VLANID defines the vlan ID, claimed through the VLAN backend + type: integer + vlanRange: + description: VLANRange defines the vlan range, claimed through the VLAN backend + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/nephio/optional/resource-backend/crd/bases/vlan.resource.nephio.org_vlanindices.yaml b/nephio/optional/resource-backend/crd/bases/vlan.resource.nephio.org_vlanindices.yaml index 0dcc247..1f27816 100644 --- a/nephio/optional/resource-backend/crd/bases/vlan.resource.nephio.org_vlanindices.yaml +++ b/nephio/optional/resource-backend/crd/bases/vlan.resource.nephio.org_vlanindices.yaml @@ -9,95 +9,95 @@ spec: group: vlan.resource.nephio.org names: categories: - - nephio - - resource + - nephio + - resource kind: VLANIndex listKind: VLANIndexList plural: vlanindices singular: vlanindex scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Synced')].status - name: SYNC - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: STATUS - type: string - - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: VLANIndex is the Schema for the vlan database API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: VLANIndexSpec defines the desired state of VLANDatabase - properties: - labels: - additionalProperties: - type: string - description: Labels as user defined labels - type: object - type: object - status: - description: VLANIndexStatus defines the observed state of VLANDatabase - properties: - conditions: - description: Conditions of the resource. - items: - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Synced')].status + name: SYNC + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: STATUS + type: string + - jsonPath: .metadata.creationTimestamp + name: AGE + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: VLANIndex is the Schema for the vlan database API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: VLANIndexSpec defines the desired state of VLANDatabase + properties: + labels: + additionalProperties: + type: string + description: Labels as user defined labels type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: object + status: + description: VLANIndexStatus defines the observed state of VLANDatabase + properties: + conditions: + description: Conditions of the resource. + items: + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/nephio/optional/resource-backend/crd/bases/vlan.resource.nephio.org_vlans.yaml b/nephio/optional/resource-backend/crd/bases/vlan.resource.nephio.org_vlans.yaml index 5ee4aeb..999e7e4 100644 --- a/nephio/optional/resource-backend/crd/bases/vlan.resource.nephio.org_vlans.yaml +++ b/nephio/optional/resource-backend/crd/bases/vlan.resource.nephio.org_vlans.yaml @@ -9,141 +9,141 @@ spec: group: vlan.resource.nephio.org names: categories: - - nephio - - resource + - nephio + - resource kind: VLAN listKind: VLANList plural: vlans singular: vlan scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=='Synced')].status - name: SYNC - type: string - - jsonPath: .status.conditions[?(@.type=='Ready')].status - name: STATUS - type: string - - jsonPath: .spec.vlanID - name: VLAN-REQ - type: string - - jsonPath: .status.vlanID - name: VLAN-ALLOC - type: string - - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: VLAN is the Schema for the vlan API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: VLANSpec defines the desired state of VLAN - properties: - labels: - additionalProperties: - type: string - description: Labels as user defined labels - type: object - range: - description: VLANRange defines a range of vlans - type: string - vlanDatabase: - description: VLANIndex defines the vlan index for the VLAN claim - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Synced')].status + name: SYNC + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: STATUS + type: string + - jsonPath: .spec.vlanID + name: VLAN-REQ + type: string + - jsonPath: .status.vlanID + name: VLAN-ALLOC + type: string + - jsonPath: .metadata.creationTimestamp + name: AGE + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: VLAN is the Schema for the vlan API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: VLANSpec defines the desired state of VLAN + properties: + labels: + additionalProperties: type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - x-kubernetes-map-type: atomic - vlanID: - description: VLANID defines the VLAN ID - type: integer - required: - - vlanDatabase - type: object - status: - description: VLANStatus defines the observed state of VLAN - properties: - conditions: - description: Conditions of the resource. - items: + description: Labels as user defined labels + type: object + range: + description: VLANRange defines a range of vlans + type: string + vlanDatabase: + description: VLANIndex defines the vlan index for the VLAN claim properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time + apiVersion: + description: API version of the referent. type: string - message: - description: message is a human readable message indicating details about the transition. This may be an empty string. - maxLength: 32768 + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.' type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string - required: - - lastTransitionTime - - message - - reason - - status - - type type: object - type: array - vlanID: - description: VLANID defines the vlan ID, claimed through the VLAN backend - type: integer - vlanRange: - description: VLANRange defines the vlan range, claimed through the VLAN backend - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + x-kubernetes-map-type: atomic + vlanID: + description: VLANID defines the VLAN ID + type: integer + required: + - vlanDatabase + type: object + status: + description: VLANStatus defines the observed state of VLAN + properties: + conditions: + description: Conditions of the resource. + items: + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + vlanID: + description: VLANID defines the vlan ID, claimed through the VLAN backend + type: integer + vlanRange: + description: VLANRange defines the vlan range, claimed through the VLAN backend + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/nephio/optional/rootsync/rootsync.yaml b/nephio/optional/rootsync/rootsync.yaml index c3495fd..1225415 100644 --- a/nephio/optional/rootsync/rootsync.yaml +++ b/nephio/optional/rootsync/rootsync.yaml @@ -1,6 +1,6 @@ apiVersion: configsync.gke.io/v1beta1 kind: RootSync -metadata: +metadata: name: example-cluster-name namespace: config-management-system spec: diff --git a/nephio/optional/webui/cluster-role-binding.yaml b/nephio/optional/webui/cluster-role-binding.yaml index 42c718c..71a1e4f 100644 --- a/nephio/optional/webui/cluster-role-binding.yaml +++ b/nephio/optional/webui/cluster-role-binding.yaml @@ -3,9 +3,9 @@ kind: ClusterRoleBinding metadata: name: nephio-webui subjects: -- kind: ServiceAccount - name: nephio-webui-sa - namespace: nephio-webui + - kind: ServiceAccount + name: nephio-webui-sa + namespace: nephio-webui roleRef: kind: ClusterRole name: cluster-admin diff --git a/nephio/optional/webui/deployment.yaml b/nephio/optional/webui/deployment.yaml index 3bd5ce9..d567aee 100644 --- a/nephio/optional/webui/deployment.yaml +++ b/nephio/optional/webui/deployment.yaml @@ -16,28 +16,28 @@ spec: serviceAccountName: nephio-webui-sa terminationGracePeriodSeconds: 10 containers: - - name: main - image: nephio/kpt-backstage-plugins:v2.0.0 - imagePullPolicy: IfNotPresent - args: - - --config - - /etc/config/app-config.nephio.yaml - ports: - - name: http - containerPort: 7007 - volumeMounts: - - name: config-volume - mountPath: /etc/config - readinessProbe: - httpGet: - path: / - port: 7007 - env: - - name: AUTH_PROVIDER - value: current-context - - name: AUTH_OIDC_TOKEN_PROVIDER - value: okta + - name: main + image: nephio/kpt-backstage-plugins:v2.0.0 + imagePullPolicy: IfNotPresent + args: + - --config + - /etc/config/app-config.nephio.yaml + ports: + - name: http + containerPort: 7007 + volumeMounts: + - name: config-volume + mountPath: /etc/config + readinessProbe: + httpGet: + path: / + port: 7007 + env: + - name: AUTH_PROVIDER + value: current-context + - name: AUTH_OIDC_TOKEN_PROVIDER + value: okta volumes: - - name: config-volume - configMap: - name: nephio-webui-config + - name: config-volume + configMap: + name: nephio-webui-config diff --git a/nephio/optional/webui/gen-configmap.yaml b/nephio/optional/webui/gen-configmap.yaml index 800e75b..c2b5771 100644 --- a/nephio/optional/webui/gen-configmap.yaml +++ b/nephio/optional/webui/gen-configmap.yaml @@ -14,66 +14,66 @@ params: resourcesNamespace: default authProvider: oidc data: -- type: gotmpl - key: app-config.nephio.yaml - value: | - app: - baseUrl: {{.scheme}}://{{.hostname}}:{{.port}} + - type: gotmpl + key: app-config.nephio.yaml + value: | + app: + baseUrl: {{.scheme}}://{{.hostname}}:{{.port}} - # Backstage backend configuration - backend: - # Note that the baseUrl should be the URL that the browser and other clients - # should use when communicating with the backend, i.e. it needs to be - # reachable not just from within the backend host, but from all of your - # callers. When its value is "http://localhost:7007", it's strictly private - # and can't be reached by others. - baseUrl: {{.scheme}}://{{.hostname}}:{{.port}} + # Backstage backend configuration + backend: + # Note that the baseUrl should be the URL that the browser and other clients + # should use when communicating with the backend, i.e. it needs to be + # reachable not just from within the backend host, but from all of your + # callers. When its value is "http://localhost:7007", it's strictly private + # and can't be reached by others. + baseUrl: {{.scheme}}://{{.hostname}}:{{.port}} - listen: - port: {{.port}} + listen: + port: {{.port}} - # Content Security Policy - csp: - # Allows images to be pulled from GitHub and Nephio - img-src: ["'self'", 'data:', 'https://raw.githubusercontent.com'] - upgrade-insecure-requests: false + # Content Security Policy + csp: + # Allows images to be pulled from GitHub and Nephio + img-src: ["'self'", 'data:', 'https://raw.githubusercontent.com'] + upgrade-insecure-requests: false - auth: - # see https://backstage.io/docs/auth/ to learn about auth providers - providers: - google: - development: - clientId: ${AUTH_GOOGLE_CLIENT_ID} - clientSecret: ${AUTH_GOOGLE_CLIENT_SECRET} - okta: - development: - clientId: ${AUTH_OKTA_CLIENT_ID} - clientSecret: ${AUTH_OKTA_CLIENT_SECRET} - audience: ${AUTH_OKTA_AUDIENCE} - authServerId: ${AUTH_OKTA_AUTH_SERVER_ID} - idp: ${AUTH_OKTA_IDP} + auth: + # see https://backstage.io/docs/auth/ to learn about auth providers + providers: + google: + development: + clientId: ${AUTH_GOOGLE_CLIENT_ID} + clientSecret: ${AUTH_GOOGLE_CLIENT_SECRET} + okta: + development: + clientId: ${AUTH_OKTA_CLIENT_ID} + clientSecret: ${AUTH_OKTA_CLIENT_SECRET} + audience: ${AUTH_OKTA_AUDIENCE} + authServerId: ${AUTH_OKTA_AUTH_SERVER_ID} + idp: ${AUTH_OKTA_IDP} - # Config as Data Plugin configuration - configAsData: - # The namespace where Porch managed resources live. - resourcesNamespace: {{.resourcesNamespace}} + # Config as Data Plugin configuration + configAsData: + # The namespace where Porch managed resources live. + resourcesNamespace: {{.resourcesNamespace}} - # Do not use Config Sync - gitOpsDeliveryTool: none + # Do not use Config Sync + gitOpsDeliveryTool: none - # Management cluster configuration - clusterLocatorMethod: - authProvider: ${AUTH_PROVIDER} + # Management cluster configuration + clusterLocatorMethod: + authProvider: ${AUTH_PROVIDER} - # For authProvider: oidc - oidcTokenProvider: ${AUTH_OIDC_TOKEN_PROVIDER} + # For authProvider: oidc + oidcTokenProvider: ${AUTH_OIDC_TOKEN_PROVIDER} - # For authProvider: service-account - serviceAccountToken: ${AUTH_SERVICE_ACCOUNT_TOKEN} + # For authProvider: service-account + serviceAccountToken: ${AUTH_SERVICE_ACCOUNT_TOKEN} - # Nephio branding customizations - branding: - title: Nephio - header: - logoUrl: https://raw.githubusercontent.com/nephio-project/kpt-backstage-plugins/v1.0.1/packages/app/public/nephio_logo_colorwhite_horizontal.svg - backgroundImageUrl: https://raw.githubusercontent.com/nephio-project/kpt-backstage-plugins/v1.0.1/packages/app/public/nephio-background.png + # Nephio branding customizations + branding: + title: Nephio + header: + logoUrl: https://raw.githubusercontent.com/nephio-project/kpt-backstage-plugins/v1.0.1/packages/app/public/nephio_logo_colorwhite_horizontal.svg + backgroundImageUrl: https://raw.githubusercontent.com/nephio-project/kpt-backstage-plugins/v1.0.1/packages/app/public/nephio-background.png diff --git a/update_packages.sh b/update_packages.sh index e6b5eda..35faa3d 100755 --- a/update_packages.sh +++ b/update_packages.sh @@ -60,3 +60,5 @@ fi multus_version="v$(get_github_latest_release k8snetworkplumbingwg/multus-cni)" curl -sL -o multus/multus-daemonset-thick.yml "https://raw.githubusercontent.com/k8snetworkplumbingwg/multus-cni/$multus_version/deployments/multus-daemonset-thick.yml" sed -i "s/snapshot-thick/$multus_version-thick/g" ./infra/capi/multus/multus-daemonset-thick.yml + +make fmt diff --git a/workloads/free5gc/free5gc-cp/ausf/ausf-configmap.yaml b/workloads/free5gc/free5gc-cp/ausf/ausf-configmap.yaml index 7a9d3d3..f6c0ca1 100644 --- a/workloads/free5gc/free5gc-cp/ausf/ausf-configmap.yaml +++ b/workloads/free5gc/free5gc-cp/ausf/ausf-configmap.yaml @@ -1,4 +1,3 @@ ---- apiVersion: v1 kind: ConfigMap metadata: @@ -15,7 +14,7 @@ data: configuration: serviceNameList: - nausf-auth - + sbi: scheme: http registerIPv4: ausf-nausf # IP used to register to NRF @@ -24,7 +23,7 @@ data: tls: key: config/TLS/ausf.key pem: config/TLS/ausf.pem - + nrfUri: http://nrf-nnrf:8000 plmnSupportList: - mcc: 208 diff --git a/workloads/free5gc/free5gc-cp/ausf/ausf-deployment.yaml b/workloads/free5gc/free5gc-cp/ausf/ausf-deployment.yaml index 3dc7266..de3120d 100644 --- a/workloads/free5gc/free5gc-cp/ausf/ausf-deployment.yaml +++ b/workloads/free5gc/free5gc-cp/ausf/ausf-deployment.yaml @@ -1,4 +1,3 @@ ---- apiVersion: apps/v1 kind: Deployment metadata: @@ -20,30 +19,29 @@ spec: nf: ausf spec: initContainers: - - name: wait-nrf - image: towards5gs/initcurl:1.0.0 - env: - - name: DEPENDENCIES - value: http://nrf-nnrf:8000 - command: ['sh', '-c', 'set -x; for dependency in $DEPENDENCIES; do while [ $(curl --insecure --connect-timeout 1 -s -o /dev/null -w "%{http_code}" $dependency) -ne 200 ]; do echo waiting for dependencies; sleep 1; done; done;'] - + - name: wait-nrf + image: towards5gs/initcurl:1.0.0 + env: + - name: DEPENDENCIES + value: http://nrf-nnrf:8000 + command: ['sh', '-c', 'set -x; for dependency in $DEPENDENCIES; do while [ $(curl --insecure --connect-timeout 1 -s -o /dev/null -w "%{http_code}" $dependency) -ne 200 ]; do echo waiting for dependencies; sleep 1; done; done;'] + containers: - - name: ausf - image: towards5gs/free5gc-ausf:v3.1.1 - imagePullPolicy: IfNotPresent - securityContext: - {} - ports: - - containerPort: 80 - command: ["./ausf"] - args: ["-c", "../config/ausfcfg.yaml"] - env: - - name: GIN_MODE - value: release - volumeMounts: - - mountPath: /free5gc/config/ - name: ausf-volume - resources: + - name: ausf + image: towards5gs/free5gc-ausf:v3.1.1 + imagePullPolicy: IfNotPresent + securityContext: {} + ports: + - containerPort: 80 + command: ["./ausf"] + args: ["-c", "../config/ausfcfg.yaml"] + env: + - name: GIN_MODE + value: release + volumeMounts: + - mountPath: /free5gc/config/ + name: ausf-volume + resources: limits: cpu: 100m memory: 128Mi @@ -54,8 +52,8 @@ spec: restartPolicy: Always volumes: - - name: ausf-volume - projected: - sources: - - configMap: - name: ausf-configmap + - name: ausf-volume + projected: + sources: + - configMap: + name: ausf-configmap diff --git a/workloads/free5gc/free5gc-cp/ausf/ausf-service.yaml b/workloads/free5gc/free5gc-cp/ausf/ausf-service.yaml index e5e04da..b2d0459 100644 --- a/workloads/free5gc/free5gc-cp/ausf/ausf-service.yaml +++ b/workloads/free5gc/free5gc-cp/ausf/ausf-service.yaml @@ -1,4 +1,3 @@ ---- apiVersion: v1 kind: Service metadata: diff --git a/workloads/free5gc/free5gc-cp/mongodb/dep-sts.yaml b/workloads/free5gc/free5gc-cp/mongodb/dep-sts.yaml index 2ff3b55..a216579 100644 --- a/workloads/free5gc/free5gc-cp/mongodb/dep-sts.yaml +++ b/workloads/free5gc/free5gc-cp/mongodb/dep-sts.yaml @@ -1,4 +1,3 @@ ---- apiVersion: apps/v1 kind: StatefulSet metadata: @@ -24,7 +23,7 @@ spec: app.kubernetes.io/instance: free5gc app.kubernetes.io/component: mongodb spec: - + serviceAccountName: mongodb affinity: podAffinity: @@ -41,7 +40,7 @@ spec: topologyKey: kubernetes.io/hostname weight: 1 nodeAffinity: - + securityContext: fsGroup: 1001 sysctls: [] @@ -98,7 +97,7 @@ spec: volumeMounts: - name: datadir mountPath: /bitnami/mongodb/data/db/ - subPath: + subPath: volumes: volumeClaimTemplates: - metadata: diff --git a/workloads/free5gc/free5gc-cp/mongodb/serviceaccount.yaml b/workloads/free5gc/free5gc-cp/mongodb/serviceaccount.yaml index d3d4789..067a499 100644 --- a/workloads/free5gc/free5gc-cp/mongodb/serviceaccount.yaml +++ b/workloads/free5gc/free5gc-cp/mongodb/serviceaccount.yaml @@ -1,4 +1,3 @@ ---- apiVersion: v1 kind: ServiceAccount metadata: diff --git a/workloads/free5gc/free5gc-cp/mongodb/svc.yaml b/workloads/free5gc/free5gc-cp/mongodb/svc.yaml index 3195df7..ceeef02 100644 --- a/workloads/free5gc/free5gc-cp/mongodb/svc.yaml +++ b/workloads/free5gc/free5gc-cp/mongodb/svc.yaml @@ -1,4 +1,3 @@ ---- apiVersion: v1 kind: Service metadata: diff --git a/workloads/free5gc/free5gc-cp/nrf/nrf-configmap.yaml b/workloads/free5gc/free5gc-cp/nrf/nrf-configmap.yaml index e8cab94..b47f86e 100644 --- a/workloads/free5gc/free5gc-cp/nrf/nrf-configmap.yaml +++ b/workloads/free5gc/free5gc-cp/nrf/nrf-configmap.yaml @@ -1,4 +1,3 @@ ---- apiVersion: v1 kind: ConfigMap metadata: @@ -11,7 +10,7 @@ data: info: version: 1.0.1 description: NRF initial local configuration - + configuration: MongoDBName: free5gc MongoDBUrl: mongodb://mongodb:27017 diff --git a/workloads/free5gc/free5gc-cp/nrf/nrf-deployment.yaml b/workloads/free5gc/free5gc-cp/nrf/nrf-deployment.yaml index 5f1aae1..e1ab6fc 100644 --- a/workloads/free5gc/free5gc-cp/nrf/nrf-deployment.yaml +++ b/workloads/free5gc/free5gc-cp/nrf/nrf-deployment.yaml @@ -1,4 +1,3 @@ ---- apiVersion: apps/v1 kind: Deployment metadata: @@ -20,61 +19,60 @@ spec: nf: nrf spec: initContainers: - - name: wait-mongo - image: busybox:1.32.0 - env: - - name: DEPENDENCIES - value: mongodb:27017 - command: ["sh", "-c", "until nc -z $DEPENDENCIES; do echo waiting for the MongoDB; sleep 2; done;"] + - name: wait-mongo + image: busybox:1.32.0 + env: + - name: DEPENDENCIES + value: mongodb:27017 + command: ["sh", "-c", "until nc -z $DEPENDENCIES; do echo waiting for the MongoDB; sleep 2; done;"] containers: - - name: nrf - image: towards5gs/free5gc-nrf:v3.1.1 - imagePullPolicy: IfNotPresent - securityContext: - {} - ports: - - containerPort: 8000 - command: ["./nrf"] - args: ["-c", "../config/nrfcfg.yaml"] - env: - - name: DB_URI - value: mongodb://mongodb/free5gc - - name: GIN_MODE - value: release - volumeMounts: - - mountPath: /free5gc/config/ - name: nrf-volume - resources: + - name: nrf + image: towards5gs/free5gc-nrf:v3.1.1 + imagePullPolicy: IfNotPresent + securityContext: {} + ports: + - containerPort: 8000 + command: ["./nrf"] + args: ["-c", "../config/nrfcfg.yaml"] + env: + - name: DB_URI + value: mongodb://mongodb/free5gc + - name: GIN_MODE + value: release + volumeMounts: + - mountPath: /free5gc/config/ + name: nrf-volume + resources: limits: cpu: 100m memory: 128Mi requests: cpu: 100m memory: 128Mi - readinessProbe: - initialDelaySeconds: 0 - periodSeconds: 1 - timeoutSeconds: 1 - failureThreshold: 40 - successThreshold: 1 - httpGet: - scheme: "HTTP" - port: 8000 - livenessProbe: - initialDelaySeconds: 120 - periodSeconds: 10 - timeoutSeconds: 10 - failureThreshold: 3 - successThreshold: 1 - httpGet: - scheme: "HTTP" - port: 8000 + readinessProbe: + initialDelaySeconds: 0 + periodSeconds: 1 + timeoutSeconds: 1 + failureThreshold: 40 + successThreshold: 1 + httpGet: + scheme: "HTTP" + port: 8000 + livenessProbe: + initialDelaySeconds: 120 + periodSeconds: 10 + timeoutSeconds: 10 + failureThreshold: 3 + successThreshold: 1 + httpGet: + scheme: "HTTP" + port: 8000 dnsPolicy: ClusterFirst restartPolicy: Always volumes: - - name: nrf-volume - projected: - sources: - - configMap: - name: nrf-configmap + - name: nrf-volume + projected: + sources: + - configMap: + name: nrf-configmap diff --git a/workloads/free5gc/free5gc-cp/nrf/nrf-service.yaml b/workloads/free5gc/free5gc-cp/nrf/nrf-service.yaml index d69fe9a..747040a 100644 --- a/workloads/free5gc/free5gc-cp/nrf/nrf-service.yaml +++ b/workloads/free5gc/free5gc-cp/nrf/nrf-service.yaml @@ -1,4 +1,3 @@ ---- apiVersion: v1 kind: Service metadata: diff --git a/workloads/free5gc/free5gc-cp/nssf/nssf-configmap.yaml b/workloads/free5gc/free5gc-cp/nssf/nssf-configmap.yaml index 30b3345..36e00a1 100644 --- a/workloads/free5gc/free5gc-cp/nssf/nssf-configmap.yaml +++ b/workloads/free5gc/free5gc-cp/nssf/nssf-configmap.yaml @@ -1,4 +1,3 @@ ---- apiVersion: v1 kind: ConfigMap metadata: @@ -7,337 +6,4 @@ metadata: app.kubernetes.io/version: "v3.1.1" app: free5gc data: - nssfcfg.yaml: | - info: - version: 1.0.1 - description: NSSF initial local configuration - - configuration: - serviceNameList: - - nnssf-nsselection - - nnssf-nssaiavailability - - sbi: - scheme: http - registerIPv4: nssf-nnssf # IP used to register to NRF - bindingIPv4: 0.0.0.0 # IP used to bind the service - port: 80 - tls: - key: config/TLS/nssf.key - pem: config/TLS/nssf.pem - - nrfUri: http://nrf-nnrf:8000 - - nsiList: - - snssai: - sst: 1 - nsiInformationList: - - nrfId: http://nrf-nnrf:8000/nnrf-nfm/v1/nf-instances - nsiId: 10 - - snssai: - sst: 1 - sd: 1 - nsiInformationList: - - nrfId: http://nrf-nnrf:8000/nnrf-nfm/v1/nf-instances - nsiId: 11 - - snssai: - sst: 1 - sd: 2 - nsiInformationList: - - nrfId: http://nrf-nnrf:8000/nnrf-nfm/v1/nf-instances - nsiId: 12 - - nrfId: http://nrf-nnrf:8000/nnrf-nfm/v1/nf-instances - nsiId: 12 - - snssai: - sst: 1 - sd: 3 - nsiInformationList: - - nrfId: http://nrf-nnrf:8000/nnrf-nfm/v1/nf-instances - nsiId: 13 - - snssai: - sst: 2 - nsiInformationList: - - nrfId: http://nrf-nnrf:8000/nnrf-nfm/v1/nf-instances - nsiId: 20 - - snssai: - sst: 2 - sd: 1 - nsiInformationList: - - nrfId: http://nrf-nnrf:8000/nnrf-nfm/v1/nf-instances - nsiId: 21 - - snssai: - sst: 1 - sd: 010203 - nsiInformationList: - - nrfId: http://nrf-nnrf:8000/nnrf-nfm/v1/nf-instances - nsiId: 22 - amfSetList: - - amfSetId: 1 - amfList: - - ffa2e8d7-3275-49c7-8631-6af1df1d9d26 - - 0e8831c3-6286-4689-ab27-1e2161e15cb1 - - a1fba9ba-2e39-4e22-9c74-f749da571d0d - nrfAmfSet: http://nrf-nnrf:8081/nnrf-nfm/v1/nf-instances - supportedNssaiAvailabilityData: - - tai: - plmnId: - mcc: 466 - mnc: 92 - tac: 33456 - supportedSnssaiList: - - sst: 1 - sd: 1 - - sst: 1 - sd: 2 - - sst: 2 - sd: 1 - - tai: - plmnId: - mcc: 466 - mnc: 92 - tac: 33457 - supportedSnssaiList: - - sst: 1 - - sst: 1 - sd: 1 - - sst: 1 - sd: 2 - - amfSetId: 2 - nrfAmfSet: http://nrf-nnrf:8084/nnrf-nfm/v1/nf-instances - supportedNssaiAvailabilityData: - - tai: - plmnId: - mcc: 466 - mnc: 92 - tac: 33456 - supportedSnssaiList: - - sst: 1 - - sst: 1 - sd: 1 - - sst: 1 - sd: 3 - - sst: 2 - sd: 1 - - tai: - plmnId: - mcc: 466 - mnc: 92 - tac: 33458 - supportedSnssaiList: - - sst: 1 - - sst: 1 - sd: 1 - - sst: 2 - nssfName: NSSF - supportedPlmnList: - - mcc: 208 - mnc: 93 - supportedNssaiInPlmnList: - - plmnId: - mcc: 208 - mnc: 93 - supportedSnssaiList: - - sst: 1 - sd: 010203 - - sst: 1 - sd: 112233 - - sst: 1 - sd: 3 - - sst: 2 - sd: 1 - - sst: 2 - sd: 2 - amfList: - - nfId: 469de254-2fe5-4ca0-8381-af3f500af77c - supportedNssaiAvailabilityData: - - tai: - plmnId: - mcc: 466 - mnc: 92 - tac: 33456 - supportedSnssaiList: - - sst: 1 - - sst: 1 - sd: 2 - - sst: 2 - - tai: - plmnId: - mcc: 466 - mnc: 92 - tac: 33457 - supportedSnssaiList: - - sst: 1 - sd: 1 - - sst: 1 - sd: 2 - - nfId: fbe604a8-27b2-417e-bd7c-8a7be2691f8d - supportedNssaiAvailabilityData: - - tai: - plmnId: - mcc: 466 - mnc: 92 - tac: 33458 - supportedSnssaiList: - - sst: 1 - - sst: 1 - sd: 1 - - sst: 1 - sd: 3 - - sst: 2 - - tai: - plmnId: - mcc: 466 - mnc: 92 - tac: 33459 - supportedSnssaiList: - - sst: 1 - - sst: 1 - sd: 1 - - sst: 2 - - sst: 2 - sd: 1 - - nfId: b9e6e2cb-5ce8-4cb6-9173-a266dd9a2f0c - supportedNssaiAvailabilityData: - - tai: - plmnId: - mcc: 466 - mnc: 92 - tac: 33456 - supportedSnssaiList: - - sst: 1 - - sst: 1 - sd: 1 - - sst: 1 - sd: 2 - - sst: 2 - - tai: - plmnId: - mcc: 466 - mnc: 92 - tac: 33458 - supportedSnssaiList: - - sst: 1 - - sst: 1 - sd: 1 - - sst: 2 - - sst: 2 - sd: 1 - taList: - - tai: - plmnId: - mcc: 466 - mnc: 92 - tac: 33456 - accessType: 3GPP_ACCESS - supportedSnssaiList: - - sst: 1 - - sst: 1 - sd: 1 - - sst: 1 - sd: 2 - - sst: 2 - - tai: - plmnId: - mcc: 466 - mnc: 92 - tac: 33457 - accessType: 3GPP_ACCESS - supportedSnssaiList: - - sst: 1 - - sst: 1 - sd: 1 - - sst: 1 - sd: 2 - - sst: 2 - - tai: - plmnId: - mcc: 466 - mnc: 92 - tac: 33458 - accessType: 3GPP_ACCESS - supportedSnssaiList: - - sst: 1 - - sst: 1 - sd: 1 - - sst: 1 - sd: 3 - - sst: 2 - restrictedSnssaiList: - - homePlmnId: - mcc: 310 - mnc: 560 - sNssaiList: - - sst: 1 - sd: 3 - - tai: - plmnId: - mcc: 466 - mnc: 92 - tac: 33459 - accessType: 3GPP_ACCESS - supportedSnssaiList: - - sst: 1 - - sst: 1 - sd: 1 - - sst: 2 - - sst: 2 - sd: 1 - restrictedSnssaiList: - - homePlmnId: - mcc: 310 - mnc: 560 - sNssaiList: - - sst: 2 - sd: 1 - mappingListFromPlmn: - - operatorName: NTT Docomo - homePlmnId: - mcc: 440 - mnc: 10 - mappingOfSnssai: - - servingSnssai: - sst: 1 - sd: 1 - homeSnssai: - sst: 1 - sd: 1 - - servingSnssai: - sst: 1 - sd: 2 - homeSnssai: - sst: 1 - sd: 3 - - servingSnssai: - sst: 1 - sd: 3 - homeSnssai: - sst: 1 - sd: 4 - - servingSnssai: - sst: 2 - sd: 1 - homeSnssai: - sst: 2 - sd: 2 - - operatorName: AT&T Mobility - homePlmnId: - mcc: 310 - mnc: 560 - mappingOfSnssai: - - servingSnssai: - sst: 1 - sd: 1 - homeSnssai: - sst: 1 - sd: 2 - - servingSnssai: - sst: 1 - sd: 2 - homeSnssai: - sst: 1 - sd: 3 - - logger: - NSSF: - ReportCaller: false - debugLevel: info + nssfcfg.yaml: "info:\n version: 1.0.1\n description: NSSF initial local configuration\n #magic___^_^___line\nconfiguration:\n serviceNameList:\n - nnssf-nsselection\n - nnssf-nssaiavailability\n #magic___^_^___line\n sbi:\n scheme: http\n registerIPv4: nssf-nnssf # IP used to register to NRF\n bindingIPv4: 0.0.0.0 # IP used to bind the service\n port: 80\n tls:\n key: config/TLS/nssf.key\n pem: config/TLS/nssf.pem\n #magic___^_^___line\n nrfUri: http://nrf-nnrf:8000\n #magic___^_^___line\n nsiList:\n - snssai:\n sst: 1\n nsiInformationList:\n - nrfId: http://nrf-nnrf:8000/nnrf-nfm/v1/nf-instances\n nsiId: 10\n - snssai:\n sst: 1\n sd: 1\n nsiInformationList:\n - nrfId: http://nrf-nnrf:8000/nnrf-nfm/v1/nf-instances\n nsiId: 11\n - snssai:\n sst: 1\n sd: 2\n nsiInformationList:\n - nrfId: http://nrf-nnrf:8000/nnrf-nfm/v1/nf-instances\n nsiId: 12\n - nrfId: http://nrf-nnrf:8000/nnrf-nfm/v1/nf-instances\n nsiId: 12\n - snssai:\n sst: 1\n sd: 3\n nsiInformationList:\n - nrfId: http://nrf-nnrf:8000/nnrf-nfm/v1/nf-instances\n nsiId: 13\n - snssai:\n sst: 2\n nsiInformationList:\n - nrfId: http://nrf-nnrf:8000/nnrf-nfm/v1/nf-instances\n nsiId: 20\n - snssai:\n sst: 2\n sd: 1\n nsiInformationList:\n - nrfId: http://nrf-nnrf:8000/nnrf-nfm/v1/nf-instances\n nsiId: 21\n - snssai:\n sst: 1\n sd: 010203\n nsiInformationList:\n - nrfId: http://nrf-nnrf:8000/nnrf-nfm/v1/nf-instances\n nsiId: 22\n amfSetList:\n - amfSetId: 1\n amfList:\n - ffa2e8d7-3275-49c7-8631-6af1df1d9d26\n - 0e8831c3-6286-4689-ab27-1e2161e15cb1\n - a1fba9ba-2e39-4e22-9c74-f749da571d0d\n nrfAmfSet: http://nrf-nnrf:8081/nnrf-nfm/v1/nf-instances\n supportedNssaiAvailabilityData:\n - tai:\n plmnId:\n mcc: 466\n mnc: 92\n tac: 33456\n supportedSnssaiList:\n - sst: 1\n sd: 1\n - sst: 1\n sd: 2\n - sst: 2\n sd: 1\n - tai:\n plmnId:\n mcc: 466\n mnc: 92\n tac: 33457\n supportedSnssaiList:\n - sst: 1\n - sst: 1\n sd: 1\n - sst: 1\n sd: 2\n - amfSetId: 2\n nrfAmfSet: http://nrf-nnrf:8084/nnrf-nfm/v1/nf-instances\n supportedNssaiAvailabilityData:\n - tai:\n plmnId:\n mcc: 466\n mnc: 92\n tac: 33456\n supportedSnssaiList:\n - sst: 1\n - sst: 1\n sd: 1\n - sst: 1\n sd: 3\n - sst: 2\n sd: 1\n - tai:\n plmnId:\n mcc: 466\n mnc: 92\n tac: 33458\n supportedSnssaiList:\n - sst: 1\n - sst: 1\n sd: 1\n - sst: 2\n nssfName: NSSF\n supportedPlmnList:\n - mcc: 208\n mnc: 93\n supportedNssaiInPlmnList:\n - plmnId:\n mcc: 208\n mnc: 93\n supportedSnssaiList:\n - sst: 1\n sd: 010203\n - sst: 1\n sd: 112233\n - sst: 1\n sd: 3\n - sst: 2\n sd: 1\n - sst: 2\n sd: 2\n amfList:\n - nfId: 469de254-2fe5-4ca0-8381-af3f500af77c\n supportedNssaiAvailabilityData:\n - tai:\n plmnId:\n mcc: 466\n mnc: 92\n tac: 33456\n supportedSnssaiList:\n - sst: 1\n - sst: 1\n sd: 2\n - sst: 2\n - tai:\n plmnId:\n mcc: 466\n mnc: 92\n tac: 33457\n supportedSnssaiList:\n - sst: 1\n sd: 1\n - sst: 1\n sd: 2\n - nfId: fbe604a8-27b2-417e-bd7c-8a7be2691f8d\n supportedNssaiAvailabilityData:\n - tai:\n plmnId:\n mcc: 466\n mnc: 92\n tac: 33458\n supportedSnssaiList:\n - sst: 1\n - sst: 1\n sd: 1\n - sst: 1\n sd: 3\n - sst: 2\n - tai:\n plmnId:\n mcc: 466\n mnc: 92\n tac: 33459\n supportedSnssaiList:\n - sst: 1\n - sst: 1\n sd: 1\n - sst: 2\n - sst: 2\n sd: 1\n - nfId: b9e6e2cb-5ce8-4cb6-9173-a266dd9a2f0c\n supportedNssaiAvailabilityData:\n - tai:\n plmnId:\n mcc: 466\n mnc: 92\n tac: 33456\n supportedSnssaiList:\n - sst: 1\n - sst: 1\n sd: 1\n - sst: 1\n sd: 2\n - sst: 2\n - tai:\n plmnId:\n mcc: 466\n mnc: 92\n tac: 33458\n supportedSnssaiList:\n - sst: 1\n - sst: 1\n sd: 1\n - sst: 2\n - sst: 2\n sd: 1\n taList:\n - tai:\n plmnId:\n mcc: 466\n mnc: 92\n tac: 33456\n accessType: 3GPP_ACCESS\n supportedSnssaiList:\n - sst: 1\n - sst: 1\n sd: 1\n - sst: 1\n sd: 2\n - sst: 2\n - tai:\n plmnId:\n mcc: 466\n mnc: 92\n tac: 33457\n accessType: 3GPP_ACCESS\n supportedSnssaiList:\n - sst: 1\n - sst: 1\n sd: 1\n - sst: 1\n sd: 2\n - sst: 2\n - tai:\n plmnId:\n mcc: 466\n mnc: 92\n tac: 33458\n accessType: 3GPP_ACCESS\n supportedSnssaiList:\n - sst: 1\n - sst: 1\n sd: 1\n - sst: 1\n sd: 3\n - sst: 2\n restrictedSnssaiList:\n - homePlmnId:\n mcc: 310\n mnc: 560\n sNssaiList:\n - sst: 1\n sd: 3\n - tai:\n plmnId:\n mcc: 466\n mnc: 92\n tac: 33459\n accessType: 3GPP_ACCESS\n supportedSnssaiList:\n - sst: 1\n - sst: 1\n sd: 1\n - sst: 2\n - sst: 2\n sd: 1\n restrictedSnssaiList:\n - homePlmnId:\n mcc: 310\n mnc: 560\n sNssaiList:\n - sst: 2\n sd: 1\n mappingListFromPlmn:\n - operatorName: NTT Docomo\n homePlmnId:\n mcc: 440\n mnc: 10\n mappingOfSnssai:\n - servingSnssai:\n sst: 1\n sd: 1\n homeSnssai:\n sst: 1\n sd: 1\n - servingSnssai:\n sst: 1\n sd: 2\n homeSnssai:\n sst: 1\n sd: 3\n - servingSnssai:\n sst: 1\n sd: 3\n homeSnssai:\n sst: 1\n sd: 4\n - servingSnssai:\n sst: 2\n sd: 1\n homeSnssai:\n sst: 2\n sd: 2\n - operatorName: AT&T Mobility\n homePlmnId:\n mcc: 310\n mnc: 560\n mappingOfSnssai:\n - servingSnssai:\n sst: 1\n sd: 1\n homeSnssai:\n sst: 1\n sd: 2\n - servingSnssai:\n sst: 1\n sd: 2\n homeSnssai:\n sst: 1\n sd: 3 \n #magic___^_^___line\nlogger:\n NSSF:\n ReportCaller: false\n debugLevel: info\n" diff --git a/workloads/free5gc/free5gc-cp/nssf/nssf-deployment.yaml b/workloads/free5gc/free5gc-cp/nssf/nssf-deployment.yaml index f5cf684..82effa9 100644 --- a/workloads/free5gc/free5gc-cp/nssf/nssf-deployment.yaml +++ b/workloads/free5gc/free5gc-cp/nssf/nssf-deployment.yaml @@ -1,4 +1,3 @@ ---- apiVersion: apps/v1 kind: Deployment metadata: @@ -20,30 +19,29 @@ spec: nf: nssf spec: initContainers: - - name: wait-nrf - image: towards5gs/initcurl:1.0.0 - env: - - name: DEPENDENCIES - value: http://nrf-nnrf:8000 - command: ['sh', '-c', 'set -x; for dependency in $DEPENDENCIES; do while [ $(curl --insecure --connect-timeout 1 -s -o /dev/null -w "%{http_code}" $dependency) -ne 200 ]; do echo waiting for dependencies; sleep 1; done; done;'] + - name: wait-nrf + image: towards5gs/initcurl:1.0.0 + env: + - name: DEPENDENCIES + value: http://nrf-nnrf:8000 + command: ['sh', '-c', 'set -x; for dependency in $DEPENDENCIES; do while [ $(curl --insecure --connect-timeout 1 -s -o /dev/null -w "%{http_code}" $dependency) -ne 200 ]; do echo waiting for dependencies; sleep 1; done; done;'] containers: - - name: nssf - image: towards5gs/free5gc-nssf:v3.1.1 - imagePullPolicy: IfNotPresent - securityContext: - {} - ports: - - containerPort: 80 - command: ["./nssf"] - args: ["-c", "../config/nssfcfg.yaml"] - env: - - name: GIN_MODE - value: release - volumeMounts: - - mountPath: /free5gc/config/ - name: nssf-volume - resources: + - name: nssf + image: towards5gs/free5gc-nssf:v3.1.1 + imagePullPolicy: IfNotPresent + securityContext: {} + ports: + - containerPort: 80 + command: ["./nssf"] + args: ["-c", "../config/nssfcfg.yaml"] + env: + - name: GIN_MODE + value: release + volumeMounts: + - mountPath: /free5gc/config/ + name: nssf-volume + resources: limits: cpu: 100m memory: 128Mi @@ -54,8 +52,8 @@ spec: restartPolicy: Always volumes: - - name: nssf-volume - projected: - sources: - - configMap: - name: nssf-configmap + - name: nssf-volume + projected: + sources: + - configMap: + name: nssf-configmap diff --git a/workloads/free5gc/free5gc-cp/nssf/nssf-service.yaml b/workloads/free5gc/free5gc-cp/nssf/nssf-service.yaml index fbbf3dd..59d36e0 100644 --- a/workloads/free5gc/free5gc-cp/nssf/nssf-service.yaml +++ b/workloads/free5gc/free5gc-cp/nssf/nssf-service.yaml @@ -1,4 +1,3 @@ ---- apiVersion: v1 kind: Service metadata: diff --git a/workloads/free5gc/free5gc-cp/pcf/pcf-configmap.yaml b/workloads/free5gc/free5gc-cp/pcf/pcf-configmap.yaml index ab923e0..094c01a 100644 --- a/workloads/free5gc/free5gc-cp/pcf/pcf-configmap.yaml +++ b/workloads/free5gc/free5gc-cp/pcf/pcf-configmap.yaml @@ -1,4 +1,3 @@ ---- apiVersion: v1 kind: ConfigMap metadata: @@ -31,11 +30,11 @@ data: tls: key: config/TLS/pcf.key pem: config/TLS/pcf.pem - + mongodb: # the mongodb connected by this PCF name: free5gc # name of the mongodb url: mongodb://mongodb:27017 # a valid URL of the mongodb - + nrfUri: http://nrf-nnrf:8000 pcfName: PCF timeFormat: 2019-01-02 15:04:05 diff --git a/workloads/free5gc/free5gc-cp/pcf/pcf-deployment.yaml b/workloads/free5gc/free5gc-cp/pcf/pcf-deployment.yaml index ba34cf7..146b730 100644 --- a/workloads/free5gc/free5gc-cp/pcf/pcf-deployment.yaml +++ b/workloads/free5gc/free5gc-cp/pcf/pcf-deployment.yaml @@ -1,4 +1,3 @@ ---- apiVersion: apps/v1 kind: Deployment metadata: @@ -20,28 +19,28 @@ spec: nf: pcf spec: initContainers: - - name: wait-nrf - image: towards5gs/initcurl:1.0.0 - env: - - name: DEPENDENCIES - value: http://nrf-nnrf:8000 - command: ['sh', '-c', 'set -x; for dependency in $DEPENDENCIES; do while [ $(curl --insecure --connect-timeout 1 -s -o /dev/null -w "%{http_code}" $dependency) -ne 200 ]; do echo waiting for dependencies; sleep 1; done; done;'] + - name: wait-nrf + image: towards5gs/initcurl:1.0.0 + env: + - name: DEPENDENCIES + value: http://nrf-nnrf:8000 + command: ['sh', '-c', 'set -x; for dependency in $DEPENDENCIES; do while [ $(curl --insecure --connect-timeout 1 -s -o /dev/null -w "%{http_code}" $dependency) -ne 200 ]; do echo waiting for dependencies; sleep 1; done; done;'] containers: - - name: pcf - image: towards5gs/free5gc-pcf:v3.1.1 - imagePullPolicy: IfNotPresent - ports: - - containerPort: 80 - command: ["./pcf"] - args: ["-c", "../config/pcfcfg.yaml"] - env: - - name: GIN_MODE - value: release - volumeMounts: - - mountPath: /free5gc/config/ - name: pcf-volume - resources: + - name: pcf + image: towards5gs/free5gc-pcf:v3.1.1 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 80 + command: ["./pcf"] + args: ["-c", "../config/pcfcfg.yaml"] + env: + - name: GIN_MODE + value: release + volumeMounts: + - mountPath: /free5gc/config/ + name: pcf-volume + resources: limits: cpu: 100m memory: 128Mi @@ -52,8 +51,8 @@ spec: restartPolicy: Always volumes: - - name: pcf-volume - projected: - sources: - - configMap: - name: pcf-configmap + - name: pcf-volume + projected: + sources: + - configMap: + name: pcf-configmap diff --git a/workloads/free5gc/free5gc-cp/pcf/pcf-service.yaml b/workloads/free5gc/free5gc-cp/pcf/pcf-service.yaml index fcab912..b68835a 100644 --- a/workloads/free5gc/free5gc-cp/pcf/pcf-service.yaml +++ b/workloads/free5gc/free5gc-cp/pcf/pcf-service.yaml @@ -1,4 +1,3 @@ ---- apiVersion: v1 kind: Service metadata: diff --git a/workloads/free5gc/free5gc-cp/udm/udm-configmap.yaml b/workloads/free5gc/free5gc-cp/udm/udm-configmap.yaml index 02e67d7..102f1bc 100644 --- a/workloads/free5gc/free5gc-cp/udm/udm-configmap.yaml +++ b/workloads/free5gc/free5gc-cp/udm/udm-configmap.yaml @@ -1,4 +1,3 @@ ---- apiVersion: v1 kind: ConfigMap metadata: @@ -19,7 +18,7 @@ data: - nudm-ueau - nudm-ee - nudm-pp - + sbi: scheme: http registerIPv4: udm-nudm # IP used to register to NRF @@ -28,7 +27,7 @@ data: tls: key: config/TLS/udm.key pem: config/TLS/udm.pem - + nrfUri: http://nrf-nnrf:8000 # test data set from TS33501-f60 Annex C.4 SuciProfile: diff --git a/workloads/free5gc/free5gc-cp/udm/udm-deployment.yaml b/workloads/free5gc/free5gc-cp/udm/udm-deployment.yaml index da412b3..8fed88e 100644 --- a/workloads/free5gc/free5gc-cp/udm/udm-deployment.yaml +++ b/workloads/free5gc/free5gc-cp/udm/udm-deployment.yaml @@ -1,4 +1,3 @@ ---- apiVersion: apps/v1 kind: Deployment metadata: @@ -20,28 +19,28 @@ spec: nf: udm spec: initContainers: - - name: wait-nrf - image: towards5gs/initcurl:1.0.0 - env: - - name: DEPENDENCIES - value: http://nrf-nnrf:8000 - command: ['sh', '-c', 'set -x; for dependency in $DEPENDENCIES; do while [ $(curl --insecure --connect-timeout 1 -s -o /dev/null -w "%{http_code}" $dependency) -ne 200 ]; do echo waiting for dependencies; sleep 1; done; done;'] + - name: wait-nrf + image: towards5gs/initcurl:1.0.0 + env: + - name: DEPENDENCIES + value: http://nrf-nnrf:8000 + command: ['sh', '-c', 'set -x; for dependency in $DEPENDENCIES; do while [ $(curl --insecure --connect-timeout 1 -s -o /dev/null -w "%{http_code}" $dependency) -ne 200 ]; do echo waiting for dependencies; sleep 1; done; done;'] containers: - - name: udm - image: towards5gs/free5gc-udm:v3.1.1 - imagePullPolicy: IfNotPresent - ports: - - containerPort: 80 - command: ["./udm"] - args: ["-c", "../config/udmcfg.yaml"] - env: - - name: GIN_MODE - value: release - volumeMounts: - - mountPath: /free5gc/config/ - name: udm-volume - resources: + - name: udm + image: towards5gs/free5gc-udm:v3.1.1 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 80 + command: ["./udm"] + args: ["-c", "../config/udmcfg.yaml"] + env: + - name: GIN_MODE + value: release + volumeMounts: + - mountPath: /free5gc/config/ + name: udm-volume + resources: limits: cpu: 100m memory: 128Mi @@ -52,8 +51,8 @@ spec: restartPolicy: Always volumes: - - name: udm-volume - projected: - sources: - - configMap: - name: udm-configmap + - name: udm-volume + projected: + sources: + - configMap: + name: udm-configmap diff --git a/workloads/free5gc/free5gc-cp/udm/udm-service.yaml b/workloads/free5gc/free5gc-cp/udm/udm-service.yaml index a2e1edf..5875fdc 100644 --- a/workloads/free5gc/free5gc-cp/udm/udm-service.yaml +++ b/workloads/free5gc/free5gc-cp/udm/udm-service.yaml @@ -1,4 +1,3 @@ ---- apiVersion: v1 kind: Service metadata: diff --git a/workloads/free5gc/free5gc-cp/udr/udr-configmap.yaml b/workloads/free5gc/free5gc-cp/udr/udr-configmap.yaml index c0772b1..a2f7441 100644 --- a/workloads/free5gc/free5gc-cp/udr/udr-configmap.yaml +++ b/workloads/free5gc/free5gc-cp/udr/udr-configmap.yaml @@ -1,4 +1,3 @@ ---- apiVersion: v1 kind: ConfigMap metadata: @@ -7,37 +6,4 @@ metadata: app.kubernetes.io/version: "v3.1.1" app: free5gc data: - udrcfg.yaml: | - info: - version: 1.0.1 - description: UDR initial local configuration - - configuration: - sbi: - scheme: http - registerIPv4: udr-nudr # IP used to register to NRF - bindingIPv4: 0.0.0.0 # IP used to bind the service - port: 80 - tls: - key: config/TLS/udr.key - pem: config/TLS/udr.pem - - mongodb: - name: free5gc - url: mongodb://mongodb:27017 - - nrfUri: http://nrf-nnrf:8000 - - logger: - MongoDBLibrary: - ReportCaller: false - debugLevel: info - OpenApi: - ReportCaller: false - debugLevel: info - PathUtil: - ReportCaller: false - debugLevel: info - UDR: - ReportCaller: false - debugLevel: info + udrcfg.yaml: "info:\n version: 1.0.1\n description: UDR initial local configuration\n #magic___^_^___line\nconfiguration:\n sbi:\n scheme: http\n registerIPv4: udr-nudr # IP used to register to NRF\n bindingIPv4: 0.0.0.0 # IP used to bind the service\n port: 80\n tls:\n key: config/TLS/udr.key\n pem: config/TLS/udr.pem\n #magic___^_^___line\n mongodb:\n name: free5gc\n url: mongodb://mongodb:27017 \n #magic___^_^___line\n nrfUri: http://nrf-nnrf:8000\n #magic___^_^___line\nlogger:\n MongoDBLibrary:\n ReportCaller: false\n debugLevel: info\n OpenApi:\n ReportCaller: false\n debugLevel: info\n PathUtil:\n ReportCaller: false\n debugLevel: info\n UDR:\n ReportCaller: false\n debugLevel: info\n" diff --git a/workloads/free5gc/free5gc-cp/udr/udr-deployment.yaml b/workloads/free5gc/free5gc-cp/udr/udr-deployment.yaml index 2439619..c6aa748 100644 --- a/workloads/free5gc/free5gc-cp/udr/udr-deployment.yaml +++ b/workloads/free5gc/free5gc-cp/udr/udr-deployment.yaml @@ -1,4 +1,3 @@ ---- apiVersion: apps/v1 kind: Deployment metadata: @@ -20,30 +19,30 @@ spec: nf: udr spec: initContainers: - - name: wait-nrf - image: towards5gs/initcurl:1.0.0 - env: - - name: DEPENDENCIES - value: http://nrf-nnrf:8000 - command: ['sh', '-c', 'set -x; for dependency in $DEPENDENCIES; do while [ $(curl --insecure --connect-timeout 1 -s -o /dev/null -w "%{http_code}" $dependency) -ne 200 ]; do echo waiting for dependencies; sleep 1; done; done;'] + - name: wait-nrf + image: towards5gs/initcurl:1.0.0 + env: + - name: DEPENDENCIES + value: http://nrf-nnrf:8000 + command: ['sh', '-c', 'set -x; for dependency in $DEPENDENCIES; do while [ $(curl --insecure --connect-timeout 1 -s -o /dev/null -w "%{http_code}" $dependency) -ne 200 ]; do echo waiting for dependencies; sleep 1; done; done;'] containers: - - name: udr - image: towards5gs/free5gc-udr:v3.1.1 - imagePullPolicy: IfNotPresent - ports: - - containerPort: 80 - command: ["./udr"] - args: ["-c", "../config/udrcfg.yaml"] - env: - - name: DB_URI - value: mongodb://mongodb/free5gc - - name: GIN_MODE - value: release - volumeMounts: - - mountPath: /free5gc/config/ - name: udr-volume - resources: + - name: udr + image: towards5gs/free5gc-udr:v3.1.1 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 80 + command: ["./udr"] + args: ["-c", "../config/udrcfg.yaml"] + env: + - name: DB_URI + value: mongodb://mongodb/free5gc + - name: GIN_MODE + value: release + volumeMounts: + - mountPath: /free5gc/config/ + name: udr-volume + resources: limits: cpu: 100m memory: 128Mi @@ -54,8 +53,8 @@ spec: restartPolicy: Always volumes: - - name: udr-volume - projected: - sources: - - configMap: - name: udr-configmap + - name: udr-volume + projected: + sources: + - configMap: + name: udr-configmap diff --git a/workloads/free5gc/free5gc-cp/udr/udr-service.yaml b/workloads/free5gc/free5gc-cp/udr/udr-service.yaml index 5780483..5d1259e 100644 --- a/workloads/free5gc/free5gc-cp/udr/udr-service.yaml +++ b/workloads/free5gc/free5gc-cp/udr/udr-service.yaml @@ -1,4 +1,3 @@ ---- apiVersion: v1 kind: Service metadata: diff --git a/workloads/free5gc/free5gc-cp/webui/webui-configmap.yaml b/workloads/free5gc/free5gc-cp/webui/webui-configmap.yaml index b529ebd..dc413b3 100644 --- a/workloads/free5gc/free5gc-cp/webui/webui-configmap.yaml +++ b/workloads/free5gc/free5gc-cp/webui/webui-configmap.yaml @@ -1,4 +1,3 @@ ---- apiVersion: v1 kind: ConfigMap metadata: @@ -16,7 +15,7 @@ data: mongodb: name: free5gc url: mongodb://mongodb:27017 - + logger: WEBUI: ReportCaller: false diff --git a/workloads/free5gc/free5gc-cp/webui/webui-deployment.yaml b/workloads/free5gc/free5gc-cp/webui/webui-deployment.yaml index 503042d..3dfef49 100644 --- a/workloads/free5gc/free5gc-cp/webui/webui-deployment.yaml +++ b/workloads/free5gc/free5gc-cp/webui/webui-deployment.yaml @@ -1,4 +1,3 @@ ---- apiVersion: apps/v1 kind: Deployment metadata: @@ -20,57 +19,57 @@ spec: nf: webui spec: initContainers: - - name: wait-mongo - image: busybox:1.32.0 - env: - - name: DEPENDENCIES - value: mongodb:27017 - command: ["sh", "-c", "until nc -z $DEPENDENCIES; do echo waiting for the MongoDB; sleep 2; done;"] + - name: wait-mongo + image: busybox:1.32.0 + env: + - name: DEPENDENCIES + value: mongodb:27017 + command: ["sh", "-c", "until nc -z $DEPENDENCIES; do echo waiting for the MongoDB; sleep 2; done;"] containers: - - name: webui - image: towards5gs/free5gc-webui:v3.1.1 - imagePullPolicy: IfNotPresent - ports: - - containerPort: 5000 - command: ["./webconsole"] - args: ["-c", "../config/webuicfg.yaml"] - env: - - name: GIN_MODE - value: release - volumeMounts: - - mountPath: /free5gc/config/ - name: webui-volume - resources: + - name: webui + image: towards5gs/free5gc-webui:v3.1.1 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 5000 + command: ["./webconsole"] + args: ["-c", "../config/webuicfg.yaml"] + env: + - name: GIN_MODE + value: release + volumeMounts: + - mountPath: /free5gc/config/ + name: webui-volume + resources: limits: cpu: 100m memory: 128Mi requests: cpu: 100m memory: 128Mi - readinessProbe: - initialDelaySeconds: 0 - periodSeconds: 1 - timeoutSeconds: 1 - failureThreshold: 40 - successThreshold: 1 - httpGet: - scheme: HTTP - port: 5000 - livenessProbe: - initialDelaySeconds: 120 - periodSeconds: 10 - timeoutSeconds: 10 - failureThreshold: 3 - successThreshold: 1 - httpGet: - scheme: HTTP - port: 5000 + readinessProbe: + initialDelaySeconds: 0 + periodSeconds: 1 + timeoutSeconds: 1 + failureThreshold: 40 + successThreshold: 1 + httpGet: + scheme: HTTP + port: 5000 + livenessProbe: + initialDelaySeconds: 120 + periodSeconds: 10 + timeoutSeconds: 10 + failureThreshold: 3 + successThreshold: 1 + httpGet: + scheme: HTTP + port: 5000 dnsPolicy: ClusterFirst restartPolicy: Always volumes: - - name: webui-volume - projected: - sources: - - configMap: - name: webui-configmap + - name: webui-volume + projected: + sources: + - configMap: + name: webui-configmap diff --git a/workloads/free5gc/free5gc-cp/webui/webui-service.yaml b/workloads/free5gc/free5gc-cp/webui/webui-service.yaml index 102a23c..dc57cea 100644 --- a/workloads/free5gc/free5gc-cp/webui/webui-service.yaml +++ b/workloads/free5gc/free5gc-cp/webui/webui-service.yaml @@ -1,4 +1,3 @@ ---- apiVersion: v1 kind: Service metadata: diff --git a/workloads/free5gc/free5gc-operator/operator/clusterrole.yaml b/workloads/free5gc/free5gc-operator/operator/clusterrole.yaml index a3d36c5..4360007 100644 --- a/workloads/free5gc/free5gc-operator/operator/clusterrole.yaml +++ b/workloads/free5gc/free5gc-operator/operator/clusterrole.yaml @@ -3,107 +3,107 @@ kind: ClusterRole metadata: name: free5gc-operator-role rules: -- apiGroups: - - "" - resources: - - configmaps - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - "" - resources: - - configmaps - - services - - serviceaccounts - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch -- apiGroups: - - "" - resources: - - pods - verbs: - - get - - list - - watch -- apiGroups: - - apps - resources: - - deployments - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - apps - resources: - - deployments/status - verbs: - - get -- apiGroups: - - k8s.cni.cncf.io - resources: - - network-attachment-definitions - verbs: - - get - - list - - watch - - create -- apiGroups: - - workload.nephio.org - resources: - - nfdeployments - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - workload.nephio.org - resources: - - nfdeployments/status - verbs: - - get - - patch - - update -- apiGroups: - - ref.nephio.org - resources: - - configs - verbs: - - get - - list - - watch -- apiGroups: - - workload.nephio.org - resources: - - nfconfigs - verbs: - - get - - list - - watch + - apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - configmaps + - services + - serviceaccounts + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + - apiGroups: + - "" + resources: + - pods + verbs: + - get + - list + - watch + - apiGroups: + - apps + resources: + - deployments + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - apps + resources: + - deployments/status + verbs: + - get + - apiGroups: + - k8s.cni.cncf.io + resources: + - network-attachment-definitions + verbs: + - get + - list + - watch + - create + - apiGroups: + - workload.nephio.org + resources: + - nfdeployments + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - workload.nephio.org + resources: + - nfdeployments/status + verbs: + - get + - patch + - update + - apiGroups: + - ref.nephio.org + resources: + - configs + verbs: + - get + - list + - watch + - apiGroups: + - workload.nephio.org + resources: + - nfconfigs + verbs: + - get + - list + - watch diff --git a/workloads/free5gc/free5gc-operator/operator/clusterrolebinding.yaml b/workloads/free5gc/free5gc-operator/operator/clusterrolebinding.yaml index ba4840a..7188548 100644 --- a/workloads/free5gc/free5gc-operator/operator/clusterrolebinding.yaml +++ b/workloads/free5gc/free5gc-operator/operator/clusterrolebinding.yaml @@ -8,6 +8,6 @@ roleRef: kind: ClusterRole name: free5gc-operator-role subjects: -- kind: ServiceAccount - name: free5gc-operator - namespace: free5gc + - kind: ServiceAccount + name: free5gc-operator + namespace: free5gc diff --git a/workloads/free5gc/free5gc-operator/operator/deployment.yaml b/workloads/free5gc/free5gc-operator/operator/deployment.yaml index 867f5ef..4550ac1 100644 --- a/workloads/free5gc/free5gc-operator/operator/deployment.yaml +++ b/workloads/free5gc/free5gc-operator/operator/deployment.yaml @@ -18,58 +18,58 @@ spec: spec: serviceAccountName: free5gc-operator containers: - - name: kube-rbac-proxy - image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0 - args: - - --secure-listen-address=0.0.0.0:8443 - - --upstream=http://127.0.0.1:8080/ - - --logtostderr=true - - --v=10 - ports: - - containerPort: 8443 - name: https - resources: - limits: - cpu: 500m - memory: 128Mi - requests: - cpu: 5m - memory: 64Mi - - name: operator - image: docker.io/nephio/free5gc-operator:v2.0.0 - command: - - /free5gc-operator - args: - - --health-probe-bind-address=:8081 - - --metrics-bind-address=127.0.0.1:8080 - - --leader-elect - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - livenessProbe: - httpGet: - path: /healthz - port: 8081 - initialDelaySeconds: 15 - periodSeconds: 20 - readinessProbe: - httpGet: - path: /readyz - port: 8081 - initialDelaySeconds: 5 - periodSeconds: 10 - resources: - limits: - cpu: 500m - memory: 128Mi - requests: - cpu: 10m - memory: 64Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL + - name: kube-rbac-proxy + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0 + args: + - --secure-listen-address=0.0.0.0:8443 + - --upstream=http://127.0.0.1:8080/ + - --logtostderr=true + - --v=10 + ports: + - containerPort: 8443 + name: https + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 5m + memory: 64Mi + - name: operator + image: docker.io/nephio/free5gc-operator:v2.0.0 + command: + - /free5gc-operator + args: + - --health-probe-bind-address=:8081 + - --metrics-bind-address=127.0.0.1:8080 + - --leader-elect + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 10m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL diff --git a/workloads/free5gc/free5gc-operator/operator/role-leader-election.yaml b/workloads/free5gc/free5gc-operator/operator/role-leader-election.yaml index 16a0249..b643f72 100644 --- a/workloads/free5gc/free5gc-operator/operator/role-leader-election.yaml +++ b/workloads/free5gc/free5gc-operator/operator/role-leader-election.yaml @@ -4,34 +4,34 @@ metadata: namespace: free5gc name: free5gc-operator-leader-election-role rules: -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - update - - patch - - create - - delete -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - update + - patch + - create + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch diff --git a/workloads/free5gc/free5gc-operator/operator/rolebinding-leader-election.yaml b/workloads/free5gc/free5gc-operator/operator/rolebinding-leader-election.yaml index afedc24..4703c94 100644 --- a/workloads/free5gc/free5gc-operator/operator/rolebinding-leader-election.yaml +++ b/workloads/free5gc/free5gc-operator/operator/rolebinding-leader-election.yaml @@ -8,5 +8,5 @@ roleRef: kind: Role name: free5gc-operator-leader-election-role subjects: -- kind: ServiceAccount - name: free5gc-operator + - kind: ServiceAccount + name: free5gc-operator diff --git a/workloads/free5gc/pkg-example-amf-bp/amfdeployment.yaml b/workloads/free5gc/pkg-example-amf-bp/amfdeployment.yaml index b478d1c..db228c8 100644 --- a/workloads/free5gc/pkg-example-amf-bp/amfdeployment.yaml +++ b/workloads/free5gc/pkg-example-amf-bp/amfdeployment.yaml @@ -4,4 +4,4 @@ metadata: name: amf-example namespace: amf-example spec: - provider: amf.free5gc.io \ No newline at end of file + provider: amf.free5gc.io diff --git a/workloads/free5gc/pkg-example-amf-bp/apply-replacements-namespace.yaml b/workloads/free5gc/pkg-example-amf-bp/apply-replacements-namespace.yaml index 101bb24..fe21dba 100644 --- a/workloads/free5gc/pkg-example-amf-bp/apply-replacements-namespace.yaml +++ b/workloads/free5gc/pkg-example-amf-bp/apply-replacements-namespace.yaml @@ -5,24 +5,24 @@ metadata: annotations: config.kubernetes.io/local-config: "true" replacements: -- source: - kind: ConfigMap - name: namespace - fieldPath: data.namespace - targets: - - select: - kind: Interface - fieldPaths: - - metadata.annotations.[specializer.nephio.org/namespace] - - select: - kind: Capacity - fieldPaths: - - metadata.annotations.[specializer.nephio.org/namespace] - - select: - kind: DataNetwork - fieldPaths: - - metadata.annotations.[specializer.nephio.org/namespace] - - select: - kind: Dependency - fieldPaths: - - metadata.annotations.[specializer.nephio.org/namespace] + - source: + kind: ConfigMap + name: namespace + fieldPath: data.namespace + targets: + - select: + kind: Interface + fieldPaths: + - metadata.annotations.[specializer.nephio.org/namespace] + - select: + kind: Capacity + fieldPaths: + - metadata.annotations.[specializer.nephio.org/namespace] + - select: + kind: DataNetwork + fieldPaths: + - metadata.annotations.[specializer.nephio.org/namespace] + - select: + kind: Dependency + fieldPaths: + - metadata.annotations.[specializer.nephio.org/namespace] diff --git a/workloads/free5gc/pkg-example-amf-bp/apply-replacements-owner.yaml b/workloads/free5gc/pkg-example-amf-bp/apply-replacements-owner.yaml index 068d66e..bdc0979 100644 --- a/workloads/free5gc/pkg-example-amf-bp/apply-replacements-owner.yaml +++ b/workloads/free5gc/pkg-example-amf-bp/apply-replacements-owner.yaml @@ -5,43 +5,43 @@ metadata: annotations: config.kubernetes.io/local-config: "true" replacements: -- source: - kind: WorkloadCluster - name: workload-cluster - fieldPath: spec.clusterName - targets: - - select: - kind: NFDeployment - fieldPaths: - - metadata.name - options: - delimiter: '-' - index: 1 - - select: - kind: Interface - fieldPaths: - - metadata.annotations.[specializer.nephio.org/owner] - options: - delimiter: '-' - index: 1 - - select: - kind: Capacity - fieldPaths: - - metadata.annotations.[specializer.nephio.org/owner] - options: - delimiter: '-' - index: 1 - - select: - kind: DataNetwork - fieldPaths: - - metadata.annotations.[specializer.nephio.org/owner] - options: - delimiter: '-' - index: 1 - - select: - kind: Dependency - fieldPaths: - - metadata.annotations.[specializer.nephio.org/owner] - options: - delimiter: '-' - index: 1 + - source: + kind: WorkloadCluster + name: workload-cluster + fieldPath: spec.clusterName + targets: + - select: + kind: NFDeployment + fieldPaths: + - metadata.name + options: + delimiter: '-' + index: 1 + - select: + kind: Interface + fieldPaths: + - metadata.annotations.[specializer.nephio.org/owner] + options: + delimiter: '-' + index: 1 + - select: + kind: Capacity + fieldPaths: + - metadata.annotations.[specializer.nephio.org/owner] + options: + delimiter: '-' + index: 1 + - select: + kind: DataNetwork + fieldPaths: + - metadata.annotations.[specializer.nephio.org/owner] + options: + delimiter: '-' + index: 1 + - select: + kind: Dependency + fieldPaths: + - metadata.annotations.[specializer.nephio.org/owner] + options: + delimiter: '-' + index: 1 diff --git a/workloads/free5gc/pkg-example-amf-bp/dependency.yaml b/workloads/free5gc/pkg-example-amf-bp/dependency.yaml index f9bbf6d..f5537ae 100644 --- a/workloads/free5gc/pkg-example-amf-bp/dependency.yaml +++ b/workloads/free5gc/pkg-example-amf-bp/dependency.yaml @@ -9,7 +9,7 @@ metadata: spec: packageName: free5gc-upf injectors: - - apiVersion: workload.nephio.org/v1alpha1 - kind: NFDeployment - spec: - provider: upf.free5gc.io + - apiVersion: workload.nephio.org/v1alpha1 + kind: NFDeployment + spec: + provider: upf.free5gc.io diff --git a/workloads/free5gc/pkg-example-amf-bp/network_vpc-internal.yaml b/workloads/free5gc/pkg-example-amf-bp/network_vpc-internal.yaml index 7eab591..df54b7e 100644 --- a/workloads/free5gc/pkg-example-amf-bp/network_vpc-internal.yaml +++ b/workloads/free5gc/pkg-example-amf-bp/network_vpc-internal.yaml @@ -7,18 +7,18 @@ metadata: spec: topology: nephio routingTables: - - name: vpc-internal - prefixes: - - prefix: 172:1::/32 - - prefix: 172.1.0.0/16 - interfaces: - - kind: bridgedomain - bridgeDomainName: vpc-internal - bridgeDomains: - - name: vpc-internal - interfaces: - - kind: interface - selector: - matchExpressions: - - {key: nephio.org/cluster-name, operator: Exists} - attachmentType: vlan \ No newline at end of file + - name: vpc-internal + prefixes: + - prefix: 172:1::/32 + - prefix: 172.1.0.0/16 + interfaces: + - kind: bridgedomain + bridgeDomainName: vpc-internal + bridgeDomains: + - name: vpc-internal + interfaces: + - kind: interface + selector: + matchExpressions: + - {key: nephio.org/cluster-name, operator: Exists} + attachmentType: vlan diff --git a/workloads/free5gc/pkg-example-amf-bp/network_vpc-internet.yaml b/workloads/free5gc/pkg-example-amf-bp/network_vpc-internet.yaml index c4a74d9..bfc4447 100644 --- a/workloads/free5gc/pkg-example-amf-bp/network_vpc-internet.yaml +++ b/workloads/free5gc/pkg-example-amf-bp/network_vpc-internet.yaml @@ -7,24 +7,24 @@ metadata: spec: topology: nephio routingTables: - - name: vpc-internet - prefixes: - - prefix: 172::/32 - - prefix: 172.0.0.0/16 - - prefix: 1000::/32 - labels: - nephio.org/prefix-kind: pool - - prefix: 10.0.0.0/8 - labels: - nephio.org/prefix-kind: pool - interfaces: - - kind: bridgedomain - bridgeDomainName: vpc-internet - bridgeDomains: - - name: vpc-internet - interfaces: - - kind: interface - selector: - matchExpressions: - - {key: nephio.org/cluster-name, operator: Exists} - attachmentType: vlan \ No newline at end of file + - name: vpc-internet + prefixes: + - prefix: 172::/32 + - prefix: 172.0.0.0/16 + - prefix: 1000::/32 + labels: + nephio.org/prefix-kind: pool + - prefix: 10.0.0.0/8 + labels: + nephio.org/prefix-kind: pool + interfaces: + - kind: bridgedomain + bridgeDomainName: vpc-internet + bridgeDomains: + - name: vpc-internet + interfaces: + - kind: interface + selector: + matchExpressions: + - {key: nephio.org/cluster-name, operator: Exists} + attachmentType: vlan diff --git a/workloads/free5gc/pkg-example-amf-bp/network_vpc-ran.yaml b/workloads/free5gc/pkg-example-amf-bp/network_vpc-ran.yaml index f7c0bf5..fd179f9 100644 --- a/workloads/free5gc/pkg-example-amf-bp/network_vpc-ran.yaml +++ b/workloads/free5gc/pkg-example-amf-bp/network_vpc-ran.yaml @@ -7,28 +7,28 @@ metadata: spec: topology: nephio routingTables: - - name: vpc-ran - prefixes: - - prefix: 172:2::/32 - labels: - nephio.org/network-name: n2 - - prefix: 172.2.0.0/16 - labels: - nephio.org/network-name: n2 - - prefix: 172:3::/32 - labels: - nephio.org/network-name: n3 - - prefix: 172.3.0.0/16 - labels: - nephio.org/network-name: n3 - interfaces: - - kind: bridgedomain - bridgeDomainName: vpc-ran - bridgeDomains: - - name: vpc-ran - interfaces: - - kind: interface - selector: - matchExpressions: - - {key: nephio.org/cluster-name, operator: Exists} - attachmentType: vlan \ No newline at end of file + - name: vpc-ran + prefixes: + - prefix: 172:2::/32 + labels: + nephio.org/network-name: n2 + - prefix: 172.2.0.0/16 + labels: + nephio.org/network-name: n2 + - prefix: 172:3::/32 + labels: + nephio.org/network-name: n3 + - prefix: 172.3.0.0/16 + labels: + nephio.org/network-name: n3 + interfaces: + - kind: bridgedomain + bridgeDomainName: vpc-ran + bridgeDomains: + - name: vpc-ran + interfaces: + - kind: interface + selector: + matchExpressions: + - {key: nephio.org/cluster-name, operator: Exists} + attachmentType: vlan diff --git a/workloads/free5gc/pkg-example-amf-bp/workload-cluster.yaml b/workloads/free5gc/pkg-example-amf-bp/workload-cluster.yaml index 10c6222..4d34271 100644 --- a/workloads/free5gc/pkg-example-amf-bp/workload-cluster.yaml +++ b/workloads/free5gc/pkg-example-amf-bp/workload-cluster.yaml @@ -6,4 +6,4 @@ metadata: config.kubernetes.io/local-config: "true" kpt.dev/config-injection: required spec: - clusterName: example \ No newline at end of file + clusterName: example diff --git a/workloads/free5gc/pkg-example-smf-bp/apply-replacements-namespace.yaml b/workloads/free5gc/pkg-example-smf-bp/apply-replacements-namespace.yaml index 101bb24..fe21dba 100644 --- a/workloads/free5gc/pkg-example-smf-bp/apply-replacements-namespace.yaml +++ b/workloads/free5gc/pkg-example-smf-bp/apply-replacements-namespace.yaml @@ -5,24 +5,24 @@ metadata: annotations: config.kubernetes.io/local-config: "true" replacements: -- source: - kind: ConfigMap - name: namespace - fieldPath: data.namespace - targets: - - select: - kind: Interface - fieldPaths: - - metadata.annotations.[specializer.nephio.org/namespace] - - select: - kind: Capacity - fieldPaths: - - metadata.annotations.[specializer.nephio.org/namespace] - - select: - kind: DataNetwork - fieldPaths: - - metadata.annotations.[specializer.nephio.org/namespace] - - select: - kind: Dependency - fieldPaths: - - metadata.annotations.[specializer.nephio.org/namespace] + - source: + kind: ConfigMap + name: namespace + fieldPath: data.namespace + targets: + - select: + kind: Interface + fieldPaths: + - metadata.annotations.[specializer.nephio.org/namespace] + - select: + kind: Capacity + fieldPaths: + - metadata.annotations.[specializer.nephio.org/namespace] + - select: + kind: DataNetwork + fieldPaths: + - metadata.annotations.[specializer.nephio.org/namespace] + - select: + kind: Dependency + fieldPaths: + - metadata.annotations.[specializer.nephio.org/namespace] diff --git a/workloads/free5gc/pkg-example-smf-bp/apply-replacements-owner.yaml b/workloads/free5gc/pkg-example-smf-bp/apply-replacements-owner.yaml index 068d66e..bdc0979 100644 --- a/workloads/free5gc/pkg-example-smf-bp/apply-replacements-owner.yaml +++ b/workloads/free5gc/pkg-example-smf-bp/apply-replacements-owner.yaml @@ -5,43 +5,43 @@ metadata: annotations: config.kubernetes.io/local-config: "true" replacements: -- source: - kind: WorkloadCluster - name: workload-cluster - fieldPath: spec.clusterName - targets: - - select: - kind: NFDeployment - fieldPaths: - - metadata.name - options: - delimiter: '-' - index: 1 - - select: - kind: Interface - fieldPaths: - - metadata.annotations.[specializer.nephio.org/owner] - options: - delimiter: '-' - index: 1 - - select: - kind: Capacity - fieldPaths: - - metadata.annotations.[specializer.nephio.org/owner] - options: - delimiter: '-' - index: 1 - - select: - kind: DataNetwork - fieldPaths: - - metadata.annotations.[specializer.nephio.org/owner] - options: - delimiter: '-' - index: 1 - - select: - kind: Dependency - fieldPaths: - - metadata.annotations.[specializer.nephio.org/owner] - options: - delimiter: '-' - index: 1 + - source: + kind: WorkloadCluster + name: workload-cluster + fieldPath: spec.clusterName + targets: + - select: + kind: NFDeployment + fieldPaths: + - metadata.name + options: + delimiter: '-' + index: 1 + - select: + kind: Interface + fieldPaths: + - metadata.annotations.[specializer.nephio.org/owner] + options: + delimiter: '-' + index: 1 + - select: + kind: Capacity + fieldPaths: + - metadata.annotations.[specializer.nephio.org/owner] + options: + delimiter: '-' + index: 1 + - select: + kind: DataNetwork + fieldPaths: + - metadata.annotations.[specializer.nephio.org/owner] + options: + delimiter: '-' + index: 1 + - select: + kind: Dependency + fieldPaths: + - metadata.annotations.[specializer.nephio.org/owner] + options: + delimiter: '-' + index: 1 diff --git a/workloads/free5gc/pkg-example-smf-bp/dependency.yaml b/workloads/free5gc/pkg-example-smf-bp/dependency.yaml index fc5b829..652ab7b 100644 --- a/workloads/free5gc/pkg-example-smf-bp/dependency.yaml +++ b/workloads/free5gc/pkg-example-smf-bp/dependency.yaml @@ -9,7 +9,7 @@ metadata: spec: packageName: free5gc-upf injectors: - - apiVersion: workload.nephio.org/v1alpha1 - kind: NFDeployment - spec: - provider: upf.free5gc.io + - apiVersion: workload.nephio.org/v1alpha1 + kind: NFDeployment + spec: + provider: upf.free5gc.io diff --git a/workloads/free5gc/pkg-example-smf-bp/network_vpc-internal.yaml b/workloads/free5gc/pkg-example-smf-bp/network_vpc-internal.yaml index 7eab591..df54b7e 100644 --- a/workloads/free5gc/pkg-example-smf-bp/network_vpc-internal.yaml +++ b/workloads/free5gc/pkg-example-smf-bp/network_vpc-internal.yaml @@ -7,18 +7,18 @@ metadata: spec: topology: nephio routingTables: - - name: vpc-internal - prefixes: - - prefix: 172:1::/32 - - prefix: 172.1.0.0/16 - interfaces: - - kind: bridgedomain - bridgeDomainName: vpc-internal - bridgeDomains: - - name: vpc-internal - interfaces: - - kind: interface - selector: - matchExpressions: - - {key: nephio.org/cluster-name, operator: Exists} - attachmentType: vlan \ No newline at end of file + - name: vpc-internal + prefixes: + - prefix: 172:1::/32 + - prefix: 172.1.0.0/16 + interfaces: + - kind: bridgedomain + bridgeDomainName: vpc-internal + bridgeDomains: + - name: vpc-internal + interfaces: + - kind: interface + selector: + matchExpressions: + - {key: nephio.org/cluster-name, operator: Exists} + attachmentType: vlan diff --git a/workloads/free5gc/pkg-example-smf-bp/network_vpc-internet.yaml b/workloads/free5gc/pkg-example-smf-bp/network_vpc-internet.yaml index c4a74d9..bfc4447 100644 --- a/workloads/free5gc/pkg-example-smf-bp/network_vpc-internet.yaml +++ b/workloads/free5gc/pkg-example-smf-bp/network_vpc-internet.yaml @@ -7,24 +7,24 @@ metadata: spec: topology: nephio routingTables: - - name: vpc-internet - prefixes: - - prefix: 172::/32 - - prefix: 172.0.0.0/16 - - prefix: 1000::/32 - labels: - nephio.org/prefix-kind: pool - - prefix: 10.0.0.0/8 - labels: - nephio.org/prefix-kind: pool - interfaces: - - kind: bridgedomain - bridgeDomainName: vpc-internet - bridgeDomains: - - name: vpc-internet - interfaces: - - kind: interface - selector: - matchExpressions: - - {key: nephio.org/cluster-name, operator: Exists} - attachmentType: vlan \ No newline at end of file + - name: vpc-internet + prefixes: + - prefix: 172::/32 + - prefix: 172.0.0.0/16 + - prefix: 1000::/32 + labels: + nephio.org/prefix-kind: pool + - prefix: 10.0.0.0/8 + labels: + nephio.org/prefix-kind: pool + interfaces: + - kind: bridgedomain + bridgeDomainName: vpc-internet + bridgeDomains: + - name: vpc-internet + interfaces: + - kind: interface + selector: + matchExpressions: + - {key: nephio.org/cluster-name, operator: Exists} + attachmentType: vlan diff --git a/workloads/free5gc/pkg-example-smf-bp/network_vpc-ran.yaml b/workloads/free5gc/pkg-example-smf-bp/network_vpc-ran.yaml index f7c0bf5..fd179f9 100644 --- a/workloads/free5gc/pkg-example-smf-bp/network_vpc-ran.yaml +++ b/workloads/free5gc/pkg-example-smf-bp/network_vpc-ran.yaml @@ -7,28 +7,28 @@ metadata: spec: topology: nephio routingTables: - - name: vpc-ran - prefixes: - - prefix: 172:2::/32 - labels: - nephio.org/network-name: n2 - - prefix: 172.2.0.0/16 - labels: - nephio.org/network-name: n2 - - prefix: 172:3::/32 - labels: - nephio.org/network-name: n3 - - prefix: 172.3.0.0/16 - labels: - nephio.org/network-name: n3 - interfaces: - - kind: bridgedomain - bridgeDomainName: vpc-ran - bridgeDomains: - - name: vpc-ran - interfaces: - - kind: interface - selector: - matchExpressions: - - {key: nephio.org/cluster-name, operator: Exists} - attachmentType: vlan \ No newline at end of file + - name: vpc-ran + prefixes: + - prefix: 172:2::/32 + labels: + nephio.org/network-name: n2 + - prefix: 172.2.0.0/16 + labels: + nephio.org/network-name: n2 + - prefix: 172:3::/32 + labels: + nephio.org/network-name: n3 + - prefix: 172.3.0.0/16 + labels: + nephio.org/network-name: n3 + interfaces: + - kind: bridgedomain + bridgeDomainName: vpc-ran + bridgeDomains: + - name: vpc-ran + interfaces: + - kind: interface + selector: + matchExpressions: + - {key: nephio.org/cluster-name, operator: Exists} + attachmentType: vlan diff --git a/workloads/free5gc/pkg-example-smf-bp/workload-cluster.yaml b/workloads/free5gc/pkg-example-smf-bp/workload-cluster.yaml index 10c6222..4d34271 100644 --- a/workloads/free5gc/pkg-example-smf-bp/workload-cluster.yaml +++ b/workloads/free5gc/pkg-example-smf-bp/workload-cluster.yaml @@ -6,4 +6,4 @@ metadata: config.kubernetes.io/local-config: "true" kpt.dev/config-injection: required spec: - clusterName: example \ No newline at end of file + clusterName: example diff --git a/workloads/free5gc/pkg-example-upf-bp/apply-replacements-namespace.yaml b/workloads/free5gc/pkg-example-upf-bp/apply-replacements-namespace.yaml index b5aeddd..7130302 100644 --- a/workloads/free5gc/pkg-example-upf-bp/apply-replacements-namespace.yaml +++ b/workloads/free5gc/pkg-example-upf-bp/apply-replacements-namespace.yaml @@ -5,20 +5,20 @@ metadata: annotations: config.kubernetes.io/local-config: "true" replacements: -- source: - kind: ConfigMap - name: kptfile.kpt.dev - fieldPath: data.name - targets: - - select: - kind: Interface - fieldPaths: - - metadata.annotations.[specializer.nephio.org/namespace] - - select: - kind: Capacity - fieldPaths: - - metadata.annotations.[specializer.nephio.org/namespace] - - select: - kind: DataNetwork - fieldPaths: - - metadata.annotations.[specializer.nephio.org/namespace] + - source: + kind: ConfigMap + name: kptfile.kpt.dev + fieldPath: data.name + targets: + - select: + kind: Interface + fieldPaths: + - metadata.annotations.[specializer.nephio.org/namespace] + - select: + kind: Capacity + fieldPaths: + - metadata.annotations.[specializer.nephio.org/namespace] + - select: + kind: DataNetwork + fieldPaths: + - metadata.annotations.[specializer.nephio.org/namespace] diff --git a/workloads/free5gc/pkg-example-upf-bp/apply-replacements-owner.yaml b/workloads/free5gc/pkg-example-upf-bp/apply-replacements-owner.yaml index 6e85819..a5f76cb 100644 --- a/workloads/free5gc/pkg-example-upf-bp/apply-replacements-owner.yaml +++ b/workloads/free5gc/pkg-example-upf-bp/apply-replacements-owner.yaml @@ -5,36 +5,36 @@ metadata: annotations: config.kubernetes.io/local-config: "true" replacements: -- source: - kind: WorkloadCluster - name: workload-cluster - fieldPath: spec.clusterName - targets: - - select: - kind: NFDeployment - fieldPaths: - - metadata.name - options: - delimiter: '-' - index: 1 - - select: - kind: Interface - fieldPaths: - - metadata.annotations.[specializer.nephio.org/owner] - options: - delimiter: '-' - index: 1 - - select: - kind: Capacity - fieldPaths: - - metadata.annotations.[specializer.nephio.org/owner] - options: - delimiter: '-' - index: 1 - - select: - kind: DataNetwork - fieldPaths: - - metadata.annotations.[specializer.nephio.org/owner] - options: - delimiter: '-' - index: 1 + - source: + kind: WorkloadCluster + name: workload-cluster + fieldPath: spec.clusterName + targets: + - select: + kind: NFDeployment + fieldPaths: + - metadata.name + options: + delimiter: '-' + index: 1 + - select: + kind: Interface + fieldPaths: + - metadata.annotations.[specializer.nephio.org/owner] + options: + delimiter: '-' + index: 1 + - select: + kind: Capacity + fieldPaths: + - metadata.annotations.[specializer.nephio.org/owner] + options: + delimiter: '-' + index: 1 + - select: + kind: DataNetwork + fieldPaths: + - metadata.annotations.[specializer.nephio.org/owner] + options: + delimiter: '-' + index: 1 diff --git a/workloads/free5gc/pkg-example-upf-bp/network_vpc-internal.yaml b/workloads/free5gc/pkg-example-upf-bp/network_vpc-internal.yaml index 7eab591..df54b7e 100644 --- a/workloads/free5gc/pkg-example-upf-bp/network_vpc-internal.yaml +++ b/workloads/free5gc/pkg-example-upf-bp/network_vpc-internal.yaml @@ -7,18 +7,18 @@ metadata: spec: topology: nephio routingTables: - - name: vpc-internal - prefixes: - - prefix: 172:1::/32 - - prefix: 172.1.0.0/16 - interfaces: - - kind: bridgedomain - bridgeDomainName: vpc-internal - bridgeDomains: - - name: vpc-internal - interfaces: - - kind: interface - selector: - matchExpressions: - - {key: nephio.org/cluster-name, operator: Exists} - attachmentType: vlan \ No newline at end of file + - name: vpc-internal + prefixes: + - prefix: 172:1::/32 + - prefix: 172.1.0.0/16 + interfaces: + - kind: bridgedomain + bridgeDomainName: vpc-internal + bridgeDomains: + - name: vpc-internal + interfaces: + - kind: interface + selector: + matchExpressions: + - {key: nephio.org/cluster-name, operator: Exists} + attachmentType: vlan diff --git a/workloads/free5gc/pkg-example-upf-bp/network_vpc-internet.yaml b/workloads/free5gc/pkg-example-upf-bp/network_vpc-internet.yaml index c4a74d9..bfc4447 100644 --- a/workloads/free5gc/pkg-example-upf-bp/network_vpc-internet.yaml +++ b/workloads/free5gc/pkg-example-upf-bp/network_vpc-internet.yaml @@ -7,24 +7,24 @@ metadata: spec: topology: nephio routingTables: - - name: vpc-internet - prefixes: - - prefix: 172::/32 - - prefix: 172.0.0.0/16 - - prefix: 1000::/32 - labels: - nephio.org/prefix-kind: pool - - prefix: 10.0.0.0/8 - labels: - nephio.org/prefix-kind: pool - interfaces: - - kind: bridgedomain - bridgeDomainName: vpc-internet - bridgeDomains: - - name: vpc-internet - interfaces: - - kind: interface - selector: - matchExpressions: - - {key: nephio.org/cluster-name, operator: Exists} - attachmentType: vlan \ No newline at end of file + - name: vpc-internet + prefixes: + - prefix: 172::/32 + - prefix: 172.0.0.0/16 + - prefix: 1000::/32 + labels: + nephio.org/prefix-kind: pool + - prefix: 10.0.0.0/8 + labels: + nephio.org/prefix-kind: pool + interfaces: + - kind: bridgedomain + bridgeDomainName: vpc-internet + bridgeDomains: + - name: vpc-internet + interfaces: + - kind: interface + selector: + matchExpressions: + - {key: nephio.org/cluster-name, operator: Exists} + attachmentType: vlan diff --git a/workloads/free5gc/pkg-example-upf-bp/network_vpc-ran.yaml b/workloads/free5gc/pkg-example-upf-bp/network_vpc-ran.yaml index f7c0bf5..fd179f9 100644 --- a/workloads/free5gc/pkg-example-upf-bp/network_vpc-ran.yaml +++ b/workloads/free5gc/pkg-example-upf-bp/network_vpc-ran.yaml @@ -7,28 +7,28 @@ metadata: spec: topology: nephio routingTables: - - name: vpc-ran - prefixes: - - prefix: 172:2::/32 - labels: - nephio.org/network-name: n2 - - prefix: 172.2.0.0/16 - labels: - nephio.org/network-name: n2 - - prefix: 172:3::/32 - labels: - nephio.org/network-name: n3 - - prefix: 172.3.0.0/16 - labels: - nephio.org/network-name: n3 - interfaces: - - kind: bridgedomain - bridgeDomainName: vpc-ran - bridgeDomains: - - name: vpc-ran - interfaces: - - kind: interface - selector: - matchExpressions: - - {key: nephio.org/cluster-name, operator: Exists} - attachmentType: vlan \ No newline at end of file + - name: vpc-ran + prefixes: + - prefix: 172:2::/32 + labels: + nephio.org/network-name: n2 + - prefix: 172.2.0.0/16 + labels: + nephio.org/network-name: n2 + - prefix: 172:3::/32 + labels: + nephio.org/network-name: n3 + - prefix: 172.3.0.0/16 + labels: + nephio.org/network-name: n3 + interfaces: + - kind: bridgedomain + bridgeDomainName: vpc-ran + bridgeDomains: + - name: vpc-ran + interfaces: + - kind: interface + selector: + matchExpressions: + - {key: nephio.org/cluster-name, operator: Exists} + attachmentType: vlan diff --git a/workloads/free5gc/pkg-example-upf-bp/upfdeployment.yaml b/workloads/free5gc/pkg-example-upf-bp/upfdeployment.yaml index 23861e0..4096438 100644 --- a/workloads/free5gc/pkg-example-upf-bp/upfdeployment.yaml +++ b/workloads/free5gc/pkg-example-upf-bp/upfdeployment.yaml @@ -4,4 +4,4 @@ metadata: name: upf-example namespace: upf-example spec: - provider: upf.free5gc.io \ No newline at end of file + provider: upf.free5gc.io diff --git a/workloads/free5gc/pkg-example-upf-bp/workload-cluster.yaml b/workloads/free5gc/pkg-example-upf-bp/workload-cluster.yaml index 10c6222..4d34271 100644 --- a/workloads/free5gc/pkg-example-upf-bp/workload-cluster.yaml +++ b/workloads/free5gc/pkg-example-upf-bp/workload-cluster.yaml @@ -6,4 +6,4 @@ metadata: config.kubernetes.io/local-config: "true" kpt.dev/config-injection: required spec: - clusterName: example \ No newline at end of file + clusterName: example diff --git a/workloads/oai/oai-ran-operator/operator/clusterrole.yaml b/workloads/oai/oai-ran-operator/operator/clusterrole.yaml index 55c1b48..2732140 100644 --- a/workloads/oai/oai-ran-operator/operator/clusterrole.yaml +++ b/workloads/oai/oai-ran-operator/operator/clusterrole.yaml @@ -4,107 +4,107 @@ kind: ClusterRole metadata: name: oai-ran-operator-cluster-role rules: -- apiGroups: - - "" - resources: - - configmaps - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - "" - resources: - - configmaps - - services - - serviceaccounts - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch -- apiGroups: - - "" - resources: - - pods - verbs: - - get - - list - - watch -- apiGroups: - - apps - resources: - - deployments - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - apps - resources: - - deployments/status - verbs: - - get -- apiGroups: - - k8s.cni.cncf.io - resources: - - network-attachment-definitions - verbs: - - get - - list - - watch - - create -- apiGroups: - - workload.nephio.org - resources: - - nfdeployments - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - workload.nephio.org - resources: - - nfdeployments/status - verbs: - - get - - patch - - update -- apiGroups: - - ref.nephio.org - resources: - - configs - verbs: - - get - - list - - watch -- apiGroups: - - workload.nephio.org - resources: - - nfconfigs - verbs: - - get - - list - - watch + - apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - configmaps + - services + - serviceaccounts + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + - apiGroups: + - "" + resources: + - pods + verbs: + - get + - list + - watch + - apiGroups: + - apps + resources: + - deployments + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - apps + resources: + - deployments/status + verbs: + - get + - apiGroups: + - k8s.cni.cncf.io + resources: + - network-attachment-definitions + verbs: + - get + - list + - watch + - create + - apiGroups: + - workload.nephio.org + resources: + - nfdeployments + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - workload.nephio.org + resources: + - nfdeployments/status + verbs: + - get + - patch + - update + - apiGroups: + - ref.nephio.org + resources: + - configs + verbs: + - get + - list + - watch + - apiGroups: + - workload.nephio.org + resources: + - nfconfigs + verbs: + - get + - list + - watch diff --git a/workloads/oai/oai-ran-operator/operator/deployment.yaml b/workloads/oai/oai-ran-operator/operator/deployment.yaml index 159c105..a419664 100644 --- a/workloads/oai/oai-ran-operator/operator/deployment.yaml +++ b/workloads/oai/oai-ran-operator/operator/deployment.yaml @@ -18,17 +18,17 @@ spec: spec: serviceAccountName: oai-ran-operator containers: - - name: operator - image: docker.io/nephio/oai-ran-controller:v2.0.0 - resources: - limits: - cpu: 500m - memory: 128Mi - requests: - cpu: 10m - memory: 64Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL + - name: operator + image: docker.io/nephio/oai-ran-controller:v2.0.0 + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 10m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL diff --git a/workloads/oai/package-variants/oai-cucp.yaml b/workloads/oai/package-variants/oai-cucp.yaml index bd71f3f..ec34ded 100644 --- a/workloads/oai/package-variants/oai-cucp.yaml +++ b/workloads/oai/package-variants/oai-cucp.yaml @@ -13,4 +13,4 @@ spec: annotations: approval.nephio.org/policy: initial injectors: - - name: regional + - name: regional diff --git a/workloads/oai/package-variants/oai-cuup.yaml b/workloads/oai/package-variants/oai-cuup.yaml index 2a7879a..55845cb 100644 --- a/workloads/oai/package-variants/oai-cuup.yaml +++ b/workloads/oai/package-variants/oai-cuup.yaml @@ -13,4 +13,4 @@ spec: annotations: approval.nephio.org/policy: initial injectors: - - name: edge + - name: edge diff --git a/workloads/oai/package-variants/oai-du.yaml b/workloads/oai/package-variants/oai-du.yaml index f078a1e..24b0350 100644 --- a/workloads/oai/package-variants/oai-du.yaml +++ b/workloads/oai/package-variants/oai-du.yaml @@ -13,4 +13,4 @@ spec: annotations: approval.nephio.org/policy: initial injectors: - - name: edge + - name: edge diff --git a/workloads/oai/package-variants/oai-ran-operator.yaml b/workloads/oai/package-variants/oai-ran-operator.yaml index dcd4a14..e2f1ef7 100644 --- a/workloads/oai/package-variants/oai-ran-operator.yaml +++ b/workloads/oai/package-variants/oai-ran-operator.yaml @@ -8,9 +8,9 @@ spec: package: oai-ran-operator revision: v2.0.0 targets: - - objectSelector: - apiVersion: infra.nephio.org/v1alpha1 - kind: WorkloadCluster - template: - annotations: - approval.nephio.org/policy: initial + - objectSelector: + apiVersion: infra.nephio.org/v1alpha1 + kind: WorkloadCluster + template: + annotations: + approval.nephio.org/policy: initial diff --git a/workloads/oai/package-variants/oai-ue.yaml b/workloads/oai/package-variants/oai-ue.yaml index 347b0bf..2b7a425 100644 --- a/workloads/oai/package-variants/oai-ue.yaml +++ b/workloads/oai/package-variants/oai-ue.yaml @@ -13,4 +13,4 @@ spec: annotations: approval.nephio.org/policy: initial injectors: - - name: edge + - name: edge diff --git a/workloads/oai/pkg-example-cucp-bp/apply-replacements-namespace.yaml b/workloads/oai/pkg-example-cucp-bp/apply-replacements-namespace.yaml index 3b32d61..1022e0f 100644 --- a/workloads/oai/pkg-example-cucp-bp/apply-replacements-namespace.yaml +++ b/workloads/oai/pkg-example-cucp-bp/apply-replacements-namespace.yaml @@ -5,31 +5,31 @@ metadata: annotations: config.kubernetes.io/local-config: "true" replacements: -- source: - kind: ConfigMap - name: kptfile.kpt.dev - fieldPath: data.name - targets: - - select: - kind: Config - fieldPaths: - - metadata.namespace - - select: - kind: NFConfig - fieldPaths: - - metadata.namespace - - spec.configRefs.0.metadata.namespace - - spec.configRefs.1.metadata.namespace - - spec.configRefs.2.metadata.namespace - - select: - kind: NFDeployment - fieldPaths: - - spec.configRefs.[kind=Config].namespace - - select: - kind: Interface - fieldPaths: - - metadata.annotations.[specializer.nephio.org/namespace] - - select: - kind: Dependency - fieldPaths: - - metadata.annotations.[specializer.nephio.org/namespace] \ No newline at end of file + - source: + kind: ConfigMap + name: kptfile.kpt.dev + fieldPath: data.name + targets: + - select: + kind: Config + fieldPaths: + - metadata.namespace + - select: + kind: NFConfig + fieldPaths: + - metadata.namespace + - spec.configRefs.0.metadata.namespace + - spec.configRefs.1.metadata.namespace + - spec.configRefs.2.metadata.namespace + - select: + kind: NFDeployment + fieldPaths: + - spec.configRefs.[kind=Config].namespace + - select: + kind: Interface + fieldPaths: + - metadata.annotations.[specializer.nephio.org/namespace] + - select: + kind: Dependency + fieldPaths: + - metadata.annotations.[specializer.nephio.org/namespace] diff --git a/workloads/oai/pkg-example-cucp-bp/apply-replacements-owner.yaml b/workloads/oai/pkg-example-cucp-bp/apply-replacements-owner.yaml index bd93557..1e508cc 100644 --- a/workloads/oai/pkg-example-cucp-bp/apply-replacements-owner.yaml +++ b/workloads/oai/pkg-example-cucp-bp/apply-replacements-owner.yaml @@ -5,29 +5,29 @@ metadata: annotations: config.kubernetes.io/local-config: "true" replacements: -- source: - kind: WorkloadCluster - name: workload-cluster - fieldPath: spec.clusterName - targets: - - select: - kind: NFDeployment - fieldPaths: - - metadata.name - options: - delimiter: '-' - index: 1 - - select: - kind: Interface - fieldPaths: - - metadata.annotations.[specializer.nephio.org/owner] - options: - delimiter: '-' - index: 1 - - select: - kind: Dependency - fieldPaths: - - metadata.annotations.[specializer.nephio.org/owner] - options: - delimiter: '-' - index: 1 \ No newline at end of file + - source: + kind: WorkloadCluster + name: workload-cluster + fieldPath: spec.clusterName + targets: + - select: + kind: NFDeployment + fieldPaths: + - metadata.name + options: + delimiter: '-' + index: 1 + - select: + kind: Interface + fieldPaths: + - metadata.annotations.[specializer.nephio.org/owner] + options: + delimiter: '-' + index: 1 + - select: + kind: Dependency + fieldPaths: + - metadata.annotations.[specializer.nephio.org/owner] + options: + delimiter: '-' + index: 1 diff --git a/workloads/oai/pkg-example-cucp-bp/config_ran_nf.yaml b/workloads/oai/pkg-example-cucp-bp/config_ran_nf.yaml index 1c29427..564d09a 100644 --- a/workloads/oai/pkg-example-cucp-bp/config_ran_nf.yaml +++ b/workloads/oai/pkg-example-cucp-bp/config_ran_nf.yaml @@ -5,39 +5,39 @@ metadata: namespace: example spec: configRefs: - - apiVersion: workload.nephio.org/v1alpha1 - kind: RANConfig - metadata: - name: ranconfig - namespace: default - spec: - cellIdentity: 12345678L - physicalCellID: 0 - tac: 1 - downlinkFrequencyBand: 78 - downlinkSubCarrierSpacing: 1 - downlinkCarrierBandwidth: 106 - uplinkFrequencyBand: 78 - uplinkSubCarrierSpacing: 1 - uplinkCarrierBandwidth: 106 - - apiVersion: workload.nephio.org/v1alpha1 - kind: PLMN - metadata: - name: plmn - namespace: default - spec: - PLMNInfo: - - plmnID: - mcc: "001" - mnc: "01" + - apiVersion: workload.nephio.org/v1alpha1 + kind: RANConfig + metadata: + name: ranconfig + namespace: default + spec: + cellIdentity: 12345678L + physicalCellID: 0 tac: 1 - nssai: - - sd: ffffff - sst: 1 - - apiVersion: workload.nephio.org/v1alpha1 - kind: OAIConfig - metadata: - name: oai-nf-config - namespace: default - spec: - image: "docker.io/oaisoftwarealliance/oai-gnb:2023.w19" \ No newline at end of file + downlinkFrequencyBand: 78 + downlinkSubCarrierSpacing: 1 + downlinkCarrierBandwidth: 106 + uplinkFrequencyBand: 78 + uplinkSubCarrierSpacing: 1 + uplinkCarrierBandwidth: 106 + - apiVersion: workload.nephio.org/v1alpha1 + kind: PLMN + metadata: + name: plmn + namespace: default + spec: + PLMNInfo: + - plmnID: + mcc: "001" + mnc: "01" + tac: 1 + nssai: + - sd: ffffff + sst: 1 + - apiVersion: workload.nephio.org/v1alpha1 + kind: OAIConfig + metadata: + name: oai-nf-config + namespace: default + spec: + image: "docker.io/oaisoftwarealliance/oai-gnb:2023.w19" diff --git a/workloads/oai/pkg-example-cucp-bp/cucpdeployment.yaml b/workloads/oai/pkg-example-cucp-bp/cucpdeployment.yaml index cd918df..05a3bfa 100644 --- a/workloads/oai/pkg-example-cucp-bp/cucpdeployment.yaml +++ b/workloads/oai/pkg-example-cucp-bp/cucpdeployment.yaml @@ -1,12 +1,12 @@ apiVersion: workload.nephio.org/v1alpha1 kind: NFDeployment -metadata: +metadata: name: cucp-example namespace: example spec: provider: cucp.openairinterface.org capacity: parametersRefs: - - apiVersion: workload.nephio.org/v1alpha1 - kind: NFConfig - name: cucp-nf-config \ No newline at end of file + - apiVersion: workload.nephio.org/v1alpha1 + kind: NFConfig + name: cucp-nf-config diff --git a/workloads/oai/pkg-example-cucp-bp/dependency_amf.yaml b/workloads/oai/pkg-example-cucp-bp/dependency_amf.yaml index 1b08330..6f08795 100644 --- a/workloads/oai/pkg-example-cucp-bp/dependency_amf.yaml +++ b/workloads/oai/pkg-example-cucp-bp/dependency_amf.yaml @@ -9,5 +9,5 @@ metadata: spec: packageName: oai-amf injectors: - - apiVersion: workload.nephio.org/v1alpha1 - kind: NFDeployment + - apiVersion: workload.nephio.org/v1alpha1 + kind: NFDeployment diff --git a/workloads/oai/pkg-example-cucp-bp/interface-e1.yaml b/workloads/oai/pkg-example-cucp-bp/interface-e1.yaml index a775099..fb27054 100644 --- a/workloads/oai/pkg-example-cucp-bp/interface-e1.yaml +++ b/workloads/oai/pkg-example-cucp-bp/interface-e1.yaml @@ -11,4 +11,4 @@ spec: networkInstance: name: vpc-cu-e1 cniType: macvlan - attachmentType: vlan \ No newline at end of file + attachmentType: vlan diff --git a/workloads/oai/pkg-example-cucp-bp/interface-f1c.yaml b/workloads/oai/pkg-example-cucp-bp/interface-f1c.yaml index 75527ea..7d51b5d 100644 --- a/workloads/oai/pkg-example-cucp-bp/interface-f1c.yaml +++ b/workloads/oai/pkg-example-cucp-bp/interface-f1c.yaml @@ -11,4 +11,4 @@ spec: networkInstance: name: vpc-cudu-f1 cniType: macvlan - attachmentType: vlan \ No newline at end of file + attachmentType: vlan diff --git a/workloads/oai/pkg-example-cucp-bp/interface-n2.yaml b/workloads/oai/pkg-example-cucp-bp/interface-n2.yaml index 4b948e1..ae86420 100644 --- a/workloads/oai/pkg-example-cucp-bp/interface-n2.yaml +++ b/workloads/oai/pkg-example-cucp-bp/interface-n2.yaml @@ -11,4 +11,4 @@ spec: networkInstance: name: vpc-ran cniType: macvlan - attachmentType: vlan \ No newline at end of file + attachmentType: vlan diff --git a/workloads/oai/pkg-example-cucp-bp/network_vpc-cu-e1.yaml b/workloads/oai/pkg-example-cucp-bp/network_vpc-cu-e1.yaml index 45685b9..cba99c5 100644 --- a/workloads/oai/pkg-example-cucp-bp/network_vpc-cu-e1.yaml +++ b/workloads/oai/pkg-example-cucp-bp/network_vpc-cu-e1.yaml @@ -7,22 +7,22 @@ metadata: spec: topology: nephio routingTables: - - name: vpc-cu-e1 - prefixes: - - prefix: 172:4::/32 - labels: - nephio.org/network-name: e1 - - prefix: 172.4.0.0/16 - labels: - nephio.org/network-name: e1 - interfaces: - - kind: bridgedomain - bridgeDomainName: vpc-cu-e1 - bridgeDomains: - - name: vpc-cu-e1 - interfaces: - - kind: interface - selector: - matchExpressions: - - {key: nephio.org/cluster-name, operator: Exists} - attachmentType: vlan + - name: vpc-cu-e1 + prefixes: + - prefix: 172:4::/32 + labels: + nephio.org/network-name: e1 + - prefix: 172.4.0.0/16 + labels: + nephio.org/network-name: e1 + interfaces: + - kind: bridgedomain + bridgeDomainName: vpc-cu-e1 + bridgeDomains: + - name: vpc-cu-e1 + interfaces: + - kind: interface + selector: + matchExpressions: + - {key: nephio.org/cluster-name, operator: Exists} + attachmentType: vlan diff --git a/workloads/oai/pkg-example-cucp-bp/network_vpc-cudu-f1.yaml b/workloads/oai/pkg-example-cucp-bp/network_vpc-cudu-f1.yaml index efe0936..a2815c2 100644 --- a/workloads/oai/pkg-example-cucp-bp/network_vpc-cudu-f1.yaml +++ b/workloads/oai/pkg-example-cucp-bp/network_vpc-cudu-f1.yaml @@ -7,22 +7,22 @@ metadata: spec: topology: nephio routingTables: - - name: vpc-cudu-f1 - prefixes: - - prefix: 172:5::/32 - labels: - nephio.org/network-name: f1 - - prefix: 172.5.0.0/16 - labels: - nephio.org/network-name: f1 - interfaces: - - kind: bridgedomain - bridgeDomainName: vpc-cudu-f1 - bridgeDomains: - - name: vpc-cudu-f1 - interfaces: - - kind: interface - selector: - matchExpressions: - - {key: nephio.org/cluster-name, operator: Exists} - attachmentType: vlan + - name: vpc-cudu-f1 + prefixes: + - prefix: 172:5::/32 + labels: + nephio.org/network-name: f1 + - prefix: 172.5.0.0/16 + labels: + nephio.org/network-name: f1 + interfaces: + - kind: bridgedomain + bridgeDomainName: vpc-cudu-f1 + bridgeDomains: + - name: vpc-cudu-f1 + interfaces: + - kind: interface + selector: + matchExpressions: + - {key: nephio.org/cluster-name, operator: Exists} + attachmentType: vlan diff --git a/workloads/oai/pkg-example-cucp-bp/network_vpc-internal.yaml b/workloads/oai/pkg-example-cucp-bp/network_vpc-internal.yaml index 7eab591..df54b7e 100644 --- a/workloads/oai/pkg-example-cucp-bp/network_vpc-internal.yaml +++ b/workloads/oai/pkg-example-cucp-bp/network_vpc-internal.yaml @@ -7,18 +7,18 @@ metadata: spec: topology: nephio routingTables: - - name: vpc-internal - prefixes: - - prefix: 172:1::/32 - - prefix: 172.1.0.0/16 - interfaces: - - kind: bridgedomain - bridgeDomainName: vpc-internal - bridgeDomains: - - name: vpc-internal - interfaces: - - kind: interface - selector: - matchExpressions: - - {key: nephio.org/cluster-name, operator: Exists} - attachmentType: vlan \ No newline at end of file + - name: vpc-internal + prefixes: + - prefix: 172:1::/32 + - prefix: 172.1.0.0/16 + interfaces: + - kind: bridgedomain + bridgeDomainName: vpc-internal + bridgeDomains: + - name: vpc-internal + interfaces: + - kind: interface + selector: + matchExpressions: + - {key: nephio.org/cluster-name, operator: Exists} + attachmentType: vlan diff --git a/workloads/oai/pkg-example-cucp-bp/network_vpc-internet.yaml b/workloads/oai/pkg-example-cucp-bp/network_vpc-internet.yaml index c4a74d9..bfc4447 100644 --- a/workloads/oai/pkg-example-cucp-bp/network_vpc-internet.yaml +++ b/workloads/oai/pkg-example-cucp-bp/network_vpc-internet.yaml @@ -7,24 +7,24 @@ metadata: spec: topology: nephio routingTables: - - name: vpc-internet - prefixes: - - prefix: 172::/32 - - prefix: 172.0.0.0/16 - - prefix: 1000::/32 - labels: - nephio.org/prefix-kind: pool - - prefix: 10.0.0.0/8 - labels: - nephio.org/prefix-kind: pool - interfaces: - - kind: bridgedomain - bridgeDomainName: vpc-internet - bridgeDomains: - - name: vpc-internet - interfaces: - - kind: interface - selector: - matchExpressions: - - {key: nephio.org/cluster-name, operator: Exists} - attachmentType: vlan \ No newline at end of file + - name: vpc-internet + prefixes: + - prefix: 172::/32 + - prefix: 172.0.0.0/16 + - prefix: 1000::/32 + labels: + nephio.org/prefix-kind: pool + - prefix: 10.0.0.0/8 + labels: + nephio.org/prefix-kind: pool + interfaces: + - kind: bridgedomain + bridgeDomainName: vpc-internet + bridgeDomains: + - name: vpc-internet + interfaces: + - kind: interface + selector: + matchExpressions: + - {key: nephio.org/cluster-name, operator: Exists} + attachmentType: vlan diff --git a/workloads/oai/pkg-example-cucp-bp/network_vpc-ran.yaml b/workloads/oai/pkg-example-cucp-bp/network_vpc-ran.yaml index f7c0bf5..fd179f9 100644 --- a/workloads/oai/pkg-example-cucp-bp/network_vpc-ran.yaml +++ b/workloads/oai/pkg-example-cucp-bp/network_vpc-ran.yaml @@ -7,28 +7,28 @@ metadata: spec: topology: nephio routingTables: - - name: vpc-ran - prefixes: - - prefix: 172:2::/32 - labels: - nephio.org/network-name: n2 - - prefix: 172.2.0.0/16 - labels: - nephio.org/network-name: n2 - - prefix: 172:3::/32 - labels: - nephio.org/network-name: n3 - - prefix: 172.3.0.0/16 - labels: - nephio.org/network-name: n3 - interfaces: - - kind: bridgedomain - bridgeDomainName: vpc-ran - bridgeDomains: - - name: vpc-ran - interfaces: - - kind: interface - selector: - matchExpressions: - - {key: nephio.org/cluster-name, operator: Exists} - attachmentType: vlan \ No newline at end of file + - name: vpc-ran + prefixes: + - prefix: 172:2::/32 + labels: + nephio.org/network-name: n2 + - prefix: 172.2.0.0/16 + labels: + nephio.org/network-name: n2 + - prefix: 172:3::/32 + labels: + nephio.org/network-name: n3 + - prefix: 172.3.0.0/16 + labels: + nephio.org/network-name: n3 + interfaces: + - kind: bridgedomain + bridgeDomainName: vpc-ran + bridgeDomains: + - name: vpc-ran + interfaces: + - kind: interface + selector: + matchExpressions: + - {key: nephio.org/cluster-name, operator: Exists} + attachmentType: vlan diff --git a/workloads/oai/pkg-example-cucp-bp/workload-cluster.yaml b/workloads/oai/pkg-example-cucp-bp/workload-cluster.yaml index 10c6222..4d34271 100644 --- a/workloads/oai/pkg-example-cucp-bp/workload-cluster.yaml +++ b/workloads/oai/pkg-example-cucp-bp/workload-cluster.yaml @@ -6,4 +6,4 @@ metadata: config.kubernetes.io/local-config: "true" kpt.dev/config-injection: required spec: - clusterName: example \ No newline at end of file + clusterName: example diff --git a/workloads/oai/pkg-example-cuup-bp/apply-replacements-namespace.yaml b/workloads/oai/pkg-example-cuup-bp/apply-replacements-namespace.yaml index 3b32d61..1022e0f 100644 --- a/workloads/oai/pkg-example-cuup-bp/apply-replacements-namespace.yaml +++ b/workloads/oai/pkg-example-cuup-bp/apply-replacements-namespace.yaml @@ -5,31 +5,31 @@ metadata: annotations: config.kubernetes.io/local-config: "true" replacements: -- source: - kind: ConfigMap - name: kptfile.kpt.dev - fieldPath: data.name - targets: - - select: - kind: Config - fieldPaths: - - metadata.namespace - - select: - kind: NFConfig - fieldPaths: - - metadata.namespace - - spec.configRefs.0.metadata.namespace - - spec.configRefs.1.metadata.namespace - - spec.configRefs.2.metadata.namespace - - select: - kind: NFDeployment - fieldPaths: - - spec.configRefs.[kind=Config].namespace - - select: - kind: Interface - fieldPaths: - - metadata.annotations.[specializer.nephio.org/namespace] - - select: - kind: Dependency - fieldPaths: - - metadata.annotations.[specializer.nephio.org/namespace] \ No newline at end of file + - source: + kind: ConfigMap + name: kptfile.kpt.dev + fieldPath: data.name + targets: + - select: + kind: Config + fieldPaths: + - metadata.namespace + - select: + kind: NFConfig + fieldPaths: + - metadata.namespace + - spec.configRefs.0.metadata.namespace + - spec.configRefs.1.metadata.namespace + - spec.configRefs.2.metadata.namespace + - select: + kind: NFDeployment + fieldPaths: + - spec.configRefs.[kind=Config].namespace + - select: + kind: Interface + fieldPaths: + - metadata.annotations.[specializer.nephio.org/namespace] + - select: + kind: Dependency + fieldPaths: + - metadata.annotations.[specializer.nephio.org/namespace] diff --git a/workloads/oai/pkg-example-cuup-bp/apply-replacements-owner.yaml b/workloads/oai/pkg-example-cuup-bp/apply-replacements-owner.yaml index bd93557..1e508cc 100644 --- a/workloads/oai/pkg-example-cuup-bp/apply-replacements-owner.yaml +++ b/workloads/oai/pkg-example-cuup-bp/apply-replacements-owner.yaml @@ -5,29 +5,29 @@ metadata: annotations: config.kubernetes.io/local-config: "true" replacements: -- source: - kind: WorkloadCluster - name: workload-cluster - fieldPath: spec.clusterName - targets: - - select: - kind: NFDeployment - fieldPaths: - - metadata.name - options: - delimiter: '-' - index: 1 - - select: - kind: Interface - fieldPaths: - - metadata.annotations.[specializer.nephio.org/owner] - options: - delimiter: '-' - index: 1 - - select: - kind: Dependency - fieldPaths: - - metadata.annotations.[specializer.nephio.org/owner] - options: - delimiter: '-' - index: 1 \ No newline at end of file + - source: + kind: WorkloadCluster + name: workload-cluster + fieldPath: spec.clusterName + targets: + - select: + kind: NFDeployment + fieldPaths: + - metadata.name + options: + delimiter: '-' + index: 1 + - select: + kind: Interface + fieldPaths: + - metadata.annotations.[specializer.nephio.org/owner] + options: + delimiter: '-' + index: 1 + - select: + kind: Dependency + fieldPaths: + - metadata.annotations.[specializer.nephio.org/owner] + options: + delimiter: '-' + index: 1 diff --git a/workloads/oai/pkg-example-cuup-bp/config_ran_nf.yaml b/workloads/oai/pkg-example-cuup-bp/config_ran_nf.yaml index e125ae6..01c5702 100644 --- a/workloads/oai/pkg-example-cuup-bp/config_ran_nf.yaml +++ b/workloads/oai/pkg-example-cuup-bp/config_ran_nf.yaml @@ -5,39 +5,39 @@ metadata: namespace: example spec: configRefs: - - apiVersion: workload.nephio.org/v1alpha1 - kind: RANConfig - metadata: - name: ranconfig - namespace: default - spec: - cellIdentity: 12345678L - physicalCellID: 0 - tac: 1 - downlinkFrequencyBand: 78 - downlinkSubCarrierSpacing: 1 - downlinkCarrierBandwidth: 106 - uplinkFrequencyBand: 78 - uplinkSubCarrierSpacing: 1 - uplinkCarrierBandwidth: 106 - - apiVersion: workload.nephio.org/v1alpha1 - kind: PLMN - metadata: - name: plmn - namespace: default - spec: - PLMNInfo: - - plmnID: - mcc: "001" - mnc: "01" + - apiVersion: workload.nephio.org/v1alpha1 + kind: RANConfig + metadata: + name: ranconfig + namespace: default + spec: + cellIdentity: 12345678L + physicalCellID: 0 tac: 1 - nssai: - - sd: ffffff - sst: 1 - - apiVersion: workload.nephio.org/v1alpha1 - kind: OAIConfig - metadata: - name: oai-nf-config - namespace: default - spec: - image: "docker.io/oaisoftwarealliance/oai-nr-cuup:2023.w19" \ No newline at end of file + downlinkFrequencyBand: 78 + downlinkSubCarrierSpacing: 1 + downlinkCarrierBandwidth: 106 + uplinkFrequencyBand: 78 + uplinkSubCarrierSpacing: 1 + uplinkCarrierBandwidth: 106 + - apiVersion: workload.nephio.org/v1alpha1 + kind: PLMN + metadata: + name: plmn + namespace: default + spec: + PLMNInfo: + - plmnID: + mcc: "001" + mnc: "01" + tac: 1 + nssai: + - sd: ffffff + sst: 1 + - apiVersion: workload.nephio.org/v1alpha1 + kind: OAIConfig + metadata: + name: oai-nf-config + namespace: default + spec: + image: "docker.io/oaisoftwarealliance/oai-nr-cuup:2023.w19" diff --git a/workloads/oai/pkg-example-cuup-bp/cuupdeployment.yaml b/workloads/oai/pkg-example-cuup-bp/cuupdeployment.yaml index a584196..5305ca1 100644 --- a/workloads/oai/pkg-example-cuup-bp/cuupdeployment.yaml +++ b/workloads/oai/pkg-example-cuup-bp/cuupdeployment.yaml @@ -1,6 +1,6 @@ apiVersion: workload.nephio.org/v1alpha1 kind: NFDeployment -metadata: +metadata: name: cuup-example namespace: example spec: @@ -8,4 +8,4 @@ spec: parametersRefs: - apiVersion: workload.nephio.org/v1alpha1 kind: NFConfig - name: cuup-nf-config \ No newline at end of file + name: cuup-nf-config diff --git a/workloads/oai/pkg-example-cuup-bp/dependency_cucp.yaml b/workloads/oai/pkg-example-cuup-bp/dependency_cucp.yaml index 59ae0a9..1b6dc14 100644 --- a/workloads/oai/pkg-example-cuup-bp/dependency_cucp.yaml +++ b/workloads/oai/pkg-example-cuup-bp/dependency_cucp.yaml @@ -9,5 +9,5 @@ metadata: spec: packageName: oai-ran-cucp injectors: - - apiVersion: workload.nephio.org/v1alpha1 - kind: NFDeployment + - apiVersion: workload.nephio.org/v1alpha1 + kind: NFDeployment diff --git a/workloads/oai/pkg-example-cuup-bp/interface-e1.yaml b/workloads/oai/pkg-example-cuup-bp/interface-e1.yaml index a1cb55b..eb3b322 100644 --- a/workloads/oai/pkg-example-cuup-bp/interface-e1.yaml +++ b/workloads/oai/pkg-example-cuup-bp/interface-e1.yaml @@ -11,4 +11,4 @@ spec: networkInstance: name: vpc-cu-e1 cniType: macvlan - attachmentType: vlan \ No newline at end of file + attachmentType: vlan diff --git a/workloads/oai/pkg-example-cuup-bp/interface-f1u.yaml b/workloads/oai/pkg-example-cuup-bp/interface-f1u.yaml index 5369815..818a382 100644 --- a/workloads/oai/pkg-example-cuup-bp/interface-f1u.yaml +++ b/workloads/oai/pkg-example-cuup-bp/interface-f1u.yaml @@ -11,4 +11,4 @@ spec: networkInstance: name: vpc-cudu-f1 cniType: macvlan - attachmentType: vlan \ No newline at end of file + attachmentType: vlan diff --git a/workloads/oai/pkg-example-cuup-bp/interface-n3.yaml b/workloads/oai/pkg-example-cuup-bp/interface-n3.yaml index 57b089c..7d46cc6 100644 --- a/workloads/oai/pkg-example-cuup-bp/interface-n3.yaml +++ b/workloads/oai/pkg-example-cuup-bp/interface-n3.yaml @@ -11,4 +11,4 @@ spec: networkInstance: name: vpc-ran cniType: macvlan - attachmentType: vlan \ No newline at end of file + attachmentType: vlan diff --git a/workloads/oai/pkg-example-cuup-bp/network_vpc-cu-e1.yaml b/workloads/oai/pkg-example-cuup-bp/network_vpc-cu-e1.yaml index 45685b9..cba99c5 100644 --- a/workloads/oai/pkg-example-cuup-bp/network_vpc-cu-e1.yaml +++ b/workloads/oai/pkg-example-cuup-bp/network_vpc-cu-e1.yaml @@ -7,22 +7,22 @@ metadata: spec: topology: nephio routingTables: - - name: vpc-cu-e1 - prefixes: - - prefix: 172:4::/32 - labels: - nephio.org/network-name: e1 - - prefix: 172.4.0.0/16 - labels: - nephio.org/network-name: e1 - interfaces: - - kind: bridgedomain - bridgeDomainName: vpc-cu-e1 - bridgeDomains: - - name: vpc-cu-e1 - interfaces: - - kind: interface - selector: - matchExpressions: - - {key: nephio.org/cluster-name, operator: Exists} - attachmentType: vlan + - name: vpc-cu-e1 + prefixes: + - prefix: 172:4::/32 + labels: + nephio.org/network-name: e1 + - prefix: 172.4.0.0/16 + labels: + nephio.org/network-name: e1 + interfaces: + - kind: bridgedomain + bridgeDomainName: vpc-cu-e1 + bridgeDomains: + - name: vpc-cu-e1 + interfaces: + - kind: interface + selector: + matchExpressions: + - {key: nephio.org/cluster-name, operator: Exists} + attachmentType: vlan diff --git a/workloads/oai/pkg-example-cuup-bp/network_vpc-cudu-f1.yaml b/workloads/oai/pkg-example-cuup-bp/network_vpc-cudu-f1.yaml index efe0936..a2815c2 100644 --- a/workloads/oai/pkg-example-cuup-bp/network_vpc-cudu-f1.yaml +++ b/workloads/oai/pkg-example-cuup-bp/network_vpc-cudu-f1.yaml @@ -7,22 +7,22 @@ metadata: spec: topology: nephio routingTables: - - name: vpc-cudu-f1 - prefixes: - - prefix: 172:5::/32 - labels: - nephio.org/network-name: f1 - - prefix: 172.5.0.0/16 - labels: - nephio.org/network-name: f1 - interfaces: - - kind: bridgedomain - bridgeDomainName: vpc-cudu-f1 - bridgeDomains: - - name: vpc-cudu-f1 - interfaces: - - kind: interface - selector: - matchExpressions: - - {key: nephio.org/cluster-name, operator: Exists} - attachmentType: vlan + - name: vpc-cudu-f1 + prefixes: + - prefix: 172:5::/32 + labels: + nephio.org/network-name: f1 + - prefix: 172.5.0.0/16 + labels: + nephio.org/network-name: f1 + interfaces: + - kind: bridgedomain + bridgeDomainName: vpc-cudu-f1 + bridgeDomains: + - name: vpc-cudu-f1 + interfaces: + - kind: interface + selector: + matchExpressions: + - {key: nephio.org/cluster-name, operator: Exists} + attachmentType: vlan diff --git a/workloads/oai/pkg-example-cuup-bp/network_vpc-internal.yaml b/workloads/oai/pkg-example-cuup-bp/network_vpc-internal.yaml index 7eab591..df54b7e 100644 --- a/workloads/oai/pkg-example-cuup-bp/network_vpc-internal.yaml +++ b/workloads/oai/pkg-example-cuup-bp/network_vpc-internal.yaml @@ -7,18 +7,18 @@ metadata: spec: topology: nephio routingTables: - - name: vpc-internal - prefixes: - - prefix: 172:1::/32 - - prefix: 172.1.0.0/16 - interfaces: - - kind: bridgedomain - bridgeDomainName: vpc-internal - bridgeDomains: - - name: vpc-internal - interfaces: - - kind: interface - selector: - matchExpressions: - - {key: nephio.org/cluster-name, operator: Exists} - attachmentType: vlan \ No newline at end of file + - name: vpc-internal + prefixes: + - prefix: 172:1::/32 + - prefix: 172.1.0.0/16 + interfaces: + - kind: bridgedomain + bridgeDomainName: vpc-internal + bridgeDomains: + - name: vpc-internal + interfaces: + - kind: interface + selector: + matchExpressions: + - {key: nephio.org/cluster-name, operator: Exists} + attachmentType: vlan diff --git a/workloads/oai/pkg-example-cuup-bp/network_vpc-internet.yaml b/workloads/oai/pkg-example-cuup-bp/network_vpc-internet.yaml index c4a74d9..bfc4447 100644 --- a/workloads/oai/pkg-example-cuup-bp/network_vpc-internet.yaml +++ b/workloads/oai/pkg-example-cuup-bp/network_vpc-internet.yaml @@ -7,24 +7,24 @@ metadata: spec: topology: nephio routingTables: - - name: vpc-internet - prefixes: - - prefix: 172::/32 - - prefix: 172.0.0.0/16 - - prefix: 1000::/32 - labels: - nephio.org/prefix-kind: pool - - prefix: 10.0.0.0/8 - labels: - nephio.org/prefix-kind: pool - interfaces: - - kind: bridgedomain - bridgeDomainName: vpc-internet - bridgeDomains: - - name: vpc-internet - interfaces: - - kind: interface - selector: - matchExpressions: - - {key: nephio.org/cluster-name, operator: Exists} - attachmentType: vlan \ No newline at end of file + - name: vpc-internet + prefixes: + - prefix: 172::/32 + - prefix: 172.0.0.0/16 + - prefix: 1000::/32 + labels: + nephio.org/prefix-kind: pool + - prefix: 10.0.0.0/8 + labels: + nephio.org/prefix-kind: pool + interfaces: + - kind: bridgedomain + bridgeDomainName: vpc-internet + bridgeDomains: + - name: vpc-internet + interfaces: + - kind: interface + selector: + matchExpressions: + - {key: nephio.org/cluster-name, operator: Exists} + attachmentType: vlan diff --git a/workloads/oai/pkg-example-cuup-bp/network_vpc-ran.yaml b/workloads/oai/pkg-example-cuup-bp/network_vpc-ran.yaml index f7c0bf5..fd179f9 100644 --- a/workloads/oai/pkg-example-cuup-bp/network_vpc-ran.yaml +++ b/workloads/oai/pkg-example-cuup-bp/network_vpc-ran.yaml @@ -7,28 +7,28 @@ metadata: spec: topology: nephio routingTables: - - name: vpc-ran - prefixes: - - prefix: 172:2::/32 - labels: - nephio.org/network-name: n2 - - prefix: 172.2.0.0/16 - labels: - nephio.org/network-name: n2 - - prefix: 172:3::/32 - labels: - nephio.org/network-name: n3 - - prefix: 172.3.0.0/16 - labels: - nephio.org/network-name: n3 - interfaces: - - kind: bridgedomain - bridgeDomainName: vpc-ran - bridgeDomains: - - name: vpc-ran - interfaces: - - kind: interface - selector: - matchExpressions: - - {key: nephio.org/cluster-name, operator: Exists} - attachmentType: vlan \ No newline at end of file + - name: vpc-ran + prefixes: + - prefix: 172:2::/32 + labels: + nephio.org/network-name: n2 + - prefix: 172.2.0.0/16 + labels: + nephio.org/network-name: n2 + - prefix: 172:3::/32 + labels: + nephio.org/network-name: n3 + - prefix: 172.3.0.0/16 + labels: + nephio.org/network-name: n3 + interfaces: + - kind: bridgedomain + bridgeDomainName: vpc-ran + bridgeDomains: + - name: vpc-ran + interfaces: + - kind: interface + selector: + matchExpressions: + - {key: nephio.org/cluster-name, operator: Exists} + attachmentType: vlan diff --git a/workloads/oai/pkg-example-cuup-bp/workload-cluster.yaml b/workloads/oai/pkg-example-cuup-bp/workload-cluster.yaml index 10c6222..4d34271 100644 --- a/workloads/oai/pkg-example-cuup-bp/workload-cluster.yaml +++ b/workloads/oai/pkg-example-cuup-bp/workload-cluster.yaml @@ -6,4 +6,4 @@ metadata: config.kubernetes.io/local-config: "true" kpt.dev/config-injection: required spec: - clusterName: example \ No newline at end of file + clusterName: example diff --git a/workloads/oai/pkg-example-du-bp/apply-replacements-namespace.yaml b/workloads/oai/pkg-example-du-bp/apply-replacements-namespace.yaml index 3b32d61..1022e0f 100644 --- a/workloads/oai/pkg-example-du-bp/apply-replacements-namespace.yaml +++ b/workloads/oai/pkg-example-du-bp/apply-replacements-namespace.yaml @@ -5,31 +5,31 @@ metadata: annotations: config.kubernetes.io/local-config: "true" replacements: -- source: - kind: ConfigMap - name: kptfile.kpt.dev - fieldPath: data.name - targets: - - select: - kind: Config - fieldPaths: - - metadata.namespace - - select: - kind: NFConfig - fieldPaths: - - metadata.namespace - - spec.configRefs.0.metadata.namespace - - spec.configRefs.1.metadata.namespace - - spec.configRefs.2.metadata.namespace - - select: - kind: NFDeployment - fieldPaths: - - spec.configRefs.[kind=Config].namespace - - select: - kind: Interface - fieldPaths: - - metadata.annotations.[specializer.nephio.org/namespace] - - select: - kind: Dependency - fieldPaths: - - metadata.annotations.[specializer.nephio.org/namespace] \ No newline at end of file + - source: + kind: ConfigMap + name: kptfile.kpt.dev + fieldPath: data.name + targets: + - select: + kind: Config + fieldPaths: + - metadata.namespace + - select: + kind: NFConfig + fieldPaths: + - metadata.namespace + - spec.configRefs.0.metadata.namespace + - spec.configRefs.1.metadata.namespace + - spec.configRefs.2.metadata.namespace + - select: + kind: NFDeployment + fieldPaths: + - spec.configRefs.[kind=Config].namespace + - select: + kind: Interface + fieldPaths: + - metadata.annotations.[specializer.nephio.org/namespace] + - select: + kind: Dependency + fieldPaths: + - metadata.annotations.[specializer.nephio.org/namespace] diff --git a/workloads/oai/pkg-example-du-bp/apply-replacements-owner.yaml b/workloads/oai/pkg-example-du-bp/apply-replacements-owner.yaml index bd93557..1e508cc 100644 --- a/workloads/oai/pkg-example-du-bp/apply-replacements-owner.yaml +++ b/workloads/oai/pkg-example-du-bp/apply-replacements-owner.yaml @@ -5,29 +5,29 @@ metadata: annotations: config.kubernetes.io/local-config: "true" replacements: -- source: - kind: WorkloadCluster - name: workload-cluster - fieldPath: spec.clusterName - targets: - - select: - kind: NFDeployment - fieldPaths: - - metadata.name - options: - delimiter: '-' - index: 1 - - select: - kind: Interface - fieldPaths: - - metadata.annotations.[specializer.nephio.org/owner] - options: - delimiter: '-' - index: 1 - - select: - kind: Dependency - fieldPaths: - - metadata.annotations.[specializer.nephio.org/owner] - options: - delimiter: '-' - index: 1 \ No newline at end of file + - source: + kind: WorkloadCluster + name: workload-cluster + fieldPath: spec.clusterName + targets: + - select: + kind: NFDeployment + fieldPaths: + - metadata.name + options: + delimiter: '-' + index: 1 + - select: + kind: Interface + fieldPaths: + - metadata.annotations.[specializer.nephio.org/owner] + options: + delimiter: '-' + index: 1 + - select: + kind: Dependency + fieldPaths: + - metadata.annotations.[specializer.nephio.org/owner] + options: + delimiter: '-' + index: 1 diff --git a/workloads/oai/pkg-example-du-bp/config_ran_nf.yaml b/workloads/oai/pkg-example-du-bp/config_ran_nf.yaml index abdb5f6..577cdf7 100644 --- a/workloads/oai/pkg-example-du-bp/config_ran_nf.yaml +++ b/workloads/oai/pkg-example-du-bp/config_ran_nf.yaml @@ -5,39 +5,39 @@ metadata: namespace: example spec: configRefs: - - apiVersion: workload.nephio.org/v1alpha1 - kind: RANConfig - metadata: - name: ranconfig - namespace: default - spec: - cellIdentity: 12345678L - physicalCellID: 0 - tac: 1 - downlinkFrequencyBand: 78 - downlinkSubCarrierSpacing: 1 - downlinkCarrierBandwidth: 106 - uplinkFrequencyBand: 78 - uplinkSubCarrierSpacing: 1 - uplinkCarrierBandwidth: 106 - - apiVersion: workload.nephio.org/v1alpha1 - kind: PLMN - metadata: - name: plmn - namespace: default - spec: - PLMNInfo: - - plmnID: - mcc: "001" - mnc: "01" + - apiVersion: workload.nephio.org/v1alpha1 + kind: RANConfig + metadata: + name: ranconfig + namespace: default + spec: + cellIdentity: 12345678L + physicalCellID: 0 tac: 1 - nssai: - - sd: ffffff - sst: 1 - - apiVersion: workload.nephio.org/v1alpha1 - kind: OAIConfig - metadata: - name: oai-nf-config - namespace: default - spec: - image: "docker.io/oaisoftwarealliance/oai-gnb:2023.w19" \ No newline at end of file + downlinkFrequencyBand: 78 + downlinkSubCarrierSpacing: 1 + downlinkCarrierBandwidth: 106 + uplinkFrequencyBand: 78 + uplinkSubCarrierSpacing: 1 + uplinkCarrierBandwidth: 106 + - apiVersion: workload.nephio.org/v1alpha1 + kind: PLMN + metadata: + name: plmn + namespace: default + spec: + PLMNInfo: + - plmnID: + mcc: "001" + mnc: "01" + tac: 1 + nssai: + - sd: ffffff + sst: 1 + - apiVersion: workload.nephio.org/v1alpha1 + kind: OAIConfig + metadata: + name: oai-nf-config + namespace: default + spec: + image: "docker.io/oaisoftwarealliance/oai-gnb:2023.w19" diff --git a/workloads/oai/pkg-example-du-bp/dependency_cucp.yaml b/workloads/oai/pkg-example-du-bp/dependency_cucp.yaml index 6625c82..4d501e8 100644 --- a/workloads/oai/pkg-example-du-bp/dependency_cucp.yaml +++ b/workloads/oai/pkg-example-du-bp/dependency_cucp.yaml @@ -9,5 +9,5 @@ metadata: spec: packageName: oai-ran-cucp injectors: - - apiVersion: workload.nephio.org/v1alpha1 - kind: NFDeployment + - apiVersion: workload.nephio.org/v1alpha1 + kind: NFDeployment diff --git a/workloads/oai/pkg-example-du-bp/dudeployment.yaml b/workloads/oai/pkg-example-du-bp/dudeployment.yaml index cf96efa..a984d3c 100644 --- a/workloads/oai/pkg-example-du-bp/dudeployment.yaml +++ b/workloads/oai/pkg-example-du-bp/dudeployment.yaml @@ -1,6 +1,6 @@ apiVersion: workload.nephio.org/v1alpha1 kind: NFDeployment -metadata: +metadata: name: du-example namespace: example spec: @@ -8,4 +8,4 @@ spec: parametersRefs: - apiVersion: workload.nephio.org/v1alpha1 kind: NFConfig - name: du-nf-config \ No newline at end of file + name: du-nf-config diff --git a/workloads/oai/pkg-example-du-bp/interface-f1.yaml b/workloads/oai/pkg-example-du-bp/interface-f1.yaml index d748f9a..2214e4f 100644 --- a/workloads/oai/pkg-example-du-bp/interface-f1.yaml +++ b/workloads/oai/pkg-example-du-bp/interface-f1.yaml @@ -11,4 +11,4 @@ spec: networkInstance: name: vpc-cudu-f1 cniType: macvlan - attachmentType: vlan \ No newline at end of file + attachmentType: vlan diff --git a/workloads/oai/pkg-example-du-bp/network_vpc-cu-e1.yaml b/workloads/oai/pkg-example-du-bp/network_vpc-cu-e1.yaml index 45685b9..cba99c5 100644 --- a/workloads/oai/pkg-example-du-bp/network_vpc-cu-e1.yaml +++ b/workloads/oai/pkg-example-du-bp/network_vpc-cu-e1.yaml @@ -7,22 +7,22 @@ metadata: spec: topology: nephio routingTables: - - name: vpc-cu-e1 - prefixes: - - prefix: 172:4::/32 - labels: - nephio.org/network-name: e1 - - prefix: 172.4.0.0/16 - labels: - nephio.org/network-name: e1 - interfaces: - - kind: bridgedomain - bridgeDomainName: vpc-cu-e1 - bridgeDomains: - - name: vpc-cu-e1 - interfaces: - - kind: interface - selector: - matchExpressions: - - {key: nephio.org/cluster-name, operator: Exists} - attachmentType: vlan + - name: vpc-cu-e1 + prefixes: + - prefix: 172:4::/32 + labels: + nephio.org/network-name: e1 + - prefix: 172.4.0.0/16 + labels: + nephio.org/network-name: e1 + interfaces: + - kind: bridgedomain + bridgeDomainName: vpc-cu-e1 + bridgeDomains: + - name: vpc-cu-e1 + interfaces: + - kind: interface + selector: + matchExpressions: + - {key: nephio.org/cluster-name, operator: Exists} + attachmentType: vlan diff --git a/workloads/oai/pkg-example-du-bp/network_vpc-cudu-f1.yaml b/workloads/oai/pkg-example-du-bp/network_vpc-cudu-f1.yaml index efe0936..a2815c2 100644 --- a/workloads/oai/pkg-example-du-bp/network_vpc-cudu-f1.yaml +++ b/workloads/oai/pkg-example-du-bp/network_vpc-cudu-f1.yaml @@ -7,22 +7,22 @@ metadata: spec: topology: nephio routingTables: - - name: vpc-cudu-f1 - prefixes: - - prefix: 172:5::/32 - labels: - nephio.org/network-name: f1 - - prefix: 172.5.0.0/16 - labels: - nephio.org/network-name: f1 - interfaces: - - kind: bridgedomain - bridgeDomainName: vpc-cudu-f1 - bridgeDomains: - - name: vpc-cudu-f1 - interfaces: - - kind: interface - selector: - matchExpressions: - - {key: nephio.org/cluster-name, operator: Exists} - attachmentType: vlan + - name: vpc-cudu-f1 + prefixes: + - prefix: 172:5::/32 + labels: + nephio.org/network-name: f1 + - prefix: 172.5.0.0/16 + labels: + nephio.org/network-name: f1 + interfaces: + - kind: bridgedomain + bridgeDomainName: vpc-cudu-f1 + bridgeDomains: + - name: vpc-cudu-f1 + interfaces: + - kind: interface + selector: + matchExpressions: + - {key: nephio.org/cluster-name, operator: Exists} + attachmentType: vlan diff --git a/workloads/oai/pkg-example-du-bp/network_vpc-internal.yaml b/workloads/oai/pkg-example-du-bp/network_vpc-internal.yaml index 7eab591..df54b7e 100644 --- a/workloads/oai/pkg-example-du-bp/network_vpc-internal.yaml +++ b/workloads/oai/pkg-example-du-bp/network_vpc-internal.yaml @@ -7,18 +7,18 @@ metadata: spec: topology: nephio routingTables: - - name: vpc-internal - prefixes: - - prefix: 172:1::/32 - - prefix: 172.1.0.0/16 - interfaces: - - kind: bridgedomain - bridgeDomainName: vpc-internal - bridgeDomains: - - name: vpc-internal - interfaces: - - kind: interface - selector: - matchExpressions: - - {key: nephio.org/cluster-name, operator: Exists} - attachmentType: vlan \ No newline at end of file + - name: vpc-internal + prefixes: + - prefix: 172:1::/32 + - prefix: 172.1.0.0/16 + interfaces: + - kind: bridgedomain + bridgeDomainName: vpc-internal + bridgeDomains: + - name: vpc-internal + interfaces: + - kind: interface + selector: + matchExpressions: + - {key: nephio.org/cluster-name, operator: Exists} + attachmentType: vlan diff --git a/workloads/oai/pkg-example-du-bp/network_vpc-internet.yaml b/workloads/oai/pkg-example-du-bp/network_vpc-internet.yaml index c4a74d9..bfc4447 100644 --- a/workloads/oai/pkg-example-du-bp/network_vpc-internet.yaml +++ b/workloads/oai/pkg-example-du-bp/network_vpc-internet.yaml @@ -7,24 +7,24 @@ metadata: spec: topology: nephio routingTables: - - name: vpc-internet - prefixes: - - prefix: 172::/32 - - prefix: 172.0.0.0/16 - - prefix: 1000::/32 - labels: - nephio.org/prefix-kind: pool - - prefix: 10.0.0.0/8 - labels: - nephio.org/prefix-kind: pool - interfaces: - - kind: bridgedomain - bridgeDomainName: vpc-internet - bridgeDomains: - - name: vpc-internet - interfaces: - - kind: interface - selector: - matchExpressions: - - {key: nephio.org/cluster-name, operator: Exists} - attachmentType: vlan \ No newline at end of file + - name: vpc-internet + prefixes: + - prefix: 172::/32 + - prefix: 172.0.0.0/16 + - prefix: 1000::/32 + labels: + nephio.org/prefix-kind: pool + - prefix: 10.0.0.0/8 + labels: + nephio.org/prefix-kind: pool + interfaces: + - kind: bridgedomain + bridgeDomainName: vpc-internet + bridgeDomains: + - name: vpc-internet + interfaces: + - kind: interface + selector: + matchExpressions: + - {key: nephio.org/cluster-name, operator: Exists} + attachmentType: vlan diff --git a/workloads/oai/pkg-example-du-bp/network_vpc-ran.yaml b/workloads/oai/pkg-example-du-bp/network_vpc-ran.yaml index f7c0bf5..fd179f9 100644 --- a/workloads/oai/pkg-example-du-bp/network_vpc-ran.yaml +++ b/workloads/oai/pkg-example-du-bp/network_vpc-ran.yaml @@ -7,28 +7,28 @@ metadata: spec: topology: nephio routingTables: - - name: vpc-ran - prefixes: - - prefix: 172:2::/32 - labels: - nephio.org/network-name: n2 - - prefix: 172.2.0.0/16 - labels: - nephio.org/network-name: n2 - - prefix: 172:3::/32 - labels: - nephio.org/network-name: n3 - - prefix: 172.3.0.0/16 - labels: - nephio.org/network-name: n3 - interfaces: - - kind: bridgedomain - bridgeDomainName: vpc-ran - bridgeDomains: - - name: vpc-ran - interfaces: - - kind: interface - selector: - matchExpressions: - - {key: nephio.org/cluster-name, operator: Exists} - attachmentType: vlan \ No newline at end of file + - name: vpc-ran + prefixes: + - prefix: 172:2::/32 + labels: + nephio.org/network-name: n2 + - prefix: 172.2.0.0/16 + labels: + nephio.org/network-name: n2 + - prefix: 172:3::/32 + labels: + nephio.org/network-name: n3 + - prefix: 172.3.0.0/16 + labels: + nephio.org/network-name: n3 + interfaces: + - kind: bridgedomain + bridgeDomainName: vpc-ran + bridgeDomains: + - name: vpc-ran + interfaces: + - kind: interface + selector: + matchExpressions: + - {key: nephio.org/cluster-name, operator: Exists} + attachmentType: vlan diff --git a/workloads/oai/pkg-example-du-bp/workload-cluster.yaml b/workloads/oai/pkg-example-du-bp/workload-cluster.yaml index 10c6222..4d34271 100644 --- a/workloads/oai/pkg-example-du-bp/workload-cluster.yaml +++ b/workloads/oai/pkg-example-du-bp/workload-cluster.yaml @@ -6,4 +6,4 @@ metadata: config.kubernetes.io/local-config: "true" kpt.dev/config-injection: required spec: - clusterName: example \ No newline at end of file + clusterName: example diff --git a/workloads/oai/pkg-example-ue-bp/oai-ue/sa.yaml b/workloads/oai/pkg-example-ue-bp/oai-ue/sa.yaml index bf8d184..be29dae 100644 --- a/workloads/oai/pkg-example-ue-bp/oai-ue/sa.yaml +++ b/workloads/oai/pkg-example-ue-bp/oai-ue/sa.yaml @@ -2,4 +2,4 @@ apiVersion: v1 kind: ServiceAccount metadata: name: oai-nr-ue-sa - namespace: oai-ue \ No newline at end of file + namespace: oai-ue diff --git a/workloads/oai/pkg-example-ue-bp/oai-ue/uedeployment.yaml b/workloads/oai/pkg-example-ue-bp/oai-ue/uedeployment.yaml index 4054aca..8013dc8 100644 --- a/workloads/oai/pkg-example-ue-bp/oai-ue/uedeployment.yaml +++ b/workloads/oai/pkg-example-ue-bp/oai-ue/uedeployment.yaml @@ -22,59 +22,59 @@ spec: runAsGroup: 0 runAsUser: 0 imagePullSecrets: - - name: regcred + - name: regcred containers: - - name: nr-ue - image: "docker.io/oaisoftwarealliance/oai-nr-ue:2023.w19" - securityContext: - privileged: true - env: - - name: TZ - valueFrom: - configMapKeyRef: - name: oai-nr-ue-configmap - key: timeZone - - name: RFSIMULATOR - valueFrom: - configMapKeyRef: - name: oai-nr-ue-configmap - key: rfSimulator - - name: FULL_IMSI - valueFrom: - configMapKeyRef: - name: oai-nr-ue-configmap - key: fullImsi - - name: FULL_KEY - valueFrom: - configMapKeyRef: - name: oai-nr-ue-configmap - key: fullKey - - name: OPC - valueFrom: - configMapKeyRef: - name: oai-nr-ue-configmap - key: opc - - name: DNN - valueFrom: - configMapKeyRef: - name: oai-nr-ue-configmap - key: dnn - - name: NSSAI_SST - valueFrom: - configMapKeyRef: - name: oai-nr-ue-configmap - key: nssaiSst - - name: NSSAI_SD - valueFrom: - configMapKeyRef: - name: oai-nr-ue-configmap - key: nssaiSd - - name: USE_ADDITIONAL_OPTIONS - valueFrom: - configMapKeyRef: - name: oai-nr-ue-configmap - key: useAdditionalOptions + - name: nr-ue + image: "docker.io/oaisoftwarealliance/oai-nr-ue:2023.w19" + securityContext: + privileged: true + env: + - name: TZ + valueFrom: + configMapKeyRef: + name: oai-nr-ue-configmap + key: timeZone + - name: RFSIMULATOR + valueFrom: + configMapKeyRef: + name: oai-nr-ue-configmap + key: rfSimulator + - name: FULL_IMSI + valueFrom: + configMapKeyRef: + name: oai-nr-ue-configmap + key: fullImsi + - name: FULL_KEY + valueFrom: + configMapKeyRef: + name: oai-nr-ue-configmap + key: fullKey + - name: OPC + valueFrom: + configMapKeyRef: + name: oai-nr-ue-configmap + key: opc + - name: DNN + valueFrom: + configMapKeyRef: + name: oai-nr-ue-configmap + key: dnn + - name: NSSAI_SST + valueFrom: + configMapKeyRef: + name: oai-nr-ue-configmap + key: nssaiSst + - name: NSSAI_SD + valueFrom: + configMapKeyRef: + name: oai-nr-ue-configmap + key: nssaiSd + - name: USE_ADDITIONAL_OPTIONS + valueFrom: + configMapKeyRef: + name: oai-nr-ue-configmap + key: useAdditionalOptions dnsPolicy: ClusterFirst restartPolicy: Always serviceAccountName: oai-nr-ue-sa - terminationGracePeriodSeconds: 5 \ No newline at end of file + terminationGracePeriodSeconds: 5 diff --git a/workloads/tools/ueransim/apply-replacements-namespace.yaml b/workloads/tools/ueransim/apply-replacements-namespace.yaml index 1cdb804..f753732 100644 --- a/workloads/tools/ueransim/apply-replacements-namespace.yaml +++ b/workloads/tools/ueransim/apply-replacements-namespace.yaml @@ -5,16 +5,16 @@ metadata: annotations: config.kubernetes.io/local-config: "true" replacements: -- source: - kind: ConfigMap - name: kptfile.kpt.dev - fieldPath: data.name - targets: - - select: - kind: Interface - fieldPaths: - - metadata.annotations.[specializer.nephio.org/namespace] - - select: - kind: IPClaim - fieldPaths: - - metadata.annotations.[specializer.nephio.org/namespace] + - source: + kind: ConfigMap + name: kptfile.kpt.dev + fieldPath: data.name + targets: + - select: + kind: Interface + fieldPaths: + - metadata.annotations.[specializer.nephio.org/namespace] + - select: + kind: IPClaim + fieldPaths: + - metadata.annotations.[specializer.nephio.org/namespace] diff --git a/workloads/tools/ueransim/apply-replacements-owner.yaml b/workloads/tools/ueransim/apply-replacements-owner.yaml index cc67e69..8c794a9 100644 --- a/workloads/tools/ueransim/apply-replacements-owner.yaml +++ b/workloads/tools/ueransim/apply-replacements-owner.yaml @@ -5,30 +5,30 @@ metadata: annotations: config.kubernetes.io/local-config: "true" replacements: -- source: - kind: WorkloadCluster - name: workload-cluster - fieldPath: spec.clusterName - targets: - - select: - kind: Deployment - fieldPaths: - - metadata.name - options: - delimiter: '-' - index: 1 - - select: - kind: Interface - fieldPaths: - - metadata.annotations.[specializer.nephio.org/owner] - options: - delimiter: '-' - index: 1 - - select: - kind: IPClaim - name: amf-regional-n2-ipv4 - fieldPaths: - - metadata.annotations.[specializer.nephio.org/owner] - options: - delimiter: '-' - index: 1 + - source: + kind: WorkloadCluster + name: workload-cluster + fieldPath: spec.clusterName + targets: + - select: + kind: Deployment + fieldPaths: + - metadata.name + options: + delimiter: '-' + index: 1 + - select: + kind: Interface + fieldPaths: + - metadata.annotations.[specializer.nephio.org/owner] + options: + delimiter: '-' + index: 1 + - select: + kind: IPClaim + name: amf-regional-n2-ipv4 + fieldPaths: + - metadata.annotations.[specializer.nephio.org/owner] + options: + delimiter: '-' + index: 1 diff --git a/workloads/tools/ueransim/gnb/gnb-deployment.yaml b/workloads/tools/ueransim/gnb/gnb-deployment.yaml index ddbb91e..4e31ea9 100644 --- a/workloads/tools/ueransim/gnb/gnb-deployment.yaml +++ b/workloads/tools/ueransim/gnb/gnb-deployment.yaml @@ -19,28 +19,28 @@ spec: component: gnb spec: containers: - - image: towards5gs/ueransim-gnb:v3.2.6 - imagePullPolicy: IfNotPresent - name: gnb - ports: - - name: gnb-ue - containerPort: 4997 - protocol: UDP - securityContext: - capabilities: - add: ["NET_ADMIN"] - command: ["./nr-gnb"] - args: ["-c", "/ueransim/config/gnb-config.yaml"] - volumeMounts: - - mountPath: /ueransim/config - name: gnb-volume - resources: - requests: - cpu: 250m - memory: 256Mi + - image: towards5gs/ueransim-gnb:v3.2.6 + imagePullPolicy: IfNotPresent + name: gnb + ports: + - name: gnb-ue + containerPort: 4997 + protocol: UDP + securityContext: + capabilities: + add: ["NET_ADMIN"] + command: ["./nr-gnb"] + args: ["-c", "/ueransim/config/gnb-config.yaml"] + volumeMounts: + - mountPath: /ueransim/config + name: gnb-volume + resources: + requests: + cpu: 250m + memory: 256Mi dnsPolicy: ClusterFirst restartPolicy: Always volumes: - - name: gnb-volume - configMap: - name: gnb-configmap \ No newline at end of file + - name: gnb-volume + configMap: + name: gnb-configmap diff --git a/workloads/tools/ueransim/network_vpc-internal.yaml b/workloads/tools/ueransim/network_vpc-internal.yaml index 7eab591..df54b7e 100644 --- a/workloads/tools/ueransim/network_vpc-internal.yaml +++ b/workloads/tools/ueransim/network_vpc-internal.yaml @@ -7,18 +7,18 @@ metadata: spec: topology: nephio routingTables: - - name: vpc-internal - prefixes: - - prefix: 172:1::/32 - - prefix: 172.1.0.0/16 - interfaces: - - kind: bridgedomain - bridgeDomainName: vpc-internal - bridgeDomains: - - name: vpc-internal - interfaces: - - kind: interface - selector: - matchExpressions: - - {key: nephio.org/cluster-name, operator: Exists} - attachmentType: vlan \ No newline at end of file + - name: vpc-internal + prefixes: + - prefix: 172:1::/32 + - prefix: 172.1.0.0/16 + interfaces: + - kind: bridgedomain + bridgeDomainName: vpc-internal + bridgeDomains: + - name: vpc-internal + interfaces: + - kind: interface + selector: + matchExpressions: + - {key: nephio.org/cluster-name, operator: Exists} + attachmentType: vlan diff --git a/workloads/tools/ueransim/network_vpc-internet.yaml b/workloads/tools/ueransim/network_vpc-internet.yaml index c4a74d9..bfc4447 100644 --- a/workloads/tools/ueransim/network_vpc-internet.yaml +++ b/workloads/tools/ueransim/network_vpc-internet.yaml @@ -7,24 +7,24 @@ metadata: spec: topology: nephio routingTables: - - name: vpc-internet - prefixes: - - prefix: 172::/32 - - prefix: 172.0.0.0/16 - - prefix: 1000::/32 - labels: - nephio.org/prefix-kind: pool - - prefix: 10.0.0.0/8 - labels: - nephio.org/prefix-kind: pool - interfaces: - - kind: bridgedomain - bridgeDomainName: vpc-internet - bridgeDomains: - - name: vpc-internet - interfaces: - - kind: interface - selector: - matchExpressions: - - {key: nephio.org/cluster-name, operator: Exists} - attachmentType: vlan \ No newline at end of file + - name: vpc-internet + prefixes: + - prefix: 172::/32 + - prefix: 172.0.0.0/16 + - prefix: 1000::/32 + labels: + nephio.org/prefix-kind: pool + - prefix: 10.0.0.0/8 + labels: + nephio.org/prefix-kind: pool + interfaces: + - kind: bridgedomain + bridgeDomainName: vpc-internet + bridgeDomains: + - name: vpc-internet + interfaces: + - kind: interface + selector: + matchExpressions: + - {key: nephio.org/cluster-name, operator: Exists} + attachmentType: vlan diff --git a/workloads/tools/ueransim/network_vpc-ran.yaml b/workloads/tools/ueransim/network_vpc-ran.yaml index f7c0bf5..fd179f9 100644 --- a/workloads/tools/ueransim/network_vpc-ran.yaml +++ b/workloads/tools/ueransim/network_vpc-ran.yaml @@ -7,28 +7,28 @@ metadata: spec: topology: nephio routingTables: - - name: vpc-ran - prefixes: - - prefix: 172:2::/32 - labels: - nephio.org/network-name: n2 - - prefix: 172.2.0.0/16 - labels: - nephio.org/network-name: n2 - - prefix: 172:3::/32 - labels: - nephio.org/network-name: n3 - - prefix: 172.3.0.0/16 - labels: - nephio.org/network-name: n3 - interfaces: - - kind: bridgedomain - bridgeDomainName: vpc-ran - bridgeDomains: - - name: vpc-ran - interfaces: - - kind: interface - selector: - matchExpressions: - - {key: nephio.org/cluster-name, operator: Exists} - attachmentType: vlan \ No newline at end of file + - name: vpc-ran + prefixes: + - prefix: 172:2::/32 + labels: + nephio.org/network-name: n2 + - prefix: 172.2.0.0/16 + labels: + nephio.org/network-name: n2 + - prefix: 172:3::/32 + labels: + nephio.org/network-name: n3 + - prefix: 172.3.0.0/16 + labels: + nephio.org/network-name: n3 + interfaces: + - kind: bridgedomain + bridgeDomainName: vpc-ran + bridgeDomains: + - name: vpc-ran + interfaces: + - kind: interface + selector: + matchExpressions: + - {key: nephio.org/cluster-name, operator: Exists} + attachmentType: vlan diff --git a/workloads/tools/ueransim/ue/ue-configmap.yaml b/workloads/tools/ueransim/ue/ue-configmap.yaml index adce899..3bd3aa9 100644 --- a/workloads/tools/ueransim/ue/ue-configmap.yaml +++ b/workloads/tools/ueransim/ue/ue-configmap.yaml @@ -56,7 +56,7 @@ data: integrityMaxRate: uplink: 'full' downlink: 'full' - + # List of gNB IP addresses for Radio Link Simulation gnbSearchList: - gnb-service diff --git a/workloads/tools/ueransim/ue/ue-deployment.yaml b/workloads/tools/ueransim/ue/ue-deployment.yaml index 2e8e42e..0d4fced 100644 --- a/workloads/tools/ueransim/ue/ue-deployment.yaml +++ b/workloads/tools/ueransim/ue/ue-deployment.yaml @@ -19,17 +19,17 @@ spec: component: ue spec: containers: - - image: towards5gs/ueransim-ue:v3.2.6 - imagePullPolicy: IfNotPresent - name: ue - securityContext: - capabilities: - add: ["NET_ADMIN"] - command: ["/ueransim/config/wrapper.sh"] - volumeMounts: - - mountPath: /ueransim/config - name: ue-volume - resources: + - image: towards5gs/ueransim-ue:v3.2.6 + imagePullPolicy: IfNotPresent + name: ue + securityContext: + capabilities: + add: ["NET_ADMIN"] + command: ["/ueransim/config/wrapper.sh"] + volumeMounts: + - mountPath: /ueransim/config + name: ue-volume + resources: requests: cpu: 120m memory: 128Mi @@ -37,12 +37,12 @@ spec: restartPolicy: Always volumes: - - name: ue-volume - configMap: - name: ue-configmap - items: - - key: ue-config.yaml - path: ue-config.yaml - - key: wrapper.sh - path: wrapper.sh - mode: 0755 + - name: ue-volume + configMap: + name: ue-configmap + items: + - key: ue-config.yaml + path: ue-config.yaml + - key: wrapper.sh + path: wrapper.sh + mode: 0755 diff --git a/workloads/tools/ueransim/workload-cluster.yaml b/workloads/tools/ueransim/workload-cluster.yaml index 10c6222..4d34271 100644 --- a/workloads/tools/ueransim/workload-cluster.yaml +++ b/workloads/tools/ueransim/workload-cluster.yaml @@ -6,4 +6,4 @@ metadata: config.kubernetes.io/local-config: "true" kpt.dev/config-injection: required spec: - clusterName: example \ No newline at end of file + clusterName: example From 81b3c68edb9dc781d1e465115c9510cf9acde60c Mon Sep 17 00:00:00 2001 From: Victor Morales Date: Mon, 8 Apr 2024 17:21:24 -0700 Subject: [PATCH 5/6] Bump cert-manager version to 1.14.4 Signed-off-by: Victor Morales --- .../sandbox/cert-manager/cert-manager.yaml | 104 +++++++++--------- 1 file changed, 52 insertions(+), 52 deletions(-) diff --git a/distros/sandbox/cert-manager/cert-manager.yaml b/distros/sandbox/cert-manager/cert-manager.yaml index dce8570..4f3c891 100644 --- a/distros/sandbox/cert-manager/cert-manager.yaml +++ b/distros/sandbox/cert-manager/cert-manager.yaml @@ -27,7 +27,7 @@ metadata: app.kubernetes.io/name: 'cert-manager' app.kubernetes.io/instance: 'cert-manager' # Generated labels - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" spec: group: cert-manager.io names: @@ -225,7 +225,7 @@ metadata: app.kubernetes.io/name: 'cert-manager' app.kubernetes.io/instance: 'cert-manager' # Generated labels - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" spec: group: cert-manager.io names: @@ -670,7 +670,7 @@ metadata: app.kubernetes.io/name: 'cert-manager' app.kubernetes.io/instance: 'cert-manager' # Generated labels - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" spec: group: acme.cert-manager.io names: @@ -1796,7 +1796,7 @@ metadata: app.kubernetes.io/name: 'cert-manager' app.kubernetes.io/instance: "cert-manager" # Generated labels - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" spec: group: cert-manager.io names: @@ -3169,7 +3169,7 @@ metadata: app.kubernetes.io/name: 'cert-manager' app.kubernetes.io/instance: "cert-manager" # Generated labels - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" spec: group: cert-manager.io names: @@ -4542,7 +4542,7 @@ metadata: app.kubernetes.io/name: 'cert-manager' app.kubernetes.io/instance: 'cert-manager' # Generated labels - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" spec: group: acme.cert-manager.io names: @@ -4726,7 +4726,7 @@ metadata: app.kubernetes.io/name: cainjector app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cainjector" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" --- # Source: cert-manager/templates/serviceaccount.yaml apiVersion: v1 @@ -4740,7 +4740,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" --- # Source: cert-manager/templates/webhook-serviceaccount.yaml apiVersion: v1 @@ -4754,7 +4754,7 @@ metadata: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" --- # Source: cert-manager/templates/cainjector-rbac.yaml apiVersion: rbac.authorization.k8s.io/v1 @@ -4766,7 +4766,7 @@ metadata: app.kubernetes.io/name: cainjector app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cainjector" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" rules: - apiGroups: ["cert-manager.io"] resources: ["certificates"] @@ -4798,7 +4798,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" rules: - apiGroups: ["cert-manager.io"] resources: ["issuers", "issuers/status"] @@ -4824,7 +4824,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" rules: - apiGroups: ["cert-manager.io"] resources: ["clusterissuers", "clusterissuers/status"] @@ -4850,7 +4850,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" rules: - apiGroups: ["cert-manager.io"] resources: ["certificates", "certificates/status", "certificaterequests", "certificaterequests/status"] @@ -4885,7 +4885,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" rules: - apiGroups: ["acme.cert-manager.io"] resources: ["orders", "orders/status"] @@ -4923,7 +4923,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" rules: # Use to update challenge resource status - apiGroups: ["acme.cert-manager.io"] @@ -4983,7 +4983,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" rules: - apiGroups: ["cert-manager.io"] resources: ["certificates", "certificaterequests"] @@ -5020,7 +5020,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" rbac.authorization.k8s.io/aggregate-to-cluster-reader: "true" rules: - apiGroups: ["cert-manager.io"] @@ -5037,7 +5037,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" rbac.authorization.k8s.io/aggregate-to-view: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-admin: "true" @@ -5060,7 +5060,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-admin: "true" rules: @@ -5085,7 +5085,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cert-manager" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" rules: - apiGroups: ["cert-manager.io"] resources: ["signers"] @@ -5105,7 +5105,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cert-manager" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" rules: - apiGroups: ["certificates.k8s.io"] resources: ["certificatesigningrequests"] @@ -5131,7 +5131,7 @@ metadata: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" rules: - apiGroups: ["authorization.k8s.io"] resources: ["subjectaccessreviews"] @@ -5147,7 +5147,7 @@ metadata: app.kubernetes.io/name: cainjector app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cainjector" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -5167,7 +5167,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -5187,7 +5187,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -5207,7 +5207,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -5227,7 +5227,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -5247,7 +5247,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -5267,7 +5267,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -5287,7 +5287,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cert-manager" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -5307,7 +5307,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cert-manager" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -5327,7 +5327,7 @@ metadata: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -5350,7 +5350,7 @@ metadata: app.kubernetes.io/name: cainjector app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cainjector" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" rules: # Used for leader election by the controller # cert-manager-cainjector-leader-election is used by the CertificateBased injector controller @@ -5376,7 +5376,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" rules: - apiGroups: ["coordination.k8s.io"] resources: ["leases"] @@ -5397,7 +5397,7 @@ metadata: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" rules: - apiGroups: [""] resources: ["secrets"] @@ -5422,7 +5422,7 @@ metadata: app.kubernetes.io/name: cainjector app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cainjector" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" roleRef: apiGroup: rbac.authorization.k8s.io kind: Role @@ -5445,7 +5445,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" roleRef: apiGroup: rbac.authorization.k8s.io kind: Role @@ -5467,7 +5467,7 @@ metadata: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" roleRef: apiGroup: rbac.authorization.k8s.io kind: Role @@ -5489,7 +5489,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" spec: type: ClusterIP ports: @@ -5513,7 +5513,7 @@ metadata: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" spec: type: ClusterIP ports: @@ -5537,7 +5537,7 @@ metadata: app.kubernetes.io/name: cainjector app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cainjector" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" spec: replicas: 1 selector: @@ -5552,7 +5552,7 @@ spec: app.kubernetes.io/name: cainjector app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "cainjector" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" spec: serviceAccountName: cert-manager-cainjector enableServiceLinks: false @@ -5562,7 +5562,7 @@ spec: type: RuntimeDefault containers: - name: cert-manager-cainjector - image: "quay.io/jetstack/cert-manager-cainjector:v1.14.3" + image: "quay.io/jetstack/cert-manager-cainjector:v1.14.4" imagePullPolicy: IfNotPresent args: - --v=2 @@ -5592,7 +5592,7 @@ metadata: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" spec: replicas: 1 selector: @@ -5607,7 +5607,7 @@ spec: app.kubernetes.io/name: cert-manager app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "controller" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" annotations: prometheus.io/path: "/metrics" prometheus.io/scrape: 'true' @@ -5621,13 +5621,13 @@ spec: type: RuntimeDefault containers: - name: cert-manager-controller - image: "quay.io/jetstack/cert-manager-controller:v1.14.3" + image: "quay.io/jetstack/cert-manager-controller:v1.14.4" imagePullPolicy: IfNotPresent args: - --v=2 - --cluster-resource-namespace=$(POD_NAMESPACE) - --leader-election-namespace=kube-system - - --acme-http01-solver-image=quay.io/jetstack/cert-manager-acmesolver:v1.14.3 + - --acme-http01-solver-image=quay.io/jetstack/cert-manager-acmesolver:v1.14.4 - --max-concurrent-challenges=60 ports: - containerPort: 9402 @@ -5674,7 +5674,7 @@ metadata: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" spec: replicas: 1 selector: @@ -5689,7 +5689,7 @@ spec: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" spec: serviceAccountName: cert-manager-webhook enableServiceLinks: false @@ -5699,7 +5699,7 @@ spec: type: RuntimeDefault containers: - name: cert-manager-webhook - image: "quay.io/jetstack/cert-manager-webhook:v1.14.3" + image: "quay.io/jetstack/cert-manager-webhook:v1.14.4" imagePullPolicy: IfNotPresent args: - --v=2 @@ -5761,7 +5761,7 @@ metadata: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" annotations: cert-manager.io/inject-ca-from-secret: "cert-manager/cert-manager-webhook-ca" webhooks: @@ -5800,7 +5800,7 @@ metadata: app.kubernetes.io/name: webhook app.kubernetes.io/instance: cert-manager app.kubernetes.io/component: "webhook" - app.kubernetes.io/version: "v1.14.3" + app.kubernetes.io/version: "v1.14.4" annotations: cert-manager.io/inject-ca-from-secret: "cert-manager/cert-manager-webhook-ca" webhooks: From b5a8cde49add12d72138ff4744179fb9b1b06773 Mon Sep 17 00:00:00 2001 From: Victor Morales Date: Mon, 8 Apr 2024 17:24:46 -0700 Subject: [PATCH 6/6] Bump Cluster API version to 1.6.3 Signed-off-by: Victor Morales --- .../cluster-api-infrastructure-docker.yaml | 2 +- .../capi/cluster-capi/cluster-api-bootstrap.yaml | 15 ++++++++++++++- .../cluster-capi/cluster-api-control-plane.yaml | 2 +- infra/capi/cluster-capi/cluster-api-core.yaml | 2 +- 4 files changed, 17 insertions(+), 4 deletions(-) diff --git a/infra/capi/cluster-capi-infrastructure-docker/cluster-api-infrastructure-docker.yaml b/infra/capi/cluster-capi-infrastructure-docker/cluster-api-infrastructure-docker.yaml index 8baabff..2e3a9d8 100644 --- a/infra/capi/cluster-capi-infrastructure-docker/cluster-api-infrastructure-docker.yaml +++ b/infra/capi/cluster-capi-infrastructure-docker/cluster-api-infrastructure-docker.yaml @@ -2142,7 +2142,7 @@ spec: fieldRef: fieldPath: metadata.uid - name: DOCKER_HOST - image: gcr.io/k8s-staging-cluster-api/capd-manager:v1.6.2 + image: gcr.io/k8s-staging-cluster-api/capd-manager:v1.6.3 imagePullPolicy: IfNotPresent livenessProbe: httpGet: diff --git a/infra/capi/cluster-capi/cluster-api-bootstrap.yaml b/infra/capi/cluster-capi/cluster-api-bootstrap.yaml index ada4e61..650dcfb 100644 --- a/infra/capi/cluster-capi/cluster-api-bootstrap.yaml +++ b/infra/capi/cluster-capi/cluster-api-bootstrap.yaml @@ -4504,7 +4504,20 @@ spec: - --bootstrap-token-ttl=15m command: - /manager - image: registry.k8s.io/cluster-api/kubeadm-bootstrap-controller:v1.6.2 + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_UID + valueFrom: + fieldRef: + fieldPath: metadata.uid + image: registry.k8s.io/cluster-api/kubeadm-bootstrap-controller:v1.6.3 imagePullPolicy: IfNotPresent livenessProbe: httpGet: diff --git a/infra/capi/cluster-capi/cluster-api-control-plane.yaml b/infra/capi/cluster-capi/cluster-api-control-plane.yaml index 13dab99..d1c95f9 100644 --- a/infra/capi/cluster-capi/cluster-api-control-plane.yaml +++ b/infra/capi/cluster-capi/cluster-api-control-plane.yaml @@ -4525,7 +4525,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.uid - image: registry.k8s.io/cluster-api/kubeadm-control-plane-controller:v1.6.2 + image: registry.k8s.io/cluster-api/kubeadm-control-plane-controller:v1.6.3 imagePullPolicy: IfNotPresent livenessProbe: httpGet: diff --git a/infra/capi/cluster-capi/cluster-api-core.yaml b/infra/capi/cluster-capi/cluster-api-core.yaml index 8744053..adb3194 100644 --- a/infra/capi/cluster-capi/cluster-api-core.yaml +++ b/infra/capi/cluster-capi/cluster-api-core.yaml @@ -8292,7 +8292,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.uid - image: registry.k8s.io/cluster-api/cluster-api-controller:v1.6.2 + image: registry.k8s.io/cluster-api/cluster-api-controller:v1.6.3 imagePullPolicy: IfNotPresent livenessProbe: httpGet: