Include cluster-api in magnum role instead of separate role
diff --git a/atmosphere/operator/constants.py b/atmosphere/operator/constants.py
index d5c72c9..8f45dbf 100644
--- a/atmosphere/operator/constants.py
+++ b/atmosphere/operator/constants.py
@@ -17,10 +17,6 @@
"cinder_storage_init": "quay.io/vexxhost/cinder:zed",
"cinder_volume_usage_audit": "quay.io/vexxhost/cinder:zed",
"cinder_volume": "quay.io/vexxhost/cinder:zed",
- "cluster_api_controller": "registry.k8s.io/cluster-api/cluster-api-controller:v1.3.0",
- "cluster_api_kubeadm_bootstrap_controller": "registry.k8s.io/cluster-api/kubeadm-bootstrap-controller:v1.3.0",
- "cluster_api_kubeadm_control_plane_controller": "registry.k8s.io/cluster-api/kubeadm-control-plane-controller:v1.3.0", # noqa
- "cluster_api_openstack_controller": "gcr.io/k8s-staging-capi-openstack/capi-openstack-controller:nightly_main_20221109", # noqa
"csi_node_driver_registrar": "k8s.gcr.io/sig-storage/csi-node-driver-registrar:v2.4.0",
"csi_rbd_attacher": "k8s.gcr.io/sig-storage/csi-attacher:v3.4.0",
"csi_rbd_plugin": "quay.io/cephcsi/cephcsi:v3.5.1",
diff --git a/atmosphere/operator/controllers/cloud.py b/atmosphere/operator/controllers/cloud.py
index 9181897..5d99f11 100644
--- a/atmosphere/operator/controllers/cloud.py
+++ b/atmosphere/operator/controllers/cloud.py
@@ -23,11 +23,6 @@
flow = graph_flow.Flow("deploy")
- if spec["magnum"].get("enabled", True):
- flow.add(
- tasks.InstallClusterApiTask(),
- )
-
engine = engines.load(
flow,
store={
diff --git a/atmosphere/operator/manifests/capi-bootstrap.yml b/atmosphere/operator/manifests/capi-bootstrap.yml
deleted file mode 100644
index 27be3d1..0000000
--- a/atmosphere/operator/manifests/capi-bootstrap.yml
+++ /dev/null
@@ -1,6570 +0,0 @@
-apiVersion: v1
-kind: Namespace
-metadata:
- labels:
- cluster.x-k8s.io/provider: bootstrap-kubeadm
- clusterctl.cluster.x-k8s.io: ""
- control-plane: controller-manager
- name: capi-kubeadm-bootstrap-system
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- cert-manager.io/inject-ca-from: capi-kubeadm-bootstrap-system/capi-kubeadm-bootstrap-serving-cert
- controller-gen.kubebuilder.io/version: v0.10.0
- creationTimestamp: null
- labels:
- cluster.x-k8s.io/provider: bootstrap-kubeadm
- cluster.x-k8s.io/v1alpha3: v1alpha3
- cluster.x-k8s.io/v1alpha4: v1alpha4
- cluster.x-k8s.io/v1beta1: v1beta1
- clusterctl.cluster.x-k8s.io: ""
- name: kubeadmconfigs.bootstrap.cluster.x-k8s.io
-spec:
- conversion:
- strategy: Webhook
- webhook:
- clientConfig:
- caBundle: Cg==
- service:
- name: capi-kubeadm-bootstrap-webhook-service
- namespace: capi-kubeadm-bootstrap-system
- path: /convert
- conversionReviewVersions:
- - v1
- - v1beta1
- group: bootstrap.cluster.x-k8s.io
- names:
- categories:
- - cluster-api
- kind: KubeadmConfig
- listKind: KubeadmConfigList
- plural: kubeadmconfigs
- singular: kubeadmconfig
- scope: Namespaced
- versions:
- - name: v1alpha3
- schema:
- openAPIV3Schema:
- description: KubeadmConfig is the Schema for the kubeadmconfigs API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: KubeadmConfigSpec defines the desired state of KubeadmConfig.
- Either ClusterConfiguration and InitConfiguration should be defined
- or the JoinConfiguration should be defined.
- properties:
- clusterConfiguration:
- description: ClusterConfiguration along with InitConfiguration are
- the configurations necessary for the init command
- properties:
- apiServer:
- description: APIServer contains extra settings for the API server
- control plane component
- properties:
- certSANs:
- description: CertSANs sets extra Subject Alternative Names
- for the API Server signing cert.
- items:
- type: string
- type: array
- extraArgs:
- additionalProperties:
- type: string
- description: 'ExtraArgs is an extra set of flags to pass to
- the control plane component. TODO: This is temporary and
- ideally we would like to switch all components to use ComponentConfig
- + ConfigMaps.'
- type: object
- extraVolumes:
- description: ExtraVolumes is an extra set of host volumes,
- mounted to the control plane component.
- items:
- description: HostPathMount contains elements describing
- volumes that are mounted from the host.
- properties:
- hostPath:
- description: HostPath is the path in the host that will
- be mounted inside the pod.
- type: string
- mountPath:
- description: MountPath is the path inside the pod where
- hostPath will be mounted.
- type: string
- name:
- description: Name of the volume inside the pod template.
- type: string
- pathType:
- description: PathType is the type of the HostPath.
- type: string
- readOnly:
- description: ReadOnly controls write access to the volume
- type: boolean
- required:
- - hostPath
- - mountPath
- - name
- type: object
- type: array
- timeoutForControlPlane:
- description: TimeoutForControlPlane controls the timeout that
- we use for API server to appear
- type: string
- type: object
- apiVersion:
- description: 'APIVersion defines the versioned schema of this
- representation of an object. Servers should convert recognized
- schemas to the latest internal value, and may reject unrecognized
- values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- certificatesDir:
- description: 'CertificatesDir specifies where to store or look
- for all required certificates. NB: if not provided, this will
- default to `/etc/kubernetes/pki`'
- type: string
- clusterName:
- description: The cluster name
- type: string
- controlPlaneEndpoint:
- description: 'ControlPlaneEndpoint sets a stable IP address or
- DNS name for the control plane; it can be a valid IP address
- or a RFC-1123 DNS subdomain, both with optional TCP port. In
- case the ControlPlaneEndpoint is not specified, the AdvertiseAddress
- + BindPort are used; in case the ControlPlaneEndpoint is specified
- but without a TCP port, the BindPort is used. Possible usages
- are: e.g. In a cluster with more than one control plane instances,
- this field should be assigned the address of the external load
- balancer in front of the control plane instances. e.g. in environments
- with enforced node recycling, the ControlPlaneEndpoint could
- be used for assigning a stable DNS to the control plane. NB:
- This value defaults to the first value in the Cluster object
- status.apiEndpoints array.'
- type: string
- controllerManager:
- description: ControllerManager contains extra settings for the
- controller manager control plane component
- properties:
- extraArgs:
- additionalProperties:
- type: string
- description: 'ExtraArgs is an extra set of flags to pass to
- the control plane component. TODO: This is temporary and
- ideally we would like to switch all components to use ComponentConfig
- + ConfigMaps.'
- type: object
- extraVolumes:
- description: ExtraVolumes is an extra set of host volumes,
- mounted to the control plane component.
- items:
- description: HostPathMount contains elements describing
- volumes that are mounted from the host.
- properties:
- hostPath:
- description: HostPath is the path in the host that will
- be mounted inside the pod.
- type: string
- mountPath:
- description: MountPath is the path inside the pod where
- hostPath will be mounted.
- type: string
- name:
- description: Name of the volume inside the pod template.
- type: string
- pathType:
- description: PathType is the type of the HostPath.
- type: string
- readOnly:
- description: ReadOnly controls write access to the volume
- type: boolean
- required:
- - hostPath
- - mountPath
- - name
- type: object
- type: array
- type: object
- dns:
- description: DNS defines the options for the DNS add-on installed
- in the cluster.
- properties:
- imageRepository:
- description: ImageRepository sets the container registry to
- pull images from. if not set, the ImageRepository defined
- in ClusterConfiguration will be used instead.
- type: string
- imageTag:
- description: ImageTag allows to specify a tag for the image.
- In case this value is set, kubeadm does not change automatically
- the version of the above components during upgrades.
- type: string
- type:
- description: Type defines the DNS add-on to be used
- type: string
- type: object
- etcd:
- description: 'Etcd holds configuration for etcd. NB: This value
- defaults to a Local (stacked) etcd'
- properties:
- external:
- description: External describes how to connect to an external
- etcd cluster Local and External are mutually exclusive
- properties:
- caFile:
- description: CAFile is an SSL Certificate Authority file
- used to secure etcd communication. Required if using
- a TLS connection.
- type: string
- certFile:
- description: CertFile is an SSL certification file used
- to secure etcd communication. Required if using a TLS
- connection.
- type: string
- endpoints:
- description: Endpoints of etcd members. Required for ExternalEtcd.
- items:
- type: string
- type: array
- keyFile:
- description: KeyFile is an SSL key file used to secure
- etcd communication. Required if using a TLS connection.
- type: string
- required:
- - caFile
- - certFile
- - endpoints
- - keyFile
- type: object
- local:
- description: Local provides configuration knobs for configuring
- the local etcd instance Local and External are mutually
- exclusive
- properties:
- dataDir:
- description: DataDir is the directory etcd will place
- its data. Defaults to "/var/lib/etcd".
- type: string
- extraArgs:
- additionalProperties:
- type: string
- description: ExtraArgs are extra arguments provided to
- the etcd binary when run inside a static pod.
- type: object
- imageRepository:
- description: ImageRepository sets the container registry
- to pull images from. if not set, the ImageRepository
- defined in ClusterConfiguration will be used instead.
- type: string
- imageTag:
- description: ImageTag allows to specify a tag for the
- image. In case this value is set, kubeadm does not change
- automatically the version of the above components during
- upgrades.
- type: string
- peerCertSANs:
- description: PeerCertSANs sets extra Subject Alternative
- Names for the etcd peer signing cert.
- items:
- type: string
- type: array
- serverCertSANs:
- description: ServerCertSANs sets extra Subject Alternative
- Names for the etcd server signing cert.
- items:
- type: string
- type: array
- type: object
- type: object
- featureGates:
- additionalProperties:
- type: boolean
- description: FeatureGates enabled by the user.
- type: object
- imageRepository:
- description: ImageRepository sets the container registry to pull
- images from. If empty, `k8s.gcr.io` will be used by default;
- in case of kubernetes version is a CI build (kubernetes version
- starts with `ci/` or `ci-cross/`) `gcr.io/k8s-staging-ci-images`
- will be used as a default for control plane components and for
- kube-proxy, while `k8s.gcr.io` will be used for all the other
- images.
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource
- this object represents. Servers may infer this from the endpoint
- the client submits requests to. Cannot be updated. In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- kubernetesVersion:
- description: 'KubernetesVersion is the target version of the control
- plane. NB: This value defaults to the Machine object spec.version'
- type: string
- networking:
- description: 'Networking holds configuration for the networking
- topology of the cluster. NB: This value defaults to the Cluster
- object spec.clusterNetwork.'
- properties:
- dnsDomain:
- description: DNSDomain is the dns domain used by k8s services.
- Defaults to "cluster.local".
- type: string
- podSubnet:
- description: PodSubnet is the subnet used by pods. If unset,
- the API server will not allocate CIDR ranges for every node.
- Defaults to a comma-delimited string of the Cluster object's
- spec.clusterNetwork.services.cidrBlocks if that is set
- type: string
- serviceSubnet:
- description: ServiceSubnet is the subnet used by k8s services.
- Defaults to a comma-delimited string of the Cluster object's
- spec.clusterNetwork.pods.cidrBlocks, or to "10.96.0.0/12"
- if that's unset.
- type: string
- type: object
- scheduler:
- description: Scheduler contains extra settings for the scheduler
- control plane component
- properties:
- extraArgs:
- additionalProperties:
- type: string
- description: 'ExtraArgs is an extra set of flags to pass to
- the control plane component. TODO: This is temporary and
- ideally we would like to switch all components to use ComponentConfig
- + ConfigMaps.'
- type: object
- extraVolumes:
- description: ExtraVolumes is an extra set of host volumes,
- mounted to the control plane component.
- items:
- description: HostPathMount contains elements describing
- volumes that are mounted from the host.
- properties:
- hostPath:
- description: HostPath is the path in the host that will
- be mounted inside the pod.
- type: string
- mountPath:
- description: MountPath is the path inside the pod where
- hostPath will be mounted.
- type: string
- name:
- description: Name of the volume inside the pod template.
- type: string
- pathType:
- description: PathType is the type of the HostPath.
- type: string
- readOnly:
- description: ReadOnly controls write access to the volume
- type: boolean
- required:
- - hostPath
- - mountPath
- - name
- type: object
- type: array
- type: object
- useHyperKubeImage:
- description: UseHyperKubeImage controls if hyperkube should be
- used for Kubernetes components instead of their respective separate
- images
- type: boolean
- type: object
- diskSetup:
- description: DiskSetup specifies options for the creation of partition
- tables and file systems on devices.
- properties:
- filesystems:
- description: Filesystems specifies the list of file systems to
- setup.
- items:
- description: Filesystem defines the file systems to be created.
- properties:
- device:
- description: Device specifies the device name
- type: string
- extraOpts:
- description: ExtraOpts defined extra options to add to the
- command for creating the file system.
- items:
- type: string
- type: array
- filesystem:
- description: Filesystem specifies the file system type.
- type: string
- label:
- description: Label specifies the file system label to be
- used. If set to None, no label is used.
- type: string
- overwrite:
- description: Overwrite defines whether or not to overwrite
- any existing filesystem. If true, any pre-existing file
- system will be destroyed. Use with Caution.
- type: boolean
- partition:
- description: 'Partition specifies the partition to use.
- The valid options are: "auto|any", "auto", "any", "none",
- and <NUM>, where NUM is the actual partition number.'
- type: string
- replaceFS:
- description: 'ReplaceFS is a special directive, used for
- Microsoft Azure that instructs cloud-init to replace a
- file system of <FS_TYPE>. NOTE: unless you define a label,
- this requires the use of the ''any'' partition directive.'
- type: string
- required:
- - device
- - filesystem
- - label
- type: object
- type: array
- partitions:
- description: Partitions specifies the list of the partitions to
- setup.
- items:
- description: Partition defines how to create and layout a partition.
- properties:
- device:
- description: Device is the name of the device.
- type: string
- layout:
- description: Layout specifies the device layout. If it is
- true, a single partition will be created for the entire
- device. When layout is false, it means don't partition
- or ignore existing partitioning.
- type: boolean
- overwrite:
- description: Overwrite describes whether to skip checks
- and create the partition if a partition or filesystem
- is found on the device. Use with caution. Default is 'false'.
- type: boolean
- tableType:
- description: 'TableType specifies the tupe of partition
- table. The following are supported: ''mbr'': default and
- setups a MS-DOS partition table ''gpt'': setups a GPT
- partition table'
- type: string
- required:
- - device
- - layout
- type: object
- type: array
- type: object
- files:
- description: Files specifies extra files to be passed to user_data
- upon creation.
- items:
- description: File defines the input for generating write_files in
- cloud-init.
- properties:
- content:
- description: Content is the actual content of the file.
- type: string
- contentFrom:
- description: ContentFrom is a referenced source of content to
- populate the file.
- properties:
- secret:
- description: Secret represents a secret that should populate
- this file.
- properties:
- key:
- description: Key is the key in the secret's data map
- for this value.
- type: string
- name:
- description: Name of the secret in the KubeadmBootstrapConfig's
- namespace to use.
- type: string
- required:
- - key
- - name
- type: object
- required:
- - secret
- type: object
- encoding:
- description: Encoding specifies the encoding of the file contents.
- enum:
- - base64
- - gzip
- - gzip+base64
- type: string
- owner:
- description: Owner specifies the ownership of the file, e.g.
- "root:root".
- type: string
- path:
- description: Path specifies the full path on disk where to store
- the file.
- type: string
- permissions:
- description: Permissions specifies the permissions to assign
- to the file, e.g. "0640".
- type: string
- required:
- - path
- type: object
- type: array
- format:
- description: Format specifies the output format of the bootstrap data
- enum:
- - cloud-config
- type: string
- initConfiguration:
- description: InitConfiguration along with ClusterConfiguration are
- the configurations necessary for the init command
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this
- representation of an object. Servers should convert recognized
- schemas to the latest internal value, and may reject unrecognized
- values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- bootstrapTokens:
- description: BootstrapTokens is respected at `kubeadm init` time
- and describes a set of Bootstrap Tokens to create. This information
- IS NOT uploaded to the kubeadm cluster configmap, partly because
- of its sensitive nature
- items:
- description: BootstrapToken describes one bootstrap token, stored
- as a Secret in the cluster.
- properties:
- description:
- description: Description sets a human-friendly message why
- this token exists and what it's used for, so other administrators
- can know its purpose.
- type: string
- expires:
- description: Expires specifies the timestamp when this token
- expires. Defaults to being set dynamically at runtime
- based on the TTL. Expires and TTL are mutually exclusive.
- format: date-time
- type: string
- groups:
- description: Groups specifies the extra groups that this
- token will authenticate as when/if used for authentication
- items:
- type: string
- type: array
- token:
- description: Token is used for establishing bidirectional
- trust between nodes and control-planes. Used for joining
- nodes in the cluster.
- type: string
- ttl:
- description: TTL defines the time to live for this token.
- Defaults to 24h. Expires and TTL are mutually exclusive.
- type: string
- usages:
- description: Usages describes the ways in which this token
- can be used. Can by default be used for establishing bidirectional
- trust, but that can be changed here.
- items:
- type: string
- type: array
- required:
- - token
- type: object
- type: array
- kind:
- description: 'Kind is a string value representing the REST resource
- this object represents. Servers may infer this from the endpoint
- the client submits requests to. Cannot be updated. In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- localAPIEndpoint:
- description: LocalAPIEndpoint represents the endpoint of the API
- server instance that's deployed on this control plane node In
- HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint
- in the sense that ControlPlaneEndpoint is the global endpoint
- for the cluster, which then loadbalances the requests to each
- individual API server. This configuration object lets you customize
- what IP/DNS name and port the local API server advertises it's
- accessible on. By default, kubeadm tries to auto-detect the
- IP of the default interface and use that, but in case that process
- fails you may set the desired value here.
- properties:
- advertiseAddress:
- description: AdvertiseAddress sets the IP address for the
- API server to advertise.
- type: string
- bindPort:
- description: BindPort sets the secure port for the API Server
- to bind to. Defaults to 6443.
- format: int32
- type: integer
- required:
- - advertiseAddress
- - bindPort
- type: object
- nodeRegistration:
- description: NodeRegistration holds fields that relate to registering
- the new control-plane node to the cluster. When used in the
- context of control plane nodes, NodeRegistration should remain
- consistent across both InitConfiguration and JoinConfiguration
- properties:
- criSocket:
- description: CRISocket is used to retrieve container runtime
- info. This information will be annotated to the Node API
- object, for later re-use
- type: string
- kubeletExtraArgs:
- additionalProperties:
- type: string
- description: KubeletExtraArgs passes through extra arguments
- to the kubelet. The arguments here are passed to the kubelet
- command line via the environment file kubeadm writes at
- runtime for the kubelet to source. This overrides the generic
- base-level configuration in the kubelet-config-1.X ConfigMap
- Flags have higher priority when parsing. These values are
- local and specific to the node kubeadm is executing on.
- type: object
- name:
- description: Name is the `.Metadata.Name` field of the Node
- API object that will be created in this `kubeadm init` or
- `kubeadm join` operation. This field is also used in the
- CommonName field of the kubelet's client certificate to
- the API server. Defaults to the hostname of the node if
- not provided.
- type: string
- taints:
- description: 'Taints specifies the taints the Node API object
- should be registered with. If this field is unset, i.e.
- nil, in the `kubeadm init` process it will be defaulted
- to []v1.Taint{''node-role.kubernetes.io/master=""''}. If
- you don''t want to taint your control-plane node, set this
- field to an empty slice, i.e. `taints: {}` in the YAML file.
- This field is solely used for Node registration.'
- items:
- description: The node this Taint is attached to has the
- "effect" on any pod that does not tolerate the Taint.
- properties:
- effect:
- description: Required. The effect of the taint on pods
- that do not tolerate the taint. Valid effects are
- NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Required. The taint key to be applied to
- a node.
- type: string
- timeAdded:
- description: TimeAdded represents the time at which
- the taint was added. It is only written for NoExecute
- taints.
- format: date-time
- type: string
- value:
- description: The taint value corresponding to the taint
- key.
- type: string
- required:
- - effect
- - key
- type: object
- type: array
- type: object
- type: object
- joinConfiguration:
- description: JoinConfiguration is the kubeadm configuration for the
- join command
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this
- representation of an object. Servers should convert recognized
- schemas to the latest internal value, and may reject unrecognized
- values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- caCertPath:
- description: 'CACertPath is the path to the SSL certificate authority
- used to secure comunications between node and control-plane.
- Defaults to "/etc/kubernetes/pki/ca.crt". TODO: revisit when
- there is defaulting from k/k'
- type: string
- controlPlane:
- description: ControlPlane defines the additional control plane
- instance to be deployed on the joining node. If nil, no additional
- control plane instance will be deployed.
- properties:
- localAPIEndpoint:
- description: LocalAPIEndpoint represents the endpoint of the
- API server instance to be deployed on this node.
- properties:
- advertiseAddress:
- description: AdvertiseAddress sets the IP address for
- the API server to advertise.
- type: string
- bindPort:
- description: BindPort sets the secure port for the API
- Server to bind to. Defaults to 6443.
- format: int32
- type: integer
- required:
- - advertiseAddress
- - bindPort
- type: object
- type: object
- discovery:
- description: 'Discovery specifies the options for the kubelet
- to use during the TLS Bootstrap process TODO: revisit when there
- is defaulting from k/k'
- properties:
- bootstrapToken:
- description: BootstrapToken is used to set the options for
- bootstrap token based discovery BootstrapToken and File
- are mutually exclusive
- properties:
- apiServerEndpoint:
- description: APIServerEndpoint is an IP or domain name
- to the API server from which info will be fetched.
- type: string
- caCertHashes:
- description: 'CACertHashes specifies a set of public key
- pins to verify when token-based discovery is used. The
- root CA found during discovery must match one of these
- values. Specifying an empty set disables root CA pinning,
- which can be unsafe. Each hash is specified as "<type>:<value>",
- where the only currently supported type is "sha256".
- This is a hex-encoded SHA-256 hash of the Subject Public
- Key Info (SPKI) object in DER-encoded ASN.1. These hashes
- can be calculated using, for example, OpenSSL: openssl
- x509 -pubkey -in ca.crt openssl rsa -pubin -outform
- der 2>&/dev/null | openssl dgst -sha256 -hex'
- items:
- type: string
- type: array
- token:
- description: Token is a token used to validate cluster
- information fetched from the control-plane.
- type: string
- unsafeSkipCAVerification:
- description: UnsafeSkipCAVerification allows token-based
- discovery without CA verification via CACertHashes.
- This can weaken the security of kubeadm since other
- nodes can impersonate the control-plane.
- type: boolean
- required:
- - token
- - unsafeSkipCAVerification
- type: object
- file:
- description: File is used to specify a file or URL to a kubeconfig
- file from which to load cluster information BootstrapToken
- and File are mutually exclusive
- properties:
- kubeConfigPath:
- description: KubeConfigPath is used to specify the actual
- file path or URL to the kubeconfig file from which to
- load cluster information
- type: string
- required:
- - kubeConfigPath
- type: object
- timeout:
- description: Timeout modifies the discovery timeout
- type: string
- tlsBootstrapToken:
- description: 'TLSBootstrapToken is a token used for TLS bootstrapping.
- If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token,
- but can be overridden. If .File is set, this field **must
- be set** in case the KubeConfigFile does not contain any
- other authentication information TODO: revisit when there
- is defaulting from k/k'
- type: string
- type: object
- kind:
- description: 'Kind is a string value representing the REST resource
- this object represents. Servers may infer this from the endpoint
- the client submits requests to. Cannot be updated. In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- nodeRegistration:
- description: NodeRegistration holds fields that relate to registering
- the new control-plane node to the cluster. When used in the
- context of control plane nodes, NodeRegistration should remain
- consistent across both InitConfiguration and JoinConfiguration
- properties:
- criSocket:
- description: CRISocket is used to retrieve container runtime
- info. This information will be annotated to the Node API
- object, for later re-use
- type: string
- kubeletExtraArgs:
- additionalProperties:
- type: string
- description: KubeletExtraArgs passes through extra arguments
- to the kubelet. The arguments here are passed to the kubelet
- command line via the environment file kubeadm writes at
- runtime for the kubelet to source. This overrides the generic
- base-level configuration in the kubelet-config-1.X ConfigMap
- Flags have higher priority when parsing. These values are
- local and specific to the node kubeadm is executing on.
- type: object
- name:
- description: Name is the `.Metadata.Name` field of the Node
- API object that will be created in this `kubeadm init` or
- `kubeadm join` operation. This field is also used in the
- CommonName field of the kubelet's client certificate to
- the API server. Defaults to the hostname of the node if
- not provided.
- type: string
- taints:
- description: 'Taints specifies the taints the Node API object
- should be registered with. If this field is unset, i.e.
- nil, in the `kubeadm init` process it will be defaulted
- to []v1.Taint{''node-role.kubernetes.io/master=""''}. If
- you don''t want to taint your control-plane node, set this
- field to an empty slice, i.e. `taints: {}` in the YAML file.
- This field is solely used for Node registration.'
- items:
- description: The node this Taint is attached to has the
- "effect" on any pod that does not tolerate the Taint.
- properties:
- effect:
- description: Required. The effect of the taint on pods
- that do not tolerate the taint. Valid effects are
- NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Required. The taint key to be applied to
- a node.
- type: string
- timeAdded:
- description: TimeAdded represents the time at which
- the taint was added. It is only written for NoExecute
- taints.
- format: date-time
- type: string
- value:
- description: The taint value corresponding to the taint
- key.
- type: string
- required:
- - effect
- - key
- type: object
- type: array
- type: object
- type: object
- mounts:
- description: Mounts specifies a list of mount points to be setup.
- items:
- description: MountPoints defines input for generated mounts in cloud-init.
- items:
- type: string
- type: array
- type: array
- ntp:
- description: NTP specifies NTP configuration
- properties:
- enabled:
- description: Enabled specifies whether NTP should be enabled
- type: boolean
- servers:
- description: Servers specifies which NTP servers to use
- items:
- type: string
- type: array
- type: object
- postKubeadmCommands:
- description: PostKubeadmCommands specifies extra commands to run after
- kubeadm runs
- items:
- type: string
- type: array
- preKubeadmCommands:
- description: PreKubeadmCommands specifies extra commands to run before
- kubeadm runs
- items:
- type: string
- type: array
- useExperimentalRetryJoin:
- description: "UseExperimentalRetryJoin replaces a basic kubeadm command
- with a shell script with retries for joins. \n This is meant to
- be an experimental temporary workaround on some environments where
- joins fail due to timing (and other issues). The long term goal
- is to add retries to kubeadm proper and use that functionality.
- \n This will add about 40KB to userdata \n For more information,
- refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055."
- type: boolean
- users:
- description: Users specifies extra users to add
- items:
- description: User defines the input for a generated user in cloud-init.
- properties:
- gecos:
- description: Gecos specifies the gecos to use for the user
- type: string
- groups:
- description: Groups specifies the additional groups for the
- user
- type: string
- homeDir:
- description: HomeDir specifies the home directory to use for
- the user
- type: string
- inactive:
- description: Inactive specifies whether to mark the user as
- inactive
- type: boolean
- lockPassword:
- description: LockPassword specifies if password login should
- be disabled
- type: boolean
- name:
- description: Name specifies the user name
- type: string
- passwd:
- description: Passwd specifies a hashed password for the user
- type: string
- primaryGroup:
- description: PrimaryGroup specifies the primary group for the
- user
- type: string
- shell:
- description: Shell specifies the user's shell
- type: string
- sshAuthorizedKeys:
- description: SSHAuthorizedKeys specifies a list of ssh authorized
- keys for the user
- items:
- type: string
- type: array
- sudo:
- description: Sudo specifies a sudo role for the user
- type: string
- required:
- - name
- type: object
- type: array
- verbosity:
- description: Verbosity is the number for the kubeadm log level verbosity.
- It overrides the `--v` flag in kubeadm commands.
- format: int32
- type: integer
- type: object
- status:
- description: KubeadmConfigStatus defines the observed state of KubeadmConfig.
- properties:
- bootstrapData:
- description: "BootstrapData will be a cloud-init script for now. \n
- Deprecated: Switch to DataSecretName."
- format: byte
- type: string
- conditions:
- description: Conditions defines current service state of the KubeadmConfig.
- items:
- description: Condition defines an observation of a Cluster API resource
- operational state.
- properties:
- lastTransitionTime:
- description: Last time the condition transitioned from one status
- to another. This should be when the underlying condition changed.
- If that is not known, then using the time when the API field
- changed is acceptable.
- format: date-time
- type: string
- message:
- description: A human readable message indicating details about
- the transition. This field may be empty.
- type: string
- reason:
- description: The reason for the condition's last transition
- in CamelCase. The specific API may choose whether or not this
- field is considered a guaranteed API. This field may not be
- empty.
- type: string
- severity:
- description: Severity provides an explicit classification of
- Reason code, so the users or machines can immediately understand
- the current situation and act accordingly. The Severity field
- MUST be set only when Status=False.
- type: string
- status:
- description: Status of the condition, one of True, False, Unknown.
- type: string
- type:
- description: Type of condition in CamelCase or in foo.example.com/CamelCase.
- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important.
- type: string
- required:
- - status
- - type
- type: object
- type: array
- dataSecretName:
- description: DataSecretName is the name of the secret that stores
- the bootstrap data script.
- type: string
- failureMessage:
- description: FailureMessage will be set on non-retryable errors
- type: string
- failureReason:
- description: FailureReason will be set on non-retryable errors
- type: string
- observedGeneration:
- description: ObservedGeneration is the latest generation observed
- by the controller.
- format: int64
- type: integer
- ready:
- description: Ready indicates the BootstrapData field is ready to be
- consumed
- type: boolean
- type: object
- type: object
- served: true
- storage: false
- subresources:
- status: {}
- - additionalPrinterColumns:
- - description: Time duration since creation of KubeadmConfig
- jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1alpha4
- schema:
- openAPIV3Schema:
- description: KubeadmConfig is the Schema for the kubeadmconfigs API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: KubeadmConfigSpec defines the desired state of KubeadmConfig.
- Either ClusterConfiguration and InitConfiguration should be defined
- or the JoinConfiguration should be defined.
- properties:
- clusterConfiguration:
- description: ClusterConfiguration along with InitConfiguration are
- the configurations necessary for the init command
- properties:
- apiServer:
- description: APIServer contains extra settings for the API server
- control plane component
- properties:
- certSANs:
- description: CertSANs sets extra Subject Alternative Names
- for the API Server signing cert.
- items:
- type: string
- type: array
- extraArgs:
- additionalProperties:
- type: string
- description: 'ExtraArgs is an extra set of flags to pass to
- the control plane component. TODO: This is temporary and
- ideally we would like to switch all components to use ComponentConfig
- + ConfigMaps.'
- type: object
- extraVolumes:
- description: ExtraVolumes is an extra set of host volumes,
- mounted to the control plane component.
- items:
- description: HostPathMount contains elements describing
- volumes that are mounted from the host.
- properties:
- hostPath:
- description: HostPath is the path in the host that will
- be mounted inside the pod.
- type: string
- mountPath:
- description: MountPath is the path inside the pod where
- hostPath will be mounted.
- type: string
- name:
- description: Name of the volume inside the pod template.
- type: string
- pathType:
- description: PathType is the type of the HostPath.
- type: string
- readOnly:
- description: ReadOnly controls write access to the volume
- type: boolean
- required:
- - hostPath
- - mountPath
- - name
- type: object
- type: array
- timeoutForControlPlane:
- description: TimeoutForControlPlane controls the timeout that
- we use for API server to appear
- type: string
- type: object
- apiVersion:
- description: 'APIVersion defines the versioned schema of this
- representation of an object. Servers should convert recognized
- schemas to the latest internal value, and may reject unrecognized
- values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- certificatesDir:
- description: 'CertificatesDir specifies where to store or look
- for all required certificates. NB: if not provided, this will
- default to `/etc/kubernetes/pki`'
- type: string
- clusterName:
- description: The cluster name
- type: string
- controlPlaneEndpoint:
- description: 'ControlPlaneEndpoint sets a stable IP address or
- DNS name for the control plane; it can be a valid IP address
- or a RFC-1123 DNS subdomain, both with optional TCP port. In
- case the ControlPlaneEndpoint is not specified, the AdvertiseAddress
- + BindPort are used; in case the ControlPlaneEndpoint is specified
- but without a TCP port, the BindPort is used. Possible usages
- are: e.g. In a cluster with more than one control plane instances,
- this field should be assigned the address of the external load
- balancer in front of the control plane instances. e.g. in environments
- with enforced node recycling, the ControlPlaneEndpoint could
- be used for assigning a stable DNS to the control plane. NB:
- This value defaults to the first value in the Cluster object
- status.apiEndpoints array.'
- type: string
- controllerManager:
- description: ControllerManager contains extra settings for the
- controller manager control plane component
- properties:
- extraArgs:
- additionalProperties:
- type: string
- description: 'ExtraArgs is an extra set of flags to pass to
- the control plane component. TODO: This is temporary and
- ideally we would like to switch all components to use ComponentConfig
- + ConfigMaps.'
- type: object
- extraVolumes:
- description: ExtraVolumes is an extra set of host volumes,
- mounted to the control plane component.
- items:
- description: HostPathMount contains elements describing
- volumes that are mounted from the host.
- properties:
- hostPath:
- description: HostPath is the path in the host that will
- be mounted inside the pod.
- type: string
- mountPath:
- description: MountPath is the path inside the pod where
- hostPath will be mounted.
- type: string
- name:
- description: Name of the volume inside the pod template.
- type: string
- pathType:
- description: PathType is the type of the HostPath.
- type: string
- readOnly:
- description: ReadOnly controls write access to the volume
- type: boolean
- required:
- - hostPath
- - mountPath
- - name
- type: object
- type: array
- type: object
- dns:
- description: DNS defines the options for the DNS add-on installed
- in the cluster.
- properties:
- imageRepository:
- description: ImageRepository sets the container registry to
- pull images from. if not set, the ImageRepository defined
- in ClusterConfiguration will be used instead.
- type: string
- imageTag:
- description: ImageTag allows to specify a tag for the image.
- In case this value is set, kubeadm does not change automatically
- the version of the above components during upgrades.
- type: string
- type: object
- etcd:
- description: 'Etcd holds configuration for etcd. NB: This value
- defaults to a Local (stacked) etcd'
- properties:
- external:
- description: External describes how to connect to an external
- etcd cluster Local and External are mutually exclusive
- properties:
- caFile:
- description: CAFile is an SSL Certificate Authority file
- used to secure etcd communication. Required if using
- a TLS connection.
- type: string
- certFile:
- description: CertFile is an SSL certification file used
- to secure etcd communication. Required if using a TLS
- connection.
- type: string
- endpoints:
- description: Endpoints of etcd members. Required for ExternalEtcd.
- items:
- type: string
- type: array
- keyFile:
- description: KeyFile is an SSL key file used to secure
- etcd communication. Required if using a TLS connection.
- type: string
- required:
- - caFile
- - certFile
- - endpoints
- - keyFile
- type: object
- local:
- description: Local provides configuration knobs for configuring
- the local etcd instance Local and External are mutually
- exclusive
- properties:
- dataDir:
- description: DataDir is the directory etcd will place
- its data. Defaults to "/var/lib/etcd".
- type: string
- extraArgs:
- additionalProperties:
- type: string
- description: ExtraArgs are extra arguments provided to
- the etcd binary when run inside a static pod.
- type: object
- imageRepository:
- description: ImageRepository sets the container registry
- to pull images from. if not set, the ImageRepository
- defined in ClusterConfiguration will be used instead.
- type: string
- imageTag:
- description: ImageTag allows to specify a tag for the
- image. In case this value is set, kubeadm does not change
- automatically the version of the above components during
- upgrades.
- type: string
- peerCertSANs:
- description: PeerCertSANs sets extra Subject Alternative
- Names for the etcd peer signing cert.
- items:
- type: string
- type: array
- serverCertSANs:
- description: ServerCertSANs sets extra Subject Alternative
- Names for the etcd server signing cert.
- items:
- type: string
- type: array
- type: object
- type: object
- featureGates:
- additionalProperties:
- type: boolean
- description: FeatureGates enabled by the user.
- type: object
- imageRepository:
- description: ImageRepository sets the container registry to pull
- images from. If empty, `registry.k8s.io` will be used by default;
- in case of kubernetes version is a CI build (kubernetes version
- starts with `ci/` or `ci-cross/`) `gcr.io/k8s-staging-ci-images`
- will be used as a default for control plane components and for
- kube-proxy, while `registry.k8s.io` will be used for all the
- other images.
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource
- this object represents. Servers may infer this from the endpoint
- the client submits requests to. Cannot be updated. In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- kubernetesVersion:
- description: 'KubernetesVersion is the target version of the control
- plane. NB: This value defaults to the Machine object spec.version'
- type: string
- networking:
- description: 'Networking holds configuration for the networking
- topology of the cluster. NB: This value defaults to the Cluster
- object spec.clusterNetwork.'
- properties:
- dnsDomain:
- description: DNSDomain is the dns domain used by k8s services.
- Defaults to "cluster.local".
- type: string
- podSubnet:
- description: PodSubnet is the subnet used by pods. If unset,
- the API server will not allocate CIDR ranges for every node.
- Defaults to a comma-delimited string of the Cluster object's
- spec.clusterNetwork.services.cidrBlocks if that is set
- type: string
- serviceSubnet:
- description: ServiceSubnet is the subnet used by k8s services.
- Defaults to a comma-delimited string of the Cluster object's
- spec.clusterNetwork.pods.cidrBlocks, or to "10.96.0.0/12"
- if that's unset.
- type: string
- type: object
- scheduler:
- description: Scheduler contains extra settings for the scheduler
- control plane component
- properties:
- extraArgs:
- additionalProperties:
- type: string
- description: 'ExtraArgs is an extra set of flags to pass to
- the control plane component. TODO: This is temporary and
- ideally we would like to switch all components to use ComponentConfig
- + ConfigMaps.'
- type: object
- extraVolumes:
- description: ExtraVolumes is an extra set of host volumes,
- mounted to the control plane component.
- items:
- description: HostPathMount contains elements describing
- volumes that are mounted from the host.
- properties:
- hostPath:
- description: HostPath is the path in the host that will
- be mounted inside the pod.
- type: string
- mountPath:
- description: MountPath is the path inside the pod where
- hostPath will be mounted.
- type: string
- name:
- description: Name of the volume inside the pod template.
- type: string
- pathType:
- description: PathType is the type of the HostPath.
- type: string
- readOnly:
- description: ReadOnly controls write access to the volume
- type: boolean
- required:
- - hostPath
- - mountPath
- - name
- type: object
- type: array
- type: object
- type: object
- diskSetup:
- description: DiskSetup specifies options for the creation of partition
- tables and file systems on devices.
- properties:
- filesystems:
- description: Filesystems specifies the list of file systems to
- setup.
- items:
- description: Filesystem defines the file systems to be created.
- properties:
- device:
- description: Device specifies the device name
- type: string
- extraOpts:
- description: ExtraOpts defined extra options to add to the
- command for creating the file system.
- items:
- type: string
- type: array
- filesystem:
- description: Filesystem specifies the file system type.
- type: string
- label:
- description: Label specifies the file system label to be
- used. If set to None, no label is used.
- type: string
- overwrite:
- description: Overwrite defines whether or not to overwrite
- any existing filesystem. If true, any pre-existing file
- system will be destroyed. Use with Caution.
- type: boolean
- partition:
- description: 'Partition specifies the partition to use.
- The valid options are: "auto|any", "auto", "any", "none",
- and <NUM>, where NUM is the actual partition number.'
- type: string
- replaceFS:
- description: 'ReplaceFS is a special directive, used for
- Microsoft Azure that instructs cloud-init to replace a
- file system of <FS_TYPE>. NOTE: unless you define a label,
- this requires the use of the ''any'' partition directive.'
- type: string
- required:
- - device
- - filesystem
- - label
- type: object
- type: array
- partitions:
- description: Partitions specifies the list of the partitions to
- setup.
- items:
- description: Partition defines how to create and layout a partition.
- properties:
- device:
- description: Device is the name of the device.
- type: string
- layout:
- description: Layout specifies the device layout. If it is
- true, a single partition will be created for the entire
- device. When layout is false, it means don't partition
- or ignore existing partitioning.
- type: boolean
- overwrite:
- description: Overwrite describes whether to skip checks
- and create the partition if a partition or filesystem
- is found on the device. Use with caution. Default is 'false'.
- type: boolean
- tableType:
- description: 'TableType specifies the tupe of partition
- table. The following are supported: ''mbr'': default and
- setups a MS-DOS partition table ''gpt'': setups a GPT
- partition table'
- type: string
- required:
- - device
- - layout
- type: object
- type: array
- type: object
- files:
- description: Files specifies extra files to be passed to user_data
- upon creation.
- items:
- description: File defines the input for generating write_files in
- cloud-init.
- properties:
- content:
- description: Content is the actual content of the file.
- type: string
- contentFrom:
- description: ContentFrom is a referenced source of content to
- populate the file.
- properties:
- secret:
- description: Secret represents a secret that should populate
- this file.
- properties:
- key:
- description: Key is the key in the secret's data map
- for this value.
- type: string
- name:
- description: Name of the secret in the KubeadmBootstrapConfig's
- namespace to use.
- type: string
- required:
- - key
- - name
- type: object
- required:
- - secret
- type: object
- encoding:
- description: Encoding specifies the encoding of the file contents.
- enum:
- - base64
- - gzip
- - gzip+base64
- type: string
- owner:
- description: Owner specifies the ownership of the file, e.g.
- "root:root".
- type: string
- path:
- description: Path specifies the full path on disk where to store
- the file.
- type: string
- permissions:
- description: Permissions specifies the permissions to assign
- to the file, e.g. "0640".
- type: string
- required:
- - path
- type: object
- type: array
- format:
- description: Format specifies the output format of the bootstrap data
- enum:
- - cloud-config
- type: string
- initConfiguration:
- description: InitConfiguration along with ClusterConfiguration are
- the configurations necessary for the init command
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this
- representation of an object. Servers should convert recognized
- schemas to the latest internal value, and may reject unrecognized
- values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- bootstrapTokens:
- description: BootstrapTokens is respected at `kubeadm init` time
- and describes a set of Bootstrap Tokens to create. This information
- IS NOT uploaded to the kubeadm cluster configmap, partly because
- of its sensitive nature
- items:
- description: BootstrapToken describes one bootstrap token, stored
- as a Secret in the cluster.
- properties:
- description:
- description: Description sets a human-friendly message why
- this token exists and what it's used for, so other administrators
- can know its purpose.
- type: string
- expires:
- description: Expires specifies the timestamp when this token
- expires. Defaults to being set dynamically at runtime
- based on the TTL. Expires and TTL are mutually exclusive.
- format: date-time
- type: string
- groups:
- description: Groups specifies the extra groups that this
- token will authenticate as when/if used for authentication
- items:
- type: string
- type: array
- token:
- description: Token is used for establishing bidirectional
- trust between nodes and control-planes. Used for joining
- nodes in the cluster.
- type: string
- ttl:
- description: TTL defines the time to live for this token.
- Defaults to 24h. Expires and TTL are mutually exclusive.
- type: string
- usages:
- description: Usages describes the ways in which this token
- can be used. Can by default be used for establishing bidirectional
- trust, but that can be changed here.
- items:
- type: string
- type: array
- required:
- - token
- type: object
- type: array
- kind:
- description: 'Kind is a string value representing the REST resource
- this object represents. Servers may infer this from the endpoint
- the client submits requests to. Cannot be updated. In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- localAPIEndpoint:
- description: LocalAPIEndpoint represents the endpoint of the API
- server instance that's deployed on this control plane node In
- HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint
- in the sense that ControlPlaneEndpoint is the global endpoint
- for the cluster, which then loadbalances the requests to each
- individual API server. This configuration object lets you customize
- what IP/DNS name and port the local API server advertises it's
- accessible on. By default, kubeadm tries to auto-detect the
- IP of the default interface and use that, but in case that process
- fails you may set the desired value here.
- properties:
- advertiseAddress:
- description: AdvertiseAddress sets the IP address for the
- API server to advertise.
- type: string
- bindPort:
- description: BindPort sets the secure port for the API Server
- to bind to. Defaults to 6443.
- format: int32
- type: integer
- type: object
- nodeRegistration:
- description: NodeRegistration holds fields that relate to registering
- the new control-plane node to the cluster. When used in the
- context of control plane nodes, NodeRegistration should remain
- consistent across both InitConfiguration and JoinConfiguration
- properties:
- criSocket:
- description: CRISocket is used to retrieve container runtime
- info. This information will be annotated to the Node API
- object, for later re-use
- type: string
- ignorePreflightErrors:
- description: IgnorePreflightErrors provides a slice of pre-flight
- errors to be ignored when the current node is registered.
- items:
- type: string
- type: array
- kubeletExtraArgs:
- additionalProperties:
- type: string
- description: KubeletExtraArgs passes through extra arguments
- to the kubelet. The arguments here are passed to the kubelet
- command line via the environment file kubeadm writes at
- runtime for the kubelet to source. This overrides the generic
- base-level configuration in the kubelet-config-1.X ConfigMap
- Flags have higher priority when parsing. These values are
- local and specific to the node kubeadm is executing on.
- type: object
- name:
- description: Name is the `.Metadata.Name` field of the Node
- API object that will be created in this `kubeadm init` or
- `kubeadm join` operation. This field is also used in the
- CommonName field of the kubelet's client certificate to
- the API server. Defaults to the hostname of the node if
- not provided.
- type: string
- taints:
- description: 'Taints specifies the taints the Node API object
- should be registered with. If this field is unset, i.e.
- nil, in the `kubeadm init` process it will be defaulted
- to []v1.Taint{''node-role.kubernetes.io/master=""''}. If
- you don''t want to taint your control-plane node, set this
- field to an empty slice, i.e. `taints: {}` in the YAML file.
- This field is solely used for Node registration.'
- items:
- description: The node this Taint is attached to has the
- "effect" on any pod that does not tolerate the Taint.
- properties:
- effect:
- description: Required. The effect of the taint on pods
- that do not tolerate the taint. Valid effects are
- NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Required. The taint key to be applied to
- a node.
- type: string
- timeAdded:
- description: TimeAdded represents the time at which
- the taint was added. It is only written for NoExecute
- taints.
- format: date-time
- type: string
- value:
- description: The taint value corresponding to the taint
- key.
- type: string
- required:
- - effect
- - key
- type: object
- type: array
- type: object
- type: object
- joinConfiguration:
- description: JoinConfiguration is the kubeadm configuration for the
- join command
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this
- representation of an object. Servers should convert recognized
- schemas to the latest internal value, and may reject unrecognized
- values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- caCertPath:
- description: 'CACertPath is the path to the SSL certificate authority
- used to secure comunications between node and control-plane.
- Defaults to "/etc/kubernetes/pki/ca.crt". TODO: revisit when
- there is defaulting from k/k'
- type: string
- controlPlane:
- description: ControlPlane defines the additional control plane
- instance to be deployed on the joining node. If nil, no additional
- control plane instance will be deployed.
- properties:
- localAPIEndpoint:
- description: LocalAPIEndpoint represents the endpoint of the
- API server instance to be deployed on this node.
- properties:
- advertiseAddress:
- description: AdvertiseAddress sets the IP address for
- the API server to advertise.
- type: string
- bindPort:
- description: BindPort sets the secure port for the API
- Server to bind to. Defaults to 6443.
- format: int32
- type: integer
- type: object
- type: object
- discovery:
- description: 'Discovery specifies the options for the kubelet
- to use during the TLS Bootstrap process TODO: revisit when there
- is defaulting from k/k'
- properties:
- bootstrapToken:
- description: BootstrapToken is used to set the options for
- bootstrap token based discovery BootstrapToken and File
- are mutually exclusive
- properties:
- apiServerEndpoint:
- description: APIServerEndpoint is an IP or domain name
- to the API server from which info will be fetched.
- type: string
- caCertHashes:
- description: 'CACertHashes specifies a set of public key
- pins to verify when token-based discovery is used. The
- root CA found during discovery must match one of these
- values. Specifying an empty set disables root CA pinning,
- which can be unsafe. Each hash is specified as "<type>:<value>",
- where the only currently supported type is "sha256".
- This is a hex-encoded SHA-256 hash of the Subject Public
- Key Info (SPKI) object in DER-encoded ASN.1. These hashes
- can be calculated using, for example, OpenSSL: openssl
- x509 -pubkey -in ca.crt openssl rsa -pubin -outform
- der 2>&/dev/null | openssl dgst -sha256 -hex'
- items:
- type: string
- type: array
- token:
- description: Token is a token used to validate cluster
- information fetched from the control-plane.
- type: string
- unsafeSkipCAVerification:
- description: UnsafeSkipCAVerification allows token-based
- discovery without CA verification via CACertHashes.
- This can weaken the security of kubeadm since other
- nodes can impersonate the control-plane.
- type: boolean
- required:
- - token
- type: object
- file:
- description: File is used to specify a file or URL to a kubeconfig
- file from which to load cluster information BootstrapToken
- and File are mutually exclusive
- properties:
- kubeConfigPath:
- description: KubeConfigPath is used to specify the actual
- file path or URL to the kubeconfig file from which to
- load cluster information
- type: string
- required:
- - kubeConfigPath
- type: object
- timeout:
- description: Timeout modifies the discovery timeout
- type: string
- tlsBootstrapToken:
- description: TLSBootstrapToken is a token used for TLS bootstrapping.
- If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token,
- but can be overridden. If .File is set, this field **must
- be set** in case the KubeConfigFile does not contain any
- other authentication information
- type: string
- type: object
- kind:
- description: 'Kind is a string value representing the REST resource
- this object represents. Servers may infer this from the endpoint
- the client submits requests to. Cannot be updated. In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- nodeRegistration:
- description: NodeRegistration holds fields that relate to registering
- the new control-plane node to the cluster. When used in the
- context of control plane nodes, NodeRegistration should remain
- consistent across both InitConfiguration and JoinConfiguration
- properties:
- criSocket:
- description: CRISocket is used to retrieve container runtime
- info. This information will be annotated to the Node API
- object, for later re-use
- type: string
- ignorePreflightErrors:
- description: IgnorePreflightErrors provides a slice of pre-flight
- errors to be ignored when the current node is registered.
- items:
- type: string
- type: array
- kubeletExtraArgs:
- additionalProperties:
- type: string
- description: KubeletExtraArgs passes through extra arguments
- to the kubelet. The arguments here are passed to the kubelet
- command line via the environment file kubeadm writes at
- runtime for the kubelet to source. This overrides the generic
- base-level configuration in the kubelet-config-1.X ConfigMap
- Flags have higher priority when parsing. These values are
- local and specific to the node kubeadm is executing on.
- type: object
- name:
- description: Name is the `.Metadata.Name` field of the Node
- API object that will be created in this `kubeadm init` or
- `kubeadm join` operation. This field is also used in the
- CommonName field of the kubelet's client certificate to
- the API server. Defaults to the hostname of the node if
- not provided.
- type: string
- taints:
- description: 'Taints specifies the taints the Node API object
- should be registered with. If this field is unset, i.e.
- nil, in the `kubeadm init` process it will be defaulted
- to []v1.Taint{''node-role.kubernetes.io/master=""''}. If
- you don''t want to taint your control-plane node, set this
- field to an empty slice, i.e. `taints: {}` in the YAML file.
- This field is solely used for Node registration.'
- items:
- description: The node this Taint is attached to has the
- "effect" on any pod that does not tolerate the Taint.
- properties:
- effect:
- description: Required. The effect of the taint on pods
- that do not tolerate the taint. Valid effects are
- NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Required. The taint key to be applied to
- a node.
- type: string
- timeAdded:
- description: TimeAdded represents the time at which
- the taint was added. It is only written for NoExecute
- taints.
- format: date-time
- type: string
- value:
- description: The taint value corresponding to the taint
- key.
- type: string
- required:
- - effect
- - key
- type: object
- type: array
- type: object
- type: object
- mounts:
- description: Mounts specifies a list of mount points to be setup.
- items:
- description: MountPoints defines input for generated mounts in cloud-init.
- items:
- type: string
- type: array
- type: array
- ntp:
- description: NTP specifies NTP configuration
- properties:
- enabled:
- description: Enabled specifies whether NTP should be enabled
- type: boolean
- servers:
- description: Servers specifies which NTP servers to use
- items:
- type: string
- type: array
- type: object
- postKubeadmCommands:
- description: PostKubeadmCommands specifies extra commands to run after
- kubeadm runs
- items:
- type: string
- type: array
- preKubeadmCommands:
- description: PreKubeadmCommands specifies extra commands to run before
- kubeadm runs
- items:
- type: string
- type: array
- useExperimentalRetryJoin:
- description: "UseExperimentalRetryJoin replaces a basic kubeadm command
- with a shell script with retries for joins. \n This is meant to
- be an experimental temporary workaround on some environments where
- joins fail due to timing (and other issues). The long term goal
- is to add retries to kubeadm proper and use that functionality.
- \n This will add about 40KB to userdata \n For more information,
- refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055."
- type: boolean
- users:
- description: Users specifies extra users to add
- items:
- description: User defines the input for a generated user in cloud-init.
- properties:
- gecos:
- description: Gecos specifies the gecos to use for the user
- type: string
- groups:
- description: Groups specifies the additional groups for the
- user
- type: string
- homeDir:
- description: HomeDir specifies the home directory to use for
- the user
- type: string
- inactive:
- description: Inactive specifies whether to mark the user as
- inactive
- type: boolean
- lockPassword:
- description: LockPassword specifies if password login should
- be disabled
- type: boolean
- name:
- description: Name specifies the user name
- type: string
- passwd:
- description: Passwd specifies a hashed password for the user
- type: string
- primaryGroup:
- description: PrimaryGroup specifies the primary group for the
- user
- type: string
- shell:
- description: Shell specifies the user's shell
- type: string
- sshAuthorizedKeys:
- description: SSHAuthorizedKeys specifies a list of ssh authorized
- keys for the user
- items:
- type: string
- type: array
- sudo:
- description: Sudo specifies a sudo role for the user
- type: string
- required:
- - name
- type: object
- type: array
- verbosity:
- description: Verbosity is the number for the kubeadm log level verbosity.
- It overrides the `--v` flag in kubeadm commands.
- format: int32
- type: integer
- type: object
- status:
- description: KubeadmConfigStatus defines the observed state of KubeadmConfig.
- properties:
- conditions:
- description: Conditions defines current service state of the KubeadmConfig.
- items:
- description: Condition defines an observation of a Cluster API resource
- operational state.
- properties:
- lastTransitionTime:
- description: Last time the condition transitioned from one status
- to another. This should be when the underlying condition changed.
- If that is not known, then using the time when the API field
- changed is acceptable.
- format: date-time
- type: string
- message:
- description: A human readable message indicating details about
- the transition. This field may be empty.
- type: string
- reason:
- description: The reason for the condition's last transition
- in CamelCase. The specific API may choose whether or not this
- field is considered a guaranteed API. This field may not be
- empty.
- type: string
- severity:
- description: Severity provides an explicit classification of
- Reason code, so the users or machines can immediately understand
- the current situation and act accordingly. The Severity field
- MUST be set only when Status=False.
- type: string
- status:
- description: Status of the condition, one of True, False, Unknown.
- type: string
- type:
- description: Type of condition in CamelCase or in foo.example.com/CamelCase.
- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important.
- type: string
- required:
- - status
- - type
- type: object
- type: array
- dataSecretName:
- description: DataSecretName is the name of the secret that stores
- the bootstrap data script.
- type: string
- failureMessage:
- description: FailureMessage will be set on non-retryable errors
- type: string
- failureReason:
- description: FailureReason will be set on non-retryable errors
- type: string
- observedGeneration:
- description: ObservedGeneration is the latest generation observed
- by the controller.
- format: int64
- type: integer
- ready:
- description: Ready indicates the BootstrapData field is ready to be
- consumed
- type: boolean
- type: object
- type: object
- served: true
- storage: false
- subresources:
- status: {}
- - additionalPrinterColumns:
- - description: Cluster
- jsonPath: .metadata.labels['cluster\.x-k8s\.io/cluster-name']
- name: Cluster
- type: string
- - description: Time duration since creation of KubeadmConfig
- jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1beta1
- schema:
- openAPIV3Schema:
- description: KubeadmConfig is the Schema for the kubeadmconfigs API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: KubeadmConfigSpec defines the desired state of KubeadmConfig.
- Either ClusterConfiguration and InitConfiguration should be defined
- or the JoinConfiguration should be defined.
- properties:
- clusterConfiguration:
- description: ClusterConfiguration along with InitConfiguration are
- the configurations necessary for the init command
- properties:
- apiServer:
- description: APIServer contains extra settings for the API server
- control plane component
- properties:
- certSANs:
- description: CertSANs sets extra Subject Alternative Names
- for the API Server signing cert.
- items:
- type: string
- type: array
- extraArgs:
- additionalProperties:
- type: string
- description: 'ExtraArgs is an extra set of flags to pass to
- the control plane component. TODO: This is temporary and
- ideally we would like to switch all components to use ComponentConfig
- + ConfigMaps.'
- type: object
- extraVolumes:
- description: ExtraVolumes is an extra set of host volumes,
- mounted to the control plane component.
- items:
- description: HostPathMount contains elements describing
- volumes that are mounted from the host.
- properties:
- hostPath:
- description: HostPath is the path in the host that will
- be mounted inside the pod.
- type: string
- mountPath:
- description: MountPath is the path inside the pod where
- hostPath will be mounted.
- type: string
- name:
- description: Name of the volume inside the pod template.
- type: string
- pathType:
- description: PathType is the type of the HostPath.
- type: string
- readOnly:
- description: ReadOnly controls write access to the volume
- type: boolean
- required:
- - hostPath
- - mountPath
- - name
- type: object
- type: array
- timeoutForControlPlane:
- description: TimeoutForControlPlane controls the timeout that
- we use for API server to appear
- type: string
- type: object
- apiVersion:
- description: 'APIVersion defines the versioned schema of this
- representation of an object. Servers should convert recognized
- schemas to the latest internal value, and may reject unrecognized
- values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- certificatesDir:
- description: 'CertificatesDir specifies where to store or look
- for all required certificates. NB: if not provided, this will
- default to `/etc/kubernetes/pki`'
- type: string
- clusterName:
- description: The cluster name
- type: string
- controlPlaneEndpoint:
- description: 'ControlPlaneEndpoint sets a stable IP address or
- DNS name for the control plane; it can be a valid IP address
- or a RFC-1123 DNS subdomain, both with optional TCP port. In
- case the ControlPlaneEndpoint is not specified, the AdvertiseAddress
- + BindPort are used; in case the ControlPlaneEndpoint is specified
- but without a TCP port, the BindPort is used. Possible usages
- are: e.g. In a cluster with more than one control plane instances,
- this field should be assigned the address of the external load
- balancer in front of the control plane instances. e.g. in environments
- with enforced node recycling, the ControlPlaneEndpoint could
- be used for assigning a stable DNS to the control plane. NB:
- This value defaults to the first value in the Cluster object
- status.apiEndpoints array.'
- type: string
- controllerManager:
- description: ControllerManager contains extra settings for the
- controller manager control plane component
- properties:
- extraArgs:
- additionalProperties:
- type: string
- description: 'ExtraArgs is an extra set of flags to pass to
- the control plane component. TODO: This is temporary and
- ideally we would like to switch all components to use ComponentConfig
- + ConfigMaps.'
- type: object
- extraVolumes:
- description: ExtraVolumes is an extra set of host volumes,
- mounted to the control plane component.
- items:
- description: HostPathMount contains elements describing
- volumes that are mounted from the host.
- properties:
- hostPath:
- description: HostPath is the path in the host that will
- be mounted inside the pod.
- type: string
- mountPath:
- description: MountPath is the path inside the pod where
- hostPath will be mounted.
- type: string
- name:
- description: Name of the volume inside the pod template.
- type: string
- pathType:
- description: PathType is the type of the HostPath.
- type: string
- readOnly:
- description: ReadOnly controls write access to the volume
- type: boolean
- required:
- - hostPath
- - mountPath
- - name
- type: object
- type: array
- type: object
- dns:
- description: DNS defines the options for the DNS add-on installed
- in the cluster.
- properties:
- imageRepository:
- description: ImageRepository sets the container registry to
- pull images from. if not set, the ImageRepository defined
- in ClusterConfiguration will be used instead.
- type: string
- imageTag:
- description: ImageTag allows to specify a tag for the image.
- In case this value is set, kubeadm does not change automatically
- the version of the above components during upgrades.
- type: string
- type: object
- etcd:
- description: 'Etcd holds configuration for etcd. NB: This value
- defaults to a Local (stacked) etcd'
- properties:
- external:
- description: External describes how to connect to an external
- etcd cluster Local and External are mutually exclusive
- properties:
- caFile:
- description: CAFile is an SSL Certificate Authority file
- used to secure etcd communication. Required if using
- a TLS connection.
- type: string
- certFile:
- description: CertFile is an SSL certification file used
- to secure etcd communication. Required if using a TLS
- connection.
- type: string
- endpoints:
- description: Endpoints of etcd members. Required for ExternalEtcd.
- items:
- type: string
- type: array
- keyFile:
- description: KeyFile is an SSL key file used to secure
- etcd communication. Required if using a TLS connection.
- type: string
- required:
- - caFile
- - certFile
- - endpoints
- - keyFile
- type: object
- local:
- description: Local provides configuration knobs for configuring
- the local etcd instance Local and External are mutually
- exclusive
- properties:
- dataDir:
- description: DataDir is the directory etcd will place
- its data. Defaults to "/var/lib/etcd".
- type: string
- extraArgs:
- additionalProperties:
- type: string
- description: ExtraArgs are extra arguments provided to
- the etcd binary when run inside a static pod.
- type: object
- imageRepository:
- description: ImageRepository sets the container registry
- to pull images from. if not set, the ImageRepository
- defined in ClusterConfiguration will be used instead.
- type: string
- imageTag:
- description: ImageTag allows to specify a tag for the
- image. In case this value is set, kubeadm does not change
- automatically the version of the above components during
- upgrades.
- type: string
- peerCertSANs:
- description: PeerCertSANs sets extra Subject Alternative
- Names for the etcd peer signing cert.
- items:
- type: string
- type: array
- serverCertSANs:
- description: ServerCertSANs sets extra Subject Alternative
- Names for the etcd server signing cert.
- items:
- type: string
- type: array
- type: object
- type: object
- featureGates:
- additionalProperties:
- type: boolean
- description: FeatureGates enabled by the user.
- type: object
- imageRepository:
- description: ImageRepository sets the container registry to pull
- images from. If empty, `registry.k8s.io` will be used by default;
- in case of kubernetes version is a CI build (kubernetes version
- starts with `ci/` or `ci-cross/`) `gcr.io/k8s-staging-ci-images`
- will be used as a default for control plane components and for
- kube-proxy, while `registry.k8s.io` will be used for all the
- other images.
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource
- this object represents. Servers may infer this from the endpoint
- the client submits requests to. Cannot be updated. In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- kubernetesVersion:
- description: 'KubernetesVersion is the target version of the control
- plane. NB: This value defaults to the Machine object spec.version'
- type: string
- networking:
- description: 'Networking holds configuration for the networking
- topology of the cluster. NB: This value defaults to the Cluster
- object spec.clusterNetwork.'
- properties:
- dnsDomain:
- description: DNSDomain is the dns domain used by k8s services.
- Defaults to "cluster.local".
- type: string
- podSubnet:
- description: PodSubnet is the subnet used by pods. If unset,
- the API server will not allocate CIDR ranges for every node.
- Defaults to a comma-delimited string of the Cluster object's
- spec.clusterNetwork.services.cidrBlocks if that is set
- type: string
- serviceSubnet:
- description: ServiceSubnet is the subnet used by k8s services.
- Defaults to a comma-delimited string of the Cluster object's
- spec.clusterNetwork.pods.cidrBlocks, or to "10.96.0.0/12"
- if that's unset.
- type: string
- type: object
- scheduler:
- description: Scheduler contains extra settings for the scheduler
- control plane component
- properties:
- extraArgs:
- additionalProperties:
- type: string
- description: 'ExtraArgs is an extra set of flags to pass to
- the control plane component. TODO: This is temporary and
- ideally we would like to switch all components to use ComponentConfig
- + ConfigMaps.'
- type: object
- extraVolumes:
- description: ExtraVolumes is an extra set of host volumes,
- mounted to the control plane component.
- items:
- description: HostPathMount contains elements describing
- volumes that are mounted from the host.
- properties:
- hostPath:
- description: HostPath is the path in the host that will
- be mounted inside the pod.
- type: string
- mountPath:
- description: MountPath is the path inside the pod where
- hostPath will be mounted.
- type: string
- name:
- description: Name of the volume inside the pod template.
- type: string
- pathType:
- description: PathType is the type of the HostPath.
- type: string
- readOnly:
- description: ReadOnly controls write access to the volume
- type: boolean
- required:
- - hostPath
- - mountPath
- - name
- type: object
- type: array
- type: object
- type: object
- diskSetup:
- description: DiskSetup specifies options for the creation of partition
- tables and file systems on devices.
- properties:
- filesystems:
- description: Filesystems specifies the list of file systems to
- setup.
- items:
- description: Filesystem defines the file systems to be created.
- properties:
- device:
- description: Device specifies the device name
- type: string
- extraOpts:
- description: ExtraOpts defined extra options to add to the
- command for creating the file system.
- items:
- type: string
- type: array
- filesystem:
- description: Filesystem specifies the file system type.
- type: string
- label:
- description: Label specifies the file system label to be
- used. If set to None, no label is used.
- type: string
- overwrite:
- description: Overwrite defines whether or not to overwrite
- any existing filesystem. If true, any pre-existing file
- system will be destroyed. Use with Caution.
- type: boolean
- partition:
- description: 'Partition specifies the partition to use.
- The valid options are: "auto|any", "auto", "any", "none",
- and <NUM>, where NUM is the actual partition number.'
- type: string
- replaceFS:
- description: 'ReplaceFS is a special directive, used for
- Microsoft Azure that instructs cloud-init to replace a
- file system of <FS_TYPE>. NOTE: unless you define a label,
- this requires the use of the ''any'' partition directive.'
- type: string
- required:
- - device
- - filesystem
- - label
- type: object
- type: array
- partitions:
- description: Partitions specifies the list of the partitions to
- setup.
- items:
- description: Partition defines how to create and layout a partition.
- properties:
- device:
- description: Device is the name of the device.
- type: string
- layout:
- description: Layout specifies the device layout. If it is
- true, a single partition will be created for the entire
- device. When layout is false, it means don't partition
- or ignore existing partitioning.
- type: boolean
- overwrite:
- description: Overwrite describes whether to skip checks
- and create the partition if a partition or filesystem
- is found on the device. Use with caution. Default is 'false'.
- type: boolean
- tableType:
- description: 'TableType specifies the tupe of partition
- table. The following are supported: ''mbr'': default and
- setups a MS-DOS partition table ''gpt'': setups a GPT
- partition table'
- type: string
- required:
- - device
- - layout
- type: object
- type: array
- type: object
- files:
- description: Files specifies extra files to be passed to user_data
- upon creation.
- items:
- description: File defines the input for generating write_files in
- cloud-init.
- properties:
- append:
- description: Append specifies whether to append Content to existing
- file if Path exists.
- type: boolean
- content:
- description: Content is the actual content of the file.
- type: string
- contentFrom:
- description: ContentFrom is a referenced source of content to
- populate the file.
- properties:
- secret:
- description: Secret represents a secret that should populate
- this file.
- properties:
- key:
- description: Key is the key in the secret's data map
- for this value.
- type: string
- name:
- description: Name of the secret in the KubeadmBootstrapConfig's
- namespace to use.
- type: string
- required:
- - key
- - name
- type: object
- required:
- - secret
- type: object
- encoding:
- description: Encoding specifies the encoding of the file contents.
- enum:
- - base64
- - gzip
- - gzip+base64
- type: string
- owner:
- description: Owner specifies the ownership of the file, e.g.
- "root:root".
- type: string
- path:
- description: Path specifies the full path on disk where to store
- the file.
- type: string
- permissions:
- description: Permissions specifies the permissions to assign
- to the file, e.g. "0640".
- type: string
- required:
- - path
- type: object
- type: array
- format:
- description: Format specifies the output format of the bootstrap data
- enum:
- - cloud-config
- - ignition
- type: string
- ignition:
- description: Ignition contains Ignition specific configuration.
- properties:
- containerLinuxConfig:
- description: ContainerLinuxConfig contains CLC specific configuration.
- properties:
- additionalConfig:
- description: "AdditionalConfig contains additional configuration
- to be merged with the Ignition configuration generated by
- the bootstrapper controller. More info: https://coreos.github.io/ignition/operator-notes/#config-merging
- \n The data format is documented here: https://kinvolk.io/docs/flatcar-container-linux/latest/provisioning/cl-config/"
- type: string
- strict:
- description: Strict controls if AdditionalConfig should be
- strictly parsed. If so, warnings are treated as errors.
- type: boolean
- type: object
- type: object
- initConfiguration:
- description: InitConfiguration along with ClusterConfiguration are
- the configurations necessary for the init command
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this
- representation of an object. Servers should convert recognized
- schemas to the latest internal value, and may reject unrecognized
- values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- bootstrapTokens:
- description: BootstrapTokens is respected at `kubeadm init` time
- and describes a set of Bootstrap Tokens to create. This information
- IS NOT uploaded to the kubeadm cluster configmap, partly because
- of its sensitive nature
- items:
- description: BootstrapToken describes one bootstrap token, stored
- as a Secret in the cluster.
- properties:
- description:
- description: Description sets a human-friendly message why
- this token exists and what it's used for, so other administrators
- can know its purpose.
- type: string
- expires:
- description: Expires specifies the timestamp when this token
- expires. Defaults to being set dynamically at runtime
- based on the TTL. Expires and TTL are mutually exclusive.
- format: date-time
- type: string
- groups:
- description: Groups specifies the extra groups that this
- token will authenticate as when/if used for authentication
- items:
- type: string
- type: array
- token:
- description: Token is used for establishing bidirectional
- trust between nodes and control-planes. Used for joining
- nodes in the cluster.
- type: string
- ttl:
- description: TTL defines the time to live for this token.
- Defaults to 24h. Expires and TTL are mutually exclusive.
- type: string
- usages:
- description: Usages describes the ways in which this token
- can be used. Can by default be used for establishing bidirectional
- trust, but that can be changed here.
- items:
- type: string
- type: array
- required:
- - token
- type: object
- type: array
- kind:
- description: 'Kind is a string value representing the REST resource
- this object represents. Servers may infer this from the endpoint
- the client submits requests to. Cannot be updated. In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- localAPIEndpoint:
- description: LocalAPIEndpoint represents the endpoint of the API
- server instance that's deployed on this control plane node In
- HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint
- in the sense that ControlPlaneEndpoint is the global endpoint
- for the cluster, which then loadbalances the requests to each
- individual API server. This configuration object lets you customize
- what IP/DNS name and port the local API server advertises it's
- accessible on. By default, kubeadm tries to auto-detect the
- IP of the default interface and use that, but in case that process
- fails you may set the desired value here.
- properties:
- advertiseAddress:
- description: AdvertiseAddress sets the IP address for the
- API server to advertise.
- type: string
- bindPort:
- description: BindPort sets the secure port for the API Server
- to bind to. Defaults to 6443.
- format: int32
- type: integer
- type: object
- nodeRegistration:
- description: NodeRegistration holds fields that relate to registering
- the new control-plane node to the cluster. When used in the
- context of control plane nodes, NodeRegistration should remain
- consistent across both InitConfiguration and JoinConfiguration
- properties:
- criSocket:
- description: CRISocket is used to retrieve container runtime
- info. This information will be annotated to the Node API
- object, for later re-use
- type: string
- ignorePreflightErrors:
- description: IgnorePreflightErrors provides a slice of pre-flight
- errors to be ignored when the current node is registered.
- items:
- type: string
- type: array
- kubeletExtraArgs:
- additionalProperties:
- type: string
- description: KubeletExtraArgs passes through extra arguments
- to the kubelet. The arguments here are passed to the kubelet
- command line via the environment file kubeadm writes at
- runtime for the kubelet to source. This overrides the generic
- base-level configuration in the kubelet-config-1.X ConfigMap
- Flags have higher priority when parsing. These values are
- local and specific to the node kubeadm is executing on.
- type: object
- name:
- description: Name is the `.Metadata.Name` field of the Node
- API object that will be created in this `kubeadm init` or
- `kubeadm join` operation. This field is also used in the
- CommonName field of the kubelet's client certificate to
- the API server. Defaults to the hostname of the node if
- not provided.
- type: string
- taints:
- description: 'Taints specifies the taints the Node API object
- should be registered with. If this field is unset, i.e.
- nil, in the `kubeadm init` process it will be defaulted
- to []v1.Taint{''node-role.kubernetes.io/master=""''}. If
- you don''t want to taint your control-plane node, set this
- field to an empty slice, i.e. `taints: []` in the YAML file.
- This field is solely used for Node registration.'
- items:
- description: The node this Taint is attached to has the
- "effect" on any pod that does not tolerate the Taint.
- properties:
- effect:
- description: Required. The effect of the taint on pods
- that do not tolerate the taint. Valid effects are
- NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Required. The taint key to be applied to
- a node.
- type: string
- timeAdded:
- description: TimeAdded represents the time at which
- the taint was added. It is only written for NoExecute
- taints.
- format: date-time
- type: string
- value:
- description: The taint value corresponding to the taint
- key.
- type: string
- required:
- - effect
- - key
- type: object
- type: array
- type: object
- patches:
- description: Patches contains options related to applying patches
- to components deployed by kubeadm during "kubeadm init". The
- minimum kubernetes version needed to support Patches is v1.22
- properties:
- directory:
- description: Directory is a path to a directory that contains
- files named "target[suffix][+patchtype].extension". For
- example, "kube-apiserver0+merge.yaml" or just "etcd.json".
- "target" can be one of "kube-apiserver", "kube-controller-manager",
- "kube-scheduler", "etcd". "patchtype" can be one of "strategic"
- "merge" or "json" and they match the patch formats supported
- by kubectl. The default "patchtype" is "strategic". "extension"
- must be either "json" or "yaml". "suffix" is an optional
- string that can be used to determine which patches are applied
- first alpha-numerically. These files can be written into
- the target directory via KubeadmConfig.Files which specifies
- additional files to be created on the machine, either with
- content inline or by referencing a secret.
- type: string
- type: object
- skipPhases:
- description: SkipPhases is a list of phases to skip during command
- execution. The list of phases can be obtained with the "kubeadm
- init --help" command. This option takes effect only on Kubernetes
- >=1.22.0.
- items:
- type: string
- type: array
- type: object
- joinConfiguration:
- description: JoinConfiguration is the kubeadm configuration for the
- join command
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this
- representation of an object. Servers should convert recognized
- schemas to the latest internal value, and may reject unrecognized
- values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- caCertPath:
- description: 'CACertPath is the path to the SSL certificate authority
- used to secure comunications between node and control-plane.
- Defaults to "/etc/kubernetes/pki/ca.crt". TODO: revisit when
- there is defaulting from k/k'
- type: string
- controlPlane:
- description: ControlPlane defines the additional control plane
- instance to be deployed on the joining node. If nil, no additional
- control plane instance will be deployed.
- properties:
- localAPIEndpoint:
- description: LocalAPIEndpoint represents the endpoint of the
- API server instance to be deployed on this node.
- properties:
- advertiseAddress:
- description: AdvertiseAddress sets the IP address for
- the API server to advertise.
- type: string
- bindPort:
- description: BindPort sets the secure port for the API
- Server to bind to. Defaults to 6443.
- format: int32
- type: integer
- type: object
- type: object
- discovery:
- description: 'Discovery specifies the options for the kubelet
- to use during the TLS Bootstrap process TODO: revisit when there
- is defaulting from k/k'
- properties:
- bootstrapToken:
- description: BootstrapToken is used to set the options for
- bootstrap token based discovery BootstrapToken and File
- are mutually exclusive
- properties:
- apiServerEndpoint:
- description: APIServerEndpoint is an IP or domain name
- to the API server from which info will be fetched.
- type: string
- caCertHashes:
- description: 'CACertHashes specifies a set of public key
- pins to verify when token-based discovery is used. The
- root CA found during discovery must match one of these
- values. Specifying an empty set disables root CA pinning,
- which can be unsafe. Each hash is specified as "<type>:<value>",
- where the only currently supported type is "sha256".
- This is a hex-encoded SHA-256 hash of the Subject Public
- Key Info (SPKI) object in DER-encoded ASN.1. These hashes
- can be calculated using, for example, OpenSSL: openssl
- x509 -pubkey -in ca.crt openssl rsa -pubin -outform
- der 2>&/dev/null | openssl dgst -sha256 -hex'
- items:
- type: string
- type: array
- token:
- description: Token is a token used to validate cluster
- information fetched from the control-plane.
- type: string
- unsafeSkipCAVerification:
- description: UnsafeSkipCAVerification allows token-based
- discovery without CA verification via CACertHashes.
- This can weaken the security of kubeadm since other
- nodes can impersonate the control-plane.
- type: boolean
- required:
- - token
- type: object
- file:
- description: File is used to specify a file or URL to a kubeconfig
- file from which to load cluster information BootstrapToken
- and File are mutually exclusive
- properties:
- kubeConfigPath:
- description: KubeConfigPath is used to specify the actual
- file path or URL to the kubeconfig file from which to
- load cluster information
- type: string
- required:
- - kubeConfigPath
- type: object
- timeout:
- description: Timeout modifies the discovery timeout
- type: string
- tlsBootstrapToken:
- description: TLSBootstrapToken is a token used for TLS bootstrapping.
- If .BootstrapToken is set, this field is defaulted to .BootstrapToken.Token,
- but can be overridden. If .File is set, this field **must
- be set** in case the KubeConfigFile does not contain any
- other authentication information
- type: string
- type: object
- kind:
- description: 'Kind is a string value representing the REST resource
- this object represents. Servers may infer this from the endpoint
- the client submits requests to. Cannot be updated. In CamelCase.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- nodeRegistration:
- description: NodeRegistration holds fields that relate to registering
- the new control-plane node to the cluster. When used in the
- context of control plane nodes, NodeRegistration should remain
- consistent across both InitConfiguration and JoinConfiguration
- properties:
- criSocket:
- description: CRISocket is used to retrieve container runtime
- info. This information will be annotated to the Node API
- object, for later re-use
- type: string
- ignorePreflightErrors:
- description: IgnorePreflightErrors provides a slice of pre-flight
- errors to be ignored when the current node is registered.
- items:
- type: string
- type: array
- kubeletExtraArgs:
- additionalProperties:
- type: string
- description: KubeletExtraArgs passes through extra arguments
- to the kubelet. The arguments here are passed to the kubelet
- command line via the environment file kubeadm writes at
- runtime for the kubelet to source. This overrides the generic
- base-level configuration in the kubelet-config-1.X ConfigMap
- Flags have higher priority when parsing. These values are
- local and specific to the node kubeadm is executing on.
- type: object
- name:
- description: Name is the `.Metadata.Name` field of the Node
- API object that will be created in this `kubeadm init` or
- `kubeadm join` operation. This field is also used in the
- CommonName field of the kubelet's client certificate to
- the API server. Defaults to the hostname of the node if
- not provided.
- type: string
- taints:
- description: 'Taints specifies the taints the Node API object
- should be registered with. If this field is unset, i.e.
- nil, in the `kubeadm init` process it will be defaulted
- to []v1.Taint{''node-role.kubernetes.io/master=""''}. If
- you don''t want to taint your control-plane node, set this
- field to an empty slice, i.e. `taints: []` in the YAML file.
- This field is solely used for Node registration.'
- items:
- description: The node this Taint is attached to has the
- "effect" on any pod that does not tolerate the Taint.
- properties:
- effect:
- description: Required. The effect of the taint on pods
- that do not tolerate the taint. Valid effects are
- NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Required. The taint key to be applied to
- a node.
- type: string
- timeAdded:
- description: TimeAdded represents the time at which
- the taint was added. It is only written for NoExecute
- taints.
- format: date-time
- type: string
- value:
- description: The taint value corresponding to the taint
- key.
- type: string
- required:
- - effect
- - key
- type: object
- type: array
- type: object
- patches:
- description: Patches contains options related to applying patches
- to components deployed by kubeadm during "kubeadm join". The
- minimum kubernetes version needed to support Patches is v1.22
- properties:
- directory:
- description: Directory is a path to a directory that contains
- files named "target[suffix][+patchtype].extension". For
- example, "kube-apiserver0+merge.yaml" or just "etcd.json".
- "target" can be one of "kube-apiserver", "kube-controller-manager",
- "kube-scheduler", "etcd". "patchtype" can be one of "strategic"
- "merge" or "json" and they match the patch formats supported
- by kubectl. The default "patchtype" is "strategic". "extension"
- must be either "json" or "yaml". "suffix" is an optional
- string that can be used to determine which patches are applied
- first alpha-numerically. These files can be written into
- the target directory via KubeadmConfig.Files which specifies
- additional files to be created on the machine, either with
- content inline or by referencing a secret.
- type: string
- type: object
- skipPhases:
- description: SkipPhases is a list of phases to skip during command
- execution. The list of phases can be obtained with the "kubeadm
- init --help" command. This option takes effect only on Kubernetes
- >=1.22.0.
- items:
- type: string
- type: array
- type: object
- mounts:
- description: Mounts specifies a list of mount points to be setup.
- items:
- description: MountPoints defines input for generated mounts in cloud-init.
- items:
- type: string
- type: array
- type: array
- ntp:
- description: NTP specifies NTP configuration
- properties:
- enabled:
- description: Enabled specifies whether NTP should be enabled
- type: boolean
- servers:
- description: Servers specifies which NTP servers to use
- items:
- type: string
- type: array
- type: object
- postKubeadmCommands:
- description: PostKubeadmCommands specifies extra commands to run after
- kubeadm runs
- items:
- type: string
- type: array
- preKubeadmCommands:
- description: PreKubeadmCommands specifies extra commands to run before
- kubeadm runs
- items:
- type: string
- type: array
- useExperimentalRetryJoin:
- description: "UseExperimentalRetryJoin replaces a basic kubeadm command
- with a shell script with retries for joins. \n This is meant to
- be an experimental temporary workaround on some environments where
- joins fail due to timing (and other issues). The long term goal
- is to add retries to kubeadm proper and use that functionality.
- \n This will add about 40KB to userdata \n For more information,
- refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055.
- \n Deprecated: This experimental fix is no longer needed and this
- field will be removed in a future release. When removing also remove
- from staticcheck exclude-rules for SA1019 in golangci.yml"
- type: boolean
- users:
- description: Users specifies extra users to add
- items:
- description: User defines the input for a generated user in cloud-init.
- properties:
- gecos:
- description: Gecos specifies the gecos to use for the user
- type: string
- groups:
- description: Groups specifies the additional groups for the
- user
- type: string
- homeDir:
- description: HomeDir specifies the home directory to use for
- the user
- type: string
- inactive:
- description: Inactive specifies whether to mark the user as
- inactive
- type: boolean
- lockPassword:
- description: LockPassword specifies if password login should
- be disabled
- type: boolean
- name:
- description: Name specifies the user name
- type: string
- passwd:
- description: Passwd specifies a hashed password for the user
- type: string
- passwdFrom:
- description: PasswdFrom is a referenced source of passwd to
- populate the passwd.
- properties:
- secret:
- description: Secret represents a secret that should populate
- this password.
- properties:
- key:
- description: Key is the key in the secret's data map
- for this value.
- type: string
- name:
- description: Name of the secret in the KubeadmBootstrapConfig's
- namespace to use.
- type: string
- required:
- - key
- - name
- type: object
- required:
- - secret
- type: object
- primaryGroup:
- description: PrimaryGroup specifies the primary group for the
- user
- type: string
- shell:
- description: Shell specifies the user's shell
- type: string
- sshAuthorizedKeys:
- description: SSHAuthorizedKeys specifies a list of ssh authorized
- keys for the user
- items:
- type: string
- type: array
- sudo:
- description: Sudo specifies a sudo role for the user
- type: string
- required:
- - name
- type: object
- type: array
- verbosity:
- description: Verbosity is the number for the kubeadm log level verbosity.
- It overrides the `--v` flag in kubeadm commands.
- format: int32
- type: integer
- type: object
- status:
- description: KubeadmConfigStatus defines the observed state of KubeadmConfig.
- properties:
- conditions:
- description: Conditions defines current service state of the KubeadmConfig.
- items:
- description: Condition defines an observation of a Cluster API resource
- operational state.
- properties:
- lastTransitionTime:
- description: Last time the condition transitioned from one status
- to another. This should be when the underlying condition changed.
- If that is not known, then using the time when the API field
- changed is acceptable.
- format: date-time
- type: string
- message:
- description: A human readable message indicating details about
- the transition. This field may be empty.
- type: string
- reason:
- description: The reason for the condition's last transition
- in CamelCase. The specific API may choose whether or not this
- field is considered a guaranteed API. This field may not be
- empty.
- type: string
- severity:
- description: Severity provides an explicit classification of
- Reason code, so the users or machines can immediately understand
- the current situation and act accordingly. The Severity field
- MUST be set only when Status=False.
- type: string
- status:
- description: Status of the condition, one of True, False, Unknown.
- type: string
- type:
- description: Type of condition in CamelCase or in foo.example.com/CamelCase.
- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important.
- type: string
- required:
- - lastTransitionTime
- - status
- - type
- type: object
- type: array
- dataSecretName:
- description: DataSecretName is the name of the secret that stores
- the bootstrap data script.
- type: string
- failureMessage:
- description: FailureMessage will be set on non-retryable errors
- type: string
- failureReason:
- description: FailureReason will be set on non-retryable errors
- type: string
- observedGeneration:
- description: ObservedGeneration is the latest generation observed
- by the controller.
- format: int64
- type: integer
- ready:
- description: Ready indicates the BootstrapData field is ready to be
- consumed
- type: boolean
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: null
- storedVersions: null
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- cert-manager.io/inject-ca-from: capi-kubeadm-bootstrap-system/capi-kubeadm-bootstrap-serving-cert
- controller-gen.kubebuilder.io/version: v0.10.0
- creationTimestamp: null
- labels:
- cluster.x-k8s.io/provider: bootstrap-kubeadm
- cluster.x-k8s.io/v1alpha3: v1alpha3
- cluster.x-k8s.io/v1alpha4: v1alpha4
- cluster.x-k8s.io/v1beta1: v1beta1
- clusterctl.cluster.x-k8s.io: ""
- name: kubeadmconfigtemplates.bootstrap.cluster.x-k8s.io
-spec:
- conversion:
- strategy: Webhook
- webhook:
- clientConfig:
- caBundle: Cg==
- service:
- name: capi-kubeadm-bootstrap-webhook-service
- namespace: capi-kubeadm-bootstrap-system
- path: /convert
- conversionReviewVersions:
- - v1
- - v1beta1
- group: bootstrap.cluster.x-k8s.io
- names:
- categories:
- - cluster-api
- kind: KubeadmConfigTemplate
- listKind: KubeadmConfigTemplateList
- plural: kubeadmconfigtemplates
- singular: kubeadmconfigtemplate
- scope: Namespaced
- versions:
- - name: v1alpha3
- schema:
- openAPIV3Schema:
- description: KubeadmConfigTemplate is the Schema for the kubeadmconfigtemplates
- API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: KubeadmConfigTemplateSpec defines the desired state of KubeadmConfigTemplate.
- properties:
- template:
- description: KubeadmConfigTemplateResource defines the Template structure.
- properties:
- spec:
- description: KubeadmConfigSpec defines the desired state of KubeadmConfig.
- Either ClusterConfiguration and InitConfiguration should be
- defined or the JoinConfiguration should be defined.
- properties:
- clusterConfiguration:
- description: ClusterConfiguration along with InitConfiguration
- are the configurations necessary for the init command
- properties:
- apiServer:
- description: APIServer contains extra settings for the
- API server control plane component
- properties:
- certSANs:
- description: CertSANs sets extra Subject Alternative
- Names for the API Server signing cert.
- items:
- type: string
- type: array
- extraArgs:
- additionalProperties:
- type: string
- description: 'ExtraArgs is an extra set of flags to
- pass to the control plane component. TODO: This
- is temporary and ideally we would like to switch
- all components to use ComponentConfig + ConfigMaps.'
- type: object
- extraVolumes:
- description: ExtraVolumes is an extra set of host
- volumes, mounted to the control plane component.
- items:
- description: HostPathMount contains elements describing
- volumes that are mounted from the host.
- properties:
- hostPath:
- description: HostPath is the path in the host
- that will be mounted inside the pod.
- type: string
- mountPath:
- description: MountPath is the path inside the
- pod where hostPath will be mounted.
- type: string
- name:
- description: Name of the volume inside the pod
- template.
- type: string
- pathType:
- description: PathType is the type of the HostPath.
- type: string
- readOnly:
- description: ReadOnly controls write access
- to the volume
- type: boolean
- required:
- - hostPath
- - mountPath
- - name
- type: object
- type: array
- timeoutForControlPlane:
- description: TimeoutForControlPlane controls the timeout
- that we use for API server to appear
- type: string
- type: object
- apiVersion:
- description: 'APIVersion defines the versioned schema
- of this representation of an object. Servers should
- convert recognized schemas to the latest internal value,
- and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- certificatesDir:
- description: 'CertificatesDir specifies where to store
- or look for all required certificates. NB: if not provided,
- this will default to `/etc/kubernetes/pki`'
- type: string
- clusterName:
- description: The cluster name
- type: string
- controlPlaneEndpoint:
- description: 'ControlPlaneEndpoint sets a stable IP address
- or DNS name for the control plane; it can be a valid
- IP address or a RFC-1123 DNS subdomain, both with optional
- TCP port. In case the ControlPlaneEndpoint is not specified,
- the AdvertiseAddress + BindPort are used; in case the
- ControlPlaneEndpoint is specified but without a TCP
- port, the BindPort is used. Possible usages are: e.g.
- In a cluster with more than one control plane instances,
- this field should be assigned the address of the external
- load balancer in front of the control plane instances.
- e.g. in environments with enforced node recycling,
- the ControlPlaneEndpoint could be used for assigning
- a stable DNS to the control plane. NB: This value defaults
- to the first value in the Cluster object status.apiEndpoints
- array.'
- type: string
- controllerManager:
- description: ControllerManager contains extra settings
- for the controller manager control plane component
- properties:
- extraArgs:
- additionalProperties:
- type: string
- description: 'ExtraArgs is an extra set of flags to
- pass to the control plane component. TODO: This
- is temporary and ideally we would like to switch
- all components to use ComponentConfig + ConfigMaps.'
- type: object
- extraVolumes:
- description: ExtraVolumes is an extra set of host
- volumes, mounted to the control plane component.
- items:
- description: HostPathMount contains elements describing
- volumes that are mounted from the host.
- properties:
- hostPath:
- description: HostPath is the path in the host
- that will be mounted inside the pod.
- type: string
- mountPath:
- description: MountPath is the path inside the
- pod where hostPath will be mounted.
- type: string
- name:
- description: Name of the volume inside the pod
- template.
- type: string
- pathType:
- description: PathType is the type of the HostPath.
- type: string
- readOnly:
- description: ReadOnly controls write access
- to the volume
- type: boolean
- required:
- - hostPath
- - mountPath
- - name
- type: object
- type: array
- type: object
- dns:
- description: DNS defines the options for the DNS add-on
- installed in the cluster.
- properties:
- imageRepository:
- description: ImageRepository sets the container registry
- to pull images from. if not set, the ImageRepository
- defined in ClusterConfiguration will be used instead.
- type: string
- imageTag:
- description: ImageTag allows to specify a tag for
- the image. In case this value is set, kubeadm does
- not change automatically the version of the above
- components during upgrades.
- type: string
- type:
- description: Type defines the DNS add-on to be used
- type: string
- type: object
- etcd:
- description: 'Etcd holds configuration for etcd. NB: This
- value defaults to a Local (stacked) etcd'
- properties:
- external:
- description: External describes how to connect to
- an external etcd cluster Local and External are
- mutually exclusive
- properties:
- caFile:
- description: CAFile is an SSL Certificate Authority
- file used to secure etcd communication. Required
- if using a TLS connection.
- type: string
- certFile:
- description: CertFile is an SSL certification
- file used to secure etcd communication. Required
- if using a TLS connection.
- type: string
- endpoints:
- description: Endpoints of etcd members. Required
- for ExternalEtcd.
- items:
- type: string
- type: array
- keyFile:
- description: KeyFile is an SSL key file used to
- secure etcd communication. Required if using
- a TLS connection.
- type: string
- required:
- - caFile
- - certFile
- - endpoints
- - keyFile
- type: object
- local:
- description: Local provides configuration knobs for
- configuring the local etcd instance Local and External
- are mutually exclusive
- properties:
- dataDir:
- description: DataDir is the directory etcd will
- place its data. Defaults to "/var/lib/etcd".
- type: string
- extraArgs:
- additionalProperties:
- type: string
- description: ExtraArgs are extra arguments provided
- to the etcd binary when run inside a static
- pod.
- type: object
- imageRepository:
- description: ImageRepository sets the container
- registry to pull images from. if not set, the
- ImageRepository defined in ClusterConfiguration
- will be used instead.
- type: string
- imageTag:
- description: ImageTag allows to specify a tag
- for the image. In case this value is set, kubeadm
- does not change automatically the version of
- the above components during upgrades.
- type: string
- peerCertSANs:
- description: PeerCertSANs sets extra Subject Alternative
- Names for the etcd peer signing cert.
- items:
- type: string
- type: array
- serverCertSANs:
- description: ServerCertSANs sets extra Subject
- Alternative Names for the etcd server signing
- cert.
- items:
- type: string
- type: array
- type: object
- type: object
- featureGates:
- additionalProperties:
- type: boolean
- description: FeatureGates enabled by the user.
- type: object
- imageRepository:
- description: ImageRepository sets the container registry
- to pull images from. If empty, `k8s.gcr.io` will be
- used by default; in case of kubernetes version is a
- CI build (kubernetes version starts with `ci/` or `ci-cross/`)
- `gcr.io/k8s-staging-ci-images` will be used as a default
- for control plane components and for kube-proxy, while
- `k8s.gcr.io` will be used for all the other images.
- type: string
- kind:
- description: 'Kind is a string value representing the
- REST resource this object represents. Servers may infer
- this from the endpoint the client submits requests to.
- Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- kubernetesVersion:
- description: 'KubernetesVersion is the target version
- of the control plane. NB: This value defaults to the
- Machine object spec.version'
- type: string
- networking:
- description: 'Networking holds configuration for the networking
- topology of the cluster. NB: This value defaults to
- the Cluster object spec.clusterNetwork.'
- properties:
- dnsDomain:
- description: DNSDomain is the dns domain used by k8s
- services. Defaults to "cluster.local".
- type: string
- podSubnet:
- description: PodSubnet is the subnet used by pods.
- If unset, the API server will not allocate CIDR
- ranges for every node. Defaults to a comma-delimited
- string of the Cluster object's spec.clusterNetwork.services.cidrBlocks
- if that is set
- type: string
- serviceSubnet:
- description: ServiceSubnet is the subnet used by k8s
- services. Defaults to a comma-delimited string of
- the Cluster object's spec.clusterNetwork.pods.cidrBlocks,
- or to "10.96.0.0/12" if that's unset.
- type: string
- type: object
- scheduler:
- description: Scheduler contains extra settings for the
- scheduler control plane component
- properties:
- extraArgs:
- additionalProperties:
- type: string
- description: 'ExtraArgs is an extra set of flags to
- pass to the control plane component. TODO: This
- is temporary and ideally we would like to switch
- all components to use ComponentConfig + ConfigMaps.'
- type: object
- extraVolumes:
- description: ExtraVolumes is an extra set of host
- volumes, mounted to the control plane component.
- items:
- description: HostPathMount contains elements describing
- volumes that are mounted from the host.
- properties:
- hostPath:
- description: HostPath is the path in the host
- that will be mounted inside the pod.
- type: string
- mountPath:
- description: MountPath is the path inside the
- pod where hostPath will be mounted.
- type: string
- name:
- description: Name of the volume inside the pod
- template.
- type: string
- pathType:
- description: PathType is the type of the HostPath.
- type: string
- readOnly:
- description: ReadOnly controls write access
- to the volume
- type: boolean
- required:
- - hostPath
- - mountPath
- - name
- type: object
- type: array
- type: object
- useHyperKubeImage:
- description: UseHyperKubeImage controls if hyperkube should
- be used for Kubernetes components instead of their respective
- separate images
- type: boolean
- type: object
- diskSetup:
- description: DiskSetup specifies options for the creation
- of partition tables and file systems on devices.
- properties:
- filesystems:
- description: Filesystems specifies the list of file systems
- to setup.
- items:
- description: Filesystem defines the file systems to
- be created.
- properties:
- device:
- description: Device specifies the device name
- type: string
- extraOpts:
- description: ExtraOpts defined extra options to
- add to the command for creating the file system.
- items:
- type: string
- type: array
- filesystem:
- description: Filesystem specifies the file system
- type.
- type: string
- label:
- description: Label specifies the file system label
- to be used. If set to None, no label is used.
- type: string
- overwrite:
- description: Overwrite defines whether or not to
- overwrite any existing filesystem. If true, any
- pre-existing file system will be destroyed. Use
- with Caution.
- type: boolean
- partition:
- description: 'Partition specifies the partition
- to use. The valid options are: "auto|any", "auto",
- "any", "none", and <NUM>, where NUM is the actual
- partition number.'
- type: string
- replaceFS:
- description: 'ReplaceFS is a special directive,
- used for Microsoft Azure that instructs cloud-init
- to replace a file system of <FS_TYPE>. NOTE: unless
- you define a label, this requires the use of the
- ''any'' partition directive.'
- type: string
- required:
- - device
- - filesystem
- - label
- type: object
- type: array
- partitions:
- description: Partitions specifies the list of the partitions
- to setup.
- items:
- description: Partition defines how to create and layout
- a partition.
- properties:
- device:
- description: Device is the name of the device.
- type: string
- layout:
- description: Layout specifies the device layout.
- If it is true, a single partition will be created
- for the entire device. When layout is false, it
- means don't partition or ignore existing partitioning.
- type: boolean
- overwrite:
- description: Overwrite describes whether to skip
- checks and create the partition if a partition
- or filesystem is found on the device. Use with
- caution. Default is 'false'.
- type: boolean
- tableType:
- description: 'TableType specifies the tupe of partition
- table. The following are supported: ''mbr'': default
- and setups a MS-DOS partition table ''gpt'': setups
- a GPT partition table'
- type: string
- required:
- - device
- - layout
- type: object
- type: array
- type: object
- files:
- description: Files specifies extra files to be passed to user_data
- upon creation.
- items:
- description: File defines the input for generating write_files
- in cloud-init.
- properties:
- content:
- description: Content is the actual content of the file.
- type: string
- contentFrom:
- description: ContentFrom is a referenced source of content
- to populate the file.
- properties:
- secret:
- description: Secret represents a secret that should
- populate this file.
- properties:
- key:
- description: Key is the key in the secret's
- data map for this value.
- type: string
- name:
- description: Name of the secret in the KubeadmBootstrapConfig's
- namespace to use.
- type: string
- required:
- - key
- - name
- type: object
- required:
- - secret
- type: object
- encoding:
- description: Encoding specifies the encoding of the
- file contents.
- enum:
- - base64
- - gzip
- - gzip+base64
- type: string
- owner:
- description: Owner specifies the ownership of the file,
- e.g. "root:root".
- type: string
- path:
- description: Path specifies the full path on disk where
- to store the file.
- type: string
- permissions:
- description: Permissions specifies the permissions to
- assign to the file, e.g. "0640".
- type: string
- required:
- - path
- type: object
- type: array
- format:
- description: Format specifies the output format of the bootstrap
- data
- enum:
- - cloud-config
- type: string
- initConfiguration:
- description: InitConfiguration along with ClusterConfiguration
- are the configurations necessary for the init command
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema
- of this representation of an object. Servers should
- convert recognized schemas to the latest internal value,
- and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- bootstrapTokens:
- description: BootstrapTokens is respected at `kubeadm
- init` time and describes a set of Bootstrap Tokens to
- create. This information IS NOT uploaded to the kubeadm
- cluster configmap, partly because of its sensitive nature
- items:
- description: BootstrapToken describes one bootstrap
- token, stored as a Secret in the cluster.
- properties:
- description:
- description: Description sets a human-friendly message
- why this token exists and what it's used for,
- so other administrators can know its purpose.
- type: string
- expires:
- description: Expires specifies the timestamp when
- this token expires. Defaults to being set dynamically
- at runtime based on the TTL. Expires and TTL are
- mutually exclusive.
- format: date-time
- type: string
- groups:
- description: Groups specifies the extra groups that
- this token will authenticate as when/if used for
- authentication
- items:
- type: string
- type: array
- token:
- description: Token is used for establishing bidirectional
- trust between nodes and control-planes. Used for
- joining nodes in the cluster.
- type: string
- ttl:
- description: TTL defines the time to live for this
- token. Defaults to 24h. Expires and TTL are mutually
- exclusive.
- type: string
- usages:
- description: Usages describes the ways in which
- this token can be used. Can by default be used
- for establishing bidirectional trust, but that
- can be changed here.
- items:
- type: string
- type: array
- required:
- - token
- type: object
- type: array
- kind:
- description: 'Kind is a string value representing the
- REST resource this object represents. Servers may infer
- this from the endpoint the client submits requests to.
- Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- localAPIEndpoint:
- description: LocalAPIEndpoint represents the endpoint
- of the API server instance that's deployed on this control
- plane node In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint
- in the sense that ControlPlaneEndpoint is the global
- endpoint for the cluster, which then loadbalances the
- requests to each individual API server. This configuration
- object lets you customize what IP/DNS name and port
- the local API server advertises it's accessible on.
- By default, kubeadm tries to auto-detect the IP of the
- default interface and use that, but in case that process
- fails you may set the desired value here.
- properties:
- advertiseAddress:
- description: AdvertiseAddress sets the IP address
- for the API server to advertise.
- type: string
- bindPort:
- description: BindPort sets the secure port for the
- API Server to bind to. Defaults to 6443.
- format: int32
- type: integer
- required:
- - advertiseAddress
- - bindPort
- type: object
- nodeRegistration:
- description: NodeRegistration holds fields that relate
- to registering the new control-plane node to the cluster.
- When used in the context of control plane nodes, NodeRegistration
- should remain consistent across both InitConfiguration
- and JoinConfiguration
- properties:
- criSocket:
- description: CRISocket is used to retrieve container
- runtime info. This information will be annotated
- to the Node API object, for later re-use
- type: string
- kubeletExtraArgs:
- additionalProperties:
- type: string
- description: KubeletExtraArgs passes through extra
- arguments to the kubelet. The arguments here are
- passed to the kubelet command line via the environment
- file kubeadm writes at runtime for the kubelet to
- source. This overrides the generic base-level configuration
- in the kubelet-config-1.X ConfigMap Flags have higher
- priority when parsing. These values are local and
- specific to the node kubeadm is executing on.
- type: object
- name:
- description: Name is the `.Metadata.Name` field of
- the Node API object that will be created in this
- `kubeadm init` or `kubeadm join` operation. This
- field is also used in the CommonName field of the
- kubelet's client certificate to the API server.
- Defaults to the hostname of the node if not provided.
- type: string
- taints:
- description: 'Taints specifies the taints the Node
- API object should be registered with. If this field
- is unset, i.e. nil, in the `kubeadm init` process
- it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}.
- If you don''t want to taint your control-plane node,
- set this field to an empty slice, i.e. `taints:
- {}` in the YAML file. This field is solely used
- for Node registration.'
- items:
- description: The node this Taint is attached to
- has the "effect" on any pod that does not tolerate
- the Taint.
- properties:
- effect:
- description: Required. The effect of the taint
- on pods that do not tolerate the taint. Valid
- effects are NoSchedule, PreferNoSchedule and
- NoExecute.
- type: string
- key:
- description: Required. The taint key to be applied
- to a node.
- type: string
- timeAdded:
- description: TimeAdded represents the time at
- which the taint was added. It is only written
- for NoExecute taints.
- format: date-time
- type: string
- value:
- description: The taint value corresponding to
- the taint key.
- type: string
- required:
- - effect
- - key
- type: object
- type: array
- type: object
- type: object
- joinConfiguration:
- description: JoinConfiguration is the kubeadm configuration
- for the join command
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema
- of this representation of an object. Servers should
- convert recognized schemas to the latest internal value,
- and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- caCertPath:
- description: 'CACertPath is the path to the SSL certificate
- authority used to secure comunications between node
- and control-plane. Defaults to "/etc/kubernetes/pki/ca.crt".
- TODO: revisit when there is defaulting from k/k'
- type: string
- controlPlane:
- description: ControlPlane defines the additional control
- plane instance to be deployed on the joining node. If
- nil, no additional control plane instance will be deployed.
- properties:
- localAPIEndpoint:
- description: LocalAPIEndpoint represents the endpoint
- of the API server instance to be deployed on this
- node.
- properties:
- advertiseAddress:
- description: AdvertiseAddress sets the IP address
- for the API server to advertise.
- type: string
- bindPort:
- description: BindPort sets the secure port for
- the API Server to bind to. Defaults to 6443.
- format: int32
- type: integer
- required:
- - advertiseAddress
- - bindPort
- type: object
- type: object
- discovery:
- description: 'Discovery specifies the options for the
- kubelet to use during the TLS Bootstrap process TODO:
- revisit when there is defaulting from k/k'
- properties:
- bootstrapToken:
- description: BootstrapToken is used to set the options
- for bootstrap token based discovery BootstrapToken
- and File are mutually exclusive
- properties:
- apiServerEndpoint:
- description: APIServerEndpoint is an IP or domain
- name to the API server from which info will
- be fetched.
- type: string
- caCertHashes:
- description: 'CACertHashes specifies a set of
- public key pins to verify when token-based discovery
- is used. The root CA found during discovery
- must match one of these values. Specifying an
- empty set disables root CA pinning, which can
- be unsafe. Each hash is specified as "<type>:<value>",
- where the only currently supported type is "sha256".
- This is a hex-encoded SHA-256 hash of the Subject
- Public Key Info (SPKI) object in DER-encoded
- ASN.1. These hashes can be calculated using,
- for example, OpenSSL: openssl x509 -pubkey -in
- ca.crt openssl rsa -pubin -outform der 2>&/dev/null
- | openssl dgst -sha256 -hex'
- items:
- type: string
- type: array
- token:
- description: Token is a token used to validate
- cluster information fetched from the control-plane.
- type: string
- unsafeSkipCAVerification:
- description: UnsafeSkipCAVerification allows token-based
- discovery without CA verification via CACertHashes.
- This can weaken the security of kubeadm since
- other nodes can impersonate the control-plane.
- type: boolean
- required:
- - token
- - unsafeSkipCAVerification
- type: object
- file:
- description: File is used to specify a file or URL
- to a kubeconfig file from which to load cluster
- information BootstrapToken and File are mutually
- exclusive
- properties:
- kubeConfigPath:
- description: KubeConfigPath is used to specify
- the actual file path or URL to the kubeconfig
- file from which to load cluster information
- type: string
- required:
- - kubeConfigPath
- type: object
- timeout:
- description: Timeout modifies the discovery timeout
- type: string
- tlsBootstrapToken:
- description: 'TLSBootstrapToken is a token used for
- TLS bootstrapping. If .BootstrapToken is set, this
- field is defaulted to .BootstrapToken.Token, but
- can be overridden. If .File is set, this field **must
- be set** in case the KubeConfigFile does not contain
- any other authentication information TODO: revisit
- when there is defaulting from k/k'
- type: string
- type: object
- kind:
- description: 'Kind is a string value representing the
- REST resource this object represents. Servers may infer
- this from the endpoint the client submits requests to.
- Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- nodeRegistration:
- description: NodeRegistration holds fields that relate
- to registering the new control-plane node to the cluster.
- When used in the context of control plane nodes, NodeRegistration
- should remain consistent across both InitConfiguration
- and JoinConfiguration
- properties:
- criSocket:
- description: CRISocket is used to retrieve container
- runtime info. This information will be annotated
- to the Node API object, for later re-use
- type: string
- kubeletExtraArgs:
- additionalProperties:
- type: string
- description: KubeletExtraArgs passes through extra
- arguments to the kubelet. The arguments here are
- passed to the kubelet command line via the environment
- file kubeadm writes at runtime for the kubelet to
- source. This overrides the generic base-level configuration
- in the kubelet-config-1.X ConfigMap Flags have higher
- priority when parsing. These values are local and
- specific to the node kubeadm is executing on.
- type: object
- name:
- description: Name is the `.Metadata.Name` field of
- the Node API object that will be created in this
- `kubeadm init` or `kubeadm join` operation. This
- field is also used in the CommonName field of the
- kubelet's client certificate to the API server.
- Defaults to the hostname of the node if not provided.
- type: string
- taints:
- description: 'Taints specifies the taints the Node
- API object should be registered with. If this field
- is unset, i.e. nil, in the `kubeadm init` process
- it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}.
- If you don''t want to taint your control-plane node,
- set this field to an empty slice, i.e. `taints:
- {}` in the YAML file. This field is solely used
- for Node registration.'
- items:
- description: The node this Taint is attached to
- has the "effect" on any pod that does not tolerate
- the Taint.
- properties:
- effect:
- description: Required. The effect of the taint
- on pods that do not tolerate the taint. Valid
- effects are NoSchedule, PreferNoSchedule and
- NoExecute.
- type: string
- key:
- description: Required. The taint key to be applied
- to a node.
- type: string
- timeAdded:
- description: TimeAdded represents the time at
- which the taint was added. It is only written
- for NoExecute taints.
- format: date-time
- type: string
- value:
- description: The taint value corresponding to
- the taint key.
- type: string
- required:
- - effect
- - key
- type: object
- type: array
- type: object
- type: object
- mounts:
- description: Mounts specifies a list of mount points to be
- setup.
- items:
- description: MountPoints defines input for generated mounts
- in cloud-init.
- items:
- type: string
- type: array
- type: array
- ntp:
- description: NTP specifies NTP configuration
- properties:
- enabled:
- description: Enabled specifies whether NTP should be enabled
- type: boolean
- servers:
- description: Servers specifies which NTP servers to use
- items:
- type: string
- type: array
- type: object
- postKubeadmCommands:
- description: PostKubeadmCommands specifies extra commands
- to run after kubeadm runs
- items:
- type: string
- type: array
- preKubeadmCommands:
- description: PreKubeadmCommands specifies extra commands to
- run before kubeadm runs
- items:
- type: string
- type: array
- useExperimentalRetryJoin:
- description: "UseExperimentalRetryJoin replaces a basic kubeadm
- command with a shell script with retries for joins. \n This
- is meant to be an experimental temporary workaround on some
- environments where joins fail due to timing (and other issues).
- The long term goal is to add retries to kubeadm proper and
- use that functionality. \n This will add about 40KB to userdata
- \n For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055."
- type: boolean
- users:
- description: Users specifies extra users to add
- items:
- description: User defines the input for a generated user
- in cloud-init.
- properties:
- gecos:
- description: Gecos specifies the gecos to use for the
- user
- type: string
- groups:
- description: Groups specifies the additional groups
- for the user
- type: string
- homeDir:
- description: HomeDir specifies the home directory to
- use for the user
- type: string
- inactive:
- description: Inactive specifies whether to mark the
- user as inactive
- type: boolean
- lockPassword:
- description: LockPassword specifies if password login
- should be disabled
- type: boolean
- name:
- description: Name specifies the user name
- type: string
- passwd:
- description: Passwd specifies a hashed password for
- the user
- type: string
- primaryGroup:
- description: PrimaryGroup specifies the primary group
- for the user
- type: string
- shell:
- description: Shell specifies the user's shell
- type: string
- sshAuthorizedKeys:
- description: SSHAuthorizedKeys specifies a list of ssh
- authorized keys for the user
- items:
- type: string
- type: array
- sudo:
- description: Sudo specifies a sudo role for the user
- type: string
- required:
- - name
- type: object
- type: array
- verbosity:
- description: Verbosity is the number for the kubeadm log level
- verbosity. It overrides the `--v` flag in kubeadm commands.
- format: int32
- type: integer
- type: object
- type: object
- required:
- - template
- type: object
- type: object
- served: true
- storage: false
- - additionalPrinterColumns:
- - description: Time duration since creation of KubeadmConfigTemplate
- jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1alpha4
- schema:
- openAPIV3Schema:
- description: KubeadmConfigTemplate is the Schema for the kubeadmconfigtemplates
- API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: KubeadmConfigTemplateSpec defines the desired state of KubeadmConfigTemplate.
- properties:
- template:
- description: KubeadmConfigTemplateResource defines the Template structure.
- properties:
- spec:
- description: KubeadmConfigSpec defines the desired state of KubeadmConfig.
- Either ClusterConfiguration and InitConfiguration should be
- defined or the JoinConfiguration should be defined.
- properties:
- clusterConfiguration:
- description: ClusterConfiguration along with InitConfiguration
- are the configurations necessary for the init command
- properties:
- apiServer:
- description: APIServer contains extra settings for the
- API server control plane component
- properties:
- certSANs:
- description: CertSANs sets extra Subject Alternative
- Names for the API Server signing cert.
- items:
- type: string
- type: array
- extraArgs:
- additionalProperties:
- type: string
- description: 'ExtraArgs is an extra set of flags to
- pass to the control plane component. TODO: This
- is temporary and ideally we would like to switch
- all components to use ComponentConfig + ConfigMaps.'
- type: object
- extraVolumes:
- description: ExtraVolumes is an extra set of host
- volumes, mounted to the control plane component.
- items:
- description: HostPathMount contains elements describing
- volumes that are mounted from the host.
- properties:
- hostPath:
- description: HostPath is the path in the host
- that will be mounted inside the pod.
- type: string
- mountPath:
- description: MountPath is the path inside the
- pod where hostPath will be mounted.
- type: string
- name:
- description: Name of the volume inside the pod
- template.
- type: string
- pathType:
- description: PathType is the type of the HostPath.
- type: string
- readOnly:
- description: ReadOnly controls write access
- to the volume
- type: boolean
- required:
- - hostPath
- - mountPath
- - name
- type: object
- type: array
- timeoutForControlPlane:
- description: TimeoutForControlPlane controls the timeout
- that we use for API server to appear
- type: string
- type: object
- apiVersion:
- description: 'APIVersion defines the versioned schema
- of this representation of an object. Servers should
- convert recognized schemas to the latest internal value,
- and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- certificatesDir:
- description: 'CertificatesDir specifies where to store
- or look for all required certificates. NB: if not provided,
- this will default to `/etc/kubernetes/pki`'
- type: string
- clusterName:
- description: The cluster name
- type: string
- controlPlaneEndpoint:
- description: 'ControlPlaneEndpoint sets a stable IP address
- or DNS name for the control plane; it can be a valid
- IP address or a RFC-1123 DNS subdomain, both with optional
- TCP port. In case the ControlPlaneEndpoint is not specified,
- the AdvertiseAddress + BindPort are used; in case the
- ControlPlaneEndpoint is specified but without a TCP
- port, the BindPort is used. Possible usages are: e.g.
- In a cluster with more than one control plane instances,
- this field should be assigned the address of the external
- load balancer in front of the control plane instances.
- e.g. in environments with enforced node recycling,
- the ControlPlaneEndpoint could be used for assigning
- a stable DNS to the control plane. NB: This value defaults
- to the first value in the Cluster object status.apiEndpoints
- array.'
- type: string
- controllerManager:
- description: ControllerManager contains extra settings
- for the controller manager control plane component
- properties:
- extraArgs:
- additionalProperties:
- type: string
- description: 'ExtraArgs is an extra set of flags to
- pass to the control plane component. TODO: This
- is temporary and ideally we would like to switch
- all components to use ComponentConfig + ConfigMaps.'
- type: object
- extraVolumes:
- description: ExtraVolumes is an extra set of host
- volumes, mounted to the control plane component.
- items:
- description: HostPathMount contains elements describing
- volumes that are mounted from the host.
- properties:
- hostPath:
- description: HostPath is the path in the host
- that will be mounted inside the pod.
- type: string
- mountPath:
- description: MountPath is the path inside the
- pod where hostPath will be mounted.
- type: string
- name:
- description: Name of the volume inside the pod
- template.
- type: string
- pathType:
- description: PathType is the type of the HostPath.
- type: string
- readOnly:
- description: ReadOnly controls write access
- to the volume
- type: boolean
- required:
- - hostPath
- - mountPath
- - name
- type: object
- type: array
- type: object
- dns:
- description: DNS defines the options for the DNS add-on
- installed in the cluster.
- properties:
- imageRepository:
- description: ImageRepository sets the container registry
- to pull images from. if not set, the ImageRepository
- defined in ClusterConfiguration will be used instead.
- type: string
- imageTag:
- description: ImageTag allows to specify a tag for
- the image. In case this value is set, kubeadm does
- not change automatically the version of the above
- components during upgrades.
- type: string
- type: object
- etcd:
- description: 'Etcd holds configuration for etcd. NB: This
- value defaults to a Local (stacked) etcd'
- properties:
- external:
- description: External describes how to connect to
- an external etcd cluster Local and External are
- mutually exclusive
- properties:
- caFile:
- description: CAFile is an SSL Certificate Authority
- file used to secure etcd communication. Required
- if using a TLS connection.
- type: string
- certFile:
- description: CertFile is an SSL certification
- file used to secure etcd communication. Required
- if using a TLS connection.
- type: string
- endpoints:
- description: Endpoints of etcd members. Required
- for ExternalEtcd.
- items:
- type: string
- type: array
- keyFile:
- description: KeyFile is an SSL key file used to
- secure etcd communication. Required if using
- a TLS connection.
- type: string
- required:
- - caFile
- - certFile
- - endpoints
- - keyFile
- type: object
- local:
- description: Local provides configuration knobs for
- configuring the local etcd instance Local and External
- are mutually exclusive
- properties:
- dataDir:
- description: DataDir is the directory etcd will
- place its data. Defaults to "/var/lib/etcd".
- type: string
- extraArgs:
- additionalProperties:
- type: string
- description: ExtraArgs are extra arguments provided
- to the etcd binary when run inside a static
- pod.
- type: object
- imageRepository:
- description: ImageRepository sets the container
- registry to pull images from. if not set, the
- ImageRepository defined in ClusterConfiguration
- will be used instead.
- type: string
- imageTag:
- description: ImageTag allows to specify a tag
- for the image. In case this value is set, kubeadm
- does not change automatically the version of
- the above components during upgrades.
- type: string
- peerCertSANs:
- description: PeerCertSANs sets extra Subject Alternative
- Names for the etcd peer signing cert.
- items:
- type: string
- type: array
- serverCertSANs:
- description: ServerCertSANs sets extra Subject
- Alternative Names for the etcd server signing
- cert.
- items:
- type: string
- type: array
- type: object
- type: object
- featureGates:
- additionalProperties:
- type: boolean
- description: FeatureGates enabled by the user.
- type: object
- imageRepository:
- description: ImageRepository sets the container registry
- to pull images from. If empty, `registry.k8s.io` will
- be used by default; in case of kubernetes version is
- a CI build (kubernetes version starts with `ci/` or
- `ci-cross/`) `gcr.io/k8s-staging-ci-images` will be
- used as a default for control plane components and for
- kube-proxy, while `registry.k8s.io` will be used for
- all the other images.
- type: string
- kind:
- description: 'Kind is a string value representing the
- REST resource this object represents. Servers may infer
- this from the endpoint the client submits requests to.
- Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- kubernetesVersion:
- description: 'KubernetesVersion is the target version
- of the control plane. NB: This value defaults to the
- Machine object spec.version'
- type: string
- networking:
- description: 'Networking holds configuration for the networking
- topology of the cluster. NB: This value defaults to
- the Cluster object spec.clusterNetwork.'
- properties:
- dnsDomain:
- description: DNSDomain is the dns domain used by k8s
- services. Defaults to "cluster.local".
- type: string
- podSubnet:
- description: PodSubnet is the subnet used by pods.
- If unset, the API server will not allocate CIDR
- ranges for every node. Defaults to a comma-delimited
- string of the Cluster object's spec.clusterNetwork.services.cidrBlocks
- if that is set
- type: string
- serviceSubnet:
- description: ServiceSubnet is the subnet used by k8s
- services. Defaults to a comma-delimited string of
- the Cluster object's spec.clusterNetwork.pods.cidrBlocks,
- or to "10.96.0.0/12" if that's unset.
- type: string
- type: object
- scheduler:
- description: Scheduler contains extra settings for the
- scheduler control plane component
- properties:
- extraArgs:
- additionalProperties:
- type: string
- description: 'ExtraArgs is an extra set of flags to
- pass to the control plane component. TODO: This
- is temporary and ideally we would like to switch
- all components to use ComponentConfig + ConfigMaps.'
- type: object
- extraVolumes:
- description: ExtraVolumes is an extra set of host
- volumes, mounted to the control plane component.
- items:
- description: HostPathMount contains elements describing
- volumes that are mounted from the host.
- properties:
- hostPath:
- description: HostPath is the path in the host
- that will be mounted inside the pod.
- type: string
- mountPath:
- description: MountPath is the path inside the
- pod where hostPath will be mounted.
- type: string
- name:
- description: Name of the volume inside the pod
- template.
- type: string
- pathType:
- description: PathType is the type of the HostPath.
- type: string
- readOnly:
- description: ReadOnly controls write access
- to the volume
- type: boolean
- required:
- - hostPath
- - mountPath
- - name
- type: object
- type: array
- type: object
- type: object
- diskSetup:
- description: DiskSetup specifies options for the creation
- of partition tables and file systems on devices.
- properties:
- filesystems:
- description: Filesystems specifies the list of file systems
- to setup.
- items:
- description: Filesystem defines the file systems to
- be created.
- properties:
- device:
- description: Device specifies the device name
- type: string
- extraOpts:
- description: ExtraOpts defined extra options to
- add to the command for creating the file system.
- items:
- type: string
- type: array
- filesystem:
- description: Filesystem specifies the file system
- type.
- type: string
- label:
- description: Label specifies the file system label
- to be used. If set to None, no label is used.
- type: string
- overwrite:
- description: Overwrite defines whether or not to
- overwrite any existing filesystem. If true, any
- pre-existing file system will be destroyed. Use
- with Caution.
- type: boolean
- partition:
- description: 'Partition specifies the partition
- to use. The valid options are: "auto|any", "auto",
- "any", "none", and <NUM>, where NUM is the actual
- partition number.'
- type: string
- replaceFS:
- description: 'ReplaceFS is a special directive,
- used for Microsoft Azure that instructs cloud-init
- to replace a file system of <FS_TYPE>. NOTE: unless
- you define a label, this requires the use of the
- ''any'' partition directive.'
- type: string
- required:
- - device
- - filesystem
- - label
- type: object
- type: array
- partitions:
- description: Partitions specifies the list of the partitions
- to setup.
- items:
- description: Partition defines how to create and layout
- a partition.
- properties:
- device:
- description: Device is the name of the device.
- type: string
- layout:
- description: Layout specifies the device layout.
- If it is true, a single partition will be created
- for the entire device. When layout is false, it
- means don't partition or ignore existing partitioning.
- type: boolean
- overwrite:
- description: Overwrite describes whether to skip
- checks and create the partition if a partition
- or filesystem is found on the device. Use with
- caution. Default is 'false'.
- type: boolean
- tableType:
- description: 'TableType specifies the tupe of partition
- table. The following are supported: ''mbr'': default
- and setups a MS-DOS partition table ''gpt'': setups
- a GPT partition table'
- type: string
- required:
- - device
- - layout
- type: object
- type: array
- type: object
- files:
- description: Files specifies extra files to be passed to user_data
- upon creation.
- items:
- description: File defines the input for generating write_files
- in cloud-init.
- properties:
- content:
- description: Content is the actual content of the file.
- type: string
- contentFrom:
- description: ContentFrom is a referenced source of content
- to populate the file.
- properties:
- secret:
- description: Secret represents a secret that should
- populate this file.
- properties:
- key:
- description: Key is the key in the secret's
- data map for this value.
- type: string
- name:
- description: Name of the secret in the KubeadmBootstrapConfig's
- namespace to use.
- type: string
- required:
- - key
- - name
- type: object
- required:
- - secret
- type: object
- encoding:
- description: Encoding specifies the encoding of the
- file contents.
- enum:
- - base64
- - gzip
- - gzip+base64
- type: string
- owner:
- description: Owner specifies the ownership of the file,
- e.g. "root:root".
- type: string
- path:
- description: Path specifies the full path on disk where
- to store the file.
- type: string
- permissions:
- description: Permissions specifies the permissions to
- assign to the file, e.g. "0640".
- type: string
- required:
- - path
- type: object
- type: array
- format:
- description: Format specifies the output format of the bootstrap
- data
- enum:
- - cloud-config
- type: string
- initConfiguration:
- description: InitConfiguration along with ClusterConfiguration
- are the configurations necessary for the init command
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema
- of this representation of an object. Servers should
- convert recognized schemas to the latest internal value,
- and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- bootstrapTokens:
- description: BootstrapTokens is respected at `kubeadm
- init` time and describes a set of Bootstrap Tokens to
- create. This information IS NOT uploaded to the kubeadm
- cluster configmap, partly because of its sensitive nature
- items:
- description: BootstrapToken describes one bootstrap
- token, stored as a Secret in the cluster.
- properties:
- description:
- description: Description sets a human-friendly message
- why this token exists and what it's used for,
- so other administrators can know its purpose.
- type: string
- expires:
- description: Expires specifies the timestamp when
- this token expires. Defaults to being set dynamically
- at runtime based on the TTL. Expires and TTL are
- mutually exclusive.
- format: date-time
- type: string
- groups:
- description: Groups specifies the extra groups that
- this token will authenticate as when/if used for
- authentication
- items:
- type: string
- type: array
- token:
- description: Token is used for establishing bidirectional
- trust between nodes and control-planes. Used for
- joining nodes in the cluster.
- type: string
- ttl:
- description: TTL defines the time to live for this
- token. Defaults to 24h. Expires and TTL are mutually
- exclusive.
- type: string
- usages:
- description: Usages describes the ways in which
- this token can be used. Can by default be used
- for establishing bidirectional trust, but that
- can be changed here.
- items:
- type: string
- type: array
- required:
- - token
- type: object
- type: array
- kind:
- description: 'Kind is a string value representing the
- REST resource this object represents. Servers may infer
- this from the endpoint the client submits requests to.
- Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- localAPIEndpoint:
- description: LocalAPIEndpoint represents the endpoint
- of the API server instance that's deployed on this control
- plane node In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint
- in the sense that ControlPlaneEndpoint is the global
- endpoint for the cluster, which then loadbalances the
- requests to each individual API server. This configuration
- object lets you customize what IP/DNS name and port
- the local API server advertises it's accessible on.
- By default, kubeadm tries to auto-detect the IP of the
- default interface and use that, but in case that process
- fails you may set the desired value here.
- properties:
- advertiseAddress:
- description: AdvertiseAddress sets the IP address
- for the API server to advertise.
- type: string
- bindPort:
- description: BindPort sets the secure port for the
- API Server to bind to. Defaults to 6443.
- format: int32
- type: integer
- type: object
- nodeRegistration:
- description: NodeRegistration holds fields that relate
- to registering the new control-plane node to the cluster.
- When used in the context of control plane nodes, NodeRegistration
- should remain consistent across both InitConfiguration
- and JoinConfiguration
- properties:
- criSocket:
- description: CRISocket is used to retrieve container
- runtime info. This information will be annotated
- to the Node API object, for later re-use
- type: string
- ignorePreflightErrors:
- description: IgnorePreflightErrors provides a slice
- of pre-flight errors to be ignored when the current
- node is registered.
- items:
- type: string
- type: array
- kubeletExtraArgs:
- additionalProperties:
- type: string
- description: KubeletExtraArgs passes through extra
- arguments to the kubelet. The arguments here are
- passed to the kubelet command line via the environment
- file kubeadm writes at runtime for the kubelet to
- source. This overrides the generic base-level configuration
- in the kubelet-config-1.X ConfigMap Flags have higher
- priority when parsing. These values are local and
- specific to the node kubeadm is executing on.
- type: object
- name:
- description: Name is the `.Metadata.Name` field of
- the Node API object that will be created in this
- `kubeadm init` or `kubeadm join` operation. This
- field is also used in the CommonName field of the
- kubelet's client certificate to the API server.
- Defaults to the hostname of the node if not provided.
- type: string
- taints:
- description: 'Taints specifies the taints the Node
- API object should be registered with. If this field
- is unset, i.e. nil, in the `kubeadm init` process
- it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}.
- If you don''t want to taint your control-plane node,
- set this field to an empty slice, i.e. `taints:
- {}` in the YAML file. This field is solely used
- for Node registration.'
- items:
- description: The node this Taint is attached to
- has the "effect" on any pod that does not tolerate
- the Taint.
- properties:
- effect:
- description: Required. The effect of the taint
- on pods that do not tolerate the taint. Valid
- effects are NoSchedule, PreferNoSchedule and
- NoExecute.
- type: string
- key:
- description: Required. The taint key to be applied
- to a node.
- type: string
- timeAdded:
- description: TimeAdded represents the time at
- which the taint was added. It is only written
- for NoExecute taints.
- format: date-time
- type: string
- value:
- description: The taint value corresponding to
- the taint key.
- type: string
- required:
- - effect
- - key
- type: object
- type: array
- type: object
- type: object
- joinConfiguration:
- description: JoinConfiguration is the kubeadm configuration
- for the join command
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema
- of this representation of an object. Servers should
- convert recognized schemas to the latest internal value,
- and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- caCertPath:
- description: 'CACertPath is the path to the SSL certificate
- authority used to secure comunications between node
- and control-plane. Defaults to "/etc/kubernetes/pki/ca.crt".
- TODO: revisit when there is defaulting from k/k'
- type: string
- controlPlane:
- description: ControlPlane defines the additional control
- plane instance to be deployed on the joining node. If
- nil, no additional control plane instance will be deployed.
- properties:
- localAPIEndpoint:
- description: LocalAPIEndpoint represents the endpoint
- of the API server instance to be deployed on this
- node.
- properties:
- advertiseAddress:
- description: AdvertiseAddress sets the IP address
- for the API server to advertise.
- type: string
- bindPort:
- description: BindPort sets the secure port for
- the API Server to bind to. Defaults to 6443.
- format: int32
- type: integer
- type: object
- type: object
- discovery:
- description: 'Discovery specifies the options for the
- kubelet to use during the TLS Bootstrap process TODO:
- revisit when there is defaulting from k/k'
- properties:
- bootstrapToken:
- description: BootstrapToken is used to set the options
- for bootstrap token based discovery BootstrapToken
- and File are mutually exclusive
- properties:
- apiServerEndpoint:
- description: APIServerEndpoint is an IP or domain
- name to the API server from which info will
- be fetched.
- type: string
- caCertHashes:
- description: 'CACertHashes specifies a set of
- public key pins to verify when token-based discovery
- is used. The root CA found during discovery
- must match one of these values. Specifying an
- empty set disables root CA pinning, which can
- be unsafe. Each hash is specified as "<type>:<value>",
- where the only currently supported type is "sha256".
- This is a hex-encoded SHA-256 hash of the Subject
- Public Key Info (SPKI) object in DER-encoded
- ASN.1. These hashes can be calculated using,
- for example, OpenSSL: openssl x509 -pubkey -in
- ca.crt openssl rsa -pubin -outform der 2>&/dev/null
- | openssl dgst -sha256 -hex'
- items:
- type: string
- type: array
- token:
- description: Token is a token used to validate
- cluster information fetched from the control-plane.
- type: string
- unsafeSkipCAVerification:
- description: UnsafeSkipCAVerification allows token-based
- discovery without CA verification via CACertHashes.
- This can weaken the security of kubeadm since
- other nodes can impersonate the control-plane.
- type: boolean
- required:
- - token
- type: object
- file:
- description: File is used to specify a file or URL
- to a kubeconfig file from which to load cluster
- information BootstrapToken and File are mutually
- exclusive
- properties:
- kubeConfigPath:
- description: KubeConfigPath is used to specify
- the actual file path or URL to the kubeconfig
- file from which to load cluster information
- type: string
- required:
- - kubeConfigPath
- type: object
- timeout:
- description: Timeout modifies the discovery timeout
- type: string
- tlsBootstrapToken:
- description: TLSBootstrapToken is a token used for
- TLS bootstrapping. If .BootstrapToken is set, this
- field is defaulted to .BootstrapToken.Token, but
- can be overridden. If .File is set, this field **must
- be set** in case the KubeConfigFile does not contain
- any other authentication information
- type: string
- type: object
- kind:
- description: 'Kind is a string value representing the
- REST resource this object represents. Servers may infer
- this from the endpoint the client submits requests to.
- Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- nodeRegistration:
- description: NodeRegistration holds fields that relate
- to registering the new control-plane node to the cluster.
- When used in the context of control plane nodes, NodeRegistration
- should remain consistent across both InitConfiguration
- and JoinConfiguration
- properties:
- criSocket:
- description: CRISocket is used to retrieve container
- runtime info. This information will be annotated
- to the Node API object, for later re-use
- type: string
- ignorePreflightErrors:
- description: IgnorePreflightErrors provides a slice
- of pre-flight errors to be ignored when the current
- node is registered.
- items:
- type: string
- type: array
- kubeletExtraArgs:
- additionalProperties:
- type: string
- description: KubeletExtraArgs passes through extra
- arguments to the kubelet. The arguments here are
- passed to the kubelet command line via the environment
- file kubeadm writes at runtime for the kubelet to
- source. This overrides the generic base-level configuration
- in the kubelet-config-1.X ConfigMap Flags have higher
- priority when parsing. These values are local and
- specific to the node kubeadm is executing on.
- type: object
- name:
- description: Name is the `.Metadata.Name` field of
- the Node API object that will be created in this
- `kubeadm init` or `kubeadm join` operation. This
- field is also used in the CommonName field of the
- kubelet's client certificate to the API server.
- Defaults to the hostname of the node if not provided.
- type: string
- taints:
- description: 'Taints specifies the taints the Node
- API object should be registered with. If this field
- is unset, i.e. nil, in the `kubeadm init` process
- it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}.
- If you don''t want to taint your control-plane node,
- set this field to an empty slice, i.e. `taints:
- {}` in the YAML file. This field is solely used
- for Node registration.'
- items:
- description: The node this Taint is attached to
- has the "effect" on any pod that does not tolerate
- the Taint.
- properties:
- effect:
- description: Required. The effect of the taint
- on pods that do not tolerate the taint. Valid
- effects are NoSchedule, PreferNoSchedule and
- NoExecute.
- type: string
- key:
- description: Required. The taint key to be applied
- to a node.
- type: string
- timeAdded:
- description: TimeAdded represents the time at
- which the taint was added. It is only written
- for NoExecute taints.
- format: date-time
- type: string
- value:
- description: The taint value corresponding to
- the taint key.
- type: string
- required:
- - effect
- - key
- type: object
- type: array
- type: object
- type: object
- mounts:
- description: Mounts specifies a list of mount points to be
- setup.
- items:
- description: MountPoints defines input for generated mounts
- in cloud-init.
- items:
- type: string
- type: array
- type: array
- ntp:
- description: NTP specifies NTP configuration
- properties:
- enabled:
- description: Enabled specifies whether NTP should be enabled
- type: boolean
- servers:
- description: Servers specifies which NTP servers to use
- items:
- type: string
- type: array
- type: object
- postKubeadmCommands:
- description: PostKubeadmCommands specifies extra commands
- to run after kubeadm runs
- items:
- type: string
- type: array
- preKubeadmCommands:
- description: PreKubeadmCommands specifies extra commands to
- run before kubeadm runs
- items:
- type: string
- type: array
- useExperimentalRetryJoin:
- description: "UseExperimentalRetryJoin replaces a basic kubeadm
- command with a shell script with retries for joins. \n This
- is meant to be an experimental temporary workaround on some
- environments where joins fail due to timing (and other issues).
- The long term goal is to add retries to kubeadm proper and
- use that functionality. \n This will add about 40KB to userdata
- \n For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055."
- type: boolean
- users:
- description: Users specifies extra users to add
- items:
- description: User defines the input for a generated user
- in cloud-init.
- properties:
- gecos:
- description: Gecos specifies the gecos to use for the
- user
- type: string
- groups:
- description: Groups specifies the additional groups
- for the user
- type: string
- homeDir:
- description: HomeDir specifies the home directory to
- use for the user
- type: string
- inactive:
- description: Inactive specifies whether to mark the
- user as inactive
- type: boolean
- lockPassword:
- description: LockPassword specifies if password login
- should be disabled
- type: boolean
- name:
- description: Name specifies the user name
- type: string
- passwd:
- description: Passwd specifies a hashed password for
- the user
- type: string
- primaryGroup:
- description: PrimaryGroup specifies the primary group
- for the user
- type: string
- shell:
- description: Shell specifies the user's shell
- type: string
- sshAuthorizedKeys:
- description: SSHAuthorizedKeys specifies a list of ssh
- authorized keys for the user
- items:
- type: string
- type: array
- sudo:
- description: Sudo specifies a sudo role for the user
- type: string
- required:
- - name
- type: object
- type: array
- verbosity:
- description: Verbosity is the number for the kubeadm log level
- verbosity. It overrides the `--v` flag in kubeadm commands.
- format: int32
- type: integer
- type: object
- type: object
- required:
- - template
- type: object
- type: object
- served: true
- storage: false
- subresources: {}
- - additionalPrinterColumns:
- - description: Time duration since creation of KubeadmConfigTemplate
- jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1beta1
- schema:
- openAPIV3Schema:
- description: KubeadmConfigTemplate is the Schema for the kubeadmconfigtemplates
- API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: KubeadmConfigTemplateSpec defines the desired state of KubeadmConfigTemplate.
- properties:
- template:
- description: KubeadmConfigTemplateResource defines the Template structure.
- properties:
- spec:
- description: KubeadmConfigSpec defines the desired state of KubeadmConfig.
- Either ClusterConfiguration and InitConfiguration should be
- defined or the JoinConfiguration should be defined.
- properties:
- clusterConfiguration:
- description: ClusterConfiguration along with InitConfiguration
- are the configurations necessary for the init command
- properties:
- apiServer:
- description: APIServer contains extra settings for the
- API server control plane component
- properties:
- certSANs:
- description: CertSANs sets extra Subject Alternative
- Names for the API Server signing cert.
- items:
- type: string
- type: array
- extraArgs:
- additionalProperties:
- type: string
- description: 'ExtraArgs is an extra set of flags to
- pass to the control plane component. TODO: This
- is temporary and ideally we would like to switch
- all components to use ComponentConfig + ConfigMaps.'
- type: object
- extraVolumes:
- description: ExtraVolumes is an extra set of host
- volumes, mounted to the control plane component.
- items:
- description: HostPathMount contains elements describing
- volumes that are mounted from the host.
- properties:
- hostPath:
- description: HostPath is the path in the host
- that will be mounted inside the pod.
- type: string
- mountPath:
- description: MountPath is the path inside the
- pod where hostPath will be mounted.
- type: string
- name:
- description: Name of the volume inside the pod
- template.
- type: string
- pathType:
- description: PathType is the type of the HostPath.
- type: string
- readOnly:
- description: ReadOnly controls write access
- to the volume
- type: boolean
- required:
- - hostPath
- - mountPath
- - name
- type: object
- type: array
- timeoutForControlPlane:
- description: TimeoutForControlPlane controls the timeout
- that we use for API server to appear
- type: string
- type: object
- apiVersion:
- description: 'APIVersion defines the versioned schema
- of this representation of an object. Servers should
- convert recognized schemas to the latest internal value,
- and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- certificatesDir:
- description: 'CertificatesDir specifies where to store
- or look for all required certificates. NB: if not provided,
- this will default to `/etc/kubernetes/pki`'
- type: string
- clusterName:
- description: The cluster name
- type: string
- controlPlaneEndpoint:
- description: 'ControlPlaneEndpoint sets a stable IP address
- or DNS name for the control plane; it can be a valid
- IP address or a RFC-1123 DNS subdomain, both with optional
- TCP port. In case the ControlPlaneEndpoint is not specified,
- the AdvertiseAddress + BindPort are used; in case the
- ControlPlaneEndpoint is specified but without a TCP
- port, the BindPort is used. Possible usages are: e.g.
- In a cluster with more than one control plane instances,
- this field should be assigned the address of the external
- load balancer in front of the control plane instances.
- e.g. in environments with enforced node recycling,
- the ControlPlaneEndpoint could be used for assigning
- a stable DNS to the control plane. NB: This value defaults
- to the first value in the Cluster object status.apiEndpoints
- array.'
- type: string
- controllerManager:
- description: ControllerManager contains extra settings
- for the controller manager control plane component
- properties:
- extraArgs:
- additionalProperties:
- type: string
- description: 'ExtraArgs is an extra set of flags to
- pass to the control plane component. TODO: This
- is temporary and ideally we would like to switch
- all components to use ComponentConfig + ConfigMaps.'
- type: object
- extraVolumes:
- description: ExtraVolumes is an extra set of host
- volumes, mounted to the control plane component.
- items:
- description: HostPathMount contains elements describing
- volumes that are mounted from the host.
- properties:
- hostPath:
- description: HostPath is the path in the host
- that will be mounted inside the pod.
- type: string
- mountPath:
- description: MountPath is the path inside the
- pod where hostPath will be mounted.
- type: string
- name:
- description: Name of the volume inside the pod
- template.
- type: string
- pathType:
- description: PathType is the type of the HostPath.
- type: string
- readOnly:
- description: ReadOnly controls write access
- to the volume
- type: boolean
- required:
- - hostPath
- - mountPath
- - name
- type: object
- type: array
- type: object
- dns:
- description: DNS defines the options for the DNS add-on
- installed in the cluster.
- properties:
- imageRepository:
- description: ImageRepository sets the container registry
- to pull images from. if not set, the ImageRepository
- defined in ClusterConfiguration will be used instead.
- type: string
- imageTag:
- description: ImageTag allows to specify a tag for
- the image. In case this value is set, kubeadm does
- not change automatically the version of the above
- components during upgrades.
- type: string
- type: object
- etcd:
- description: 'Etcd holds configuration for etcd. NB: This
- value defaults to a Local (stacked) etcd'
- properties:
- external:
- description: External describes how to connect to
- an external etcd cluster Local and External are
- mutually exclusive
- properties:
- caFile:
- description: CAFile is an SSL Certificate Authority
- file used to secure etcd communication. Required
- if using a TLS connection.
- type: string
- certFile:
- description: CertFile is an SSL certification
- file used to secure etcd communication. Required
- if using a TLS connection.
- type: string
- endpoints:
- description: Endpoints of etcd members. Required
- for ExternalEtcd.
- items:
- type: string
- type: array
- keyFile:
- description: KeyFile is an SSL key file used to
- secure etcd communication. Required if using
- a TLS connection.
- type: string
- required:
- - caFile
- - certFile
- - endpoints
- - keyFile
- type: object
- local:
- description: Local provides configuration knobs for
- configuring the local etcd instance Local and External
- are mutually exclusive
- properties:
- dataDir:
- description: DataDir is the directory etcd will
- place its data. Defaults to "/var/lib/etcd".
- type: string
- extraArgs:
- additionalProperties:
- type: string
- description: ExtraArgs are extra arguments provided
- to the etcd binary when run inside a static
- pod.
- type: object
- imageRepository:
- description: ImageRepository sets the container
- registry to pull images from. if not set, the
- ImageRepository defined in ClusterConfiguration
- will be used instead.
- type: string
- imageTag:
- description: ImageTag allows to specify a tag
- for the image. In case this value is set, kubeadm
- does not change automatically the version of
- the above components during upgrades.
- type: string
- peerCertSANs:
- description: PeerCertSANs sets extra Subject Alternative
- Names for the etcd peer signing cert.
- items:
- type: string
- type: array
- serverCertSANs:
- description: ServerCertSANs sets extra Subject
- Alternative Names for the etcd server signing
- cert.
- items:
- type: string
- type: array
- type: object
- type: object
- featureGates:
- additionalProperties:
- type: boolean
- description: FeatureGates enabled by the user.
- type: object
- imageRepository:
- description: ImageRepository sets the container registry
- to pull images from. If empty, `registry.k8s.io` will
- be used by default; in case of kubernetes version is
- a CI build (kubernetes version starts with `ci/` or
- `ci-cross/`) `gcr.io/k8s-staging-ci-images` will be
- used as a default for control plane components and for
- kube-proxy, while `registry.k8s.io` will be used for
- all the other images.
- type: string
- kind:
- description: 'Kind is a string value representing the
- REST resource this object represents. Servers may infer
- this from the endpoint the client submits requests to.
- Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- kubernetesVersion:
- description: 'KubernetesVersion is the target version
- of the control plane. NB: This value defaults to the
- Machine object spec.version'
- type: string
- networking:
- description: 'Networking holds configuration for the networking
- topology of the cluster. NB: This value defaults to
- the Cluster object spec.clusterNetwork.'
- properties:
- dnsDomain:
- description: DNSDomain is the dns domain used by k8s
- services. Defaults to "cluster.local".
- type: string
- podSubnet:
- description: PodSubnet is the subnet used by pods.
- If unset, the API server will not allocate CIDR
- ranges for every node. Defaults to a comma-delimited
- string of the Cluster object's spec.clusterNetwork.services.cidrBlocks
- if that is set
- type: string
- serviceSubnet:
- description: ServiceSubnet is the subnet used by k8s
- services. Defaults to a comma-delimited string of
- the Cluster object's spec.clusterNetwork.pods.cidrBlocks,
- or to "10.96.0.0/12" if that's unset.
- type: string
- type: object
- scheduler:
- description: Scheduler contains extra settings for the
- scheduler control plane component
- properties:
- extraArgs:
- additionalProperties:
- type: string
- description: 'ExtraArgs is an extra set of flags to
- pass to the control plane component. TODO: This
- is temporary and ideally we would like to switch
- all components to use ComponentConfig + ConfigMaps.'
- type: object
- extraVolumes:
- description: ExtraVolumes is an extra set of host
- volumes, mounted to the control plane component.
- items:
- description: HostPathMount contains elements describing
- volumes that are mounted from the host.
- properties:
- hostPath:
- description: HostPath is the path in the host
- that will be mounted inside the pod.
- type: string
- mountPath:
- description: MountPath is the path inside the
- pod where hostPath will be mounted.
- type: string
- name:
- description: Name of the volume inside the pod
- template.
- type: string
- pathType:
- description: PathType is the type of the HostPath.
- type: string
- readOnly:
- description: ReadOnly controls write access
- to the volume
- type: boolean
- required:
- - hostPath
- - mountPath
- - name
- type: object
- type: array
- type: object
- type: object
- diskSetup:
- description: DiskSetup specifies options for the creation
- of partition tables and file systems on devices.
- properties:
- filesystems:
- description: Filesystems specifies the list of file systems
- to setup.
- items:
- description: Filesystem defines the file systems to
- be created.
- properties:
- device:
- description: Device specifies the device name
- type: string
- extraOpts:
- description: ExtraOpts defined extra options to
- add to the command for creating the file system.
- items:
- type: string
- type: array
- filesystem:
- description: Filesystem specifies the file system
- type.
- type: string
- label:
- description: Label specifies the file system label
- to be used. If set to None, no label is used.
- type: string
- overwrite:
- description: Overwrite defines whether or not to
- overwrite any existing filesystem. If true, any
- pre-existing file system will be destroyed. Use
- with Caution.
- type: boolean
- partition:
- description: 'Partition specifies the partition
- to use. The valid options are: "auto|any", "auto",
- "any", "none", and <NUM>, where NUM is the actual
- partition number.'
- type: string
- replaceFS:
- description: 'ReplaceFS is a special directive,
- used for Microsoft Azure that instructs cloud-init
- to replace a file system of <FS_TYPE>. NOTE: unless
- you define a label, this requires the use of the
- ''any'' partition directive.'
- type: string
- required:
- - device
- - filesystem
- - label
- type: object
- type: array
- partitions:
- description: Partitions specifies the list of the partitions
- to setup.
- items:
- description: Partition defines how to create and layout
- a partition.
- properties:
- device:
- description: Device is the name of the device.
- type: string
- layout:
- description: Layout specifies the device layout.
- If it is true, a single partition will be created
- for the entire device. When layout is false, it
- means don't partition or ignore existing partitioning.
- type: boolean
- overwrite:
- description: Overwrite describes whether to skip
- checks and create the partition if a partition
- or filesystem is found on the device. Use with
- caution. Default is 'false'.
- type: boolean
- tableType:
- description: 'TableType specifies the tupe of partition
- table. The following are supported: ''mbr'': default
- and setups a MS-DOS partition table ''gpt'': setups
- a GPT partition table'
- type: string
- required:
- - device
- - layout
- type: object
- type: array
- type: object
- files:
- description: Files specifies extra files to be passed to user_data
- upon creation.
- items:
- description: File defines the input for generating write_files
- in cloud-init.
- properties:
- append:
- description: Append specifies whether to append Content
- to existing file if Path exists.
- type: boolean
- content:
- description: Content is the actual content of the file.
- type: string
- contentFrom:
- description: ContentFrom is a referenced source of content
- to populate the file.
- properties:
- secret:
- description: Secret represents a secret that should
- populate this file.
- properties:
- key:
- description: Key is the key in the secret's
- data map for this value.
- type: string
- name:
- description: Name of the secret in the KubeadmBootstrapConfig's
- namespace to use.
- type: string
- required:
- - key
- - name
- type: object
- required:
- - secret
- type: object
- encoding:
- description: Encoding specifies the encoding of the
- file contents.
- enum:
- - base64
- - gzip
- - gzip+base64
- type: string
- owner:
- description: Owner specifies the ownership of the file,
- e.g. "root:root".
- type: string
- path:
- description: Path specifies the full path on disk where
- to store the file.
- type: string
- permissions:
- description: Permissions specifies the permissions to
- assign to the file, e.g. "0640".
- type: string
- required:
- - path
- type: object
- type: array
- format:
- description: Format specifies the output format of the bootstrap
- data
- enum:
- - cloud-config
- - ignition
- type: string
- ignition:
- description: Ignition contains Ignition specific configuration.
- properties:
- containerLinuxConfig:
- description: ContainerLinuxConfig contains CLC specific
- configuration.
- properties:
- additionalConfig:
- description: "AdditionalConfig contains additional
- configuration to be merged with the Ignition configuration
- generated by the bootstrapper controller. More info:
- https://coreos.github.io/ignition/operator-notes/#config-merging
- \n The data format is documented here: https://kinvolk.io/docs/flatcar-container-linux/latest/provisioning/cl-config/"
- type: string
- strict:
- description: Strict controls if AdditionalConfig should
- be strictly parsed. If so, warnings are treated
- as errors.
- type: boolean
- type: object
- type: object
- initConfiguration:
- description: InitConfiguration along with ClusterConfiguration
- are the configurations necessary for the init command
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema
- of this representation of an object. Servers should
- convert recognized schemas to the latest internal value,
- and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- bootstrapTokens:
- description: BootstrapTokens is respected at `kubeadm
- init` time and describes a set of Bootstrap Tokens to
- create. This information IS NOT uploaded to the kubeadm
- cluster configmap, partly because of its sensitive nature
- items:
- description: BootstrapToken describes one bootstrap
- token, stored as a Secret in the cluster.
- properties:
- description:
- description: Description sets a human-friendly message
- why this token exists and what it's used for,
- so other administrators can know its purpose.
- type: string
- expires:
- description: Expires specifies the timestamp when
- this token expires. Defaults to being set dynamically
- at runtime based on the TTL. Expires and TTL are
- mutually exclusive.
- format: date-time
- type: string
- groups:
- description: Groups specifies the extra groups that
- this token will authenticate as when/if used for
- authentication
- items:
- type: string
- type: array
- token:
- description: Token is used for establishing bidirectional
- trust between nodes and control-planes. Used for
- joining nodes in the cluster.
- type: string
- ttl:
- description: TTL defines the time to live for this
- token. Defaults to 24h. Expires and TTL are mutually
- exclusive.
- type: string
- usages:
- description: Usages describes the ways in which
- this token can be used. Can by default be used
- for establishing bidirectional trust, but that
- can be changed here.
- items:
- type: string
- type: array
- required:
- - token
- type: object
- type: array
- kind:
- description: 'Kind is a string value representing the
- REST resource this object represents. Servers may infer
- this from the endpoint the client submits requests to.
- Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- localAPIEndpoint:
- description: LocalAPIEndpoint represents the endpoint
- of the API server instance that's deployed on this control
- plane node In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint
- in the sense that ControlPlaneEndpoint is the global
- endpoint for the cluster, which then loadbalances the
- requests to each individual API server. This configuration
- object lets you customize what IP/DNS name and port
- the local API server advertises it's accessible on.
- By default, kubeadm tries to auto-detect the IP of the
- default interface and use that, but in case that process
- fails you may set the desired value here.
- properties:
- advertiseAddress:
- description: AdvertiseAddress sets the IP address
- for the API server to advertise.
- type: string
- bindPort:
- description: BindPort sets the secure port for the
- API Server to bind to. Defaults to 6443.
- format: int32
- type: integer
- type: object
- nodeRegistration:
- description: NodeRegistration holds fields that relate
- to registering the new control-plane node to the cluster.
- When used in the context of control plane nodes, NodeRegistration
- should remain consistent across both InitConfiguration
- and JoinConfiguration
- properties:
- criSocket:
- description: CRISocket is used to retrieve container
- runtime info. This information will be annotated
- to the Node API object, for later re-use
- type: string
- ignorePreflightErrors:
- description: IgnorePreflightErrors provides a slice
- of pre-flight errors to be ignored when the current
- node is registered.
- items:
- type: string
- type: array
- kubeletExtraArgs:
- additionalProperties:
- type: string
- description: KubeletExtraArgs passes through extra
- arguments to the kubelet. The arguments here are
- passed to the kubelet command line via the environment
- file kubeadm writes at runtime for the kubelet to
- source. This overrides the generic base-level configuration
- in the kubelet-config-1.X ConfigMap Flags have higher
- priority when parsing. These values are local and
- specific to the node kubeadm is executing on.
- type: object
- name:
- description: Name is the `.Metadata.Name` field of
- the Node API object that will be created in this
- `kubeadm init` or `kubeadm join` operation. This
- field is also used in the CommonName field of the
- kubelet's client certificate to the API server.
- Defaults to the hostname of the node if not provided.
- type: string
- taints:
- description: 'Taints specifies the taints the Node
- API object should be registered with. If this field
- is unset, i.e. nil, in the `kubeadm init` process
- it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}.
- If you don''t want to taint your control-plane node,
- set this field to an empty slice, i.e. `taints:
- []` in the YAML file. This field is solely used
- for Node registration.'
- items:
- description: The node this Taint is attached to
- has the "effect" on any pod that does not tolerate
- the Taint.
- properties:
- effect:
- description: Required. The effect of the taint
- on pods that do not tolerate the taint. Valid
- effects are NoSchedule, PreferNoSchedule and
- NoExecute.
- type: string
- key:
- description: Required. The taint key to be applied
- to a node.
- type: string
- timeAdded:
- description: TimeAdded represents the time at
- which the taint was added. It is only written
- for NoExecute taints.
- format: date-time
- type: string
- value:
- description: The taint value corresponding to
- the taint key.
- type: string
- required:
- - effect
- - key
- type: object
- type: array
- type: object
- patches:
- description: Patches contains options related to applying
- patches to components deployed by kubeadm during "kubeadm
- init". The minimum kubernetes version needed to support
- Patches is v1.22
- properties:
- directory:
- description: Directory is a path to a directory that
- contains files named "target[suffix][+patchtype].extension".
- For example, "kube-apiserver0+merge.yaml" or just
- "etcd.json". "target" can be one of "kube-apiserver",
- "kube-controller-manager", "kube-scheduler", "etcd".
- "patchtype" can be one of "strategic" "merge" or
- "json" and they match the patch formats supported
- by kubectl. The default "patchtype" is "strategic".
- "extension" must be either "json" or "yaml". "suffix"
- is an optional string that can be used to determine
- which patches are applied first alpha-numerically.
- These files can be written into the target directory
- via KubeadmConfig.Files which specifies additional
- files to be created on the machine, either with
- content inline or by referencing a secret.
- type: string
- type: object
- skipPhases:
- description: SkipPhases is a list of phases to skip during
- command execution. The list of phases can be obtained
- with the "kubeadm init --help" command. This option
- takes effect only on Kubernetes >=1.22.0.
- items:
- type: string
- type: array
- type: object
- joinConfiguration:
- description: JoinConfiguration is the kubeadm configuration
- for the join command
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema
- of this representation of an object. Servers should
- convert recognized schemas to the latest internal value,
- and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- caCertPath:
- description: 'CACertPath is the path to the SSL certificate
- authority used to secure comunications between node
- and control-plane. Defaults to "/etc/kubernetes/pki/ca.crt".
- TODO: revisit when there is defaulting from k/k'
- type: string
- controlPlane:
- description: ControlPlane defines the additional control
- plane instance to be deployed on the joining node. If
- nil, no additional control plane instance will be deployed.
- properties:
- localAPIEndpoint:
- description: LocalAPIEndpoint represents the endpoint
- of the API server instance to be deployed on this
- node.
- properties:
- advertiseAddress:
- description: AdvertiseAddress sets the IP address
- for the API server to advertise.
- type: string
- bindPort:
- description: BindPort sets the secure port for
- the API Server to bind to. Defaults to 6443.
- format: int32
- type: integer
- type: object
- type: object
- discovery:
- description: 'Discovery specifies the options for the
- kubelet to use during the TLS Bootstrap process TODO:
- revisit when there is defaulting from k/k'
- properties:
- bootstrapToken:
- description: BootstrapToken is used to set the options
- for bootstrap token based discovery BootstrapToken
- and File are mutually exclusive
- properties:
- apiServerEndpoint:
- description: APIServerEndpoint is an IP or domain
- name to the API server from which info will
- be fetched.
- type: string
- caCertHashes:
- description: 'CACertHashes specifies a set of
- public key pins to verify when token-based discovery
- is used. The root CA found during discovery
- must match one of these values. Specifying an
- empty set disables root CA pinning, which can
- be unsafe. Each hash is specified as "<type>:<value>",
- where the only currently supported type is "sha256".
- This is a hex-encoded SHA-256 hash of the Subject
- Public Key Info (SPKI) object in DER-encoded
- ASN.1. These hashes can be calculated using,
- for example, OpenSSL: openssl x509 -pubkey -in
- ca.crt openssl rsa -pubin -outform der 2>&/dev/null
- | openssl dgst -sha256 -hex'
- items:
- type: string
- type: array
- token:
- description: Token is a token used to validate
- cluster information fetched from the control-plane.
- type: string
- unsafeSkipCAVerification:
- description: UnsafeSkipCAVerification allows token-based
- discovery without CA verification via CACertHashes.
- This can weaken the security of kubeadm since
- other nodes can impersonate the control-plane.
- type: boolean
- required:
- - token
- type: object
- file:
- description: File is used to specify a file or URL
- to a kubeconfig file from which to load cluster
- information BootstrapToken and File are mutually
- exclusive
- properties:
- kubeConfigPath:
- description: KubeConfigPath is used to specify
- the actual file path or URL to the kubeconfig
- file from which to load cluster information
- type: string
- required:
- - kubeConfigPath
- type: object
- timeout:
- description: Timeout modifies the discovery timeout
- type: string
- tlsBootstrapToken:
- description: TLSBootstrapToken is a token used for
- TLS bootstrapping. If .BootstrapToken is set, this
- field is defaulted to .BootstrapToken.Token, but
- can be overridden. If .File is set, this field **must
- be set** in case the KubeConfigFile does not contain
- any other authentication information
- type: string
- type: object
- kind:
- description: 'Kind is a string value representing the
- REST resource this object represents. Servers may infer
- this from the endpoint the client submits requests to.
- Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- nodeRegistration:
- description: NodeRegistration holds fields that relate
- to registering the new control-plane node to the cluster.
- When used in the context of control plane nodes, NodeRegistration
- should remain consistent across both InitConfiguration
- and JoinConfiguration
- properties:
- criSocket:
- description: CRISocket is used to retrieve container
- runtime info. This information will be annotated
- to the Node API object, for later re-use
- type: string
- ignorePreflightErrors:
- description: IgnorePreflightErrors provides a slice
- of pre-flight errors to be ignored when the current
- node is registered.
- items:
- type: string
- type: array
- kubeletExtraArgs:
- additionalProperties:
- type: string
- description: KubeletExtraArgs passes through extra
- arguments to the kubelet. The arguments here are
- passed to the kubelet command line via the environment
- file kubeadm writes at runtime for the kubelet to
- source. This overrides the generic base-level configuration
- in the kubelet-config-1.X ConfigMap Flags have higher
- priority when parsing. These values are local and
- specific to the node kubeadm is executing on.
- type: object
- name:
- description: Name is the `.Metadata.Name` field of
- the Node API object that will be created in this
- `kubeadm init` or `kubeadm join` operation. This
- field is also used in the CommonName field of the
- kubelet's client certificate to the API server.
- Defaults to the hostname of the node if not provided.
- type: string
- taints:
- description: 'Taints specifies the taints the Node
- API object should be registered with. If this field
- is unset, i.e. nil, in the `kubeadm init` process
- it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}.
- If you don''t want to taint your control-plane node,
- set this field to an empty slice, i.e. `taints:
- []` in the YAML file. This field is solely used
- for Node registration.'
- items:
- description: The node this Taint is attached to
- has the "effect" on any pod that does not tolerate
- the Taint.
- properties:
- effect:
- description: Required. The effect of the taint
- on pods that do not tolerate the taint. Valid
- effects are NoSchedule, PreferNoSchedule and
- NoExecute.
- type: string
- key:
- description: Required. The taint key to be applied
- to a node.
- type: string
- timeAdded:
- description: TimeAdded represents the time at
- which the taint was added. It is only written
- for NoExecute taints.
- format: date-time
- type: string
- value:
- description: The taint value corresponding to
- the taint key.
- type: string
- required:
- - effect
- - key
- type: object
- type: array
- type: object
- patches:
- description: Patches contains options related to applying
- patches to components deployed by kubeadm during "kubeadm
- join". The minimum kubernetes version needed to support
- Patches is v1.22
- properties:
- directory:
- description: Directory is a path to a directory that
- contains files named "target[suffix][+patchtype].extension".
- For example, "kube-apiserver0+merge.yaml" or just
- "etcd.json". "target" can be one of "kube-apiserver",
- "kube-controller-manager", "kube-scheduler", "etcd".
- "patchtype" can be one of "strategic" "merge" or
- "json" and they match the patch formats supported
- by kubectl. The default "patchtype" is "strategic".
- "extension" must be either "json" or "yaml". "suffix"
- is an optional string that can be used to determine
- which patches are applied first alpha-numerically.
- These files can be written into the target directory
- via KubeadmConfig.Files which specifies additional
- files to be created on the machine, either with
- content inline or by referencing a secret.
- type: string
- type: object
- skipPhases:
- description: SkipPhases is a list of phases to skip during
- command execution. The list of phases can be obtained
- with the "kubeadm init --help" command. This option
- takes effect only on Kubernetes >=1.22.0.
- items:
- type: string
- type: array
- type: object
- mounts:
- description: Mounts specifies a list of mount points to be
- setup.
- items:
- description: MountPoints defines input for generated mounts
- in cloud-init.
- items:
- type: string
- type: array
- type: array
- ntp:
- description: NTP specifies NTP configuration
- properties:
- enabled:
- description: Enabled specifies whether NTP should be enabled
- type: boolean
- servers:
- description: Servers specifies which NTP servers to use
- items:
- type: string
- type: array
- type: object
- postKubeadmCommands:
- description: PostKubeadmCommands specifies extra commands
- to run after kubeadm runs
- items:
- type: string
- type: array
- preKubeadmCommands:
- description: PreKubeadmCommands specifies extra commands to
- run before kubeadm runs
- items:
- type: string
- type: array
- useExperimentalRetryJoin:
- description: "UseExperimentalRetryJoin replaces a basic kubeadm
- command with a shell script with retries for joins. \n This
- is meant to be an experimental temporary workaround on some
- environments where joins fail due to timing (and other issues).
- The long term goal is to add retries to kubeadm proper and
- use that functionality. \n This will add about 40KB to userdata
- \n For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055.
- \n Deprecated: This experimental fix is no longer needed
- and this field will be removed in a future release. When
- removing also remove from staticcheck exclude-rules for
- SA1019 in golangci.yml"
- type: boolean
- users:
- description: Users specifies extra users to add
- items:
- description: User defines the input for a generated user
- in cloud-init.
- properties:
- gecos:
- description: Gecos specifies the gecos to use for the
- user
- type: string
- groups:
- description: Groups specifies the additional groups
- for the user
- type: string
- homeDir:
- description: HomeDir specifies the home directory to
- use for the user
- type: string
- inactive:
- description: Inactive specifies whether to mark the
- user as inactive
- type: boolean
- lockPassword:
- description: LockPassword specifies if password login
- should be disabled
- type: boolean
- name:
- description: Name specifies the user name
- type: string
- passwd:
- description: Passwd specifies a hashed password for
- the user
- type: string
- passwdFrom:
- description: PasswdFrom is a referenced source of passwd
- to populate the passwd.
- properties:
- secret:
- description: Secret represents a secret that should
- populate this password.
- properties:
- key:
- description: Key is the key in the secret's
- data map for this value.
- type: string
- name:
- description: Name of the secret in the KubeadmBootstrapConfig's
- namespace to use.
- type: string
- required:
- - key
- - name
- type: object
- required:
- - secret
- type: object
- primaryGroup:
- description: PrimaryGroup specifies the primary group
- for the user
- type: string
- shell:
- description: Shell specifies the user's shell
- type: string
- sshAuthorizedKeys:
- description: SSHAuthorizedKeys specifies a list of ssh
- authorized keys for the user
- items:
- type: string
- type: array
- sudo:
- description: Sudo specifies a sudo role for the user
- type: string
- required:
- - name
- type: object
- type: array
- verbosity:
- description: Verbosity is the number for the kubeadm log level
- verbosity. It overrides the `--v` flag in kubeadm commands.
- format: int32
- type: integer
- type: object
- type: object
- required:
- - template
- type: object
- type: object
- served: true
- storage: true
- subresources: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: null
- storedVersions: null
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- labels:
- cluster.x-k8s.io/provider: bootstrap-kubeadm
- clusterctl.cluster.x-k8s.io: ""
- name: capi-kubeadm-bootstrap-manager
- namespace: capi-kubeadm-bootstrap-system
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- labels:
- cluster.x-k8s.io/provider: bootstrap-kubeadm
- clusterctl.cluster.x-k8s.io: ""
- name: capi-kubeadm-bootstrap-leader-election-role
- namespace: capi-kubeadm-bootstrap-system
-rules:
-- apiGroups:
- - ""
- resources:
- - events
- verbs:
- - create
-- apiGroups:
- - coordination.k8s.io
- resources:
- - leases
- verbs:
- - get
- - list
- - watch
- - create
- - update
- - patch
- - delete
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- creationTimestamp: null
- labels:
- cluster.x-k8s.io/provider: bootstrap-kubeadm
- clusterctl.cluster.x-k8s.io: ""
- name: capi-kubeadm-bootstrap-system-capi-kubeadm-bootstrap-manager-role
-rules:
-- apiGroups:
- - ""
- resources:
- - configmaps
- - events
- - secrets
- verbs:
- - create
- - delete
- - get
- - list
- - patch
- - update
- - watch
-- apiGroups:
- - bootstrap.cluster.x-k8s.io
- resources:
- - kubeadmconfigs
- - kubeadmconfigs/finalizers
- - kubeadmconfigs/status
- verbs:
- - create
- - delete
- - get
- - list
- - patch
- - update
- - watch
-- apiGroups:
- - cluster.x-k8s.io
- resources:
- - clusters
- - clusters/status
- - machinepools
- - machinepools/status
- - machines
- - machines/status
- - machinesets
- verbs:
- - get
- - list
- - watch
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
- creationTimestamp: null
- labels:
- cluster.x-k8s.io/provider: bootstrap-kubeadm
- clusterctl.cluster.x-k8s.io: ""
- name: capi-kubeadm-bootstrap-leader-election-rolebinding
- namespace: capi-kubeadm-bootstrap-system
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: Role
- name: capi-kubeadm-bootstrap-leader-election-role
-subjects:
-- kind: ServiceAccount
- name: capi-kubeadm-bootstrap-manager
- namespace: capi-kubeadm-bootstrap-system
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- creationTimestamp: null
- labels:
- cluster.x-k8s.io/provider: bootstrap-kubeadm
- clusterctl.cluster.x-k8s.io: ""
- name: capi-kubeadm-bootstrap-system-capi-kubeadm-bootstrap-manager-rolebinding
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: capi-kubeadm-bootstrap-system-capi-kubeadm-bootstrap-manager-role
-subjects:
-- kind: ServiceAccount
- name: capi-kubeadm-bootstrap-manager
- namespace: capi-kubeadm-bootstrap-system
----
-apiVersion: v1
-kind: Service
-metadata:
- labels:
- cluster.x-k8s.io/provider: bootstrap-kubeadm
- clusterctl.cluster.x-k8s.io: ""
- name: capi-kubeadm-bootstrap-webhook-service
- namespace: capi-kubeadm-bootstrap-system
-spec:
- ports:
- - port: 443
- targetPort: webhook-server
- selector:
- cluster.x-k8s.io/provider: bootstrap-kubeadm
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- creationTimestamp: null
- labels:
- cluster.x-k8s.io/provider: bootstrap-kubeadm
- clusterctl.cluster.x-k8s.io: ""
- control-plane: controller-manager
- name: capi-kubeadm-bootstrap-controller-manager
- namespace: capi-kubeadm-bootstrap-system
-spec:
- replicas: 1
- selector:
- matchLabels:
- cluster.x-k8s.io/provider: bootstrap-kubeadm
- control-plane: controller-manager
- strategy: {}
- template:
- metadata:
- creationTimestamp: null
- labels:
- cluster.x-k8s.io/provider: bootstrap-kubeadm
- control-plane: controller-manager
- spec:
- containers:
- - args:
- - --leader-elect
- - --metrics-bind-addr=localhost:8080
- - --feature-gates=MachinePool=false,KubeadmBootstrapFormatIgnition=false
- - --bootstrap-token-ttl=15m
- command:
- - /manager
- image: registry.k8s.io/cluster-api/kubeadm-bootstrap-controller:v1.3.0
- imagePullPolicy: IfNotPresent
- livenessProbe:
- httpGet:
- path: /healthz
- port: healthz
- name: manager
- ports:
- - containerPort: 9443
- name: webhook-server
- protocol: TCP
- - containerPort: 9440
- name: healthz
- protocol: TCP
- readinessProbe:
- httpGet:
- path: /readyz
- port: healthz
- resources: {}
- volumeMounts:
- - mountPath: /tmp/k8s-webhook-server/serving-certs
- name: cert
- readOnly: true
- serviceAccountName: capi-kubeadm-bootstrap-manager
- terminationGracePeriodSeconds: 10
- tolerations:
- - effect: NoSchedule
- key: node-role.kubernetes.io/master
- - effect: NoSchedule
- key: node-role.kubernetes.io/control-plane
- volumes:
- - name: cert
- secret:
- secretName: capi-kubeadm-bootstrap-webhook-service-cert
-status: {}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- labels:
- cluster.x-k8s.io/provider: bootstrap-kubeadm
- clusterctl.cluster.x-k8s.io: ""
- name: capi-kubeadm-bootstrap-serving-cert
- namespace: capi-kubeadm-bootstrap-system
-spec:
- dnsNames:
- - capi-kubeadm-bootstrap-webhook-service.capi-kubeadm-bootstrap-system.svc
- - capi-kubeadm-bootstrap-webhook-service.capi-kubeadm-bootstrap-system.svc.cluster.local
- issuerRef:
- kind: Issuer
- name: capi-kubeadm-bootstrap-selfsigned-issuer
- secretName: capi-kubeadm-bootstrap-webhook-service-cert
- subject:
- organizations:
- - k8s-sig-cluster-lifecycle
----
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- labels:
- cluster.x-k8s.io/provider: bootstrap-kubeadm
- clusterctl.cluster.x-k8s.io: ""
- name: capi-kubeadm-bootstrap-selfsigned-issuer
- namespace: capi-kubeadm-bootstrap-system
-spec:
- selfSigned: {}
----
-apiVersion: admissionregistration.k8s.io/v1
-kind: MutatingWebhookConfiguration
-metadata:
- annotations:
- cert-manager.io/inject-ca-from: capi-kubeadm-bootstrap-system/capi-kubeadm-bootstrap-serving-cert
- creationTimestamp: null
- labels:
- cluster.x-k8s.io/provider: bootstrap-kubeadm
- clusterctl.cluster.x-k8s.io: ""
- name: capi-kubeadm-bootstrap-mutating-webhook-configuration
-webhooks:
-- admissionReviewVersions:
- - v1
- - v1beta1
- clientConfig:
- service:
- name: capi-kubeadm-bootstrap-webhook-service
- namespace: capi-kubeadm-bootstrap-system
- path: /mutate-bootstrap-cluster-x-k8s-io-v1beta1-kubeadmconfig
- failurePolicy: Fail
- name: default.kubeadmconfig.bootstrap.cluster.x-k8s.io
- rules:
- - apiGroups:
- - bootstrap.cluster.x-k8s.io
- apiVersions:
- - v1beta1
- operations:
- - CREATE
- - UPDATE
- resources:
- - kubeadmconfigs
- sideEffects: None
-- admissionReviewVersions:
- - v1
- - v1beta1
- clientConfig:
- service:
- name: capi-kubeadm-bootstrap-webhook-service
- namespace: capi-kubeadm-bootstrap-system
- path: /mutate-bootstrap-cluster-x-k8s-io-v1beta1-kubeadmconfigtemplate
- failurePolicy: Fail
- name: default.kubeadmconfigtemplate.bootstrap.cluster.x-k8s.io
- rules:
- - apiGroups:
- - bootstrap.cluster.x-k8s.io
- apiVersions:
- - v1beta1
- operations:
- - CREATE
- - UPDATE
- resources:
- - kubeadmconfigtemplates
- sideEffects: None
----
-apiVersion: admissionregistration.k8s.io/v1
-kind: ValidatingWebhookConfiguration
-metadata:
- annotations:
- cert-manager.io/inject-ca-from: capi-kubeadm-bootstrap-system/capi-kubeadm-bootstrap-serving-cert
- creationTimestamp: null
- labels:
- cluster.x-k8s.io/provider: bootstrap-kubeadm
- clusterctl.cluster.x-k8s.io: ""
- name: capi-kubeadm-bootstrap-validating-webhook-configuration
-webhooks:
-- admissionReviewVersions:
- - v1
- - v1beta1
- clientConfig:
- service:
- name: capi-kubeadm-bootstrap-webhook-service
- namespace: capi-kubeadm-bootstrap-system
- path: /validate-bootstrap-cluster-x-k8s-io-v1beta1-kubeadmconfig
- failurePolicy: Fail
- matchPolicy: Equivalent
- name: validation.kubeadmconfig.bootstrap.cluster.x-k8s.io
- rules:
- - apiGroups:
- - bootstrap.cluster.x-k8s.io
- apiVersions:
- - v1beta1
- operations:
- - CREATE
- - UPDATE
- resources:
- - kubeadmconfigs
- sideEffects: None
-- admissionReviewVersions:
- - v1
- - v1beta1
- clientConfig:
- service:
- name: capi-kubeadm-bootstrap-webhook-service
- namespace: capi-kubeadm-bootstrap-system
- path: /validate-bootstrap-cluster-x-k8s-io-v1beta1-kubeadmconfigtemplate
- failurePolicy: Fail
- matchPolicy: Equivalent
- name: validation.kubeadmconfigtemplate.bootstrap.cluster.x-k8s.io
- rules:
- - apiGroups:
- - bootstrap.cluster.x-k8s.io
- apiVersions:
- - v1beta1
- operations:
- - CREATE
- - UPDATE
- resources:
- - kubeadmconfigtemplates
- sideEffects: None
diff --git a/atmosphere/operator/manifests/capi-control-plane.yml b/atmosphere/operator/manifests/capi-control-plane.yml
deleted file mode 100644
index 624401d..0000000
--- a/atmosphere/operator/manifests/capi-control-plane.yml
+++ /dev/null
@@ -1,6645 +0,0 @@
-apiVersion: v1
-kind: Namespace
-metadata:
- labels:
- cluster.x-k8s.io/provider: control-plane-kubeadm
- clusterctl.cluster.x-k8s.io: ""
- control-plane: controller-manager
- name: capi-kubeadm-control-plane-system
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- cert-manager.io/inject-ca-from: capi-kubeadm-control-plane-system/capi-kubeadm-control-plane-serving-cert
- controller-gen.kubebuilder.io/version: v0.10.0
- creationTimestamp: null
- labels:
- cluster.x-k8s.io/provider: control-plane-kubeadm
- cluster.x-k8s.io/v1alpha3: v1alpha3
- cluster.x-k8s.io/v1alpha4: v1alpha4
- cluster.x-k8s.io/v1beta1: v1beta1
- clusterctl.cluster.x-k8s.io: ""
- name: kubeadmcontrolplanes.controlplane.cluster.x-k8s.io
-spec:
- conversion:
- strategy: Webhook
- webhook:
- clientConfig:
- caBundle: Cg==
- service:
- name: capi-kubeadm-control-plane-webhook-service
- namespace: capi-kubeadm-control-plane-system
- path: /convert
- conversionReviewVersions:
- - v1
- - v1beta1
- group: controlplane.cluster.x-k8s.io
- names:
- categories:
- - cluster-api
- kind: KubeadmControlPlane
- listKind: KubeadmControlPlaneList
- plural: kubeadmcontrolplanes
- shortNames:
- - kcp
- singular: kubeadmcontrolplane
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - description: This denotes whether or not the control plane has the uploaded
- kubeadm-config configmap
- jsonPath: .status.initialized
- name: Initialized
- type: boolean
- - description: KubeadmControlPlane API Server is ready to receive requests
- jsonPath: .status.ready
- name: API Server Available
- type: boolean
- - description: Kubernetes version associated with this control plane
- jsonPath: .spec.version
- name: Version
- type: string
- - description: Total number of non-terminated machines targeted by this control
- plane
- jsonPath: .status.replicas
- name: Replicas
- type: integer
- - description: Total number of fully running and ready control plane machines
- jsonPath: .status.readyReplicas
- name: Ready
- type: integer
- - description: Total number of non-terminated machines targeted by this control
- plane that have the desired template spec
- jsonPath: .status.updatedReplicas
- name: Updated
- type: integer
- - description: Total number of unavailable machines targeted by this control plane
- jsonPath: .status.unavailableReplicas
- name: Unavailable
- type: integer
- name: v1alpha3
- schema:
- openAPIV3Schema:
- description: KubeadmControlPlane is the Schema for the KubeadmControlPlane
- API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: KubeadmControlPlaneSpec defines the desired state of KubeadmControlPlane.
- properties:
- infrastructureTemplate:
- description: InfrastructureTemplate is a required reference to a custom
- resource offered by an infrastructure provider.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object instead of
- an entire object, this string should contain a valid JSON/Go
- field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container within
- a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container that triggered
- the event) or if no container name is specified "spec.containers[2]"
- (container with index 2 in this pod). This syntax is chosen
- only to have some well-defined way of referencing a part of
- an object. TODO: this design is not final and this field is
- subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this reference
- is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- kubeadmConfigSpec:
- description: KubeadmConfigSpec is a KubeadmConfigSpec to use for initializing
- and joining machines to the control plane.
- properties:
- clusterConfiguration:
- description: ClusterConfiguration along with InitConfiguration
- are the configurations necessary for the init command
- properties:
- apiServer:
- description: APIServer contains extra settings for the API
- server control plane component
- properties:
- certSANs:
- description: CertSANs sets extra Subject Alternative Names
- for the API Server signing cert.
- items:
- type: string
- type: array
- extraArgs:
- additionalProperties:
- type: string
- description: 'ExtraArgs is an extra set of flags to pass
- to the control plane component. TODO: This is temporary
- and ideally we would like to switch all components to
- use ComponentConfig + ConfigMaps.'
- type: object
- extraVolumes:
- description: ExtraVolumes is an extra set of host volumes,
- mounted to the control plane component.
- items:
- description: HostPathMount contains elements describing
- volumes that are mounted from the host.
- properties:
- hostPath:
- description: HostPath is the path in the host that
- will be mounted inside the pod.
- type: string
- mountPath:
- description: MountPath is the path inside the pod
- where hostPath will be mounted.
- type: string
- name:
- description: Name of the volume inside the pod template.
- type: string
- pathType:
- description: PathType is the type of the HostPath.
- type: string
- readOnly:
- description: ReadOnly controls write access to the
- volume
- type: boolean
- required:
- - hostPath
- - mountPath
- - name
- type: object
- type: array
- timeoutForControlPlane:
- description: TimeoutForControlPlane controls the timeout
- that we use for API server to appear
- type: string
- type: object
- apiVersion:
- description: 'APIVersion defines the versioned schema of this
- representation of an object. Servers should convert recognized
- schemas to the latest internal value, and may reject unrecognized
- values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- certificatesDir:
- description: 'CertificatesDir specifies where to store or
- look for all required certificates. NB: if not provided,
- this will default to `/etc/kubernetes/pki`'
- type: string
- clusterName:
- description: The cluster name
- type: string
- controlPlaneEndpoint:
- description: 'ControlPlaneEndpoint sets a stable IP address
- or DNS name for the control plane; it can be a valid IP
- address or a RFC-1123 DNS subdomain, both with optional
- TCP port. In case the ControlPlaneEndpoint is not specified,
- the AdvertiseAddress + BindPort are used; in case the ControlPlaneEndpoint
- is specified but without a TCP port, the BindPort is used.
- Possible usages are: e.g. In a cluster with more than one
- control plane instances, this field should be assigned the
- address of the external load balancer in front of the control
- plane instances. e.g. in environments with enforced node
- recycling, the ControlPlaneEndpoint could be used for assigning
- a stable DNS to the control plane. NB: This value defaults
- to the first value in the Cluster object status.apiEndpoints
- array.'
- type: string
- controllerManager:
- description: ControllerManager contains extra settings for
- the controller manager control plane component
- properties:
- extraArgs:
- additionalProperties:
- type: string
- description: 'ExtraArgs is an extra set of flags to pass
- to the control plane component. TODO: This is temporary
- and ideally we would like to switch all components to
- use ComponentConfig + ConfigMaps.'
- type: object
- extraVolumes:
- description: ExtraVolumes is an extra set of host volumes,
- mounted to the control plane component.
- items:
- description: HostPathMount contains elements describing
- volumes that are mounted from the host.
- properties:
- hostPath:
- description: HostPath is the path in the host that
- will be mounted inside the pod.
- type: string
- mountPath:
- description: MountPath is the path inside the pod
- where hostPath will be mounted.
- type: string
- name:
- description: Name of the volume inside the pod template.
- type: string
- pathType:
- description: PathType is the type of the HostPath.
- type: string
- readOnly:
- description: ReadOnly controls write access to the
- volume
- type: boolean
- required:
- - hostPath
- - mountPath
- - name
- type: object
- type: array
- type: object
- dns:
- description: DNS defines the options for the DNS add-on installed
- in the cluster.
- properties:
- imageRepository:
- description: ImageRepository sets the container registry
- to pull images from. if not set, the ImageRepository
- defined in ClusterConfiguration will be used instead.
- type: string
- imageTag:
- description: ImageTag allows to specify a tag for the
- image. In case this value is set, kubeadm does not change
- automatically the version of the above components during
- upgrades.
- type: string
- type:
- description: Type defines the DNS add-on to be used
- type: string
- type: object
- etcd:
- description: 'Etcd holds configuration for etcd. NB: This
- value defaults to a Local (stacked) etcd'
- properties:
- external:
- description: External describes how to connect to an external
- etcd cluster Local and External are mutually exclusive
- properties:
- caFile:
- description: CAFile is an SSL Certificate Authority
- file used to secure etcd communication. Required
- if using a TLS connection.
- type: string
- certFile:
- description: CertFile is an SSL certification file
- used to secure etcd communication. Required if using
- a TLS connection.
- type: string
- endpoints:
- description: Endpoints of etcd members. Required for
- ExternalEtcd.
- items:
- type: string
- type: array
- keyFile:
- description: KeyFile is an SSL key file used to secure
- etcd communication. Required if using a TLS connection.
- type: string
- required:
- - caFile
- - certFile
- - endpoints
- - keyFile
- type: object
- local:
- description: Local provides configuration knobs for configuring
- the local etcd instance Local and External are mutually
- exclusive
- properties:
- dataDir:
- description: DataDir is the directory etcd will place
- its data. Defaults to "/var/lib/etcd".
- type: string
- extraArgs:
- additionalProperties:
- type: string
- description: ExtraArgs are extra arguments provided
- to the etcd binary when run inside a static pod.
- type: object
- imageRepository:
- description: ImageRepository sets the container registry
- to pull images from. if not set, the ImageRepository
- defined in ClusterConfiguration will be used instead.
- type: string
- imageTag:
- description: ImageTag allows to specify a tag for
- the image. In case this value is set, kubeadm does
- not change automatically the version of the above
- components during upgrades.
- type: string
- peerCertSANs:
- description: PeerCertSANs sets extra Subject Alternative
- Names for the etcd peer signing cert.
- items:
- type: string
- type: array
- serverCertSANs:
- description: ServerCertSANs sets extra Subject Alternative
- Names for the etcd server signing cert.
- items:
- type: string
- type: array
- type: object
- type: object
- featureGates:
- additionalProperties:
- type: boolean
- description: FeatureGates enabled by the user.
- type: object
- imageRepository:
- description: ImageRepository sets the container registry to
- pull images from. If empty, `k8s.gcr.io` will be used by
- default; in case of kubernetes version is a CI build (kubernetes
- version starts with `ci/` or `ci-cross/`) `gcr.io/k8s-staging-ci-images`
- will be used as a default for control plane components and
- for kube-proxy, while `k8s.gcr.io` will be used for all
- the other images.
- type: string
- kind:
- description: 'Kind is a string value representing the REST
- resource this object represents. Servers may infer this
- from the endpoint the client submits requests to. Cannot
- be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- kubernetesVersion:
- description: 'KubernetesVersion is the target version of the
- control plane. NB: This value defaults to the Machine object
- spec.version'
- type: string
- networking:
- description: 'Networking holds configuration for the networking
- topology of the cluster. NB: This value defaults to the
- Cluster object spec.clusterNetwork.'
- properties:
- dnsDomain:
- description: DNSDomain is the dns domain used by k8s services.
- Defaults to "cluster.local".
- type: string
- podSubnet:
- description: PodSubnet is the subnet used by pods. If
- unset, the API server will not allocate CIDR ranges
- for every node. Defaults to a comma-delimited string
- of the Cluster object's spec.clusterNetwork.services.cidrBlocks
- if that is set
- type: string
- serviceSubnet:
- description: ServiceSubnet is the subnet used by k8s services.
- Defaults to a comma-delimited string of the Cluster
- object's spec.clusterNetwork.pods.cidrBlocks, or to
- "10.96.0.0/12" if that's unset.
- type: string
- type: object
- scheduler:
- description: Scheduler contains extra settings for the scheduler
- control plane component
- properties:
- extraArgs:
- additionalProperties:
- type: string
- description: 'ExtraArgs is an extra set of flags to pass
- to the control plane component. TODO: This is temporary
- and ideally we would like to switch all components to
- use ComponentConfig + ConfigMaps.'
- type: object
- extraVolumes:
- description: ExtraVolumes is an extra set of host volumes,
- mounted to the control plane component.
- items:
- description: HostPathMount contains elements describing
- volumes that are mounted from the host.
- properties:
- hostPath:
- description: HostPath is the path in the host that
- will be mounted inside the pod.
- type: string
- mountPath:
- description: MountPath is the path inside the pod
- where hostPath will be mounted.
- type: string
- name:
- description: Name of the volume inside the pod template.
- type: string
- pathType:
- description: PathType is the type of the HostPath.
- type: string
- readOnly:
- description: ReadOnly controls write access to the
- volume
- type: boolean
- required:
- - hostPath
- - mountPath
- - name
- type: object
- type: array
- type: object
- useHyperKubeImage:
- description: UseHyperKubeImage controls if hyperkube should
- be used for Kubernetes components instead of their respective
- separate images
- type: boolean
- type: object
- diskSetup:
- description: DiskSetup specifies options for the creation of partition
- tables and file systems on devices.
- properties:
- filesystems:
- description: Filesystems specifies the list of file systems
- to setup.
- items:
- description: Filesystem defines the file systems to be created.
- properties:
- device:
- description: Device specifies the device name
- type: string
- extraOpts:
- description: ExtraOpts defined extra options to add
- to the command for creating the file system.
- items:
- type: string
- type: array
- filesystem:
- description: Filesystem specifies the file system type.
- type: string
- label:
- description: Label specifies the file system label to
- be used. If set to None, no label is used.
- type: string
- overwrite:
- description: Overwrite defines whether or not to overwrite
- any existing filesystem. If true, any pre-existing
- file system will be destroyed. Use with Caution.
- type: boolean
- partition:
- description: 'Partition specifies the partition to use.
- The valid options are: "auto|any", "auto", "any",
- "none", and <NUM>, where NUM is the actual partition
- number.'
- type: string
- replaceFS:
- description: 'ReplaceFS is a special directive, used
- for Microsoft Azure that instructs cloud-init to replace
- a file system of <FS_TYPE>. NOTE: unless you define
- a label, this requires the use of the ''any'' partition
- directive.'
- type: string
- required:
- - device
- - filesystem
- - label
- type: object
- type: array
- partitions:
- description: Partitions specifies the list of the partitions
- to setup.
- items:
- description: Partition defines how to create and layout
- a partition.
- properties:
- device:
- description: Device is the name of the device.
- type: string
- layout:
- description: Layout specifies the device layout. If
- it is true, a single partition will be created for
- the entire device. When layout is false, it means
- don't partition or ignore existing partitioning.
- type: boolean
- overwrite:
- description: Overwrite describes whether to skip checks
- and create the partition if a partition or filesystem
- is found on the device. Use with caution. Default
- is 'false'.
- type: boolean
- tableType:
- description: 'TableType specifies the tupe of partition
- table. The following are supported: ''mbr'': default
- and setups a MS-DOS partition table ''gpt'': setups
- a GPT partition table'
- type: string
- required:
- - device
- - layout
- type: object
- type: array
- type: object
- files:
- description: Files specifies extra files to be passed to user_data
- upon creation.
- items:
- description: File defines the input for generating write_files
- in cloud-init.
- properties:
- content:
- description: Content is the actual content of the file.
- type: string
- contentFrom:
- description: ContentFrom is a referenced source of content
- to populate the file.
- properties:
- secret:
- description: Secret represents a secret that should
- populate this file.
- properties:
- key:
- description: Key is the key in the secret's data
- map for this value.
- type: string
- name:
- description: Name of the secret in the KubeadmBootstrapConfig's
- namespace to use.
- type: string
- required:
- - key
- - name
- type: object
- required:
- - secret
- type: object
- encoding:
- description: Encoding specifies the encoding of the file
- contents.
- enum:
- - base64
- - gzip
- - gzip+base64
- type: string
- owner:
- description: Owner specifies the ownership of the file,
- e.g. "root:root".
- type: string
- path:
- description: Path specifies the full path on disk where
- to store the file.
- type: string
- permissions:
- description: Permissions specifies the permissions to assign
- to the file, e.g. "0640".
- type: string
- required:
- - path
- type: object
- type: array
- format:
- description: Format specifies the output format of the bootstrap
- data
- enum:
- - cloud-config
- type: string
- initConfiguration:
- description: InitConfiguration along with ClusterConfiguration
- are the configurations necessary for the init command
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this
- representation of an object. Servers should convert recognized
- schemas to the latest internal value, and may reject unrecognized
- values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- bootstrapTokens:
- description: BootstrapTokens is respected at `kubeadm init`
- time and describes a set of Bootstrap Tokens to create.
- This information IS NOT uploaded to the kubeadm cluster
- configmap, partly because of its sensitive nature
- items:
- description: BootstrapToken describes one bootstrap token,
- stored as a Secret in the cluster.
- properties:
- description:
- description: Description sets a human-friendly message
- why this token exists and what it's used for, so other
- administrators can know its purpose.
- type: string
- expires:
- description: Expires specifies the timestamp when this
- token expires. Defaults to being set dynamically at
- runtime based on the TTL. Expires and TTL are mutually
- exclusive.
- format: date-time
- type: string
- groups:
- description: Groups specifies the extra groups that
- this token will authenticate as when/if used for authentication
- items:
- type: string
- type: array
- token:
- description: Token is used for establishing bidirectional
- trust between nodes and control-planes. Used for joining
- nodes in the cluster.
- type: string
- ttl:
- description: TTL defines the time to live for this token.
- Defaults to 24h. Expires and TTL are mutually exclusive.
- type: string
- usages:
- description: Usages describes the ways in which this
- token can be used. Can by default be used for establishing
- bidirectional trust, but that can be changed here.
- items:
- type: string
- type: array
- required:
- - token
- type: object
- type: array
- kind:
- description: 'Kind is a string value representing the REST
- resource this object represents. Servers may infer this
- from the endpoint the client submits requests to. Cannot
- be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- localAPIEndpoint:
- description: LocalAPIEndpoint represents the endpoint of the
- API server instance that's deployed on this control plane
- node In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint
- in the sense that ControlPlaneEndpoint is the global endpoint
- for the cluster, which then loadbalances the requests to
- each individual API server. This configuration object lets
- you customize what IP/DNS name and port the local API server
- advertises it's accessible on. By default, kubeadm tries
- to auto-detect the IP of the default interface and use that,
- but in case that process fails you may set the desired value
- here.
- properties:
- advertiseAddress:
- description: AdvertiseAddress sets the IP address for
- the API server to advertise.
- type: string
- bindPort:
- description: BindPort sets the secure port for the API
- Server to bind to. Defaults to 6443.
- format: int32
- type: integer
- required:
- - advertiseAddress
- - bindPort
- type: object
- nodeRegistration:
- description: NodeRegistration holds fields that relate to
- registering the new control-plane node to the cluster. When
- used in the context of control plane nodes, NodeRegistration
- should remain consistent across both InitConfiguration and
- JoinConfiguration
- properties:
- criSocket:
- description: CRISocket is used to retrieve container runtime
- info. This information will be annotated to the Node
- API object, for later re-use
- type: string
- kubeletExtraArgs:
- additionalProperties:
- type: string
- description: KubeletExtraArgs passes through extra arguments
- to the kubelet. The arguments here are passed to the
- kubelet command line via the environment file kubeadm
- writes at runtime for the kubelet to source. This overrides
- the generic base-level configuration in the kubelet-config-1.X
- ConfigMap Flags have higher priority when parsing. These
- values are local and specific to the node kubeadm is
- executing on.
- type: object
- name:
- description: Name is the `.Metadata.Name` field of the
- Node API object that will be created in this `kubeadm
- init` or `kubeadm join` operation. This field is also
- used in the CommonName field of the kubelet's client
- certificate to the API server. Defaults to the hostname
- of the node if not provided.
- type: string
- taints:
- description: 'Taints specifies the taints the Node API
- object should be registered with. If this field is unset,
- i.e. nil, in the `kubeadm init` process it will be defaulted
- to []v1.Taint{''node-role.kubernetes.io/master=""''}.
- If you don''t want to taint your control-plane node,
- set this field to an empty slice, i.e. `taints: {}`
- in the YAML file. This field is solely used for Node
- registration.'
- items:
- description: The node this Taint is attached to has
- the "effect" on any pod that does not tolerate the
- Taint.
- properties:
- effect:
- description: Required. The effect of the taint on
- pods that do not tolerate the taint. Valid effects
- are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Required. The taint key to be applied
- to a node.
- type: string
- timeAdded:
- description: TimeAdded represents the time at which
- the taint was added. It is only written for NoExecute
- taints.
- format: date-time
- type: string
- value:
- description: The taint value corresponding to the
- taint key.
- type: string
- required:
- - effect
- - key
- type: object
- type: array
- type: object
- type: object
- joinConfiguration:
- description: JoinConfiguration is the kubeadm configuration for
- the join command
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this
- representation of an object. Servers should convert recognized
- schemas to the latest internal value, and may reject unrecognized
- values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- caCertPath:
- description: 'CACertPath is the path to the SSL certificate
- authority used to secure comunications between node and
- control-plane. Defaults to "/etc/kubernetes/pki/ca.crt".
- TODO: revisit when there is defaulting from k/k'
- type: string
- controlPlane:
- description: ControlPlane defines the additional control plane
- instance to be deployed on the joining node. If nil, no
- additional control plane instance will be deployed.
- properties:
- localAPIEndpoint:
- description: LocalAPIEndpoint represents the endpoint
- of the API server instance to be deployed on this node.
- properties:
- advertiseAddress:
- description: AdvertiseAddress sets the IP address
- for the API server to advertise.
- type: string
- bindPort:
- description: BindPort sets the secure port for the
- API Server to bind to. Defaults to 6443.
- format: int32
- type: integer
- required:
- - advertiseAddress
- - bindPort
- type: object
- type: object
- discovery:
- description: 'Discovery specifies the options for the kubelet
- to use during the TLS Bootstrap process TODO: revisit when
- there is defaulting from k/k'
- properties:
- bootstrapToken:
- description: BootstrapToken is used to set the options
- for bootstrap token based discovery BootstrapToken and
- File are mutually exclusive
- properties:
- apiServerEndpoint:
- description: APIServerEndpoint is an IP or domain
- name to the API server from which info will be fetched.
- type: string
- caCertHashes:
- description: 'CACertHashes specifies a set of public
- key pins to verify when token-based discovery is
- used. The root CA found during discovery must match
- one of these values. Specifying an empty set disables
- root CA pinning, which can be unsafe. Each hash
- is specified as "<type>:<value>", where the only
- currently supported type is "sha256". This is a
- hex-encoded SHA-256 hash of the Subject Public Key
- Info (SPKI) object in DER-encoded ASN.1. These hashes
- can be calculated using, for example, OpenSSL: openssl
- x509 -pubkey -in ca.crt openssl rsa -pubin -outform
- der 2>&/dev/null | openssl dgst -sha256 -hex'
- items:
- type: string
- type: array
- token:
- description: Token is a token used to validate cluster
- information fetched from the control-plane.
- type: string
- unsafeSkipCAVerification:
- description: UnsafeSkipCAVerification allows token-based
- discovery without CA verification via CACertHashes.
- This can weaken the security of kubeadm since other
- nodes can impersonate the control-plane.
- type: boolean
- required:
- - token
- - unsafeSkipCAVerification
- type: object
- file:
- description: File is used to specify a file or URL to
- a kubeconfig file from which to load cluster information
- BootstrapToken and File are mutually exclusive
- properties:
- kubeConfigPath:
- description: KubeConfigPath is used to specify the
- actual file path or URL to the kubeconfig file from
- which to load cluster information
- type: string
- required:
- - kubeConfigPath
- type: object
- timeout:
- description: Timeout modifies the discovery timeout
- type: string
- tlsBootstrapToken:
- description: 'TLSBootstrapToken is a token used for TLS
- bootstrapping. If .BootstrapToken is set, this field
- is defaulted to .BootstrapToken.Token, but can be overridden.
- If .File is set, this field **must be set** in case
- the KubeConfigFile does not contain any other authentication
- information TODO: revisit when there is defaulting from
- k/k'
- type: string
- type: object
- kind:
- description: 'Kind is a string value representing the REST
- resource this object represents. Servers may infer this
- from the endpoint the client submits requests to. Cannot
- be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- nodeRegistration:
- description: NodeRegistration holds fields that relate to
- registering the new control-plane node to the cluster. When
- used in the context of control plane nodes, NodeRegistration
- should remain consistent across both InitConfiguration and
- JoinConfiguration
- properties:
- criSocket:
- description: CRISocket is used to retrieve container runtime
- info. This information will be annotated to the Node
- API object, for later re-use
- type: string
- kubeletExtraArgs:
- additionalProperties:
- type: string
- description: KubeletExtraArgs passes through extra arguments
- to the kubelet. The arguments here are passed to the
- kubelet command line via the environment file kubeadm
- writes at runtime for the kubelet to source. This overrides
- the generic base-level configuration in the kubelet-config-1.X
- ConfigMap Flags have higher priority when parsing. These
- values are local and specific to the node kubeadm is
- executing on.
- type: object
- name:
- description: Name is the `.Metadata.Name` field of the
- Node API object that will be created in this `kubeadm
- init` or `kubeadm join` operation. This field is also
- used in the CommonName field of the kubelet's client
- certificate to the API server. Defaults to the hostname
- of the node if not provided.
- type: string
- taints:
- description: 'Taints specifies the taints the Node API
- object should be registered with. If this field is unset,
- i.e. nil, in the `kubeadm init` process it will be defaulted
- to []v1.Taint{''node-role.kubernetes.io/master=""''}.
- If you don''t want to taint your control-plane node,
- set this field to an empty slice, i.e. `taints: {}`
- in the YAML file. This field is solely used for Node
- registration.'
- items:
- description: The node this Taint is attached to has
- the "effect" on any pod that does not tolerate the
- Taint.
- properties:
- effect:
- description: Required. The effect of the taint on
- pods that do not tolerate the taint. Valid effects
- are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Required. The taint key to be applied
- to a node.
- type: string
- timeAdded:
- description: TimeAdded represents the time at which
- the taint was added. It is only written for NoExecute
- taints.
- format: date-time
- type: string
- value:
- description: The taint value corresponding to the
- taint key.
- type: string
- required:
- - effect
- - key
- type: object
- type: array
- type: object
- type: object
- mounts:
- description: Mounts specifies a list of mount points to be setup.
- items:
- description: MountPoints defines input for generated mounts
- in cloud-init.
- items:
- type: string
- type: array
- type: array
- ntp:
- description: NTP specifies NTP configuration
- properties:
- enabled:
- description: Enabled specifies whether NTP should be enabled
- type: boolean
- servers:
- description: Servers specifies which NTP servers to use
- items:
- type: string
- type: array
- type: object
- postKubeadmCommands:
- description: PostKubeadmCommands specifies extra commands to run
- after kubeadm runs
- items:
- type: string
- type: array
- preKubeadmCommands:
- description: PreKubeadmCommands specifies extra commands to run
- before kubeadm runs
- items:
- type: string
- type: array
- useExperimentalRetryJoin:
- description: "UseExperimentalRetryJoin replaces a basic kubeadm
- command with a shell script with retries for joins. \n This
- is meant to be an experimental temporary workaround on some
- environments where joins fail due to timing (and other issues).
- The long term goal is to add retries to kubeadm proper and use
- that functionality. \n This will add about 40KB to userdata
- \n For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055."
- type: boolean
- users:
- description: Users specifies extra users to add
- items:
- description: User defines the input for a generated user in
- cloud-init.
- properties:
- gecos:
- description: Gecos specifies the gecos to use for the user
- type: string
- groups:
- description: Groups specifies the additional groups for
- the user
- type: string
- homeDir:
- description: HomeDir specifies the home directory to use
- for the user
- type: string
- inactive:
- description: Inactive specifies whether to mark the user
- as inactive
- type: boolean
- lockPassword:
- description: LockPassword specifies if password login should
- be disabled
- type: boolean
- name:
- description: Name specifies the user name
- type: string
- passwd:
- description: Passwd specifies a hashed password for the
- user
- type: string
- primaryGroup:
- description: PrimaryGroup specifies the primary group for
- the user
- type: string
- shell:
- description: Shell specifies the user's shell
- type: string
- sshAuthorizedKeys:
- description: SSHAuthorizedKeys specifies a list of ssh authorized
- keys for the user
- items:
- type: string
- type: array
- sudo:
- description: Sudo specifies a sudo role for the user
- type: string
- required:
- - name
- type: object
- type: array
- verbosity:
- description: Verbosity is the number for the kubeadm log level
- verbosity. It overrides the `--v` flag in kubeadm commands.
- format: int32
- type: integer
- type: object
- nodeDrainTimeout:
- description: 'NodeDrainTimeout is the total amount of time that the
- controller will spend on draining a controlplane node The default
- value is 0, meaning that the node can be drained without any time
- limitations. NOTE: NodeDrainTimeout is different from `kubectl drain
- --timeout`'
- type: string
- replicas:
- description: Number of desired machines. Defaults to 1. When stacked
- etcd is used only odd numbers are permitted, as per [etcd best practice](https://etcd.io/docs/v3.3.12/faq/#why-an-odd-number-of-cluster-members).
- This is a pointer to distinguish between explicit zero and not specified.
- format: int32
- type: integer
- rolloutStrategy:
- description: The RolloutStrategy to use to replace control plane machines
- with new ones.
- properties:
- rollingUpdate:
- description: Rolling update config params. Present only if RolloutStrategyType
- = RollingUpdate.
- properties:
- maxSurge:
- anyOf:
- - type: integer
- - type: string
- description: 'The maximum number of control planes that can
- be scheduled above or under the desired number of control
- planes. Value can be an absolute number 1 or 0. Defaults
- to 1. Example: when this is set to 1, the control plane
- can be scaled up immediately when the rolling update starts.'
- x-kubernetes-int-or-string: true
- type: object
- type:
- description: Type of rollout. Currently the only supported strategy
- is "RollingUpdate". Default is RollingUpdate.
- type: string
- type: object
- upgradeAfter:
- description: UpgradeAfter is a field to indicate an upgrade should
- be performed after the specified time even if no changes have been
- made to the KubeadmControlPlane
- format: date-time
- type: string
- version:
- description: Version defines the desired Kubernetes version.
- type: string
- required:
- - infrastructureTemplate
- - kubeadmConfigSpec
- - version
- type: object
- status:
- description: KubeadmControlPlaneStatus defines the observed state of KubeadmControlPlane.
- properties:
- conditions:
- description: Conditions defines current service state of the KubeadmControlPlane.
- items:
- description: Condition defines an observation of a Cluster API resource
- operational state.
- properties:
- lastTransitionTime:
- description: Last time the condition transitioned from one status
- to another. This should be when the underlying condition changed.
- If that is not known, then using the time when the API field
- changed is acceptable.
- format: date-time
- type: string
- message:
- description: A human readable message indicating details about
- the transition. This field may be empty.
- type: string
- reason:
- description: The reason for the condition's last transition
- in CamelCase. The specific API may choose whether or not this
- field is considered a guaranteed API. This field may not be
- empty.
- type: string
- severity:
- description: Severity provides an explicit classification of
- Reason code, so the users or machines can immediately understand
- the current situation and act accordingly. The Severity field
- MUST be set only when Status=False.
- type: string
- status:
- description: Status of the condition, one of True, False, Unknown.
- type: string
- type:
- description: Type of condition in CamelCase or in foo.example.com/CamelCase.
- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important.
- type: string
- required:
- - status
- - type
- type: object
- type: array
- failureMessage:
- description: ErrorMessage indicates that there is a terminal problem
- reconciling the state, and will be set to a descriptive error message.
- type: string
- failureReason:
- description: FailureReason indicates that there is a terminal problem
- reconciling the state, and will be set to a token value suitable
- for programmatic interpretation.
- type: string
- initialized:
- description: Initialized denotes whether or not the control plane
- has the uploaded kubeadm-config configmap.
- type: boolean
- observedGeneration:
- description: ObservedGeneration is the latest generation observed
- by the controller.
- format: int64
- type: integer
- ready:
- description: Ready denotes that the KubeadmControlPlane API Server
- is ready to receive requests.
- type: boolean
- readyReplicas:
- description: Total number of fully running and ready control plane
- machines.
- format: int32
- type: integer
- replicas:
- description: Total number of non-terminated machines targeted by this
- control plane (their labels match the selector).
- format: int32
- type: integer
- selector:
- description: 'Selector is the label selector in string format to avoid
- introspection by clients, and is used to provide the CRD-based integration
- for the scale subresource and additional integrations for things
- like kubectl describe.. The string will be in the same format as
- the query-param syntax. More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors'
- type: string
- unavailableReplicas:
- description: Total number of unavailable machines targeted by this
- control plane. This is the total number of machines that are still
- required for the deployment to have 100% available capacity. They
- may either be machines that are running but not yet ready or machines
- that still have not been created.
- format: int32
- type: integer
- updatedReplicas:
- description: Total number of non-terminated machines targeted by this
- control plane that have the desired template spec.
- format: int32
- type: integer
- type: object
- type: object
- served: true
- storage: false
- subresources:
- scale:
- labelSelectorPath: .status.selector
- specReplicasPath: .spec.replicas
- statusReplicasPath: .status.replicas
- status: {}
- - additionalPrinterColumns:
- - description: Time duration since creation of KubeadmControlPlane
- jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- - description: This denotes whether or not the control plane has the uploaded
- kubeadm-config configmap
- jsonPath: .status.initialized
- name: Initialized
- type: boolean
- - description: KubeadmControlPlane API Server is ready to receive requests
- jsonPath: .status.ready
- name: API Server Available
- type: boolean
- - description: Kubernetes version associated with this control plane
- jsonPath: .spec.version
- name: Version
- type: string
- - description: Total number of non-terminated machines targeted by this control
- plane
- jsonPath: .status.replicas
- name: Replicas
- type: integer
- - description: Total number of fully running and ready control plane machines
- jsonPath: .status.readyReplicas
- name: Ready
- type: integer
- - description: Total number of non-terminated machines targeted by this control
- plane that have the desired template spec
- jsonPath: .status.updatedReplicas
- name: Updated
- type: integer
- - description: Total number of unavailable machines targeted by this control plane
- jsonPath: .status.unavailableReplicas
- name: Unavailable
- type: integer
- name: v1alpha4
- schema:
- openAPIV3Schema:
- description: KubeadmControlPlane is the Schema for the KubeadmControlPlane
- API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: KubeadmControlPlaneSpec defines the desired state of KubeadmControlPlane.
- properties:
- kubeadmConfigSpec:
- description: KubeadmConfigSpec is a KubeadmConfigSpec to use for initializing
- and joining machines to the control plane.
- properties:
- clusterConfiguration:
- description: ClusterConfiguration along with InitConfiguration
- are the configurations necessary for the init command
- properties:
- apiServer:
- description: APIServer contains extra settings for the API
- server control plane component
- properties:
- certSANs:
- description: CertSANs sets extra Subject Alternative Names
- for the API Server signing cert.
- items:
- type: string
- type: array
- extraArgs:
- additionalProperties:
- type: string
- description: 'ExtraArgs is an extra set of flags to pass
- to the control plane component. TODO: This is temporary
- and ideally we would like to switch all components to
- use ComponentConfig + ConfigMaps.'
- type: object
- extraVolumes:
- description: ExtraVolumes is an extra set of host volumes,
- mounted to the control plane component.
- items:
- description: HostPathMount contains elements describing
- volumes that are mounted from the host.
- properties:
- hostPath:
- description: HostPath is the path in the host that
- will be mounted inside the pod.
- type: string
- mountPath:
- description: MountPath is the path inside the pod
- where hostPath will be mounted.
- type: string
- name:
- description: Name of the volume inside the pod template.
- type: string
- pathType:
- description: PathType is the type of the HostPath.
- type: string
- readOnly:
- description: ReadOnly controls write access to the
- volume
- type: boolean
- required:
- - hostPath
- - mountPath
- - name
- type: object
- type: array
- timeoutForControlPlane:
- description: TimeoutForControlPlane controls the timeout
- that we use for API server to appear
- type: string
- type: object
- apiVersion:
- description: 'APIVersion defines the versioned schema of this
- representation of an object. Servers should convert recognized
- schemas to the latest internal value, and may reject unrecognized
- values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- certificatesDir:
- description: 'CertificatesDir specifies where to store or
- look for all required certificates. NB: if not provided,
- this will default to `/etc/kubernetes/pki`'
- type: string
- clusterName:
- description: The cluster name
- type: string
- controlPlaneEndpoint:
- description: 'ControlPlaneEndpoint sets a stable IP address
- or DNS name for the control plane; it can be a valid IP
- address or a RFC-1123 DNS subdomain, both with optional
- TCP port. In case the ControlPlaneEndpoint is not specified,
- the AdvertiseAddress + BindPort are used; in case the ControlPlaneEndpoint
- is specified but without a TCP port, the BindPort is used.
- Possible usages are: e.g. In a cluster with more than one
- control plane instances, this field should be assigned the
- address of the external load balancer in front of the control
- plane instances. e.g. in environments with enforced node
- recycling, the ControlPlaneEndpoint could be used for assigning
- a stable DNS to the control plane. NB: This value defaults
- to the first value in the Cluster object status.apiEndpoints
- array.'
- type: string
- controllerManager:
- description: ControllerManager contains extra settings for
- the controller manager control plane component
- properties:
- extraArgs:
- additionalProperties:
- type: string
- description: 'ExtraArgs is an extra set of flags to pass
- to the control plane component. TODO: This is temporary
- and ideally we would like to switch all components to
- use ComponentConfig + ConfigMaps.'
- type: object
- extraVolumes:
- description: ExtraVolumes is an extra set of host volumes,
- mounted to the control plane component.
- items:
- description: HostPathMount contains elements describing
- volumes that are mounted from the host.
- properties:
- hostPath:
- description: HostPath is the path in the host that
- will be mounted inside the pod.
- type: string
- mountPath:
- description: MountPath is the path inside the pod
- where hostPath will be mounted.
- type: string
- name:
- description: Name of the volume inside the pod template.
- type: string
- pathType:
- description: PathType is the type of the HostPath.
- type: string
- readOnly:
- description: ReadOnly controls write access to the
- volume
- type: boolean
- required:
- - hostPath
- - mountPath
- - name
- type: object
- type: array
- type: object
- dns:
- description: DNS defines the options for the DNS add-on installed
- in the cluster.
- properties:
- imageRepository:
- description: ImageRepository sets the container registry
- to pull images from. if not set, the ImageRepository
- defined in ClusterConfiguration will be used instead.
- type: string
- imageTag:
- description: ImageTag allows to specify a tag for the
- image. In case this value is set, kubeadm does not change
- automatically the version of the above components during
- upgrades.
- type: string
- type: object
- etcd:
- description: 'Etcd holds configuration for etcd. NB: This
- value defaults to a Local (stacked) etcd'
- properties:
- external:
- description: External describes how to connect to an external
- etcd cluster Local and External are mutually exclusive
- properties:
- caFile:
- description: CAFile is an SSL Certificate Authority
- file used to secure etcd communication. Required
- if using a TLS connection.
- type: string
- certFile:
- description: CertFile is an SSL certification file
- used to secure etcd communication. Required if using
- a TLS connection.
- type: string
- endpoints:
- description: Endpoints of etcd members. Required for
- ExternalEtcd.
- items:
- type: string
- type: array
- keyFile:
- description: KeyFile is an SSL key file used to secure
- etcd communication. Required if using a TLS connection.
- type: string
- required:
- - caFile
- - certFile
- - endpoints
- - keyFile
- type: object
- local:
- description: Local provides configuration knobs for configuring
- the local etcd instance Local and External are mutually
- exclusive
- properties:
- dataDir:
- description: DataDir is the directory etcd will place
- its data. Defaults to "/var/lib/etcd".
- type: string
- extraArgs:
- additionalProperties:
- type: string
- description: ExtraArgs are extra arguments provided
- to the etcd binary when run inside a static pod.
- type: object
- imageRepository:
- description: ImageRepository sets the container registry
- to pull images from. if not set, the ImageRepository
- defined in ClusterConfiguration will be used instead.
- type: string
- imageTag:
- description: ImageTag allows to specify a tag for
- the image. In case this value is set, kubeadm does
- not change automatically the version of the above
- components during upgrades.
- type: string
- peerCertSANs:
- description: PeerCertSANs sets extra Subject Alternative
- Names for the etcd peer signing cert.
- items:
- type: string
- type: array
- serverCertSANs:
- description: ServerCertSANs sets extra Subject Alternative
- Names for the etcd server signing cert.
- items:
- type: string
- type: array
- type: object
- type: object
- featureGates:
- additionalProperties:
- type: boolean
- description: FeatureGates enabled by the user.
- type: object
- imageRepository:
- description: ImageRepository sets the container registry to
- pull images from. If empty, `registry.k8s.io` will be used
- by default; in case of kubernetes version is a CI build
- (kubernetes version starts with `ci/` or `ci-cross/`) `gcr.io/k8s-staging-ci-images`
- will be used as a default for control plane components and
- for kube-proxy, while `registry.k8s.io` will be used for
- all the other images.
- type: string
- kind:
- description: 'Kind is a string value representing the REST
- resource this object represents. Servers may infer this
- from the endpoint the client submits requests to. Cannot
- be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- kubernetesVersion:
- description: 'KubernetesVersion is the target version of the
- control plane. NB: This value defaults to the Machine object
- spec.version'
- type: string
- networking:
- description: 'Networking holds configuration for the networking
- topology of the cluster. NB: This value defaults to the
- Cluster object spec.clusterNetwork.'
- properties:
- dnsDomain:
- description: DNSDomain is the dns domain used by k8s services.
- Defaults to "cluster.local".
- type: string
- podSubnet:
- description: PodSubnet is the subnet used by pods. If
- unset, the API server will not allocate CIDR ranges
- for every node. Defaults to a comma-delimited string
- of the Cluster object's spec.clusterNetwork.services.cidrBlocks
- if that is set
- type: string
- serviceSubnet:
- description: ServiceSubnet is the subnet used by k8s services.
- Defaults to a comma-delimited string of the Cluster
- object's spec.clusterNetwork.pods.cidrBlocks, or to
- "10.96.0.0/12" if that's unset.
- type: string
- type: object
- scheduler:
- description: Scheduler contains extra settings for the scheduler
- control plane component
- properties:
- extraArgs:
- additionalProperties:
- type: string
- description: 'ExtraArgs is an extra set of flags to pass
- to the control plane component. TODO: This is temporary
- and ideally we would like to switch all components to
- use ComponentConfig + ConfigMaps.'
- type: object
- extraVolumes:
- description: ExtraVolumes is an extra set of host volumes,
- mounted to the control plane component.
- items:
- description: HostPathMount contains elements describing
- volumes that are mounted from the host.
- properties:
- hostPath:
- description: HostPath is the path in the host that
- will be mounted inside the pod.
- type: string
- mountPath:
- description: MountPath is the path inside the pod
- where hostPath will be mounted.
- type: string
- name:
- description: Name of the volume inside the pod template.
- type: string
- pathType:
- description: PathType is the type of the HostPath.
- type: string
- readOnly:
- description: ReadOnly controls write access to the
- volume
- type: boolean
- required:
- - hostPath
- - mountPath
- - name
- type: object
- type: array
- type: object
- type: object
- diskSetup:
- description: DiskSetup specifies options for the creation of partition
- tables and file systems on devices.
- properties:
- filesystems:
- description: Filesystems specifies the list of file systems
- to setup.
- items:
- description: Filesystem defines the file systems to be created.
- properties:
- device:
- description: Device specifies the device name
- type: string
- extraOpts:
- description: ExtraOpts defined extra options to add
- to the command for creating the file system.
- items:
- type: string
- type: array
- filesystem:
- description: Filesystem specifies the file system type.
- type: string
- label:
- description: Label specifies the file system label to
- be used. If set to None, no label is used.
- type: string
- overwrite:
- description: Overwrite defines whether or not to overwrite
- any existing filesystem. If true, any pre-existing
- file system will be destroyed. Use with Caution.
- type: boolean
- partition:
- description: 'Partition specifies the partition to use.
- The valid options are: "auto|any", "auto", "any",
- "none", and <NUM>, where NUM is the actual partition
- number.'
- type: string
- replaceFS:
- description: 'ReplaceFS is a special directive, used
- for Microsoft Azure that instructs cloud-init to replace
- a file system of <FS_TYPE>. NOTE: unless you define
- a label, this requires the use of the ''any'' partition
- directive.'
- type: string
- required:
- - device
- - filesystem
- - label
- type: object
- type: array
- partitions:
- description: Partitions specifies the list of the partitions
- to setup.
- items:
- description: Partition defines how to create and layout
- a partition.
- properties:
- device:
- description: Device is the name of the device.
- type: string
- layout:
- description: Layout specifies the device layout. If
- it is true, a single partition will be created for
- the entire device. When layout is false, it means
- don't partition or ignore existing partitioning.
- type: boolean
- overwrite:
- description: Overwrite describes whether to skip checks
- and create the partition if a partition or filesystem
- is found on the device. Use with caution. Default
- is 'false'.
- type: boolean
- tableType:
- description: 'TableType specifies the tupe of partition
- table. The following are supported: ''mbr'': default
- and setups a MS-DOS partition table ''gpt'': setups
- a GPT partition table'
- type: string
- required:
- - device
- - layout
- type: object
- type: array
- type: object
- files:
- description: Files specifies extra files to be passed to user_data
- upon creation.
- items:
- description: File defines the input for generating write_files
- in cloud-init.
- properties:
- content:
- description: Content is the actual content of the file.
- type: string
- contentFrom:
- description: ContentFrom is a referenced source of content
- to populate the file.
- properties:
- secret:
- description: Secret represents a secret that should
- populate this file.
- properties:
- key:
- description: Key is the key in the secret's data
- map for this value.
- type: string
- name:
- description: Name of the secret in the KubeadmBootstrapConfig's
- namespace to use.
- type: string
- required:
- - key
- - name
- type: object
- required:
- - secret
- type: object
- encoding:
- description: Encoding specifies the encoding of the file
- contents.
- enum:
- - base64
- - gzip
- - gzip+base64
- type: string
- owner:
- description: Owner specifies the ownership of the file,
- e.g. "root:root".
- type: string
- path:
- description: Path specifies the full path on disk where
- to store the file.
- type: string
- permissions:
- description: Permissions specifies the permissions to assign
- to the file, e.g. "0640".
- type: string
- required:
- - path
- type: object
- type: array
- format:
- description: Format specifies the output format of the bootstrap
- data
- enum:
- - cloud-config
- type: string
- initConfiguration:
- description: InitConfiguration along with ClusterConfiguration
- are the configurations necessary for the init command
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this
- representation of an object. Servers should convert recognized
- schemas to the latest internal value, and may reject unrecognized
- values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- bootstrapTokens:
- description: BootstrapTokens is respected at `kubeadm init`
- time and describes a set of Bootstrap Tokens to create.
- This information IS NOT uploaded to the kubeadm cluster
- configmap, partly because of its sensitive nature
- items:
- description: BootstrapToken describes one bootstrap token,
- stored as a Secret in the cluster.
- properties:
- description:
- description: Description sets a human-friendly message
- why this token exists and what it's used for, so other
- administrators can know its purpose.
- type: string
- expires:
- description: Expires specifies the timestamp when this
- token expires. Defaults to being set dynamically at
- runtime based on the TTL. Expires and TTL are mutually
- exclusive.
- format: date-time
- type: string
- groups:
- description: Groups specifies the extra groups that
- this token will authenticate as when/if used for authentication
- items:
- type: string
- type: array
- token:
- description: Token is used for establishing bidirectional
- trust between nodes and control-planes. Used for joining
- nodes in the cluster.
- type: string
- ttl:
- description: TTL defines the time to live for this token.
- Defaults to 24h. Expires and TTL are mutually exclusive.
- type: string
- usages:
- description: Usages describes the ways in which this
- token can be used. Can by default be used for establishing
- bidirectional trust, but that can be changed here.
- items:
- type: string
- type: array
- required:
- - token
- type: object
- type: array
- kind:
- description: 'Kind is a string value representing the REST
- resource this object represents. Servers may infer this
- from the endpoint the client submits requests to. Cannot
- be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- localAPIEndpoint:
- description: LocalAPIEndpoint represents the endpoint of the
- API server instance that's deployed on this control plane
- node In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint
- in the sense that ControlPlaneEndpoint is the global endpoint
- for the cluster, which then loadbalances the requests to
- each individual API server. This configuration object lets
- you customize what IP/DNS name and port the local API server
- advertises it's accessible on. By default, kubeadm tries
- to auto-detect the IP of the default interface and use that,
- but in case that process fails you may set the desired value
- here.
- properties:
- advertiseAddress:
- description: AdvertiseAddress sets the IP address for
- the API server to advertise.
- type: string
- bindPort:
- description: BindPort sets the secure port for the API
- Server to bind to. Defaults to 6443.
- format: int32
- type: integer
- type: object
- nodeRegistration:
- description: NodeRegistration holds fields that relate to
- registering the new control-plane node to the cluster. When
- used in the context of control plane nodes, NodeRegistration
- should remain consistent across both InitConfiguration and
- JoinConfiguration
- properties:
- criSocket:
- description: CRISocket is used to retrieve container runtime
- info. This information will be annotated to the Node
- API object, for later re-use
- type: string
- ignorePreflightErrors:
- description: IgnorePreflightErrors provides a slice of
- pre-flight errors to be ignored when the current node
- is registered.
- items:
- type: string
- type: array
- kubeletExtraArgs:
- additionalProperties:
- type: string
- description: KubeletExtraArgs passes through extra arguments
- to the kubelet. The arguments here are passed to the
- kubelet command line via the environment file kubeadm
- writes at runtime for the kubelet to source. This overrides
- the generic base-level configuration in the kubelet-config-1.X
- ConfigMap Flags have higher priority when parsing. These
- values are local and specific to the node kubeadm is
- executing on.
- type: object
- name:
- description: Name is the `.Metadata.Name` field of the
- Node API object that will be created in this `kubeadm
- init` or `kubeadm join` operation. This field is also
- used in the CommonName field of the kubelet's client
- certificate to the API server. Defaults to the hostname
- of the node if not provided.
- type: string
- taints:
- description: 'Taints specifies the taints the Node API
- object should be registered with. If this field is unset,
- i.e. nil, in the `kubeadm init` process it will be defaulted
- to []v1.Taint{''node-role.kubernetes.io/master=""''}.
- If you don''t want to taint your control-plane node,
- set this field to an empty slice, i.e. `taints: {}`
- in the YAML file. This field is solely used for Node
- registration.'
- items:
- description: The node this Taint is attached to has
- the "effect" on any pod that does not tolerate the
- Taint.
- properties:
- effect:
- description: Required. The effect of the taint on
- pods that do not tolerate the taint. Valid effects
- are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Required. The taint key to be applied
- to a node.
- type: string
- timeAdded:
- description: TimeAdded represents the time at which
- the taint was added. It is only written for NoExecute
- taints.
- format: date-time
- type: string
- value:
- description: The taint value corresponding to the
- taint key.
- type: string
- required:
- - effect
- - key
- type: object
- type: array
- type: object
- type: object
- joinConfiguration:
- description: JoinConfiguration is the kubeadm configuration for
- the join command
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this
- representation of an object. Servers should convert recognized
- schemas to the latest internal value, and may reject unrecognized
- values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- caCertPath:
- description: 'CACertPath is the path to the SSL certificate
- authority used to secure comunications between node and
- control-plane. Defaults to "/etc/kubernetes/pki/ca.crt".
- TODO: revisit when there is defaulting from k/k'
- type: string
- controlPlane:
- description: ControlPlane defines the additional control plane
- instance to be deployed on the joining node. If nil, no
- additional control plane instance will be deployed.
- properties:
- localAPIEndpoint:
- description: LocalAPIEndpoint represents the endpoint
- of the API server instance to be deployed on this node.
- properties:
- advertiseAddress:
- description: AdvertiseAddress sets the IP address
- for the API server to advertise.
- type: string
- bindPort:
- description: BindPort sets the secure port for the
- API Server to bind to. Defaults to 6443.
- format: int32
- type: integer
- type: object
- type: object
- discovery:
- description: 'Discovery specifies the options for the kubelet
- to use during the TLS Bootstrap process TODO: revisit when
- there is defaulting from k/k'
- properties:
- bootstrapToken:
- description: BootstrapToken is used to set the options
- for bootstrap token based discovery BootstrapToken and
- File are mutually exclusive
- properties:
- apiServerEndpoint:
- description: APIServerEndpoint is an IP or domain
- name to the API server from which info will be fetched.
- type: string
- caCertHashes:
- description: 'CACertHashes specifies a set of public
- key pins to verify when token-based discovery is
- used. The root CA found during discovery must match
- one of these values. Specifying an empty set disables
- root CA pinning, which can be unsafe. Each hash
- is specified as "<type>:<value>", where the only
- currently supported type is "sha256". This is a
- hex-encoded SHA-256 hash of the Subject Public Key
- Info (SPKI) object in DER-encoded ASN.1. These hashes
- can be calculated using, for example, OpenSSL: openssl
- x509 -pubkey -in ca.crt openssl rsa -pubin -outform
- der 2>&/dev/null | openssl dgst -sha256 -hex'
- items:
- type: string
- type: array
- token:
- description: Token is a token used to validate cluster
- information fetched from the control-plane.
- type: string
- unsafeSkipCAVerification:
- description: UnsafeSkipCAVerification allows token-based
- discovery without CA verification via CACertHashes.
- This can weaken the security of kubeadm since other
- nodes can impersonate the control-plane.
- type: boolean
- required:
- - token
- type: object
- file:
- description: File is used to specify a file or URL to
- a kubeconfig file from which to load cluster information
- BootstrapToken and File are mutually exclusive
- properties:
- kubeConfigPath:
- description: KubeConfigPath is used to specify the
- actual file path or URL to the kubeconfig file from
- which to load cluster information
- type: string
- required:
- - kubeConfigPath
- type: object
- timeout:
- description: Timeout modifies the discovery timeout
- type: string
- tlsBootstrapToken:
- description: TLSBootstrapToken is a token used for TLS
- bootstrapping. If .BootstrapToken is set, this field
- is defaulted to .BootstrapToken.Token, but can be overridden.
- If .File is set, this field **must be set** in case
- the KubeConfigFile does not contain any other authentication
- information
- type: string
- type: object
- kind:
- description: 'Kind is a string value representing the REST
- resource this object represents. Servers may infer this
- from the endpoint the client submits requests to. Cannot
- be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- nodeRegistration:
- description: NodeRegistration holds fields that relate to
- registering the new control-plane node to the cluster. When
- used in the context of control plane nodes, NodeRegistration
- should remain consistent across both InitConfiguration and
- JoinConfiguration
- properties:
- criSocket:
- description: CRISocket is used to retrieve container runtime
- info. This information will be annotated to the Node
- API object, for later re-use
- type: string
- ignorePreflightErrors:
- description: IgnorePreflightErrors provides a slice of
- pre-flight errors to be ignored when the current node
- is registered.
- items:
- type: string
- type: array
- kubeletExtraArgs:
- additionalProperties:
- type: string
- description: KubeletExtraArgs passes through extra arguments
- to the kubelet. The arguments here are passed to the
- kubelet command line via the environment file kubeadm
- writes at runtime for the kubelet to source. This overrides
- the generic base-level configuration in the kubelet-config-1.X
- ConfigMap Flags have higher priority when parsing. These
- values are local and specific to the node kubeadm is
- executing on.
- type: object
- name:
- description: Name is the `.Metadata.Name` field of the
- Node API object that will be created in this `kubeadm
- init` or `kubeadm join` operation. This field is also
- used in the CommonName field of the kubelet's client
- certificate to the API server. Defaults to the hostname
- of the node if not provided.
- type: string
- taints:
- description: 'Taints specifies the taints the Node API
- object should be registered with. If this field is unset,
- i.e. nil, in the `kubeadm init` process it will be defaulted
- to []v1.Taint{''node-role.kubernetes.io/master=""''}.
- If you don''t want to taint your control-plane node,
- set this field to an empty slice, i.e. `taints: {}`
- in the YAML file. This field is solely used for Node
- registration.'
- items:
- description: The node this Taint is attached to has
- the "effect" on any pod that does not tolerate the
- Taint.
- properties:
- effect:
- description: Required. The effect of the taint on
- pods that do not tolerate the taint. Valid effects
- are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Required. The taint key to be applied
- to a node.
- type: string
- timeAdded:
- description: TimeAdded represents the time at which
- the taint was added. It is only written for NoExecute
- taints.
- format: date-time
- type: string
- value:
- description: The taint value corresponding to the
- taint key.
- type: string
- required:
- - effect
- - key
- type: object
- type: array
- type: object
- type: object
- mounts:
- description: Mounts specifies a list of mount points to be setup.
- items:
- description: MountPoints defines input for generated mounts
- in cloud-init.
- items:
- type: string
- type: array
- type: array
- ntp:
- description: NTP specifies NTP configuration
- properties:
- enabled:
- description: Enabled specifies whether NTP should be enabled
- type: boolean
- servers:
- description: Servers specifies which NTP servers to use
- items:
- type: string
- type: array
- type: object
- postKubeadmCommands:
- description: PostKubeadmCommands specifies extra commands to run
- after kubeadm runs
- items:
- type: string
- type: array
- preKubeadmCommands:
- description: PreKubeadmCommands specifies extra commands to run
- before kubeadm runs
- items:
- type: string
- type: array
- useExperimentalRetryJoin:
- description: "UseExperimentalRetryJoin replaces a basic kubeadm
- command with a shell script with retries for joins. \n This
- is meant to be an experimental temporary workaround on some
- environments where joins fail due to timing (and other issues).
- The long term goal is to add retries to kubeadm proper and use
- that functionality. \n This will add about 40KB to userdata
- \n For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055."
- type: boolean
- users:
- description: Users specifies extra users to add
- items:
- description: User defines the input for a generated user in
- cloud-init.
- properties:
- gecos:
- description: Gecos specifies the gecos to use for the user
- type: string
- groups:
- description: Groups specifies the additional groups for
- the user
- type: string
- homeDir:
- description: HomeDir specifies the home directory to use
- for the user
- type: string
- inactive:
- description: Inactive specifies whether to mark the user
- as inactive
- type: boolean
- lockPassword:
- description: LockPassword specifies if password login should
- be disabled
- type: boolean
- name:
- description: Name specifies the user name
- type: string
- passwd:
- description: Passwd specifies a hashed password for the
- user
- type: string
- primaryGroup:
- description: PrimaryGroup specifies the primary group for
- the user
- type: string
- shell:
- description: Shell specifies the user's shell
- type: string
- sshAuthorizedKeys:
- description: SSHAuthorizedKeys specifies a list of ssh authorized
- keys for the user
- items:
- type: string
- type: array
- sudo:
- description: Sudo specifies a sudo role for the user
- type: string
- required:
- - name
- type: object
- type: array
- verbosity:
- description: Verbosity is the number for the kubeadm log level
- verbosity. It overrides the `--v` flag in kubeadm commands.
- format: int32
- type: integer
- type: object
- machineTemplate:
- description: MachineTemplate contains information about how machines
- should be shaped when creating or updating a control plane.
- properties:
- infrastructureRef:
- description: InfrastructureRef is a required reference to a custom
- resource offered by an infrastructure provider.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object instead
- of an entire object, this string should contain a valid
- JSON/Go field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container within
- a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container that triggered
- the event) or if no container name is specified "spec.containers[2]"
- (container with index 2 in this pod). This syntax is chosen
- only to have some well-defined way of referencing a part
- of an object. TODO: this design is not final and this field
- is subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this reference
- is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- metadata:
- description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata'
- properties:
- annotations:
- additionalProperties:
- type: string
- description: 'Annotations is an unstructured key value map
- stored with a resource that may be set by external tools
- to store and retrieve arbitrary metadata. They are not queryable
- and should be preserved when modifying objects. More info:
- http://kubernetes.io/docs/user-guide/annotations'
- type: object
- labels:
- additionalProperties:
- type: string
- description: 'Map of string keys and values that can be used
- to organize and categorize (scope and select) objects. May
- match selectors of replication controllers and services.
- More info: http://kubernetes.io/docs/user-guide/labels'
- type: object
- type: object
- nodeDrainTimeout:
- description: 'NodeDrainTimeout is the total amount of time that
- the controller will spend on draining a controlplane node The
- default value is 0, meaning that the node can be drained without
- any time limitations. NOTE: NodeDrainTimeout is different from
- `kubectl drain --timeout`'
- type: string
- required:
- - infrastructureRef
- type: object
- replicas:
- description: Number of desired machines. Defaults to 1. When stacked
- etcd is used only odd numbers are permitted, as per [etcd best practice](https://etcd.io/docs/v3.3.12/faq/#why-an-odd-number-of-cluster-members).
- This is a pointer to distinguish between explicit zero and not specified.
- format: int32
- type: integer
- rolloutAfter:
- description: RolloutAfter is a field to indicate a rollout should
- be performed after the specified time even if no changes have been
- made to the KubeadmControlPlane.
- format: date-time
- type: string
- rolloutStrategy:
- default:
- rollingUpdate:
- maxSurge: 1
- type: RollingUpdate
- description: The RolloutStrategy to use to replace control plane machines
- with new ones.
- properties:
- rollingUpdate:
- description: Rolling update config params. Present only if RolloutStrategyType
- = RollingUpdate.
- properties:
- maxSurge:
- anyOf:
- - type: integer
- - type: string
- description: 'The maximum number of control planes that can
- be scheduled above or under the desired number of control
- planes. Value can be an absolute number 1 or 0. Defaults
- to 1. Example: when this is set to 1, the control plane
- can be scaled up immediately when the rolling update starts.'
- x-kubernetes-int-or-string: true
- type: object
- type:
- description: Type of rollout. Currently the only supported strategy
- is "RollingUpdate". Default is RollingUpdate.
- type: string
- type: object
- version:
- description: Version defines the desired Kubernetes version.
- type: string
- required:
- - kubeadmConfigSpec
- - machineTemplate
- - version
- type: object
- status:
- description: KubeadmControlPlaneStatus defines the observed state of KubeadmControlPlane.
- properties:
- conditions:
- description: Conditions defines current service state of the KubeadmControlPlane.
- items:
- description: Condition defines an observation of a Cluster API resource
- operational state.
- properties:
- lastTransitionTime:
- description: Last time the condition transitioned from one status
- to another. This should be when the underlying condition changed.
- If that is not known, then using the time when the API field
- changed is acceptable.
- format: date-time
- type: string
- message:
- description: A human readable message indicating details about
- the transition. This field may be empty.
- type: string
- reason:
- description: The reason for the condition's last transition
- in CamelCase. The specific API may choose whether or not this
- field is considered a guaranteed API. This field may not be
- empty.
- type: string
- severity:
- description: Severity provides an explicit classification of
- Reason code, so the users or machines can immediately understand
- the current situation and act accordingly. The Severity field
- MUST be set only when Status=False.
- type: string
- status:
- description: Status of the condition, one of True, False, Unknown.
- type: string
- type:
- description: Type of condition in CamelCase or in foo.example.com/CamelCase.
- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important.
- type: string
- required:
- - status
- - type
- type: object
- type: array
- failureMessage:
- description: ErrorMessage indicates that there is a terminal problem
- reconciling the state, and will be set to a descriptive error message.
- type: string
- failureReason:
- description: FailureReason indicates that there is a terminal problem
- reconciling the state, and will be set to a token value suitable
- for programmatic interpretation.
- type: string
- initialized:
- description: Initialized denotes whether or not the control plane
- has the uploaded kubeadm-config configmap.
- type: boolean
- observedGeneration:
- description: ObservedGeneration is the latest generation observed
- by the controller.
- format: int64
- type: integer
- ready:
- description: Ready denotes that the KubeadmControlPlane API Server
- is ready to receive requests.
- type: boolean
- readyReplicas:
- description: Total number of fully running and ready control plane
- machines.
- format: int32
- type: integer
- replicas:
- description: Total number of non-terminated machines targeted by this
- control plane (their labels match the selector).
- format: int32
- type: integer
- selector:
- description: 'Selector is the label selector in string format to avoid
- introspection by clients, and is used to provide the CRD-based integration
- for the scale subresource and additional integrations for things
- like kubectl describe.. The string will be in the same format as
- the query-param syntax. More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors'
- type: string
- unavailableReplicas:
- description: Total number of unavailable machines targeted by this
- control plane. This is the total number of machines that are still
- required for the deployment to have 100% available capacity. They
- may either be machines that are running but not yet ready or machines
- that still have not been created.
- format: int32
- type: integer
- updatedReplicas:
- description: Total number of non-terminated machines targeted by this
- control plane that have the desired template spec.
- format: int32
- type: integer
- version:
- description: Version represents the minimum Kubernetes version for
- the control plane machines in the cluster.
- type: string
- type: object
- type: object
- served: true
- storage: false
- subresources:
- scale:
- labelSelectorPath: .status.selector
- specReplicasPath: .spec.replicas
- statusReplicasPath: .status.replicas
- status: {}
- - additionalPrinterColumns:
- - description: Cluster
- jsonPath: .metadata.labels['cluster\.x-k8s\.io/cluster-name']
- name: Cluster
- type: string
- - description: This denotes whether or not the control plane has the uploaded
- kubeadm-config configmap
- jsonPath: .status.initialized
- name: Initialized
- type: boolean
- - description: KubeadmControlPlane API Server is ready to receive requests
- jsonPath: .status.ready
- name: API Server Available
- type: boolean
- - description: Total number of machines desired by this control plane
- jsonPath: .spec.replicas
- name: Desired
- priority: 10
- type: integer
- - description: Total number of non-terminated machines targeted by this control
- plane
- jsonPath: .status.replicas
- name: Replicas
- type: integer
- - description: Total number of fully running and ready control plane machines
- jsonPath: .status.readyReplicas
- name: Ready
- type: integer
- - description: Total number of non-terminated machines targeted by this control
- plane that have the desired template spec
- jsonPath: .status.updatedReplicas
- name: Updated
- type: integer
- - description: Total number of unavailable machines targeted by this control plane
- jsonPath: .status.unavailableReplicas
- name: Unavailable
- type: integer
- - description: Time duration since creation of KubeadmControlPlane
- jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- - description: Kubernetes version associated with this control plane
- jsonPath: .spec.version
- name: Version
- type: string
- name: v1beta1
- schema:
- openAPIV3Schema:
- description: KubeadmControlPlane is the Schema for the KubeadmControlPlane
- API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: KubeadmControlPlaneSpec defines the desired state of KubeadmControlPlane.
- properties:
- kubeadmConfigSpec:
- description: KubeadmConfigSpec is a KubeadmConfigSpec to use for initializing
- and joining machines to the control plane.
- properties:
- clusterConfiguration:
- description: ClusterConfiguration along with InitConfiguration
- are the configurations necessary for the init command
- properties:
- apiServer:
- description: APIServer contains extra settings for the API
- server control plane component
- properties:
- certSANs:
- description: CertSANs sets extra Subject Alternative Names
- for the API Server signing cert.
- items:
- type: string
- type: array
- extraArgs:
- additionalProperties:
- type: string
- description: 'ExtraArgs is an extra set of flags to pass
- to the control plane component. TODO: This is temporary
- and ideally we would like to switch all components to
- use ComponentConfig + ConfigMaps.'
- type: object
- extraVolumes:
- description: ExtraVolumes is an extra set of host volumes,
- mounted to the control plane component.
- items:
- description: HostPathMount contains elements describing
- volumes that are mounted from the host.
- properties:
- hostPath:
- description: HostPath is the path in the host that
- will be mounted inside the pod.
- type: string
- mountPath:
- description: MountPath is the path inside the pod
- where hostPath will be mounted.
- type: string
- name:
- description: Name of the volume inside the pod template.
- type: string
- pathType:
- description: PathType is the type of the HostPath.
- type: string
- readOnly:
- description: ReadOnly controls write access to the
- volume
- type: boolean
- required:
- - hostPath
- - mountPath
- - name
- type: object
- type: array
- timeoutForControlPlane:
- description: TimeoutForControlPlane controls the timeout
- that we use for API server to appear
- type: string
- type: object
- apiVersion:
- description: 'APIVersion defines the versioned schema of this
- representation of an object. Servers should convert recognized
- schemas to the latest internal value, and may reject unrecognized
- values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- certificatesDir:
- description: 'CertificatesDir specifies where to store or
- look for all required certificates. NB: if not provided,
- this will default to `/etc/kubernetes/pki`'
- type: string
- clusterName:
- description: The cluster name
- type: string
- controlPlaneEndpoint:
- description: 'ControlPlaneEndpoint sets a stable IP address
- or DNS name for the control plane; it can be a valid IP
- address or a RFC-1123 DNS subdomain, both with optional
- TCP port. In case the ControlPlaneEndpoint is not specified,
- the AdvertiseAddress + BindPort are used; in case the ControlPlaneEndpoint
- is specified but without a TCP port, the BindPort is used.
- Possible usages are: e.g. In a cluster with more than one
- control plane instances, this field should be assigned the
- address of the external load balancer in front of the control
- plane instances. e.g. in environments with enforced node
- recycling, the ControlPlaneEndpoint could be used for assigning
- a stable DNS to the control plane. NB: This value defaults
- to the first value in the Cluster object status.apiEndpoints
- array.'
- type: string
- controllerManager:
- description: ControllerManager contains extra settings for
- the controller manager control plane component
- properties:
- extraArgs:
- additionalProperties:
- type: string
- description: 'ExtraArgs is an extra set of flags to pass
- to the control plane component. TODO: This is temporary
- and ideally we would like to switch all components to
- use ComponentConfig + ConfigMaps.'
- type: object
- extraVolumes:
- description: ExtraVolumes is an extra set of host volumes,
- mounted to the control plane component.
- items:
- description: HostPathMount contains elements describing
- volumes that are mounted from the host.
- properties:
- hostPath:
- description: HostPath is the path in the host that
- will be mounted inside the pod.
- type: string
- mountPath:
- description: MountPath is the path inside the pod
- where hostPath will be mounted.
- type: string
- name:
- description: Name of the volume inside the pod template.
- type: string
- pathType:
- description: PathType is the type of the HostPath.
- type: string
- readOnly:
- description: ReadOnly controls write access to the
- volume
- type: boolean
- required:
- - hostPath
- - mountPath
- - name
- type: object
- type: array
- type: object
- dns:
- description: DNS defines the options for the DNS add-on installed
- in the cluster.
- properties:
- imageRepository:
- description: ImageRepository sets the container registry
- to pull images from. if not set, the ImageRepository
- defined in ClusterConfiguration will be used instead.
- type: string
- imageTag:
- description: ImageTag allows to specify a tag for the
- image. In case this value is set, kubeadm does not change
- automatically the version of the above components during
- upgrades.
- type: string
- type: object
- etcd:
- description: 'Etcd holds configuration for etcd. NB: This
- value defaults to a Local (stacked) etcd'
- properties:
- external:
- description: External describes how to connect to an external
- etcd cluster Local and External are mutually exclusive
- properties:
- caFile:
- description: CAFile is an SSL Certificate Authority
- file used to secure etcd communication. Required
- if using a TLS connection.
- type: string
- certFile:
- description: CertFile is an SSL certification file
- used to secure etcd communication. Required if using
- a TLS connection.
- type: string
- endpoints:
- description: Endpoints of etcd members. Required for
- ExternalEtcd.
- items:
- type: string
- type: array
- keyFile:
- description: KeyFile is an SSL key file used to secure
- etcd communication. Required if using a TLS connection.
- type: string
- required:
- - caFile
- - certFile
- - endpoints
- - keyFile
- type: object
- local:
- description: Local provides configuration knobs for configuring
- the local etcd instance Local and External are mutually
- exclusive
- properties:
- dataDir:
- description: DataDir is the directory etcd will place
- its data. Defaults to "/var/lib/etcd".
- type: string
- extraArgs:
- additionalProperties:
- type: string
- description: ExtraArgs are extra arguments provided
- to the etcd binary when run inside a static pod.
- type: object
- imageRepository:
- description: ImageRepository sets the container registry
- to pull images from. if not set, the ImageRepository
- defined in ClusterConfiguration will be used instead.
- type: string
- imageTag:
- description: ImageTag allows to specify a tag for
- the image. In case this value is set, kubeadm does
- not change automatically the version of the above
- components during upgrades.
- type: string
- peerCertSANs:
- description: PeerCertSANs sets extra Subject Alternative
- Names for the etcd peer signing cert.
- items:
- type: string
- type: array
- serverCertSANs:
- description: ServerCertSANs sets extra Subject Alternative
- Names for the etcd server signing cert.
- items:
- type: string
- type: array
- type: object
- type: object
- featureGates:
- additionalProperties:
- type: boolean
- description: FeatureGates enabled by the user.
- type: object
- imageRepository:
- description: ImageRepository sets the container registry to
- pull images from. If empty, `registry.k8s.io` will be used
- by default; in case of kubernetes version is a CI build
- (kubernetes version starts with `ci/` or `ci-cross/`) `gcr.io/k8s-staging-ci-images`
- will be used as a default for control plane components and
- for kube-proxy, while `registry.k8s.io` will be used for
- all the other images.
- type: string
- kind:
- description: 'Kind is a string value representing the REST
- resource this object represents. Servers may infer this
- from the endpoint the client submits requests to. Cannot
- be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- kubernetesVersion:
- description: 'KubernetesVersion is the target version of the
- control plane. NB: This value defaults to the Machine object
- spec.version'
- type: string
- networking:
- description: 'Networking holds configuration for the networking
- topology of the cluster. NB: This value defaults to the
- Cluster object spec.clusterNetwork.'
- properties:
- dnsDomain:
- description: DNSDomain is the dns domain used by k8s services.
- Defaults to "cluster.local".
- type: string
- podSubnet:
- description: PodSubnet is the subnet used by pods. If
- unset, the API server will not allocate CIDR ranges
- for every node. Defaults to a comma-delimited string
- of the Cluster object's spec.clusterNetwork.services.cidrBlocks
- if that is set
- type: string
- serviceSubnet:
- description: ServiceSubnet is the subnet used by k8s services.
- Defaults to a comma-delimited string of the Cluster
- object's spec.clusterNetwork.pods.cidrBlocks, or to
- "10.96.0.0/12" if that's unset.
- type: string
- type: object
- scheduler:
- description: Scheduler contains extra settings for the scheduler
- control plane component
- properties:
- extraArgs:
- additionalProperties:
- type: string
- description: 'ExtraArgs is an extra set of flags to pass
- to the control plane component. TODO: This is temporary
- and ideally we would like to switch all components to
- use ComponentConfig + ConfigMaps.'
- type: object
- extraVolumes:
- description: ExtraVolumes is an extra set of host volumes,
- mounted to the control plane component.
- items:
- description: HostPathMount contains elements describing
- volumes that are mounted from the host.
- properties:
- hostPath:
- description: HostPath is the path in the host that
- will be mounted inside the pod.
- type: string
- mountPath:
- description: MountPath is the path inside the pod
- where hostPath will be mounted.
- type: string
- name:
- description: Name of the volume inside the pod template.
- type: string
- pathType:
- description: PathType is the type of the HostPath.
- type: string
- readOnly:
- description: ReadOnly controls write access to the
- volume
- type: boolean
- required:
- - hostPath
- - mountPath
- - name
- type: object
- type: array
- type: object
- type: object
- diskSetup:
- description: DiskSetup specifies options for the creation of partition
- tables and file systems on devices.
- properties:
- filesystems:
- description: Filesystems specifies the list of file systems
- to setup.
- items:
- description: Filesystem defines the file systems to be created.
- properties:
- device:
- description: Device specifies the device name
- type: string
- extraOpts:
- description: ExtraOpts defined extra options to add
- to the command for creating the file system.
- items:
- type: string
- type: array
- filesystem:
- description: Filesystem specifies the file system type.
- type: string
- label:
- description: Label specifies the file system label to
- be used. If set to None, no label is used.
- type: string
- overwrite:
- description: Overwrite defines whether or not to overwrite
- any existing filesystem. If true, any pre-existing
- file system will be destroyed. Use with Caution.
- type: boolean
- partition:
- description: 'Partition specifies the partition to use.
- The valid options are: "auto|any", "auto", "any",
- "none", and <NUM>, where NUM is the actual partition
- number.'
- type: string
- replaceFS:
- description: 'ReplaceFS is a special directive, used
- for Microsoft Azure that instructs cloud-init to replace
- a file system of <FS_TYPE>. NOTE: unless you define
- a label, this requires the use of the ''any'' partition
- directive.'
- type: string
- required:
- - device
- - filesystem
- - label
- type: object
- type: array
- partitions:
- description: Partitions specifies the list of the partitions
- to setup.
- items:
- description: Partition defines how to create and layout
- a partition.
- properties:
- device:
- description: Device is the name of the device.
- type: string
- layout:
- description: Layout specifies the device layout. If
- it is true, a single partition will be created for
- the entire device. When layout is false, it means
- don't partition or ignore existing partitioning.
- type: boolean
- overwrite:
- description: Overwrite describes whether to skip checks
- and create the partition if a partition or filesystem
- is found on the device. Use with caution. Default
- is 'false'.
- type: boolean
- tableType:
- description: 'TableType specifies the tupe of partition
- table. The following are supported: ''mbr'': default
- and setups a MS-DOS partition table ''gpt'': setups
- a GPT partition table'
- type: string
- required:
- - device
- - layout
- type: object
- type: array
- type: object
- files:
- description: Files specifies extra files to be passed to user_data
- upon creation.
- items:
- description: File defines the input for generating write_files
- in cloud-init.
- properties:
- append:
- description: Append specifies whether to append Content
- to existing file if Path exists.
- type: boolean
- content:
- description: Content is the actual content of the file.
- type: string
- contentFrom:
- description: ContentFrom is a referenced source of content
- to populate the file.
- properties:
- secret:
- description: Secret represents a secret that should
- populate this file.
- properties:
- key:
- description: Key is the key in the secret's data
- map for this value.
- type: string
- name:
- description: Name of the secret in the KubeadmBootstrapConfig's
- namespace to use.
- type: string
- required:
- - key
- - name
- type: object
- required:
- - secret
- type: object
- encoding:
- description: Encoding specifies the encoding of the file
- contents.
- enum:
- - base64
- - gzip
- - gzip+base64
- type: string
- owner:
- description: Owner specifies the ownership of the file,
- e.g. "root:root".
- type: string
- path:
- description: Path specifies the full path on disk where
- to store the file.
- type: string
- permissions:
- description: Permissions specifies the permissions to assign
- to the file, e.g. "0640".
- type: string
- required:
- - path
- type: object
- type: array
- format:
- description: Format specifies the output format of the bootstrap
- data
- enum:
- - cloud-config
- - ignition
- type: string
- ignition:
- description: Ignition contains Ignition specific configuration.
- properties:
- containerLinuxConfig:
- description: ContainerLinuxConfig contains CLC specific configuration.
- properties:
- additionalConfig:
- description: "AdditionalConfig contains additional configuration
- to be merged with the Ignition configuration generated
- by the bootstrapper controller. More info: https://coreos.github.io/ignition/operator-notes/#config-merging
- \n The data format is documented here: https://kinvolk.io/docs/flatcar-container-linux/latest/provisioning/cl-config/"
- type: string
- strict:
- description: Strict controls if AdditionalConfig should
- be strictly parsed. If so, warnings are treated as errors.
- type: boolean
- type: object
- type: object
- initConfiguration:
- description: InitConfiguration along with ClusterConfiguration
- are the configurations necessary for the init command
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this
- representation of an object. Servers should convert recognized
- schemas to the latest internal value, and may reject unrecognized
- values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- bootstrapTokens:
- description: BootstrapTokens is respected at `kubeadm init`
- time and describes a set of Bootstrap Tokens to create.
- This information IS NOT uploaded to the kubeadm cluster
- configmap, partly because of its sensitive nature
- items:
- description: BootstrapToken describes one bootstrap token,
- stored as a Secret in the cluster.
- properties:
- description:
- description: Description sets a human-friendly message
- why this token exists and what it's used for, so other
- administrators can know its purpose.
- type: string
- expires:
- description: Expires specifies the timestamp when this
- token expires. Defaults to being set dynamically at
- runtime based on the TTL. Expires and TTL are mutually
- exclusive.
- format: date-time
- type: string
- groups:
- description: Groups specifies the extra groups that
- this token will authenticate as when/if used for authentication
- items:
- type: string
- type: array
- token:
- description: Token is used for establishing bidirectional
- trust between nodes and control-planes. Used for joining
- nodes in the cluster.
- type: string
- ttl:
- description: TTL defines the time to live for this token.
- Defaults to 24h. Expires and TTL are mutually exclusive.
- type: string
- usages:
- description: Usages describes the ways in which this
- token can be used. Can by default be used for establishing
- bidirectional trust, but that can be changed here.
- items:
- type: string
- type: array
- required:
- - token
- type: object
- type: array
- kind:
- description: 'Kind is a string value representing the REST
- resource this object represents. Servers may infer this
- from the endpoint the client submits requests to. Cannot
- be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- localAPIEndpoint:
- description: LocalAPIEndpoint represents the endpoint of the
- API server instance that's deployed on this control plane
- node In HA setups, this differs from ClusterConfiguration.ControlPlaneEndpoint
- in the sense that ControlPlaneEndpoint is the global endpoint
- for the cluster, which then loadbalances the requests to
- each individual API server. This configuration object lets
- you customize what IP/DNS name and port the local API server
- advertises it's accessible on. By default, kubeadm tries
- to auto-detect the IP of the default interface and use that,
- but in case that process fails you may set the desired value
- here.
- properties:
- advertiseAddress:
- description: AdvertiseAddress sets the IP address for
- the API server to advertise.
- type: string
- bindPort:
- description: BindPort sets the secure port for the API
- Server to bind to. Defaults to 6443.
- format: int32
- type: integer
- type: object
- nodeRegistration:
- description: NodeRegistration holds fields that relate to
- registering the new control-plane node to the cluster. When
- used in the context of control plane nodes, NodeRegistration
- should remain consistent across both InitConfiguration and
- JoinConfiguration
- properties:
- criSocket:
- description: CRISocket is used to retrieve container runtime
- info. This information will be annotated to the Node
- API object, for later re-use
- type: string
- ignorePreflightErrors:
- description: IgnorePreflightErrors provides a slice of
- pre-flight errors to be ignored when the current node
- is registered.
- items:
- type: string
- type: array
- kubeletExtraArgs:
- additionalProperties:
- type: string
- description: KubeletExtraArgs passes through extra arguments
- to the kubelet. The arguments here are passed to the
- kubelet command line via the environment file kubeadm
- writes at runtime for the kubelet to source. This overrides
- the generic base-level configuration in the kubelet-config-1.X
- ConfigMap Flags have higher priority when parsing. These
- values are local and specific to the node kubeadm is
- executing on.
- type: object
- name:
- description: Name is the `.Metadata.Name` field of the
- Node API object that will be created in this `kubeadm
- init` or `kubeadm join` operation. This field is also
- used in the CommonName field of the kubelet's client
- certificate to the API server. Defaults to the hostname
- of the node if not provided.
- type: string
- taints:
- description: 'Taints specifies the taints the Node API
- object should be registered with. If this field is unset,
- i.e. nil, in the `kubeadm init` process it will be defaulted
- to []v1.Taint{''node-role.kubernetes.io/master=""''}.
- If you don''t want to taint your control-plane node,
- set this field to an empty slice, i.e. `taints: []`
- in the YAML file. This field is solely used for Node
- registration.'
- items:
- description: The node this Taint is attached to has
- the "effect" on any pod that does not tolerate the
- Taint.
- properties:
- effect:
- description: Required. The effect of the taint on
- pods that do not tolerate the taint. Valid effects
- are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Required. The taint key to be applied
- to a node.
- type: string
- timeAdded:
- description: TimeAdded represents the time at which
- the taint was added. It is only written for NoExecute
- taints.
- format: date-time
- type: string
- value:
- description: The taint value corresponding to the
- taint key.
- type: string
- required:
- - effect
- - key
- type: object
- type: array
- type: object
- patches:
- description: Patches contains options related to applying
- patches to components deployed by kubeadm during "kubeadm
- init". The minimum kubernetes version needed to support
- Patches is v1.22
- properties:
- directory:
- description: Directory is a path to a directory that contains
- files named "target[suffix][+patchtype].extension".
- For example, "kube-apiserver0+merge.yaml" or just "etcd.json".
- "target" can be one of "kube-apiserver", "kube-controller-manager",
- "kube-scheduler", "etcd". "patchtype" can be one of
- "strategic" "merge" or "json" and they match the patch
- formats supported by kubectl. The default "patchtype"
- is "strategic". "extension" must be either "json" or
- "yaml". "suffix" is an optional string that can be used
- to determine which patches are applied first alpha-numerically.
- These files can be written into the target directory
- via KubeadmConfig.Files which specifies additional files
- to be created on the machine, either with content inline
- or by referencing a secret.
- type: string
- type: object
- skipPhases:
- description: SkipPhases is a list of phases to skip during
- command execution. The list of phases can be obtained with
- the "kubeadm init --help" command. This option takes effect
- only on Kubernetes >=1.22.0.
- items:
- type: string
- type: array
- type: object
- joinConfiguration:
- description: JoinConfiguration is the kubeadm configuration for
- the join command
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this
- representation of an object. Servers should convert recognized
- schemas to the latest internal value, and may reject unrecognized
- values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- caCertPath:
- description: 'CACertPath is the path to the SSL certificate
- authority used to secure comunications between node and
- control-plane. Defaults to "/etc/kubernetes/pki/ca.crt".
- TODO: revisit when there is defaulting from k/k'
- type: string
- controlPlane:
- description: ControlPlane defines the additional control plane
- instance to be deployed on the joining node. If nil, no
- additional control plane instance will be deployed.
- properties:
- localAPIEndpoint:
- description: LocalAPIEndpoint represents the endpoint
- of the API server instance to be deployed on this node.
- properties:
- advertiseAddress:
- description: AdvertiseAddress sets the IP address
- for the API server to advertise.
- type: string
- bindPort:
- description: BindPort sets the secure port for the
- API Server to bind to. Defaults to 6443.
- format: int32
- type: integer
- type: object
- type: object
- discovery:
- description: 'Discovery specifies the options for the kubelet
- to use during the TLS Bootstrap process TODO: revisit when
- there is defaulting from k/k'
- properties:
- bootstrapToken:
- description: BootstrapToken is used to set the options
- for bootstrap token based discovery BootstrapToken and
- File are mutually exclusive
- properties:
- apiServerEndpoint:
- description: APIServerEndpoint is an IP or domain
- name to the API server from which info will be fetched.
- type: string
- caCertHashes:
- description: 'CACertHashes specifies a set of public
- key pins to verify when token-based discovery is
- used. The root CA found during discovery must match
- one of these values. Specifying an empty set disables
- root CA pinning, which can be unsafe. Each hash
- is specified as "<type>:<value>", where the only
- currently supported type is "sha256". This is a
- hex-encoded SHA-256 hash of the Subject Public Key
- Info (SPKI) object in DER-encoded ASN.1. These hashes
- can be calculated using, for example, OpenSSL: openssl
- x509 -pubkey -in ca.crt openssl rsa -pubin -outform
- der 2>&/dev/null | openssl dgst -sha256 -hex'
- items:
- type: string
- type: array
- token:
- description: Token is a token used to validate cluster
- information fetched from the control-plane.
- type: string
- unsafeSkipCAVerification:
- description: UnsafeSkipCAVerification allows token-based
- discovery without CA verification via CACertHashes.
- This can weaken the security of kubeadm since other
- nodes can impersonate the control-plane.
- type: boolean
- required:
- - token
- type: object
- file:
- description: File is used to specify a file or URL to
- a kubeconfig file from which to load cluster information
- BootstrapToken and File are mutually exclusive
- properties:
- kubeConfigPath:
- description: KubeConfigPath is used to specify the
- actual file path or URL to the kubeconfig file from
- which to load cluster information
- type: string
- required:
- - kubeConfigPath
- type: object
- timeout:
- description: Timeout modifies the discovery timeout
- type: string
- tlsBootstrapToken:
- description: TLSBootstrapToken is a token used for TLS
- bootstrapping. If .BootstrapToken is set, this field
- is defaulted to .BootstrapToken.Token, but can be overridden.
- If .File is set, this field **must be set** in case
- the KubeConfigFile does not contain any other authentication
- information
- type: string
- type: object
- kind:
- description: 'Kind is a string value representing the REST
- resource this object represents. Servers may infer this
- from the endpoint the client submits requests to. Cannot
- be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- nodeRegistration:
- description: NodeRegistration holds fields that relate to
- registering the new control-plane node to the cluster. When
- used in the context of control plane nodes, NodeRegistration
- should remain consistent across both InitConfiguration and
- JoinConfiguration
- properties:
- criSocket:
- description: CRISocket is used to retrieve container runtime
- info. This information will be annotated to the Node
- API object, for later re-use
- type: string
- ignorePreflightErrors:
- description: IgnorePreflightErrors provides a slice of
- pre-flight errors to be ignored when the current node
- is registered.
- items:
- type: string
- type: array
- kubeletExtraArgs:
- additionalProperties:
- type: string
- description: KubeletExtraArgs passes through extra arguments
- to the kubelet. The arguments here are passed to the
- kubelet command line via the environment file kubeadm
- writes at runtime for the kubelet to source. This overrides
- the generic base-level configuration in the kubelet-config-1.X
- ConfigMap Flags have higher priority when parsing. These
- values are local and specific to the node kubeadm is
- executing on.
- type: object
- name:
- description: Name is the `.Metadata.Name` field of the
- Node API object that will be created in this `kubeadm
- init` or `kubeadm join` operation. This field is also
- used in the CommonName field of the kubelet's client
- certificate to the API server. Defaults to the hostname
- of the node if not provided.
- type: string
- taints:
- description: 'Taints specifies the taints the Node API
- object should be registered with. If this field is unset,
- i.e. nil, in the `kubeadm init` process it will be defaulted
- to []v1.Taint{''node-role.kubernetes.io/master=""''}.
- If you don''t want to taint your control-plane node,
- set this field to an empty slice, i.e. `taints: []`
- in the YAML file. This field is solely used for Node
- registration.'
- items:
- description: The node this Taint is attached to has
- the "effect" on any pod that does not tolerate the
- Taint.
- properties:
- effect:
- description: Required. The effect of the taint on
- pods that do not tolerate the taint. Valid effects
- are NoSchedule, PreferNoSchedule and NoExecute.
- type: string
- key:
- description: Required. The taint key to be applied
- to a node.
- type: string
- timeAdded:
- description: TimeAdded represents the time at which
- the taint was added. It is only written for NoExecute
- taints.
- format: date-time
- type: string
- value:
- description: The taint value corresponding to the
- taint key.
- type: string
- required:
- - effect
- - key
- type: object
- type: array
- type: object
- patches:
- description: Patches contains options related to applying
- patches to components deployed by kubeadm during "kubeadm
- join". The minimum kubernetes version needed to support
- Patches is v1.22
- properties:
- directory:
- description: Directory is a path to a directory that contains
- files named "target[suffix][+patchtype].extension".
- For example, "kube-apiserver0+merge.yaml" or just "etcd.json".
- "target" can be one of "kube-apiserver", "kube-controller-manager",
- "kube-scheduler", "etcd". "patchtype" can be one of
- "strategic" "merge" or "json" and they match the patch
- formats supported by kubectl. The default "patchtype"
- is "strategic". "extension" must be either "json" or
- "yaml". "suffix" is an optional string that can be used
- to determine which patches are applied first alpha-numerically.
- These files can be written into the target directory
- via KubeadmConfig.Files which specifies additional files
- to be created on the machine, either with content inline
- or by referencing a secret.
- type: string
- type: object
- skipPhases:
- description: SkipPhases is a list of phases to skip during
- command execution. The list of phases can be obtained with
- the "kubeadm init --help" command. This option takes effect
- only on Kubernetes >=1.22.0.
- items:
- type: string
- type: array
- type: object
- mounts:
- description: Mounts specifies a list of mount points to be setup.
- items:
- description: MountPoints defines input for generated mounts
- in cloud-init.
- items:
- type: string
- type: array
- type: array
- ntp:
- description: NTP specifies NTP configuration
- properties:
- enabled:
- description: Enabled specifies whether NTP should be enabled
- type: boolean
- servers:
- description: Servers specifies which NTP servers to use
- items:
- type: string
- type: array
- type: object
- postKubeadmCommands:
- description: PostKubeadmCommands specifies extra commands to run
- after kubeadm runs
- items:
- type: string
- type: array
- preKubeadmCommands:
- description: PreKubeadmCommands specifies extra commands to run
- before kubeadm runs
- items:
- type: string
- type: array
- useExperimentalRetryJoin:
- description: "UseExperimentalRetryJoin replaces a basic kubeadm
- command with a shell script with retries for joins. \n This
- is meant to be an experimental temporary workaround on some
- environments where joins fail due to timing (and other issues).
- The long term goal is to add retries to kubeadm proper and use
- that functionality. \n This will add about 40KB to userdata
- \n For more information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055.
- \n Deprecated: This experimental fix is no longer needed and
- this field will be removed in a future release. When removing
- also remove from staticcheck exclude-rules for SA1019 in golangci.yml"
- type: boolean
- users:
- description: Users specifies extra users to add
- items:
- description: User defines the input for a generated user in
- cloud-init.
- properties:
- gecos:
- description: Gecos specifies the gecos to use for the user
- type: string
- groups:
- description: Groups specifies the additional groups for
- the user
- type: string
- homeDir:
- description: HomeDir specifies the home directory to use
- for the user
- type: string
- inactive:
- description: Inactive specifies whether to mark the user
- as inactive
- type: boolean
- lockPassword:
- description: LockPassword specifies if password login should
- be disabled
- type: boolean
- name:
- description: Name specifies the user name
- type: string
- passwd:
- description: Passwd specifies a hashed password for the
- user
- type: string
- passwdFrom:
- description: PasswdFrom is a referenced source of passwd
- to populate the passwd.
- properties:
- secret:
- description: Secret represents a secret that should
- populate this password.
- properties:
- key:
- description: Key is the key in the secret's data
- map for this value.
- type: string
- name:
- description: Name of the secret in the KubeadmBootstrapConfig's
- namespace to use.
- type: string
- required:
- - key
- - name
- type: object
- required:
- - secret
- type: object
- primaryGroup:
- description: PrimaryGroup specifies the primary group for
- the user
- type: string
- shell:
- description: Shell specifies the user's shell
- type: string
- sshAuthorizedKeys:
- description: SSHAuthorizedKeys specifies a list of ssh authorized
- keys for the user
- items:
- type: string
- type: array
- sudo:
- description: Sudo specifies a sudo role for the user
- type: string
- required:
- - name
- type: object
- type: array
- verbosity:
- description: Verbosity is the number for the kubeadm log level
- verbosity. It overrides the `--v` flag in kubeadm commands.
- format: int32
- type: integer
- type: object
- machineTemplate:
- description: MachineTemplate contains information about how machines
- should be shaped when creating or updating a control plane.
- properties:
- infrastructureRef:
- description: InfrastructureRef is a required reference to a custom
- resource offered by an infrastructure provider.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object instead
- of an entire object, this string should contain a valid
- JSON/Go field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container within
- a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container that triggered
- the event) or if no container name is specified "spec.containers[2]"
- (container with index 2 in this pod). This syntax is chosen
- only to have some well-defined way of referencing a part
- of an object. TODO: this design is not final and this field
- is subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this reference
- is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- metadata:
- description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata'
- properties:
- annotations:
- additionalProperties:
- type: string
- description: 'Annotations is an unstructured key value map
- stored with a resource that may be set by external tools
- to store and retrieve arbitrary metadata. They are not queryable
- and should be preserved when modifying objects. More info:
- http://kubernetes.io/docs/user-guide/annotations'
- type: object
- labels:
- additionalProperties:
- type: string
- description: 'Map of string keys and values that can be used
- to organize and categorize (scope and select) objects. May
- match selectors of replication controllers and services.
- More info: http://kubernetes.io/docs/user-guide/labels'
- type: object
- type: object
- nodeDeletionTimeout:
- description: NodeDeletionTimeout defines how long the machine
- controller will attempt to delete the Node that the Machine
- hosts after the Machine is marked for deletion. A duration of
- 0 will retry deletion indefinitely. If no value is provided,
- the default value for this property of the Machine resource
- will be used.
- type: string
- nodeDrainTimeout:
- description: 'NodeDrainTimeout is the total amount of time that
- the controller will spend on draining a controlplane node The
- default value is 0, meaning that the node can be drained without
- any time limitations. NOTE: NodeDrainTimeout is different from
- `kubectl drain --timeout`'
- type: string
- nodeVolumeDetachTimeout:
- description: NodeVolumeDetachTimeout is the total amount of time
- that the controller will spend on waiting for all volumes to
- be detached. The default value is 0, meaning that the volumes
- can be detached without any time limitations.
- type: string
- required:
- - infrastructureRef
- type: object
- replicas:
- description: Number of desired machines. Defaults to 1. When stacked
- etcd is used only odd numbers are permitted, as per [etcd best practice](https://etcd.io/docs/v3.3.12/faq/#why-an-odd-number-of-cluster-members).
- This is a pointer to distinguish between explicit zero and not specified.
- format: int32
- type: integer
- rolloutAfter:
- description: RolloutAfter is a field to indicate a rollout should
- be performed after the specified time even if no changes have been
- made to the KubeadmControlPlane.
- format: date-time
- type: string
- rolloutBefore:
- description: RolloutBefore is a field to indicate a rollout should
- be performed if the specified criteria is met.
- properties:
- certificatesExpiryDays:
- description: CertificatesExpiryDays indicates a rollout needs
- to be performed if the certificates of the machine will expire
- within the specified days.
- format: int32
- type: integer
- type: object
- rolloutStrategy:
- default:
- rollingUpdate:
- maxSurge: 1
- type: RollingUpdate
- description: The RolloutStrategy to use to replace control plane machines
- with new ones.
- properties:
- rollingUpdate:
- description: Rolling update config params. Present only if RolloutStrategyType
- = RollingUpdate.
- properties:
- maxSurge:
- anyOf:
- - type: integer
- - type: string
- description: 'The maximum number of control planes that can
- be scheduled above or under the desired number of control
- planes. Value can be an absolute number 1 or 0. Defaults
- to 1. Example: when this is set to 1, the control plane
- can be scaled up immediately when the rolling update starts.'
- x-kubernetes-int-or-string: true
- type: object
- type:
- description: Type of rollout. Currently the only supported strategy
- is "RollingUpdate". Default is RollingUpdate.
- type: string
- type: object
- version:
- description: Version defines the desired Kubernetes version.
- type: string
- required:
- - kubeadmConfigSpec
- - machineTemplate
- - version
- type: object
- status:
- description: KubeadmControlPlaneStatus defines the observed state of KubeadmControlPlane.
- properties:
- conditions:
- description: Conditions defines current service state of the KubeadmControlPlane.
- items:
- description: Condition defines an observation of a Cluster API resource
- operational state.
- properties:
- lastTransitionTime:
- description: Last time the condition transitioned from one status
- to another. This should be when the underlying condition changed.
- If that is not known, then using the time when the API field
- changed is acceptable.
- format: date-time
- type: string
- message:
- description: A human readable message indicating details about
- the transition. This field may be empty.
- type: string
- reason:
- description: The reason for the condition's last transition
- in CamelCase. The specific API may choose whether or not this
- field is considered a guaranteed API. This field may not be
- empty.
- type: string
- severity:
- description: Severity provides an explicit classification of
- Reason code, so the users or machines can immediately understand
- the current situation and act accordingly. The Severity field
- MUST be set only when Status=False.
- type: string
- status:
- description: Status of the condition, one of True, False, Unknown.
- type: string
- type:
- description: Type of condition in CamelCase or in foo.example.com/CamelCase.
- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important.
- type: string
- required:
- - lastTransitionTime
- - status
- - type
- type: object
- type: array
- failureMessage:
- description: ErrorMessage indicates that there is a terminal problem
- reconciling the state, and will be set to a descriptive error message.
- type: string
- failureReason:
- description: FailureReason indicates that there is a terminal problem
- reconciling the state, and will be set to a token value suitable
- for programmatic interpretation.
- type: string
- initialized:
- description: Initialized denotes whether or not the control plane
- has the uploaded kubeadm-config configmap.
- type: boolean
- observedGeneration:
- description: ObservedGeneration is the latest generation observed
- by the controller.
- format: int64
- type: integer
- ready:
- description: Ready denotes that the KubeadmControlPlane API Server
- is ready to receive requests.
- type: boolean
- readyReplicas:
- description: Total number of fully running and ready control plane
- machines.
- format: int32
- type: integer
- replicas:
- description: Total number of non-terminated machines targeted by this
- control plane (their labels match the selector).
- format: int32
- type: integer
- selector:
- description: 'Selector is the label selector in string format to avoid
- introspection by clients, and is used to provide the CRD-based integration
- for the scale subresource and additional integrations for things
- like kubectl describe.. The string will be in the same format as
- the query-param syntax. More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors'
- type: string
- unavailableReplicas:
- description: Total number of unavailable machines targeted by this
- control plane. This is the total number of machines that are still
- required for the deployment to have 100% available capacity. They
- may either be machines that are running but not yet ready or machines
- that still have not been created.
- format: int32
- type: integer
- updatedReplicas:
- description: Total number of non-terminated machines targeted by this
- control plane that have the desired template spec.
- format: int32
- type: integer
- version:
- description: Version represents the minimum Kubernetes version for
- the control plane machines in the cluster.
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- scale:
- labelSelectorPath: .status.selector
- specReplicasPath: .spec.replicas
- statusReplicasPath: .status.replicas
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: null
- storedVersions: null
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- cert-manager.io/inject-ca-from: capi-kubeadm-control-plane-system/capi-kubeadm-control-plane-serving-cert
- controller-gen.kubebuilder.io/version: v0.10.0
- creationTimestamp: null
- labels:
- cluster.x-k8s.io/provider: control-plane-kubeadm
- cluster.x-k8s.io/v1alpha3: v1alpha3
- cluster.x-k8s.io/v1alpha4: v1alpha4
- cluster.x-k8s.io/v1beta1: v1beta1
- clusterctl.cluster.x-k8s.io: ""
- name: kubeadmcontrolplanetemplates.controlplane.cluster.x-k8s.io
-spec:
- conversion:
- strategy: Webhook
- webhook:
- clientConfig:
- caBundle: Cg==
- service:
- name: capi-kubeadm-control-plane-webhook-service
- namespace: capi-kubeadm-control-plane-system
- path: /convert
- conversionReviewVersions:
- - v1
- - v1beta1
- group: controlplane.cluster.x-k8s.io
- names:
- categories:
- - cluster-api
- kind: KubeadmControlPlaneTemplate
- listKind: KubeadmControlPlaneTemplateList
- plural: kubeadmcontrolplanetemplates
- singular: kubeadmcontrolplanetemplate
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - description: Time duration since creation of KubeadmControlPlaneTemplate
- jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1alpha4
- schema:
- openAPIV3Schema:
- description: KubeadmControlPlaneTemplate is the Schema for the kubeadmcontrolplanetemplates
- API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: KubeadmControlPlaneTemplateSpec defines the desired state
- of KubeadmControlPlaneTemplate.
- properties:
- template:
- description: KubeadmControlPlaneTemplateResource describes the data
- needed to create a KubeadmControlPlane from a template.
- properties:
- spec:
- description: KubeadmControlPlaneSpec defines the desired state
- of KubeadmControlPlane.
- properties:
- kubeadmConfigSpec:
- description: KubeadmConfigSpec is a KubeadmConfigSpec to use
- for initializing and joining machines to the control plane.
- properties:
- clusterConfiguration:
- description: ClusterConfiguration along with InitConfiguration
- are the configurations necessary for the init command
- properties:
- apiServer:
- description: APIServer contains extra settings for
- the API server control plane component
- properties:
- certSANs:
- description: CertSANs sets extra Subject Alternative
- Names for the API Server signing cert.
- items:
- type: string
- type: array
- extraArgs:
- additionalProperties:
- type: string
- description: 'ExtraArgs is an extra set of flags
- to pass to the control plane component. TODO:
- This is temporary and ideally we would like
- to switch all components to use ComponentConfig
- + ConfigMaps.'
- type: object
- extraVolumes:
- description: ExtraVolumes is an extra set of host
- volumes, mounted to the control plane component.
- items:
- description: HostPathMount contains elements
- describing volumes that are mounted from the
- host.
- properties:
- hostPath:
- description: HostPath is the path in the
- host that will be mounted inside the pod.
- type: string
- mountPath:
- description: MountPath is the path inside
- the pod where hostPath will be mounted.
- type: string
- name:
- description: Name of the volume inside the
- pod template.
- type: string
- pathType:
- description: PathType is the type of the
- HostPath.
- type: string
- readOnly:
- description: ReadOnly controls write access
- to the volume
- type: boolean
- required:
- - hostPath
- - mountPath
- - name
- type: object
- type: array
- timeoutForControlPlane:
- description: TimeoutForControlPlane controls the
- timeout that we use for API server to appear
- type: string
- type: object
- apiVersion:
- description: 'APIVersion defines the versioned schema
- of this representation of an object. Servers should
- convert recognized schemas to the latest internal
- value, and may reject unrecognized values. More
- info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- certificatesDir:
- description: 'CertificatesDir specifies where to store
- or look for all required certificates. NB: if not
- provided, this will default to `/etc/kubernetes/pki`'
- type: string
- clusterName:
- description: The cluster name
- type: string
- controlPlaneEndpoint:
- description: 'ControlPlaneEndpoint sets a stable IP
- address or DNS name for the control plane; it can
- be a valid IP address or a RFC-1123 DNS subdomain,
- both with optional TCP port. In case the ControlPlaneEndpoint
- is not specified, the AdvertiseAddress + BindPort
- are used; in case the ControlPlaneEndpoint is specified
- but without a TCP port, the BindPort is used. Possible
- usages are: e.g. In a cluster with more than one
- control plane instances, this field should be assigned
- the address of the external load balancer in front
- of the control plane instances. e.g. in environments
- with enforced node recycling, the ControlPlaneEndpoint
- could be used for assigning a stable DNS to the
- control plane. NB: This value defaults to the first
- value in the Cluster object status.apiEndpoints
- array.'
- type: string
- controllerManager:
- description: ControllerManager contains extra settings
- for the controller manager control plane component
- properties:
- extraArgs:
- additionalProperties:
- type: string
- description: 'ExtraArgs is an extra set of flags
- to pass to the control plane component. TODO:
- This is temporary and ideally we would like
- to switch all components to use ComponentConfig
- + ConfigMaps.'
- type: object
- extraVolumes:
- description: ExtraVolumes is an extra set of host
- volumes, mounted to the control plane component.
- items:
- description: HostPathMount contains elements
- describing volumes that are mounted from the
- host.
- properties:
- hostPath:
- description: HostPath is the path in the
- host that will be mounted inside the pod.
- type: string
- mountPath:
- description: MountPath is the path inside
- the pod where hostPath will be mounted.
- type: string
- name:
- description: Name of the volume inside the
- pod template.
- type: string
- pathType:
- description: PathType is the type of the
- HostPath.
- type: string
- readOnly:
- description: ReadOnly controls write access
- to the volume
- type: boolean
- required:
- - hostPath
- - mountPath
- - name
- type: object
- type: array
- type: object
- dns:
- description: DNS defines the options for the DNS add-on
- installed in the cluster.
- properties:
- imageRepository:
- description: ImageRepository sets the container
- registry to pull images from. if not set, the
- ImageRepository defined in ClusterConfiguration
- will be used instead.
- type: string
- imageTag:
- description: ImageTag allows to specify a tag
- for the image. In case this value is set, kubeadm
- does not change automatically the version of
- the above components during upgrades.
- type: string
- type: object
- etcd:
- description: 'Etcd holds configuration for etcd. NB:
- This value defaults to a Local (stacked) etcd'
- properties:
- external:
- description: External describes how to connect
- to an external etcd cluster Local and External
- are mutually exclusive
- properties:
- caFile:
- description: CAFile is an SSL Certificate
- Authority file used to secure etcd communication.
- Required if using a TLS connection.
- type: string
- certFile:
- description: CertFile is an SSL certification
- file used to secure etcd communication.
- Required if using a TLS connection.
- type: string
- endpoints:
- description: Endpoints of etcd members. Required
- for ExternalEtcd.
- items:
- type: string
- type: array
- keyFile:
- description: KeyFile is an SSL key file used
- to secure etcd communication. Required if
- using a TLS connection.
- type: string
- required:
- - caFile
- - certFile
- - endpoints
- - keyFile
- type: object
- local:
- description: Local provides configuration knobs
- for configuring the local etcd instance Local
- and External are mutually exclusive
- properties:
- dataDir:
- description: DataDir is the directory etcd
- will place its data. Defaults to "/var/lib/etcd".
- type: string
- extraArgs:
- additionalProperties:
- type: string
- description: ExtraArgs are extra arguments
- provided to the etcd binary when run inside
- a static pod.
- type: object
- imageRepository:
- description: ImageRepository sets the container
- registry to pull images from. if not set,
- the ImageRepository defined in ClusterConfiguration
- will be used instead.
- type: string
- imageTag:
- description: ImageTag allows to specify a
- tag for the image. In case this value is
- set, kubeadm does not change automatically
- the version of the above components during
- upgrades.
- type: string
- peerCertSANs:
- description: PeerCertSANs sets extra Subject
- Alternative Names for the etcd peer signing
- cert.
- items:
- type: string
- type: array
- serverCertSANs:
- description: ServerCertSANs sets extra Subject
- Alternative Names for the etcd server signing
- cert.
- items:
- type: string
- type: array
- type: object
- type: object
- featureGates:
- additionalProperties:
- type: boolean
- description: FeatureGates enabled by the user.
- type: object
- imageRepository:
- description: ImageRepository sets the container registry
- to pull images from. If empty, `registry.k8s.io`
- will be used by default; in case of kubernetes version
- is a CI build (kubernetes version starts with `ci/`
- or `ci-cross/`) `gcr.io/k8s-staging-ci-images` will
- be used as a default for control plane components
- and for kube-proxy, while `registry.k8s.io` will
- be used for all the other images.
- type: string
- kind:
- description: 'Kind is a string value representing
- the REST resource this object represents. Servers
- may infer this from the endpoint the client submits
- requests to. Cannot be updated. In CamelCase. More
- info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- kubernetesVersion:
- description: 'KubernetesVersion is the target version
- of the control plane. NB: This value defaults to
- the Machine object spec.version'
- type: string
- networking:
- description: 'Networking holds configuration for the
- networking topology of the cluster. NB: This value
- defaults to the Cluster object spec.clusterNetwork.'
- properties:
- dnsDomain:
- description: DNSDomain is the dns domain used
- by k8s services. Defaults to "cluster.local".
- type: string
- podSubnet:
- description: PodSubnet is the subnet used by pods.
- If unset, the API server will not allocate CIDR
- ranges for every node. Defaults to a comma-delimited
- string of the Cluster object's spec.clusterNetwork.services.cidrBlocks
- if that is set
- type: string
- serviceSubnet:
- description: ServiceSubnet is the subnet used
- by k8s services. Defaults to a comma-delimited
- string of the Cluster object's spec.clusterNetwork.pods.cidrBlocks,
- or to "10.96.0.0/12" if that's unset.
- type: string
- type: object
- scheduler:
- description: Scheduler contains extra settings for
- the scheduler control plane component
- properties:
- extraArgs:
- additionalProperties:
- type: string
- description: 'ExtraArgs is an extra set of flags
- to pass to the control plane component. TODO:
- This is temporary and ideally we would like
- to switch all components to use ComponentConfig
- + ConfigMaps.'
- type: object
- extraVolumes:
- description: ExtraVolumes is an extra set of host
- volumes, mounted to the control plane component.
- items:
- description: HostPathMount contains elements
- describing volumes that are mounted from the
- host.
- properties:
- hostPath:
- description: HostPath is the path in the
- host that will be mounted inside the pod.
- type: string
- mountPath:
- description: MountPath is the path inside
- the pod where hostPath will be mounted.
- type: string
- name:
- description: Name of the volume inside the
- pod template.
- type: string
- pathType:
- description: PathType is the type of the
- HostPath.
- type: string
- readOnly:
- description: ReadOnly controls write access
- to the volume
- type: boolean
- required:
- - hostPath
- - mountPath
- - name
- type: object
- type: array
- type: object
- type: object
- diskSetup:
- description: DiskSetup specifies options for the creation
- of partition tables and file systems on devices.
- properties:
- filesystems:
- description: Filesystems specifies the list of file
- systems to setup.
- items:
- description: Filesystem defines the file systems
- to be created.
- properties:
- device:
- description: Device specifies the device name
- type: string
- extraOpts:
- description: ExtraOpts defined extra options
- to add to the command for creating the file
- system.
- items:
- type: string
- type: array
- filesystem:
- description: Filesystem specifies the file system
- type.
- type: string
- label:
- description: Label specifies the file system
- label to be used. If set to None, no label
- is used.
- type: string
- overwrite:
- description: Overwrite defines whether or not
- to overwrite any existing filesystem. If true,
- any pre-existing file system will be destroyed.
- Use with Caution.
- type: boolean
- partition:
- description: 'Partition specifies the partition
- to use. The valid options are: "auto|any",
- "auto", "any", "none", and <NUM>, where NUM
- is the actual partition number.'
- type: string
- replaceFS:
- description: 'ReplaceFS is a special directive,
- used for Microsoft Azure that instructs cloud-init
- to replace a file system of <FS_TYPE>. NOTE:
- unless you define a label, this requires the
- use of the ''any'' partition directive.'
- type: string
- required:
- - device
- - filesystem
- - label
- type: object
- type: array
- partitions:
- description: Partitions specifies the list of the
- partitions to setup.
- items:
- description: Partition defines how to create and
- layout a partition.
- properties:
- device:
- description: Device is the name of the device.
- type: string
- layout:
- description: Layout specifies the device layout.
- If it is true, a single partition will be
- created for the entire device. When layout
- is false, it means don't partition or ignore
- existing partitioning.
- type: boolean
- overwrite:
- description: Overwrite describes whether to
- skip checks and create the partition if a
- partition or filesystem is found on the device.
- Use with caution. Default is 'false'.
- type: boolean
- tableType:
- description: 'TableType specifies the tupe of
- partition table. The following are supported:
- ''mbr'': default and setups a MS-DOS partition
- table ''gpt'': setups a GPT partition table'
- type: string
- required:
- - device
- - layout
- type: object
- type: array
- type: object
- files:
- description: Files specifies extra files to be passed
- to user_data upon creation.
- items:
- description: File defines the input for generating write_files
- in cloud-init.
- properties:
- content:
- description: Content is the actual content of the
- file.
- type: string
- contentFrom:
- description: ContentFrom is a referenced source
- of content to populate the file.
- properties:
- secret:
- description: Secret represents a secret that
- should populate this file.
- properties:
- key:
- description: Key is the key in the secret's
- data map for this value.
- type: string
- name:
- description: Name of the secret in the KubeadmBootstrapConfig's
- namespace to use.
- type: string
- required:
- - key
- - name
- type: object
- required:
- - secret
- type: object
- encoding:
- description: Encoding specifies the encoding of
- the file contents.
- enum:
- - base64
- - gzip
- - gzip+base64
- type: string
- owner:
- description: Owner specifies the ownership of the
- file, e.g. "root:root".
- type: string
- path:
- description: Path specifies the full path on disk
- where to store the file.
- type: string
- permissions:
- description: Permissions specifies the permissions
- to assign to the file, e.g. "0640".
- type: string
- required:
- - path
- type: object
- type: array
- format:
- description: Format specifies the output format of the
- bootstrap data
- enum:
- - cloud-config
- type: string
- initConfiguration:
- description: InitConfiguration along with ClusterConfiguration
- are the configurations necessary for the init command
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema
- of this representation of an object. Servers should
- convert recognized schemas to the latest internal
- value, and may reject unrecognized values. More
- info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- bootstrapTokens:
- description: BootstrapTokens is respected at `kubeadm
- init` time and describes a set of Bootstrap Tokens
- to create. This information IS NOT uploaded to the
- kubeadm cluster configmap, partly because of its
- sensitive nature
- items:
- description: BootstrapToken describes one bootstrap
- token, stored as a Secret in the cluster.
- properties:
- description:
- description: Description sets a human-friendly
- message why this token exists and what it's
- used for, so other administrators can know
- its purpose.
- type: string
- expires:
- description: Expires specifies the timestamp
- when this token expires. Defaults to being
- set dynamically at runtime based on the TTL.
- Expires and TTL are mutually exclusive.
- format: date-time
- type: string
- groups:
- description: Groups specifies the extra groups
- that this token will authenticate as when/if
- used for authentication
- items:
- type: string
- type: array
- token:
- description: Token is used for establishing
- bidirectional trust between nodes and control-planes.
- Used for joining nodes in the cluster.
- type: string
- ttl:
- description: TTL defines the time to live for
- this token. Defaults to 24h. Expires and TTL
- are mutually exclusive.
- type: string
- usages:
- description: Usages describes the ways in which
- this token can be used. Can by default be
- used for establishing bidirectional trust,
- but that can be changed here.
- items:
- type: string
- type: array
- required:
- - token
- type: object
- type: array
- kind:
- description: 'Kind is a string value representing
- the REST resource this object represents. Servers
- may infer this from the endpoint the client submits
- requests to. Cannot be updated. In CamelCase. More
- info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- localAPIEndpoint:
- description: LocalAPIEndpoint represents the endpoint
- of the API server instance that's deployed on this
- control plane node In HA setups, this differs from
- ClusterConfiguration.ControlPlaneEndpoint in the
- sense that ControlPlaneEndpoint is the global endpoint
- for the cluster, which then loadbalances the requests
- to each individual API server. This configuration
- object lets you customize what IP/DNS name and port
- the local API server advertises it's accessible
- on. By default, kubeadm tries to auto-detect the
- IP of the default interface and use that, but in
- case that process fails you may set the desired
- value here.
- properties:
- advertiseAddress:
- description: AdvertiseAddress sets the IP address
- for the API server to advertise.
- type: string
- bindPort:
- description: BindPort sets the secure port for
- the API Server to bind to. Defaults to 6443.
- format: int32
- type: integer
- type: object
- nodeRegistration:
- description: NodeRegistration holds fields that relate
- to registering the new control-plane node to the
- cluster. When used in the context of control plane
- nodes, NodeRegistration should remain consistent
- across both InitConfiguration and JoinConfiguration
- properties:
- criSocket:
- description: CRISocket is used to retrieve container
- runtime info. This information will be annotated
- to the Node API object, for later re-use
- type: string
- ignorePreflightErrors:
- description: IgnorePreflightErrors provides a
- slice of pre-flight errors to be ignored when
- the current node is registered.
- items:
- type: string
- type: array
- kubeletExtraArgs:
- additionalProperties:
- type: string
- description: KubeletExtraArgs passes through extra
- arguments to the kubelet. The arguments here
- are passed to the kubelet command line via the
- environment file kubeadm writes at runtime for
- the kubelet to source. This overrides the generic
- base-level configuration in the kubelet-config-1.X
- ConfigMap Flags have higher priority when parsing.
- These values are local and specific to the node
- kubeadm is executing on.
- type: object
- name:
- description: Name is the `.Metadata.Name` field
- of the Node API object that will be created
- in this `kubeadm init` or `kubeadm join` operation.
- This field is also used in the CommonName field
- of the kubelet's client certificate to the API
- server. Defaults to the hostname of the node
- if not provided.
- type: string
- taints:
- description: 'Taints specifies the taints the
- Node API object should be registered with. If
- this field is unset, i.e. nil, in the `kubeadm
- init` process it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}.
- If you don''t want to taint your control-plane
- node, set this field to an empty slice, i.e.
- `taints: {}` in the YAML file. This field is
- solely used for Node registration.'
- items:
- description: The node this Taint is attached
- to has the "effect" on any pod that does not
- tolerate the Taint.
- properties:
- effect:
- description: Required. The effect of the
- taint on pods that do not tolerate the
- taint. Valid effects are NoSchedule, PreferNoSchedule
- and NoExecute.
- type: string
- key:
- description: Required. The taint key to
- be applied to a node.
- type: string
- timeAdded:
- description: TimeAdded represents the time
- at which the taint was added. It is only
- written for NoExecute taints.
- format: date-time
- type: string
- value:
- description: The taint value corresponding
- to the taint key.
- type: string
- required:
- - effect
- - key
- type: object
- type: array
- type: object
- type: object
- joinConfiguration:
- description: JoinConfiguration is the kubeadm configuration
- for the join command
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema
- of this representation of an object. Servers should
- convert recognized schemas to the latest internal
- value, and may reject unrecognized values. More
- info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- caCertPath:
- description: 'CACertPath is the path to the SSL certificate
- authority used to secure comunications between node
- and control-plane. Defaults to "/etc/kubernetes/pki/ca.crt".
- TODO: revisit when there is defaulting from k/k'
- type: string
- controlPlane:
- description: ControlPlane defines the additional control
- plane instance to be deployed on the joining node.
- If nil, no additional control plane instance will
- be deployed.
- properties:
- localAPIEndpoint:
- description: LocalAPIEndpoint represents the endpoint
- of the API server instance to be deployed on
- this node.
- properties:
- advertiseAddress:
- description: AdvertiseAddress sets the IP
- address for the API server to advertise.
- type: string
- bindPort:
- description: BindPort sets the secure port
- for the API Server to bind to. Defaults
- to 6443.
- format: int32
- type: integer
- type: object
- type: object
- discovery:
- description: 'Discovery specifies the options for
- the kubelet to use during the TLS Bootstrap process
- TODO: revisit when there is defaulting from k/k'
- properties:
- bootstrapToken:
- description: BootstrapToken is used to set the
- options for bootstrap token based discovery
- BootstrapToken and File are mutually exclusive
- properties:
- apiServerEndpoint:
- description: APIServerEndpoint is an IP or
- domain name to the API server from which
- info will be fetched.
- type: string
- caCertHashes:
- description: 'CACertHashes specifies a set
- of public key pins to verify when token-based
- discovery is used. The root CA found during
- discovery must match one of these values.
- Specifying an empty set disables root CA
- pinning, which can be unsafe. Each hash
- is specified as "<type>:<value>", where
- the only currently supported type is "sha256".
- This is a hex-encoded SHA-256 hash of the
- Subject Public Key Info (SPKI) object in
- DER-encoded ASN.1. These hashes can be calculated
- using, for example, OpenSSL: openssl x509
- -pubkey -in ca.crt openssl rsa -pubin -outform
- der 2>&/dev/null | openssl dgst -sha256
- -hex'
- items:
- type: string
- type: array
- token:
- description: Token is a token used to validate
- cluster information fetched from the control-plane.
- type: string
- unsafeSkipCAVerification:
- description: UnsafeSkipCAVerification allows
- token-based discovery without CA verification
- via CACertHashes. This can weaken the security
- of kubeadm since other nodes can impersonate
- the control-plane.
- type: boolean
- required:
- - token
- type: object
- file:
- description: File is used to specify a file or
- URL to a kubeconfig file from which to load
- cluster information BootstrapToken and File
- are mutually exclusive
- properties:
- kubeConfigPath:
- description: KubeConfigPath is used to specify
- the actual file path or URL to the kubeconfig
- file from which to load cluster information
- type: string
- required:
- - kubeConfigPath
- type: object
- timeout:
- description: Timeout modifies the discovery timeout
- type: string
- tlsBootstrapToken:
- description: TLSBootstrapToken is a token used
- for TLS bootstrapping. If .BootstrapToken is
- set, this field is defaulted to .BootstrapToken.Token,
- but can be overridden. If .File is set, this
- field **must be set** in case the KubeConfigFile
- does not contain any other authentication information
- type: string
- type: object
- kind:
- description: 'Kind is a string value representing
- the REST resource this object represents. Servers
- may infer this from the endpoint the client submits
- requests to. Cannot be updated. In CamelCase. More
- info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- nodeRegistration:
- description: NodeRegistration holds fields that relate
- to registering the new control-plane node to the
- cluster. When used in the context of control plane
- nodes, NodeRegistration should remain consistent
- across both InitConfiguration and JoinConfiguration
- properties:
- criSocket:
- description: CRISocket is used to retrieve container
- runtime info. This information will be annotated
- to the Node API object, for later re-use
- type: string
- ignorePreflightErrors:
- description: IgnorePreflightErrors provides a
- slice of pre-flight errors to be ignored when
- the current node is registered.
- items:
- type: string
- type: array
- kubeletExtraArgs:
- additionalProperties:
- type: string
- description: KubeletExtraArgs passes through extra
- arguments to the kubelet. The arguments here
- are passed to the kubelet command line via the
- environment file kubeadm writes at runtime for
- the kubelet to source. This overrides the generic
- base-level configuration in the kubelet-config-1.X
- ConfigMap Flags have higher priority when parsing.
- These values are local and specific to the node
- kubeadm is executing on.
- type: object
- name:
- description: Name is the `.Metadata.Name` field
- of the Node API object that will be created
- in this `kubeadm init` or `kubeadm join` operation.
- This field is also used in the CommonName field
- of the kubelet's client certificate to the API
- server. Defaults to the hostname of the node
- if not provided.
- type: string
- taints:
- description: 'Taints specifies the taints the
- Node API object should be registered with. If
- this field is unset, i.e. nil, in the `kubeadm
- init` process it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}.
- If you don''t want to taint your control-plane
- node, set this field to an empty slice, i.e.
- `taints: {}` in the YAML file. This field is
- solely used for Node registration.'
- items:
- description: The node this Taint is attached
- to has the "effect" on any pod that does not
- tolerate the Taint.
- properties:
- effect:
- description: Required. The effect of the
- taint on pods that do not tolerate the
- taint. Valid effects are NoSchedule, PreferNoSchedule
- and NoExecute.
- type: string
- key:
- description: Required. The taint key to
- be applied to a node.
- type: string
- timeAdded:
- description: TimeAdded represents the time
- at which the taint was added. It is only
- written for NoExecute taints.
- format: date-time
- type: string
- value:
- description: The taint value corresponding
- to the taint key.
- type: string
- required:
- - effect
- - key
- type: object
- type: array
- type: object
- type: object
- mounts:
- description: Mounts specifies a list of mount points to
- be setup.
- items:
- description: MountPoints defines input for generated
- mounts in cloud-init.
- items:
- type: string
- type: array
- type: array
- ntp:
- description: NTP specifies NTP configuration
- properties:
- enabled:
- description: Enabled specifies whether NTP should
- be enabled
- type: boolean
- servers:
- description: Servers specifies which NTP servers to
- use
- items:
- type: string
- type: array
- type: object
- postKubeadmCommands:
- description: PostKubeadmCommands specifies extra commands
- to run after kubeadm runs
- items:
- type: string
- type: array
- preKubeadmCommands:
- description: PreKubeadmCommands specifies extra commands
- to run before kubeadm runs
- items:
- type: string
- type: array
- useExperimentalRetryJoin:
- description: "UseExperimentalRetryJoin replaces a basic
- kubeadm command with a shell script with retries for
- joins. \n This is meant to be an experimental temporary
- workaround on some environments where joins fail due
- to timing (and other issues). The long term goal is
- to add retries to kubeadm proper and use that functionality.
- \n This will add about 40KB to userdata \n For more
- information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055."
- type: boolean
- users:
- description: Users specifies extra users to add
- items:
- description: User defines the input for a generated
- user in cloud-init.
- properties:
- gecos:
- description: Gecos specifies the gecos to use for
- the user
- type: string
- groups:
- description: Groups specifies the additional groups
- for the user
- type: string
- homeDir:
- description: HomeDir specifies the home directory
- to use for the user
- type: string
- inactive:
- description: Inactive specifies whether to mark
- the user as inactive
- type: boolean
- lockPassword:
- description: LockPassword specifies if password
- login should be disabled
- type: boolean
- name:
- description: Name specifies the user name
- type: string
- passwd:
- description: Passwd specifies a hashed password
- for the user
- type: string
- primaryGroup:
- description: PrimaryGroup specifies the primary
- group for the user
- type: string
- shell:
- description: Shell specifies the user's shell
- type: string
- sshAuthorizedKeys:
- description: SSHAuthorizedKeys specifies a list
- of ssh authorized keys for the user
- items:
- type: string
- type: array
- sudo:
- description: Sudo specifies a sudo role for the
- user
- type: string
- required:
- - name
- type: object
- type: array
- verbosity:
- description: Verbosity is the number for the kubeadm log
- level verbosity. It overrides the `--v` flag in kubeadm
- commands.
- format: int32
- type: integer
- type: object
- machineTemplate:
- description: MachineTemplate contains information about how
- machines should be shaped when creating or updating a control
- plane.
- properties:
- infrastructureRef:
- description: InfrastructureRef is a required reference
- to a custom resource offered by an infrastructure provider.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object
- instead of an entire object, this string should
- contain a valid JSON/Go field access statement,
- such as desiredState.manifest.containers[2]. For
- example, if the object reference is to a container
- within a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container
- that triggered the event) or if no container name
- is specified "spec.containers[2]" (container with
- index 2 in this pod). This syntax is chosen only
- to have some well-defined way of referencing a part
- of an object. TODO: this design is not final and
- this field is subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this
- reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- metadata:
- description: 'Standard object''s metadata. More info:
- https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata'
- properties:
- annotations:
- additionalProperties:
- type: string
- description: 'Annotations is an unstructured key value
- map stored with a resource that may be set by external
- tools to store and retrieve arbitrary metadata.
- They are not queryable and should be preserved when
- modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations'
- type: object
- labels:
- additionalProperties:
- type: string
- description: 'Map of string keys and values that can
- be used to organize and categorize (scope and select)
- objects. May match selectors of replication controllers
- and services. More info: http://kubernetes.io/docs/user-guide/labels'
- type: object
- type: object
- nodeDrainTimeout:
- description: 'NodeDrainTimeout is the total amount of
- time that the controller will spend on draining a controlplane
- node The default value is 0, meaning that the node can
- be drained without any time limitations. NOTE: NodeDrainTimeout
- is different from `kubectl drain --timeout`'
- type: string
- required:
- - infrastructureRef
- type: object
- replicas:
- description: Number of desired machines. Defaults to 1. When
- stacked etcd is used only odd numbers are permitted, as
- per [etcd best practice](https://etcd.io/docs/v3.3.12/faq/#why-an-odd-number-of-cluster-members).
- This is a pointer to distinguish between explicit zero and
- not specified.
- format: int32
- type: integer
- rolloutAfter:
- description: RolloutAfter is a field to indicate a rollout
- should be performed after the specified time even if no
- changes have been made to the KubeadmControlPlane.
- format: date-time
- type: string
- rolloutStrategy:
- default:
- rollingUpdate:
- maxSurge: 1
- type: RollingUpdate
- description: The RolloutStrategy to use to replace control
- plane machines with new ones.
- properties:
- rollingUpdate:
- description: Rolling update config params. Present only
- if RolloutStrategyType = RollingUpdate.
- properties:
- maxSurge:
- anyOf:
- - type: integer
- - type: string
- description: 'The maximum number of control planes
- that can be scheduled above or under the desired
- number of control planes. Value can be an absolute
- number 1 or 0. Defaults to 1. Example: when this
- is set to 1, the control plane can be scaled up
- immediately when the rolling update starts.'
- x-kubernetes-int-or-string: true
- type: object
- type:
- description: Type of rollout. Currently the only supported
- strategy is "RollingUpdate". Default is RollingUpdate.
- type: string
- type: object
- version:
- description: Version defines the desired Kubernetes version.
- type: string
- required:
- - kubeadmConfigSpec
- - machineTemplate
- - version
- type: object
- required:
- - spec
- type: object
- required:
- - template
- type: object
- type: object
- served: true
- storage: false
- subresources: {}
- - additionalPrinterColumns:
- - description: Time duration since creation of KubeadmControlPlaneTemplate
- jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1beta1
- schema:
- openAPIV3Schema:
- description: KubeadmControlPlaneTemplate is the Schema for the kubeadmcontrolplanetemplates
- API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: KubeadmControlPlaneTemplateSpec defines the desired state
- of KubeadmControlPlaneTemplate.
- properties:
- template:
- description: KubeadmControlPlaneTemplateResource describes the data
- needed to create a KubeadmControlPlane from a template.
- properties:
- spec:
- description: 'KubeadmControlPlaneTemplateResourceSpec defines
- the desired state of KubeadmControlPlane. NOTE: KubeadmControlPlaneTemplateResourceSpec
- is similar to KubeadmControlPlaneSpec but omits Replicas and
- Version fields. These fields do not make sense on the KubeadmControlPlaneTemplate,
- because they are calculated by the Cluster topology reconciler
- during reconciliation and thus cannot be configured on the KubeadmControlPlaneTemplate.'
- properties:
- kubeadmConfigSpec:
- description: KubeadmConfigSpec is a KubeadmConfigSpec to use
- for initializing and joining machines to the control plane.
- properties:
- clusterConfiguration:
- description: ClusterConfiguration along with InitConfiguration
- are the configurations necessary for the init command
- properties:
- apiServer:
- description: APIServer contains extra settings for
- the API server control plane component
- properties:
- certSANs:
- description: CertSANs sets extra Subject Alternative
- Names for the API Server signing cert.
- items:
- type: string
- type: array
- extraArgs:
- additionalProperties:
- type: string
- description: 'ExtraArgs is an extra set of flags
- to pass to the control plane component. TODO:
- This is temporary and ideally we would like
- to switch all components to use ComponentConfig
- + ConfigMaps.'
- type: object
- extraVolumes:
- description: ExtraVolumes is an extra set of host
- volumes, mounted to the control plane component.
- items:
- description: HostPathMount contains elements
- describing volumes that are mounted from the
- host.
- properties:
- hostPath:
- description: HostPath is the path in the
- host that will be mounted inside the pod.
- type: string
- mountPath:
- description: MountPath is the path inside
- the pod where hostPath will be mounted.
- type: string
- name:
- description: Name of the volume inside the
- pod template.
- type: string
- pathType:
- description: PathType is the type of the
- HostPath.
- type: string
- readOnly:
- description: ReadOnly controls write access
- to the volume
- type: boolean
- required:
- - hostPath
- - mountPath
- - name
- type: object
- type: array
- timeoutForControlPlane:
- description: TimeoutForControlPlane controls the
- timeout that we use for API server to appear
- type: string
- type: object
- apiVersion:
- description: 'APIVersion defines the versioned schema
- of this representation of an object. Servers should
- convert recognized schemas to the latest internal
- value, and may reject unrecognized values. More
- info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- certificatesDir:
- description: 'CertificatesDir specifies where to store
- or look for all required certificates. NB: if not
- provided, this will default to `/etc/kubernetes/pki`'
- type: string
- clusterName:
- description: The cluster name
- type: string
- controlPlaneEndpoint:
- description: 'ControlPlaneEndpoint sets a stable IP
- address or DNS name for the control plane; it can
- be a valid IP address or a RFC-1123 DNS subdomain,
- both with optional TCP port. In case the ControlPlaneEndpoint
- is not specified, the AdvertiseAddress + BindPort
- are used; in case the ControlPlaneEndpoint is specified
- but without a TCP port, the BindPort is used. Possible
- usages are: e.g. In a cluster with more than one
- control plane instances, this field should be assigned
- the address of the external load balancer in front
- of the control plane instances. e.g. in environments
- with enforced node recycling, the ControlPlaneEndpoint
- could be used for assigning a stable DNS to the
- control plane. NB: This value defaults to the first
- value in the Cluster object status.apiEndpoints
- array.'
- type: string
- controllerManager:
- description: ControllerManager contains extra settings
- for the controller manager control plane component
- properties:
- extraArgs:
- additionalProperties:
- type: string
- description: 'ExtraArgs is an extra set of flags
- to pass to the control plane component. TODO:
- This is temporary and ideally we would like
- to switch all components to use ComponentConfig
- + ConfigMaps.'
- type: object
- extraVolumes:
- description: ExtraVolumes is an extra set of host
- volumes, mounted to the control plane component.
- items:
- description: HostPathMount contains elements
- describing volumes that are mounted from the
- host.
- properties:
- hostPath:
- description: HostPath is the path in the
- host that will be mounted inside the pod.
- type: string
- mountPath:
- description: MountPath is the path inside
- the pod where hostPath will be mounted.
- type: string
- name:
- description: Name of the volume inside the
- pod template.
- type: string
- pathType:
- description: PathType is the type of the
- HostPath.
- type: string
- readOnly:
- description: ReadOnly controls write access
- to the volume
- type: boolean
- required:
- - hostPath
- - mountPath
- - name
- type: object
- type: array
- type: object
- dns:
- description: DNS defines the options for the DNS add-on
- installed in the cluster.
- properties:
- imageRepository:
- description: ImageRepository sets the container
- registry to pull images from. if not set, the
- ImageRepository defined in ClusterConfiguration
- will be used instead.
- type: string
- imageTag:
- description: ImageTag allows to specify a tag
- for the image. In case this value is set, kubeadm
- does not change automatically the version of
- the above components during upgrades.
- type: string
- type: object
- etcd:
- description: 'Etcd holds configuration for etcd. NB:
- This value defaults to a Local (stacked) etcd'
- properties:
- external:
- description: External describes how to connect
- to an external etcd cluster Local and External
- are mutually exclusive
- properties:
- caFile:
- description: CAFile is an SSL Certificate
- Authority file used to secure etcd communication.
- Required if using a TLS connection.
- type: string
- certFile:
- description: CertFile is an SSL certification
- file used to secure etcd communication.
- Required if using a TLS connection.
- type: string
- endpoints:
- description: Endpoints of etcd members. Required
- for ExternalEtcd.
- items:
- type: string
- type: array
- keyFile:
- description: KeyFile is an SSL key file used
- to secure etcd communication. Required if
- using a TLS connection.
- type: string
- required:
- - caFile
- - certFile
- - endpoints
- - keyFile
- type: object
- local:
- description: Local provides configuration knobs
- for configuring the local etcd instance Local
- and External are mutually exclusive
- properties:
- dataDir:
- description: DataDir is the directory etcd
- will place its data. Defaults to "/var/lib/etcd".
- type: string
- extraArgs:
- additionalProperties:
- type: string
- description: ExtraArgs are extra arguments
- provided to the etcd binary when run inside
- a static pod.
- type: object
- imageRepository:
- description: ImageRepository sets the container
- registry to pull images from. if not set,
- the ImageRepository defined in ClusterConfiguration
- will be used instead.
- type: string
- imageTag:
- description: ImageTag allows to specify a
- tag for the image. In case this value is
- set, kubeadm does not change automatically
- the version of the above components during
- upgrades.
- type: string
- peerCertSANs:
- description: PeerCertSANs sets extra Subject
- Alternative Names for the etcd peer signing
- cert.
- items:
- type: string
- type: array
- serverCertSANs:
- description: ServerCertSANs sets extra Subject
- Alternative Names for the etcd server signing
- cert.
- items:
- type: string
- type: array
- type: object
- type: object
- featureGates:
- additionalProperties:
- type: boolean
- description: FeatureGates enabled by the user.
- type: object
- imageRepository:
- description: ImageRepository sets the container registry
- to pull images from. If empty, `registry.k8s.io`
- will be used by default; in case of kubernetes version
- is a CI build (kubernetes version starts with `ci/`
- or `ci-cross/`) `gcr.io/k8s-staging-ci-images` will
- be used as a default for control plane components
- and for kube-proxy, while `registry.k8s.io` will
- be used for all the other images.
- type: string
- kind:
- description: 'Kind is a string value representing
- the REST resource this object represents. Servers
- may infer this from the endpoint the client submits
- requests to. Cannot be updated. In CamelCase. More
- info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- kubernetesVersion:
- description: 'KubernetesVersion is the target version
- of the control plane. NB: This value defaults to
- the Machine object spec.version'
- type: string
- networking:
- description: 'Networking holds configuration for the
- networking topology of the cluster. NB: This value
- defaults to the Cluster object spec.clusterNetwork.'
- properties:
- dnsDomain:
- description: DNSDomain is the dns domain used
- by k8s services. Defaults to "cluster.local".
- type: string
- podSubnet:
- description: PodSubnet is the subnet used by pods.
- If unset, the API server will not allocate CIDR
- ranges for every node. Defaults to a comma-delimited
- string of the Cluster object's spec.clusterNetwork.services.cidrBlocks
- if that is set
- type: string
- serviceSubnet:
- description: ServiceSubnet is the subnet used
- by k8s services. Defaults to a comma-delimited
- string of the Cluster object's spec.clusterNetwork.pods.cidrBlocks,
- or to "10.96.0.0/12" if that's unset.
- type: string
- type: object
- scheduler:
- description: Scheduler contains extra settings for
- the scheduler control plane component
- properties:
- extraArgs:
- additionalProperties:
- type: string
- description: 'ExtraArgs is an extra set of flags
- to pass to the control plane component. TODO:
- This is temporary and ideally we would like
- to switch all components to use ComponentConfig
- + ConfigMaps.'
- type: object
- extraVolumes:
- description: ExtraVolumes is an extra set of host
- volumes, mounted to the control plane component.
- items:
- description: HostPathMount contains elements
- describing volumes that are mounted from the
- host.
- properties:
- hostPath:
- description: HostPath is the path in the
- host that will be mounted inside the pod.
- type: string
- mountPath:
- description: MountPath is the path inside
- the pod where hostPath will be mounted.
- type: string
- name:
- description: Name of the volume inside the
- pod template.
- type: string
- pathType:
- description: PathType is the type of the
- HostPath.
- type: string
- readOnly:
- description: ReadOnly controls write access
- to the volume
- type: boolean
- required:
- - hostPath
- - mountPath
- - name
- type: object
- type: array
- type: object
- type: object
- diskSetup:
- description: DiskSetup specifies options for the creation
- of partition tables and file systems on devices.
- properties:
- filesystems:
- description: Filesystems specifies the list of file
- systems to setup.
- items:
- description: Filesystem defines the file systems
- to be created.
- properties:
- device:
- description: Device specifies the device name
- type: string
- extraOpts:
- description: ExtraOpts defined extra options
- to add to the command for creating the file
- system.
- items:
- type: string
- type: array
- filesystem:
- description: Filesystem specifies the file system
- type.
- type: string
- label:
- description: Label specifies the file system
- label to be used. If set to None, no label
- is used.
- type: string
- overwrite:
- description: Overwrite defines whether or not
- to overwrite any existing filesystem. If true,
- any pre-existing file system will be destroyed.
- Use with Caution.
- type: boolean
- partition:
- description: 'Partition specifies the partition
- to use. The valid options are: "auto|any",
- "auto", "any", "none", and <NUM>, where NUM
- is the actual partition number.'
- type: string
- replaceFS:
- description: 'ReplaceFS is a special directive,
- used for Microsoft Azure that instructs cloud-init
- to replace a file system of <FS_TYPE>. NOTE:
- unless you define a label, this requires the
- use of the ''any'' partition directive.'
- type: string
- required:
- - device
- - filesystem
- - label
- type: object
- type: array
- partitions:
- description: Partitions specifies the list of the
- partitions to setup.
- items:
- description: Partition defines how to create and
- layout a partition.
- properties:
- device:
- description: Device is the name of the device.
- type: string
- layout:
- description: Layout specifies the device layout.
- If it is true, a single partition will be
- created for the entire device. When layout
- is false, it means don't partition or ignore
- existing partitioning.
- type: boolean
- overwrite:
- description: Overwrite describes whether to
- skip checks and create the partition if a
- partition or filesystem is found on the device.
- Use with caution. Default is 'false'.
- type: boolean
- tableType:
- description: 'TableType specifies the tupe of
- partition table. The following are supported:
- ''mbr'': default and setups a MS-DOS partition
- table ''gpt'': setups a GPT partition table'
- type: string
- required:
- - device
- - layout
- type: object
- type: array
- type: object
- files:
- description: Files specifies extra files to be passed
- to user_data upon creation.
- items:
- description: File defines the input for generating write_files
- in cloud-init.
- properties:
- append:
- description: Append specifies whether to append
- Content to existing file if Path exists.
- type: boolean
- content:
- description: Content is the actual content of the
- file.
- type: string
- contentFrom:
- description: ContentFrom is a referenced source
- of content to populate the file.
- properties:
- secret:
- description: Secret represents a secret that
- should populate this file.
- properties:
- key:
- description: Key is the key in the secret's
- data map for this value.
- type: string
- name:
- description: Name of the secret in the KubeadmBootstrapConfig's
- namespace to use.
- type: string
- required:
- - key
- - name
- type: object
- required:
- - secret
- type: object
- encoding:
- description: Encoding specifies the encoding of
- the file contents.
- enum:
- - base64
- - gzip
- - gzip+base64
- type: string
- owner:
- description: Owner specifies the ownership of the
- file, e.g. "root:root".
- type: string
- path:
- description: Path specifies the full path on disk
- where to store the file.
- type: string
- permissions:
- description: Permissions specifies the permissions
- to assign to the file, e.g. "0640".
- type: string
- required:
- - path
- type: object
- type: array
- format:
- description: Format specifies the output format of the
- bootstrap data
- enum:
- - cloud-config
- - ignition
- type: string
- ignition:
- description: Ignition contains Ignition specific configuration.
- properties:
- containerLinuxConfig:
- description: ContainerLinuxConfig contains CLC specific
- configuration.
- properties:
- additionalConfig:
- description: "AdditionalConfig contains additional
- configuration to be merged with the Ignition
- configuration generated by the bootstrapper
- controller. More info: https://coreos.github.io/ignition/operator-notes/#config-merging
- \n The data format is documented here: https://kinvolk.io/docs/flatcar-container-linux/latest/provisioning/cl-config/"
- type: string
- strict:
- description: Strict controls if AdditionalConfig
- should be strictly parsed. If so, warnings are
- treated as errors.
- type: boolean
- type: object
- type: object
- initConfiguration:
- description: InitConfiguration along with ClusterConfiguration
- are the configurations necessary for the init command
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema
- of this representation of an object. Servers should
- convert recognized schemas to the latest internal
- value, and may reject unrecognized values. More
- info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- bootstrapTokens:
- description: BootstrapTokens is respected at `kubeadm
- init` time and describes a set of Bootstrap Tokens
- to create. This information IS NOT uploaded to the
- kubeadm cluster configmap, partly because of its
- sensitive nature
- items:
- description: BootstrapToken describes one bootstrap
- token, stored as a Secret in the cluster.
- properties:
- description:
- description: Description sets a human-friendly
- message why this token exists and what it's
- used for, so other administrators can know
- its purpose.
- type: string
- expires:
- description: Expires specifies the timestamp
- when this token expires. Defaults to being
- set dynamically at runtime based on the TTL.
- Expires and TTL are mutually exclusive.
- format: date-time
- type: string
- groups:
- description: Groups specifies the extra groups
- that this token will authenticate as when/if
- used for authentication
- items:
- type: string
- type: array
- token:
- description: Token is used for establishing
- bidirectional trust between nodes and control-planes.
- Used for joining nodes in the cluster.
- type: string
- ttl:
- description: TTL defines the time to live for
- this token. Defaults to 24h. Expires and TTL
- are mutually exclusive.
- type: string
- usages:
- description: Usages describes the ways in which
- this token can be used. Can by default be
- used for establishing bidirectional trust,
- but that can be changed here.
- items:
- type: string
- type: array
- required:
- - token
- type: object
- type: array
- kind:
- description: 'Kind is a string value representing
- the REST resource this object represents. Servers
- may infer this from the endpoint the client submits
- requests to. Cannot be updated. In CamelCase. More
- info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- localAPIEndpoint:
- description: LocalAPIEndpoint represents the endpoint
- of the API server instance that's deployed on this
- control plane node In HA setups, this differs from
- ClusterConfiguration.ControlPlaneEndpoint in the
- sense that ControlPlaneEndpoint is the global endpoint
- for the cluster, which then loadbalances the requests
- to each individual API server. This configuration
- object lets you customize what IP/DNS name and port
- the local API server advertises it's accessible
- on. By default, kubeadm tries to auto-detect the
- IP of the default interface and use that, but in
- case that process fails you may set the desired
- value here.
- properties:
- advertiseAddress:
- description: AdvertiseAddress sets the IP address
- for the API server to advertise.
- type: string
- bindPort:
- description: BindPort sets the secure port for
- the API Server to bind to. Defaults to 6443.
- format: int32
- type: integer
- type: object
- nodeRegistration:
- description: NodeRegistration holds fields that relate
- to registering the new control-plane node to the
- cluster. When used in the context of control plane
- nodes, NodeRegistration should remain consistent
- across both InitConfiguration and JoinConfiguration
- properties:
- criSocket:
- description: CRISocket is used to retrieve container
- runtime info. This information will be annotated
- to the Node API object, for later re-use
- type: string
- ignorePreflightErrors:
- description: IgnorePreflightErrors provides a
- slice of pre-flight errors to be ignored when
- the current node is registered.
- items:
- type: string
- type: array
- kubeletExtraArgs:
- additionalProperties:
- type: string
- description: KubeletExtraArgs passes through extra
- arguments to the kubelet. The arguments here
- are passed to the kubelet command line via the
- environment file kubeadm writes at runtime for
- the kubelet to source. This overrides the generic
- base-level configuration in the kubelet-config-1.X
- ConfigMap Flags have higher priority when parsing.
- These values are local and specific to the node
- kubeadm is executing on.
- type: object
- name:
- description: Name is the `.Metadata.Name` field
- of the Node API object that will be created
- in this `kubeadm init` or `kubeadm join` operation.
- This field is also used in the CommonName field
- of the kubelet's client certificate to the API
- server. Defaults to the hostname of the node
- if not provided.
- type: string
- taints:
- description: 'Taints specifies the taints the
- Node API object should be registered with. If
- this field is unset, i.e. nil, in the `kubeadm
- init` process it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}.
- If you don''t want to taint your control-plane
- node, set this field to an empty slice, i.e.
- `taints: []` in the YAML file. This field is
- solely used for Node registration.'
- items:
- description: The node this Taint is attached
- to has the "effect" on any pod that does not
- tolerate the Taint.
- properties:
- effect:
- description: Required. The effect of the
- taint on pods that do not tolerate the
- taint. Valid effects are NoSchedule, PreferNoSchedule
- and NoExecute.
- type: string
- key:
- description: Required. The taint key to
- be applied to a node.
- type: string
- timeAdded:
- description: TimeAdded represents the time
- at which the taint was added. It is only
- written for NoExecute taints.
- format: date-time
- type: string
- value:
- description: The taint value corresponding
- to the taint key.
- type: string
- required:
- - effect
- - key
- type: object
- type: array
- type: object
- patches:
- description: Patches contains options related to applying
- patches to components deployed by kubeadm during
- "kubeadm init". The minimum kubernetes version needed
- to support Patches is v1.22
- properties:
- directory:
- description: Directory is a path to a directory
- that contains files named "target[suffix][+patchtype].extension".
- For example, "kube-apiserver0+merge.yaml" or
- just "etcd.json". "target" can be one of "kube-apiserver",
- "kube-controller-manager", "kube-scheduler",
- "etcd". "patchtype" can be one of "strategic"
- "merge" or "json" and they match the patch formats
- supported by kubectl. The default "patchtype"
- is "strategic". "extension" must be either "json"
- or "yaml". "suffix" is an optional string that
- can be used to determine which patches are applied
- first alpha-numerically. These files can be
- written into the target directory via KubeadmConfig.Files
- which specifies additional files to be created
- on the machine, either with content inline or
- by referencing a secret.
- type: string
- type: object
- skipPhases:
- description: SkipPhases is a list of phases to skip
- during command execution. The list of phases can
- be obtained with the "kubeadm init --help" command.
- This option takes effect only on Kubernetes >=1.22.0.
- items:
- type: string
- type: array
- type: object
- joinConfiguration:
- description: JoinConfiguration is the kubeadm configuration
- for the join command
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema
- of this representation of an object. Servers should
- convert recognized schemas to the latest internal
- value, and may reject unrecognized values. More
- info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- caCertPath:
- description: 'CACertPath is the path to the SSL certificate
- authority used to secure comunications between node
- and control-plane. Defaults to "/etc/kubernetes/pki/ca.crt".
- TODO: revisit when there is defaulting from k/k'
- type: string
- controlPlane:
- description: ControlPlane defines the additional control
- plane instance to be deployed on the joining node.
- If nil, no additional control plane instance will
- be deployed.
- properties:
- localAPIEndpoint:
- description: LocalAPIEndpoint represents the endpoint
- of the API server instance to be deployed on
- this node.
- properties:
- advertiseAddress:
- description: AdvertiseAddress sets the IP
- address for the API server to advertise.
- type: string
- bindPort:
- description: BindPort sets the secure port
- for the API Server to bind to. Defaults
- to 6443.
- format: int32
- type: integer
- type: object
- type: object
- discovery:
- description: 'Discovery specifies the options for
- the kubelet to use during the TLS Bootstrap process
- TODO: revisit when there is defaulting from k/k'
- properties:
- bootstrapToken:
- description: BootstrapToken is used to set the
- options for bootstrap token based discovery
- BootstrapToken and File are mutually exclusive
- properties:
- apiServerEndpoint:
- description: APIServerEndpoint is an IP or
- domain name to the API server from which
- info will be fetched.
- type: string
- caCertHashes:
- description: 'CACertHashes specifies a set
- of public key pins to verify when token-based
- discovery is used. The root CA found during
- discovery must match one of these values.
- Specifying an empty set disables root CA
- pinning, which can be unsafe. Each hash
- is specified as "<type>:<value>", where
- the only currently supported type is "sha256".
- This is a hex-encoded SHA-256 hash of the
- Subject Public Key Info (SPKI) object in
- DER-encoded ASN.1. These hashes can be calculated
- using, for example, OpenSSL: openssl x509
- -pubkey -in ca.crt openssl rsa -pubin -outform
- der 2>&/dev/null | openssl dgst -sha256
- -hex'
- items:
- type: string
- type: array
- token:
- description: Token is a token used to validate
- cluster information fetched from the control-plane.
- type: string
- unsafeSkipCAVerification:
- description: UnsafeSkipCAVerification allows
- token-based discovery without CA verification
- via CACertHashes. This can weaken the security
- of kubeadm since other nodes can impersonate
- the control-plane.
- type: boolean
- required:
- - token
- type: object
- file:
- description: File is used to specify a file or
- URL to a kubeconfig file from which to load
- cluster information BootstrapToken and File
- are mutually exclusive
- properties:
- kubeConfigPath:
- description: KubeConfigPath is used to specify
- the actual file path or URL to the kubeconfig
- file from which to load cluster information
- type: string
- required:
- - kubeConfigPath
- type: object
- timeout:
- description: Timeout modifies the discovery timeout
- type: string
- tlsBootstrapToken:
- description: TLSBootstrapToken is a token used
- for TLS bootstrapping. If .BootstrapToken is
- set, this field is defaulted to .BootstrapToken.Token,
- but can be overridden. If .File is set, this
- field **must be set** in case the KubeConfigFile
- does not contain any other authentication information
- type: string
- type: object
- kind:
- description: 'Kind is a string value representing
- the REST resource this object represents. Servers
- may infer this from the endpoint the client submits
- requests to. Cannot be updated. In CamelCase. More
- info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- nodeRegistration:
- description: NodeRegistration holds fields that relate
- to registering the new control-plane node to the
- cluster. When used in the context of control plane
- nodes, NodeRegistration should remain consistent
- across both InitConfiguration and JoinConfiguration
- properties:
- criSocket:
- description: CRISocket is used to retrieve container
- runtime info. This information will be annotated
- to the Node API object, for later re-use
- type: string
- ignorePreflightErrors:
- description: IgnorePreflightErrors provides a
- slice of pre-flight errors to be ignored when
- the current node is registered.
- items:
- type: string
- type: array
- kubeletExtraArgs:
- additionalProperties:
- type: string
- description: KubeletExtraArgs passes through extra
- arguments to the kubelet. The arguments here
- are passed to the kubelet command line via the
- environment file kubeadm writes at runtime for
- the kubelet to source. This overrides the generic
- base-level configuration in the kubelet-config-1.X
- ConfigMap Flags have higher priority when parsing.
- These values are local and specific to the node
- kubeadm is executing on.
- type: object
- name:
- description: Name is the `.Metadata.Name` field
- of the Node API object that will be created
- in this `kubeadm init` or `kubeadm join` operation.
- This field is also used in the CommonName field
- of the kubelet's client certificate to the API
- server. Defaults to the hostname of the node
- if not provided.
- type: string
- taints:
- description: 'Taints specifies the taints the
- Node API object should be registered with. If
- this field is unset, i.e. nil, in the `kubeadm
- init` process it will be defaulted to []v1.Taint{''node-role.kubernetes.io/master=""''}.
- If you don''t want to taint your control-plane
- node, set this field to an empty slice, i.e.
- `taints: []` in the YAML file. This field is
- solely used for Node registration.'
- items:
- description: The node this Taint is attached
- to has the "effect" on any pod that does not
- tolerate the Taint.
- properties:
- effect:
- description: Required. The effect of the
- taint on pods that do not tolerate the
- taint. Valid effects are NoSchedule, PreferNoSchedule
- and NoExecute.
- type: string
- key:
- description: Required. The taint key to
- be applied to a node.
- type: string
- timeAdded:
- description: TimeAdded represents the time
- at which the taint was added. It is only
- written for NoExecute taints.
- format: date-time
- type: string
- value:
- description: The taint value corresponding
- to the taint key.
- type: string
- required:
- - effect
- - key
- type: object
- type: array
- type: object
- patches:
- description: Patches contains options related to applying
- patches to components deployed by kubeadm during
- "kubeadm join". The minimum kubernetes version needed
- to support Patches is v1.22
- properties:
- directory:
- description: Directory is a path to a directory
- that contains files named "target[suffix][+patchtype].extension".
- For example, "kube-apiserver0+merge.yaml" or
- just "etcd.json". "target" can be one of "kube-apiserver",
- "kube-controller-manager", "kube-scheduler",
- "etcd". "patchtype" can be one of "strategic"
- "merge" or "json" and they match the patch formats
- supported by kubectl. The default "patchtype"
- is "strategic". "extension" must be either "json"
- or "yaml". "suffix" is an optional string that
- can be used to determine which patches are applied
- first alpha-numerically. These files can be
- written into the target directory via KubeadmConfig.Files
- which specifies additional files to be created
- on the machine, either with content inline or
- by referencing a secret.
- type: string
- type: object
- skipPhases:
- description: SkipPhases is a list of phases to skip
- during command execution. The list of phases can
- be obtained with the "kubeadm init --help" command.
- This option takes effect only on Kubernetes >=1.22.0.
- items:
- type: string
- type: array
- type: object
- mounts:
- description: Mounts specifies a list of mount points to
- be setup.
- items:
- description: MountPoints defines input for generated
- mounts in cloud-init.
- items:
- type: string
- type: array
- type: array
- ntp:
- description: NTP specifies NTP configuration
- properties:
- enabled:
- description: Enabled specifies whether NTP should
- be enabled
- type: boolean
- servers:
- description: Servers specifies which NTP servers to
- use
- items:
- type: string
- type: array
- type: object
- postKubeadmCommands:
- description: PostKubeadmCommands specifies extra commands
- to run after kubeadm runs
- items:
- type: string
- type: array
- preKubeadmCommands:
- description: PreKubeadmCommands specifies extra commands
- to run before kubeadm runs
- items:
- type: string
- type: array
- useExperimentalRetryJoin:
- description: "UseExperimentalRetryJoin replaces a basic
- kubeadm command with a shell script with retries for
- joins. \n This is meant to be an experimental temporary
- workaround on some environments where joins fail due
- to timing (and other issues). The long term goal is
- to add retries to kubeadm proper and use that functionality.
- \n This will add about 40KB to userdata \n For more
- information, refer to https://github.com/kubernetes-sigs/cluster-api/pull/2763#discussion_r397306055.
- \n Deprecated: This experimental fix is no longer needed
- and this field will be removed in a future release.
- When removing also remove from staticcheck exclude-rules
- for SA1019 in golangci.yml"
- type: boolean
- users:
- description: Users specifies extra users to add
- items:
- description: User defines the input for a generated
- user in cloud-init.
- properties:
- gecos:
- description: Gecos specifies the gecos to use for
- the user
- type: string
- groups:
- description: Groups specifies the additional groups
- for the user
- type: string
- homeDir:
- description: HomeDir specifies the home directory
- to use for the user
- type: string
- inactive:
- description: Inactive specifies whether to mark
- the user as inactive
- type: boolean
- lockPassword:
- description: LockPassword specifies if password
- login should be disabled
- type: boolean
- name:
- description: Name specifies the user name
- type: string
- passwd:
- description: Passwd specifies a hashed password
- for the user
- type: string
- passwdFrom:
- description: PasswdFrom is a referenced source of
- passwd to populate the passwd.
- properties:
- secret:
- description: Secret represents a secret that
- should populate this password.
- properties:
- key:
- description: Key is the key in the secret's
- data map for this value.
- type: string
- name:
- description: Name of the secret in the KubeadmBootstrapConfig's
- namespace to use.
- type: string
- required:
- - key
- - name
- type: object
- required:
- - secret
- type: object
- primaryGroup:
- description: PrimaryGroup specifies the primary
- group for the user
- type: string
- shell:
- description: Shell specifies the user's shell
- type: string
- sshAuthorizedKeys:
- description: SSHAuthorizedKeys specifies a list
- of ssh authorized keys for the user
- items:
- type: string
- type: array
- sudo:
- description: Sudo specifies a sudo role for the
- user
- type: string
- required:
- - name
- type: object
- type: array
- verbosity:
- description: Verbosity is the number for the kubeadm log
- level verbosity. It overrides the `--v` flag in kubeadm
- commands.
- format: int32
- type: integer
- type: object
- machineTemplate:
- description: MachineTemplate contains information about how
- machines should be shaped when creating or updating a control
- plane.
- properties:
- nodeDeletionTimeout:
- description: NodeDeletionTimeout defines how long the
- machine controller will attempt to delete the Node that
- the Machine hosts after the Machine is marked for deletion.
- A duration of 0 will retry deletion indefinitely. If
- no value is provided, the default value for this property
- of the Machine resource will be used.
- type: string
- nodeDrainTimeout:
- description: 'NodeDrainTimeout is the total amount of
- time that the controller will spend on draining a controlplane
- node The default value is 0, meaning that the node can
- be drained without any time limitations. NOTE: NodeDrainTimeout
- is different from `kubectl drain --timeout`'
- type: string
- nodeVolumeDetachTimeout:
- description: NodeVolumeDetachTimeout is the total amount
- of time that the controller will spend on waiting for
- all volumes to be detached. The default value is 0,
- meaning that the volumes can be detached without any
- time limitations.
- type: string
- type: object
- rolloutAfter:
- description: RolloutAfter is a field to indicate a rollout
- should be performed after the specified time even if no
- changes have been made to the KubeadmControlPlane.
- format: date-time
- type: string
- rolloutBefore:
- description: RolloutBefore is a field to indicate a rollout
- should be performed if the specified criteria is met.
- properties:
- certificatesExpiryDays:
- description: CertificatesExpiryDays indicates a rollout
- needs to be performed if the certificates of the machine
- will expire within the specified days.
- format: int32
- type: integer
- type: object
- rolloutStrategy:
- default:
- rollingUpdate:
- maxSurge: 1
- type: RollingUpdate
- description: The RolloutStrategy to use to replace control
- plane machines with new ones.
- properties:
- rollingUpdate:
- description: Rolling update config params. Present only
- if RolloutStrategyType = RollingUpdate.
- properties:
- maxSurge:
- anyOf:
- - type: integer
- - type: string
- description: 'The maximum number of control planes
- that can be scheduled above or under the desired
- number of control planes. Value can be an absolute
- number 1 or 0. Defaults to 1. Example: when this
- is set to 1, the control plane can be scaled up
- immediately when the rolling update starts.'
- x-kubernetes-int-or-string: true
- type: object
- type:
- description: Type of rollout. Currently the only supported
- strategy is "RollingUpdate". Default is RollingUpdate.
- type: string
- type: object
- required:
- - kubeadmConfigSpec
- type: object
- required:
- - spec
- type: object
- required:
- - template
- type: object
- type: object
- served: true
- storage: true
- subresources: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: null
- storedVersions: null
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- labels:
- cluster.x-k8s.io/provider: control-plane-kubeadm
- clusterctl.cluster.x-k8s.io: ""
- name: capi-kubeadm-control-plane-manager
- namespace: capi-kubeadm-control-plane-system
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- labels:
- cluster.x-k8s.io/provider: control-plane-kubeadm
- clusterctl.cluster.x-k8s.io: ""
- name: capi-kubeadm-control-plane-leader-election-role
- namespace: capi-kubeadm-control-plane-system
-rules:
-- apiGroups:
- - ""
- resources:
- - events
- verbs:
- - create
-- apiGroups:
- - coordination.k8s.io
- resources:
- - leases
- verbs:
- - get
- - list
- - watch
- - create
- - update
- - patch
- - delete
----
-aggregationRule:
- clusterRoleSelectors:
- - matchLabels:
- kubeadm.controlplane.cluster.x-k8s.io/aggregate-to-manager: "true"
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- labels:
- cluster.x-k8s.io/provider: control-plane-kubeadm
- clusterctl.cluster.x-k8s.io: ""
- name: capi-kubeadm-control-plane-system-capi-kubeadm-control-plane-aggregated-manager-role
-rules: []
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- labels:
- cluster.x-k8s.io/provider: control-plane-kubeadm
- clusterctl.cluster.x-k8s.io: ""
- kubeadm.controlplane.cluster.x-k8s.io/aggregate-to-manager: "true"
- name: capi-kubeadm-control-plane-system-capi-kubeadm-control-plane-manager-role
-rules:
-- apiGroups:
- - apiextensions.k8s.io
- resources:
- - customresourcedefinitions
- verbs:
- - get
- - list
- - watch
-- apiGroups:
- - bootstrap.cluster.x-k8s.io
- - controlplane.cluster.x-k8s.io
- - infrastructure.cluster.x-k8s.io
- resources:
- - '*'
- verbs:
- - create
- - delete
- - get
- - list
- - patch
- - update
- - watch
-- apiGroups:
- - cluster.x-k8s.io
- resources:
- - clusters
- - clusters/status
- verbs:
- - get
- - list
- - watch
-- apiGroups:
- - cluster.x-k8s.io
- resources:
- - machines
- - machines/status
- verbs:
- - create
- - delete
- - get
- - list
- - patch
- - update
- - watch
-- apiGroups:
- - ""
- resources:
- - events
- verbs:
- - create
- - get
- - list
- - patch
- - watch
-- apiGroups:
- - ""
- resources:
- - secrets
- verbs:
- - create
- - get
- - list
- - patch
- - update
- - watch
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
- creationTimestamp: null
- labels:
- cluster.x-k8s.io/provider: control-plane-kubeadm
- clusterctl.cluster.x-k8s.io: ""
- name: capi-kubeadm-control-plane-leader-election-rolebinding
- namespace: capi-kubeadm-control-plane-system
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: Role
- name: capi-kubeadm-control-plane-leader-election-role
-subjects:
-- kind: ServiceAccount
- name: capi-kubeadm-control-plane-manager
- namespace: capi-kubeadm-control-plane-system
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- creationTimestamp: null
- labels:
- cluster.x-k8s.io/provider: control-plane-kubeadm
- clusterctl.cluster.x-k8s.io: ""
- name: capi-kubeadm-control-plane-system-capi-kubeadm-control-plane-manager-rolebinding
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: capi-kubeadm-control-plane-system-capi-kubeadm-control-plane-aggregated-manager-role
-subjects:
-- kind: ServiceAccount
- name: capi-kubeadm-control-plane-manager
- namespace: capi-kubeadm-control-plane-system
----
-apiVersion: v1
-kind: Service
-metadata:
- labels:
- cluster.x-k8s.io/provider: control-plane-kubeadm
- clusterctl.cluster.x-k8s.io: ""
- name: capi-kubeadm-control-plane-webhook-service
- namespace: capi-kubeadm-control-plane-system
-spec:
- ports:
- - port: 443
- targetPort: webhook-server
- selector:
- cluster.x-k8s.io/provider: control-plane-kubeadm
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- creationTimestamp: null
- labels:
- cluster.x-k8s.io/provider: control-plane-kubeadm
- clusterctl.cluster.x-k8s.io: ""
- control-plane: controller-manager
- name: capi-kubeadm-control-plane-controller-manager
- namespace: capi-kubeadm-control-plane-system
-spec:
- replicas: 1
- selector:
- matchLabels:
- cluster.x-k8s.io/provider: control-plane-kubeadm
- control-plane: controller-manager
- strategy: {}
- template:
- metadata:
- creationTimestamp: null
- labels:
- cluster.x-k8s.io/provider: control-plane-kubeadm
- control-plane: controller-manager
- spec:
- containers:
- - args:
- - --leader-elect
- - --metrics-bind-addr=localhost:8080
- - --feature-gates=ClusterTopology=true,KubeadmBootstrapFormatIgnition=false
- command:
- - /manager
- env:
- - name: POD_NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- - name: POD_NAME
- valueFrom:
- fieldRef:
- fieldPath: metadata.name
- - name: POD_UID
- valueFrom:
- fieldRef:
- fieldPath: metadata.uid
- image: registry.k8s.io/cluster-api/kubeadm-control-plane-controller:v1.3.0
- imagePullPolicy: IfNotPresent
- livenessProbe:
- httpGet:
- path: /healthz
- port: healthz
- name: manager
- ports:
- - containerPort: 9443
- name: webhook-server
- protocol: TCP
- - containerPort: 9440
- name: healthz
- protocol: TCP
- readinessProbe:
- httpGet:
- path: /readyz
- port: healthz
- resources: {}
- volumeMounts:
- - mountPath: /tmp/k8s-webhook-server/serving-certs
- name: cert
- readOnly: true
- serviceAccountName: capi-kubeadm-control-plane-manager
- terminationGracePeriodSeconds: 10
- tolerations:
- - effect: NoSchedule
- key: node-role.kubernetes.io/master
- - effect: NoSchedule
- key: node-role.kubernetes.io/control-plane
- volumes:
- - name: cert
- secret:
- secretName: capi-kubeadm-control-plane-webhook-service-cert
-status: {}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- labels:
- cluster.x-k8s.io/provider: control-plane-kubeadm
- clusterctl.cluster.x-k8s.io: ""
- name: capi-kubeadm-control-plane-serving-cert
- namespace: capi-kubeadm-control-plane-system
-spec:
- dnsNames:
- - capi-kubeadm-control-plane-webhook-service.capi-kubeadm-control-plane-system.svc
- - capi-kubeadm-control-plane-webhook-service.capi-kubeadm-control-plane-system.svc.cluster.local
- issuerRef:
- kind: Issuer
- name: capi-kubeadm-control-plane-selfsigned-issuer
- secretName: capi-kubeadm-control-plane-webhook-service-cert
- subject:
- organizations:
- - k8s-sig-cluster-lifecycle
----
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- labels:
- cluster.x-k8s.io/provider: control-plane-kubeadm
- clusterctl.cluster.x-k8s.io: ""
- name: capi-kubeadm-control-plane-selfsigned-issuer
- namespace: capi-kubeadm-control-plane-system
-spec:
- selfSigned: {}
----
-apiVersion: admissionregistration.k8s.io/v1
-kind: MutatingWebhookConfiguration
-metadata:
- annotations:
- cert-manager.io/inject-ca-from: capi-kubeadm-control-plane-system/capi-kubeadm-control-plane-serving-cert
- creationTimestamp: null
- labels:
- cluster.x-k8s.io/provider: control-plane-kubeadm
- clusterctl.cluster.x-k8s.io: ""
- name: capi-kubeadm-control-plane-mutating-webhook-configuration
-webhooks:
-- admissionReviewVersions:
- - v1
- - v1beta1
- clientConfig:
- service:
- name: capi-kubeadm-control-plane-webhook-service
- namespace: capi-kubeadm-control-plane-system
- path: /mutate-controlplane-cluster-x-k8s-io-v1beta1-kubeadmcontrolplane
- failurePolicy: Fail
- matchPolicy: Equivalent
- name: default.kubeadmcontrolplane.controlplane.cluster.x-k8s.io
- rules:
- - apiGroups:
- - controlplane.cluster.x-k8s.io
- apiVersions:
- - v1beta1
- operations:
- - CREATE
- - UPDATE
- resources:
- - kubeadmcontrolplanes
- sideEffects: None
-- admissionReviewVersions:
- - v1
- - v1beta1
- clientConfig:
- service:
- name: capi-kubeadm-control-plane-webhook-service
- namespace: capi-kubeadm-control-plane-system
- path: /mutate-controlplane-cluster-x-k8s-io-v1beta1-kubeadmcontrolplanetemplate
- failurePolicy: Fail
- name: default.kubeadmcontrolplanetemplate.controlplane.cluster.x-k8s.io
- rules:
- - apiGroups:
- - controlplane.cluster.x-k8s.io
- apiVersions:
- - v1beta1
- operations:
- - CREATE
- - UPDATE
- resources:
- - kubeadmcontrolplanetemplates
- sideEffects: None
----
-apiVersion: admissionregistration.k8s.io/v1
-kind: ValidatingWebhookConfiguration
-metadata:
- annotations:
- cert-manager.io/inject-ca-from: capi-kubeadm-control-plane-system/capi-kubeadm-control-plane-serving-cert
- creationTimestamp: null
- labels:
- cluster.x-k8s.io/provider: control-plane-kubeadm
- clusterctl.cluster.x-k8s.io: ""
- name: capi-kubeadm-control-plane-validating-webhook-configuration
-webhooks:
-- admissionReviewVersions:
- - v1
- - v1beta1
- clientConfig:
- service:
- name: capi-kubeadm-control-plane-webhook-service
- namespace: capi-kubeadm-control-plane-system
- path: /validate-controlplane-cluster-x-k8s-io-v1beta1-kubeadmcontrolplane
- failurePolicy: Fail
- matchPolicy: Equivalent
- name: validation.kubeadmcontrolplane.controlplane.cluster.x-k8s.io
- rules:
- - apiGroups:
- - controlplane.cluster.x-k8s.io
- apiVersions:
- - v1beta1
- operations:
- - CREATE
- - UPDATE
- resources:
- - kubeadmcontrolplanes
- sideEffects: None
-- admissionReviewVersions:
- - v1
- - v1beta1
- clientConfig:
- service:
- name: capi-kubeadm-control-plane-webhook-service
- namespace: capi-kubeadm-control-plane-system
- path: /validate-controlplane-cluster-x-k8s-io-v1beta1-kubeadmcontrolplanetemplate
- failurePolicy: Fail
- name: validation.kubeadmcontrolplanetemplate.controlplane.cluster.x-k8s.io
- rules:
- - apiGroups:
- - controlplane.cluster.x-k8s.io
- apiVersions:
- - v1beta1
- operations:
- - CREATE
- - UPDATE
- resources:
- - kubeadmcontrolplanetemplates
- sideEffects: None
-- admissionReviewVersions:
- - v1
- - v1beta1
- clientConfig:
- service:
- name: capi-kubeadm-control-plane-webhook-service
- namespace: capi-kubeadm-control-plane-system
- path: /validate-scale-controlplane-cluster-x-k8s-io-v1beta1-kubeadmcontrolplane
- failurePolicy: Fail
- matchPolicy: Equivalent
- name: validation-scale.kubeadmcontrolplane.controlplane.cluster.x-k8s.io
- rules:
- - apiGroups:
- - controlplane.cluster.x-k8s.io
- apiVersions:
- - v1beta1
- operations:
- - UPDATE
- resources:
- - kubeadmcontrolplanes/scale
- sideEffects: None
diff --git a/atmosphere/operator/manifests/capi-core.yml b/atmosphere/operator/manifests/capi-core.yml
deleted file mode 100644
index 512a675..0000000
--- a/atmosphere/operator/manifests/capi-core.yml
+++ /dev/null
@@ -1,11515 +0,0 @@
-apiVersion: v1
-kind: Namespace
-metadata:
- labels:
- cluster.x-k8s.io/provider: cluster-api
- clusterctl.cluster.x-k8s.io: ""
- control-plane: controller-manager
- name: capi-system
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- cert-manager.io/inject-ca-from: capi-system/capi-serving-cert
- controller-gen.kubebuilder.io/version: v0.10.0
- creationTimestamp: null
- labels:
- cluster.x-k8s.io/provider: cluster-api
- clusterctl.cluster.x-k8s.io: ""
- name: clusterclasses.cluster.x-k8s.io
-spec:
- conversion:
- strategy: Webhook
- webhook:
- clientConfig:
- caBundle: Cg==
- service:
- name: capi-webhook-service
- namespace: capi-system
- path: /convert
- conversionReviewVersions:
- - v1
- - v1beta1
- group: cluster.x-k8s.io
- names:
- categories:
- - cluster-api
- kind: ClusterClass
- listKind: ClusterClassList
- plural: clusterclasses
- shortNames:
- - cc
- singular: clusterclass
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - description: Time duration since creation of ClusterClass
- jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1alpha4
- schema:
- openAPIV3Schema:
- description: ClusterClass is a template which can be used to create managed
- topologies.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: ClusterClassSpec describes the desired state of the ClusterClass.
- properties:
- controlPlane:
- description: ControlPlane is a reference to a local struct that holds
- the details for provisioning the Control Plane for the Cluster.
- properties:
- machineInfrastructure:
- description: "MachineTemplate defines the metadata and infrastructure
- information for control plane machines. \n This field is supported
- if and only if the control plane provider template referenced
- above is Machine based and supports setting replicas."
- properties:
- ref:
- description: Ref is a required reference to a custom resource
- offered by a provider.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object instead
- of an entire object, this string should contain a valid
- JSON/Go field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container
- within a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container that
- triggered the event) or if no container name is specified
- "spec.containers[2]" (container with index 2 in this
- pod). This syntax is chosen only to have some well-defined
- way of referencing a part of an object. TODO: this design
- is not final and this field is subject to change in
- the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this reference
- is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- required:
- - ref
- type: object
- metadata:
- description: "Metadata is the metadata applied to the machines
- of the ControlPlane. At runtime this metadata is merged with
- the corresponding metadata from the topology. \n This field
- is supported if and only if the control plane provider template
- referenced is Machine based."
- properties:
- annotations:
- additionalProperties:
- type: string
- description: 'Annotations is an unstructured key value map
- stored with a resource that may be set by external tools
- to store and retrieve arbitrary metadata. They are not queryable
- and should be preserved when modifying objects. More info:
- http://kubernetes.io/docs/user-guide/annotations'
- type: object
- labels:
- additionalProperties:
- type: string
- description: 'Map of string keys and values that can be used
- to organize and categorize (scope and select) objects. May
- match selectors of replication controllers and services.
- More info: http://kubernetes.io/docs/user-guide/labels'
- type: object
- type: object
- ref:
- description: Ref is a required reference to a custom resource
- offered by a provider.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object instead
- of an entire object, this string should contain a valid
- JSON/Go field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container within
- a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container that triggered
- the event) or if no container name is specified "spec.containers[2]"
- (container with index 2 in this pod). This syntax is chosen
- only to have some well-defined way of referencing a part
- of an object. TODO: this design is not final and this field
- is subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this reference
- is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- required:
- - ref
- type: object
- infrastructure:
- description: Infrastructure is a reference to a provider-specific
- template that holds the details for provisioning infrastructure
- specific cluster for the underlying provider. The underlying provider
- is responsible for the implementation of the template to an infrastructure
- cluster.
- properties:
- ref:
- description: Ref is a required reference to a custom resource
- offered by a provider.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object instead
- of an entire object, this string should contain a valid
- JSON/Go field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container within
- a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container that triggered
- the event) or if no container name is specified "spec.containers[2]"
- (container with index 2 in this pod). This syntax is chosen
- only to have some well-defined way of referencing a part
- of an object. TODO: this design is not final and this field
- is subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this reference
- is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- required:
- - ref
- type: object
- workers:
- description: Workers describes the worker nodes for the cluster. It
- is a collection of node types which can be used to create the worker
- nodes of the cluster.
- properties:
- machineDeployments:
- description: MachineDeployments is a list of machine deployment
- classes that can be used to create a set of worker nodes.
- items:
- description: MachineDeploymentClass serves as a template to
- define a set of worker nodes of the cluster provisioned using
- the `ClusterClass`.
- properties:
- class:
- description: Class denotes a type of worker node present
- in the cluster, this name MUST be unique within a ClusterClass
- and can be referenced in the Cluster to create a managed
- MachineDeployment.
- type: string
- template:
- description: Template is a local struct containing a collection
- of templates for creation of MachineDeployment objects
- representing a set of worker nodes.
- properties:
- bootstrap:
- description: Bootstrap contains the bootstrap template
- reference to be used for the creation of worker Machines.
- properties:
- ref:
- description: Ref is a required reference to a custom
- resource offered by a provider.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an
- object instead of an entire object, this string
- should contain a valid JSON/Go field access
- statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to
- a container within a pod, this would take
- on a value like: "spec.containers{name}" (where
- "name" refers to the name of the container
- that triggered the event) or if no container
- name is specified "spec.containers[2]" (container
- with index 2 in this pod). This syntax is
- chosen only to have some well-defined way
- of referencing a part of an object. TODO:
- this design is not final and this field is
- subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info:
- https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which
- this reference is made, if any. More info:
- https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- required:
- - ref
- type: object
- infrastructure:
- description: Infrastructure contains the infrastructure
- template reference to be used for the creation of
- worker Machines.
- properties:
- ref:
- description: Ref is a required reference to a custom
- resource offered by a provider.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an
- object instead of an entire object, this string
- should contain a valid JSON/Go field access
- statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to
- a container within a pod, this would take
- on a value like: "spec.containers{name}" (where
- "name" refers to the name of the container
- that triggered the event) or if no container
- name is specified "spec.containers[2]" (container
- with index 2 in this pod). This syntax is
- chosen only to have some well-defined way
- of referencing a part of an object. TODO:
- this design is not final and this field is
- subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info:
- https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which
- this reference is made, if any. More info:
- https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- required:
- - ref
- type: object
- metadata:
- description: Metadata is the metadata applied to the
- machines of the MachineDeployment. At runtime this
- metadata is merged with the corresponding metadata
- from the topology.
- properties:
- annotations:
- additionalProperties:
- type: string
- description: 'Annotations is an unstructured key
- value map stored with a resource that may be set
- by external tools to store and retrieve arbitrary
- metadata. They are not queryable and should be
- preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations'
- type: object
- labels:
- additionalProperties:
- type: string
- description: 'Map of string keys and values that
- can be used to organize and categorize (scope
- and select) objects. May match selectors of replication
- controllers and services. More info: http://kubernetes.io/docs/user-guide/labels'
- type: object
- type: object
- required:
- - bootstrap
- - infrastructure
- type: object
- required:
- - class
- - template
- type: object
- type: array
- type: object
- type: object
- type: object
- served: true
- storage: false
- subresources: {}
- - additionalPrinterColumns:
- - description: Time duration since creation of ClusterClass
- jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1beta1
- schema:
- openAPIV3Schema:
- description: ClusterClass is a template which can be used to create managed
- topologies.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: ClusterClassSpec describes the desired state of the ClusterClass.
- properties:
- controlPlane:
- description: ControlPlane is a reference to a local struct that holds
- the details for provisioning the Control Plane for the Cluster.
- properties:
- machineHealthCheck:
- description: MachineHealthCheck defines a MachineHealthCheck for
- this ControlPlaneClass. This field is supported if and only
- if the ControlPlane provider template referenced above is Machine
- based and supports setting replicas.
- properties:
- maxUnhealthy:
- anyOf:
- - type: integer
- - type: string
- description: Any further remediation is only allowed if at
- most "MaxUnhealthy" machines selected by "selector" are
- not healthy.
- x-kubernetes-int-or-string: true
- nodeStartupTimeout:
- description: Machines older than this duration without a node
- will be considered to have failed and will be remediated.
- If you wish to disable this feature, set the value explicitly
- to 0.
- type: string
- remediationTemplate:
- description: "RemediationTemplate is a reference to a remediation
- template provided by an infrastructure provider. \n This
- field is completely optional, when filled, the MachineHealthCheck
- controller creates a new object from the template referenced
- and hands off remediation of the machine to a controller
- that lives outside of Cluster API."
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object instead
- of an entire object, this string should contain a valid
- JSON/Go field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container
- within a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container that
- triggered the event) or if no container name is specified
- "spec.containers[2]" (container with index 2 in this
- pod). This syntax is chosen only to have some well-defined
- way of referencing a part of an object. TODO: this design
- is not final and this field is subject to change in
- the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this reference
- is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- unhealthyConditions:
- description: UnhealthyConditions contains a list of the conditions
- that determine whether a node is considered unhealthy. The
- conditions are combined in a logical OR, i.e. if any of
- the conditions is met, the node is unhealthy.
- items:
- description: UnhealthyCondition represents a Node condition
- type and value with a timeout specified as a duration. When
- the named condition has been in the given status for at
- least the timeout value, a node is considered unhealthy.
- properties:
- status:
- minLength: 1
- type: string
- timeout:
- type: string
- type:
- minLength: 1
- type: string
- required:
- - status
- - timeout
- - type
- type: object
- type: array
- unhealthyRange:
- description: 'Any further remediation is only allowed if the
- number of machines selected by "selector" as not healthy
- is within the range of "UnhealthyRange". Takes precedence
- over MaxUnhealthy. Eg. "[3-5]" - This means that remediation
- will be allowed only when: (a) there are at least 3 unhealthy
- machines (and) (b) there are at most 5 unhealthy machines'
- pattern: ^\[[0-9]+-[0-9]+\]$
- type: string
- type: object
- machineInfrastructure:
- description: "MachineInfrastructure defines the metadata and infrastructure
- information for control plane machines. \n This field is supported
- if and only if the control plane provider template referenced
- above is Machine based and supports setting replicas."
- properties:
- ref:
- description: Ref is a required reference to a custom resource
- offered by a provider.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object instead
- of an entire object, this string should contain a valid
- JSON/Go field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container
- within a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container that
- triggered the event) or if no container name is specified
- "spec.containers[2]" (container with index 2 in this
- pod). This syntax is chosen only to have some well-defined
- way of referencing a part of an object. TODO: this design
- is not final and this field is subject to change in
- the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this reference
- is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- required:
- - ref
- type: object
- metadata:
- description: "Metadata is the metadata applied to the machines
- of the ControlPlane. At runtime this metadata is merged with
- the corresponding metadata from the topology. \n This field
- is supported if and only if the control plane provider template
- referenced is Machine based."
- properties:
- annotations:
- additionalProperties:
- type: string
- description: 'Annotations is an unstructured key value map
- stored with a resource that may be set by external tools
- to store and retrieve arbitrary metadata. They are not queryable
- and should be preserved when modifying objects. More info:
- http://kubernetes.io/docs/user-guide/annotations'
- type: object
- labels:
- additionalProperties:
- type: string
- description: 'Map of string keys and values that can be used
- to organize and categorize (scope and select) objects. May
- match selectors of replication controllers and services.
- More info: http://kubernetes.io/docs/user-guide/labels'
- type: object
- type: object
- nodeDeletionTimeout:
- description: 'NodeDeletionTimeout defines how long the controller
- will attempt to delete the Node that the Machine hosts after
- the Machine is marked for deletion. A duration of 0 will retry
- deletion indefinitely. Defaults to 10 seconds. NOTE: This value
- can be overridden while defining a Cluster.Topology.'
- type: string
- nodeDrainTimeout:
- description: 'NodeDrainTimeout is the total amount of time that
- the controller will spend on draining a node. The default value
- is 0, meaning that the node can be drained without any time
- limitations. NOTE: NodeDrainTimeout is different from `kubectl
- drain --timeout` NOTE: This value can be overridden while defining
- a Cluster.Topology.'
- type: string
- nodeVolumeDetachTimeout:
- description: 'NodeVolumeDetachTimeout is the total amount of time
- that the controller will spend on waiting for all volumes to
- be detached. The default value is 0, meaning that the volumes
- can be detached without any time limitations. NOTE: This value
- can be overridden while defining a Cluster.Topology.'
- type: string
- ref:
- description: Ref is a required reference to a custom resource
- offered by a provider.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object instead
- of an entire object, this string should contain a valid
- JSON/Go field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container within
- a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container that triggered
- the event) or if no container name is specified "spec.containers[2]"
- (container with index 2 in this pod). This syntax is chosen
- only to have some well-defined way of referencing a part
- of an object. TODO: this design is not final and this field
- is subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this reference
- is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- required:
- - ref
- type: object
- infrastructure:
- description: Infrastructure is a reference to a provider-specific
- template that holds the details for provisioning infrastructure
- specific cluster for the underlying provider. The underlying provider
- is responsible for the implementation of the template to an infrastructure
- cluster.
- properties:
- ref:
- description: Ref is a required reference to a custom resource
- offered by a provider.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object instead
- of an entire object, this string should contain a valid
- JSON/Go field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container within
- a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container that triggered
- the event) or if no container name is specified "spec.containers[2]"
- (container with index 2 in this pod). This syntax is chosen
- only to have some well-defined way of referencing a part
- of an object. TODO: this design is not final and this field
- is subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this reference
- is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- required:
- - ref
- type: object
- patches:
- description: 'Patches defines the patches which are applied to customize
- referenced templates of a ClusterClass. Note: Patches will be applied
- in the order of the array.'
- items:
- description: ClusterClassPatch defines a patch which is applied
- to customize the referenced templates.
- properties:
- definitions:
- description: 'Definitions define inline patches. Note: Patches
- will be applied in the order of the array. Note: Exactly one
- of Definitions or External must be set.'
- items:
- description: PatchDefinition defines a patch which is applied
- to customize the referenced templates.
- properties:
- jsonPatches:
- description: 'JSONPatches defines the patches which should
- be applied on the templates matching the selector. Note:
- Patches will be applied in the order of the array.'
- items:
- description: JSONPatch defines a JSON patch.
- properties:
- op:
- description: 'Op defines the operation of the patch.
- Note: Only `add`, `replace` and `remove` are supported.'
- type: string
- path:
- description: 'Path defines the path of the patch.
- Note: Only the spec of a template can be patched,
- thus the path has to start with /spec/. Note:
- For now the only allowed array modifications are
- `append` and `prepend`, i.e.: * for op: `add`:
- only index 0 (prepend) and - (append) are allowed
- * for op: `replace` or `remove`: no indexes are
- allowed'
- type: string
- value:
- description: 'Value defines the value of the patch.
- Note: Either Value or ValueFrom is required for
- add and replace operations. Only one of them is
- allowed to be set at the same time. Note: We have
- to use apiextensionsv1.JSON instead of our JSON
- type, because controller-tools has a hard-coded
- schema for apiextensionsv1.JSON which cannot be
- produced by another type (unset type field). Ref:
- https://github.com/kubernetes-sigs/controller-tools/blob/d0e03a142d0ecdd5491593e941ee1d6b5d91dba6/pkg/crd/known_types.go#L106-L111'
- x-kubernetes-preserve-unknown-fields: true
- valueFrom:
- description: 'ValueFrom defines the value of the
- patch. Note: Either Value or ValueFrom is required
- for add and replace operations. Only one of them
- is allowed to be set at the same time.'
- properties:
- template:
- description: 'Template is the Go template to
- be used to calculate the value. A template
- can reference variables defined in .spec.variables
- and builtin variables. Note: The template
- must evaluate to a valid YAML or JSON value.'
- type: string
- variable:
- description: Variable is the variable to be
- used as value. Variable can be one of the
- variables defined in .spec.variables or a
- builtin variable.
- type: string
- type: object
- required:
- - op
- - path
- type: object
- type: array
- selector:
- description: Selector defines on which templates the patch
- should be applied.
- properties:
- apiVersion:
- description: APIVersion filters templates by apiVersion.
- type: string
- kind:
- description: Kind filters templates by kind.
- type: string
- matchResources:
- description: MatchResources selects templates based
- on where they are referenced.
- properties:
- controlPlane:
- description: 'ControlPlane selects templates referenced
- in .spec.ControlPlane. Note: this will match
- the controlPlane and also the controlPlane machineInfrastructure
- (depending on the kind and apiVersion).'
- type: boolean
- infrastructureCluster:
- description: InfrastructureCluster selects templates
- referenced in .spec.infrastructure.
- type: boolean
- machineDeploymentClass:
- description: MachineDeploymentClass selects templates
- referenced in specific MachineDeploymentClasses
- in .spec.workers.machineDeployments.
- properties:
- names:
- description: Names selects templates by class
- names.
- items:
- type: string
- type: array
- type: object
- type: object
- required:
- - apiVersion
- - kind
- - matchResources
- type: object
- required:
- - jsonPatches
- - selector
- type: object
- type: array
- description:
- description: Description is a human-readable description of
- this patch.
- type: string
- enabledIf:
- description: EnabledIf is a Go template to be used to calculate
- if a patch should be enabled. It can reference variables defined
- in .spec.variables and builtin variables. The patch will be
- enabled if the template evaluates to `true`, otherwise it
- will be disabled. If EnabledIf is not set, the patch will
- be enabled per default.
- type: string
- external:
- description: 'External defines an external patch. Note: Exactly
- one of Definitions or External must be set.'
- properties:
- generateExtension:
- description: GenerateExtension references an extension which
- is called to generate patches.
- type: string
- validateExtension:
- description: ValidateExtension references an extension which
- is called to validate the topology.
- type: string
- type: object
- name:
- description: Name of the patch.
- type: string
- required:
- - name
- type: object
- type: array
- variables:
- description: Variables defines the variables which can be configured
- in the Cluster topology and are then used in patches.
- items:
- description: ClusterClassVariable defines a variable which can be
- configured in the Cluster topology and used in patches.
- properties:
- name:
- description: Name of the variable.
- type: string
- required:
- description: 'Required specifies if the variable is required.
- Note: this applies to the variable as a whole and thus the
- top-level object defined in the schema. If nested fields are
- required, this will be specified inside the schema.'
- type: boolean
- schema:
- description: Schema defines the schema of the variable.
- properties:
- openAPIV3Schema:
- description: OpenAPIV3Schema defines the schema of a variable
- via OpenAPI v3 schema. The schema is a subset of the schema
- used in Kubernetes CRDs.
- properties:
- additionalProperties:
- description: 'AdditionalProperties specifies the schema
- of values in a map (keys are always strings). NOTE:
- Can only be set if type is object. NOTE: AdditionalProperties
- is mutually exclusive with Properties. NOTE: This
- field uses PreserveUnknownFields and Schemaless, because
- recursive validation is not possible.'
- x-kubernetes-preserve-unknown-fields: true
- default:
- description: 'Default is the default value of the variable.
- NOTE: Can be set for all types.'
- x-kubernetes-preserve-unknown-fields: true
- description:
- description: Description is a human-readable description
- of this variable.
- type: string
- enum:
- description: 'Enum is the list of valid values of the
- variable. NOTE: Can be set for all types.'
- items:
- x-kubernetes-preserve-unknown-fields: true
- type: array
- example:
- description: Example is an example for this variable.
- x-kubernetes-preserve-unknown-fields: true
- exclusiveMaximum:
- description: 'ExclusiveMaximum specifies if the Maximum
- is exclusive. NOTE: Can only be set if type is integer
- or number.'
- type: boolean
- exclusiveMinimum:
- description: 'ExclusiveMinimum specifies if the Minimum
- is exclusive. NOTE: Can only be set if type is integer
- or number.'
- type: boolean
- format:
- description: 'Format is an OpenAPI v3 format string.
- Unknown formats are ignored. For a list of supported
- formats please see: (of the k8s.io/apiextensions-apiserver
- version we''re currently using) https://github.com/kubernetes/apiextensions-apiserver/blob/master/pkg/apiserver/validation/formats.go
- NOTE: Can only be set if type is string.'
- type: string
- items:
- description: 'Items specifies fields of an array. NOTE:
- Can only be set if type is array. NOTE: This field
- uses PreserveUnknownFields and Schemaless, because
- recursive validation is not possible.'
- x-kubernetes-preserve-unknown-fields: true
- maxItems:
- description: 'MaxItems is the max length of an array
- variable. NOTE: Can only be set if type is array.'
- format: int64
- type: integer
- maxLength:
- description: 'MaxLength is the max length of a string
- variable. NOTE: Can only be set if type is string.'
- format: int64
- type: integer
- maximum:
- description: 'Maximum is the maximum of an integer or
- number variable. If ExclusiveMaximum is false, the
- variable is valid if it is lower than, or equal to,
- the value of Maximum. If ExclusiveMaximum is true,
- the variable is valid if it is strictly lower than
- the value of Maximum. NOTE: Can only be set if type
- is integer or number.'
- format: int64
- type: integer
- minItems:
- description: 'MinItems is the min length of an array
- variable. NOTE: Can only be set if type is array.'
- format: int64
- type: integer
- minLength:
- description: 'MinLength is the min length of a string
- variable. NOTE: Can only be set if type is string.'
- format: int64
- type: integer
- minimum:
- description: 'Minimum is the minimum of an integer or
- number variable. If ExclusiveMinimum is false, the
- variable is valid if it is greater than, or equal
- to, the value of Minimum. If ExclusiveMinimum is true,
- the variable is valid if it is strictly greater than
- the value of Minimum. NOTE: Can only be set if type
- is integer or number.'
- format: int64
- type: integer
- pattern:
- description: 'Pattern is the regex which a string variable
- must match. NOTE: Can only be set if type is string.'
- type: string
- properties:
- description: 'Properties specifies fields of an object.
- NOTE: Can only be set if type is object. NOTE: Properties
- is mutually exclusive with AdditionalProperties. NOTE:
- This field uses PreserveUnknownFields and Schemaless,
- because recursive validation is not possible.'
- x-kubernetes-preserve-unknown-fields: true
- required:
- description: 'Required specifies which fields of an
- object are required. NOTE: Can only be set if type
- is object.'
- items:
- type: string
- type: array
- type:
- description: 'Type is the type of the variable. Valid
- values are: object, array, string, integer, number
- or boolean.'
- type: string
- uniqueItems:
- description: 'UniqueItems specifies if items in an array
- must be unique. NOTE: Can only be set if type is array.'
- type: boolean
- x-kubernetes-preserve-unknown-fields:
- description: XPreserveUnknownFields allows setting fields
- in a variable object which are not defined in the
- variable schema. This affects fields recursively,
- except if nested properties or additionalProperties
- are specified in the schema.
- type: boolean
- required:
- - type
- type: object
- required:
- - openAPIV3Schema
- type: object
- required:
- - name
- - required
- - schema
- type: object
- type: array
- workers:
- description: Workers describes the worker nodes for the cluster. It
- is a collection of node types which can be used to create the worker
- nodes of the cluster.
- properties:
- machineDeployments:
- description: MachineDeployments is a list of machine deployment
- classes that can be used to create a set of worker nodes.
- items:
- description: MachineDeploymentClass serves as a template to
- define a set of worker nodes of the cluster provisioned using
- the `ClusterClass`.
- properties:
- class:
- description: Class denotes a type of worker node present
- in the cluster, this name MUST be unique within a ClusterClass
- and can be referenced in the Cluster to create a managed
- MachineDeployment.
- type: string
- failureDomain:
- description: 'FailureDomain is the failure domain the machines
- will be created in. Must match a key in the FailureDomains
- map stored on the cluster object. NOTE: This value can
- be overridden while defining a Cluster.Topology using
- this MachineDeploymentClass.'
- type: string
- machineHealthCheck:
- description: MachineHealthCheck defines a MachineHealthCheck
- for this MachineDeploymentClass.
- properties:
- maxUnhealthy:
- anyOf:
- - type: integer
- - type: string
- description: Any further remediation is only allowed
- if at most "MaxUnhealthy" machines selected by "selector"
- are not healthy.
- x-kubernetes-int-or-string: true
- nodeStartupTimeout:
- description: Machines older than this duration without
- a node will be considered to have failed and will
- be remediated. If you wish to disable this feature,
- set the value explicitly to 0.
- type: string
- remediationTemplate:
- description: "RemediationTemplate is a reference to
- a remediation template provided by an infrastructure
- provider. \n This field is completely optional, when
- filled, the MachineHealthCheck controller creates
- a new object from the template referenced and hands
- off remediation of the machine to a controller that
- lives outside of Cluster API."
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object
- instead of an entire object, this string should
- contain a valid JSON/Go field access statement,
- such as desiredState.manifest.containers[2]. For
- example, if the object reference is to a container
- within a pod, this would take on a value like:
- "spec.containers{name}" (where "name" refers to
- the name of the container that triggered the event)
- or if no container name is specified "spec.containers[2]"
- (container with index 2 in this pod). This syntax
- is chosen only to have some well-defined way of
- referencing a part of an object. TODO: this design
- is not final and this field is subject to change
- in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which
- this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- unhealthyConditions:
- description: UnhealthyConditions contains a list of
- the conditions that determine whether a node is considered
- unhealthy. The conditions are combined in a logical
- OR, i.e. if any of the conditions is met, the node
- is unhealthy.
- items:
- description: UnhealthyCondition represents a Node
- condition type and value with a timeout specified
- as a duration. When the named condition has been
- in the given status for at least the timeout value,
- a node is considered unhealthy.
- properties:
- status:
- minLength: 1
- type: string
- timeout:
- type: string
- type:
- minLength: 1
- type: string
- required:
- - status
- - timeout
- - type
- type: object
- type: array
- unhealthyRange:
- description: 'Any further remediation is only allowed
- if the number of machines selected by "selector" as
- not healthy is within the range of "UnhealthyRange".
- Takes precedence over MaxUnhealthy. Eg. "[3-5]" -
- This means that remediation will be allowed only when:
- (a) there are at least 3 unhealthy machines (and)
- (b) there are at most 5 unhealthy machines'
- pattern: ^\[[0-9]+-[0-9]+\]$
- type: string
- type: object
- minReadySeconds:
- description: 'Minimum number of seconds for which a newly
- created machine should be ready. Defaults to 0 (machine
- will be considered available as soon as it is ready) NOTE:
- This value can be overridden while defining a Cluster.Topology
- using this MachineDeploymentClass.'
- format: int32
- type: integer
- nodeDeletionTimeout:
- description: 'NodeDeletionTimeout defines how long the controller
- will attempt to delete the Node that the Machine hosts
- after the Machine is marked for deletion. A duration of
- 0 will retry deletion indefinitely. Defaults to 10 seconds.
- NOTE: This value can be overridden while defining a Cluster.Topology
- using this MachineDeploymentClass.'
- type: string
- nodeDrainTimeout:
- description: 'NodeDrainTimeout is the total amount of time
- that the controller will spend on draining a node. The
- default value is 0, meaning that the node can be drained
- without any time limitations. NOTE: NodeDrainTimeout is
- different from `kubectl drain --timeout` NOTE: This value
- can be overridden while defining a Cluster.Topology using
- this MachineDeploymentClass.'
- type: string
- nodeVolumeDetachTimeout:
- description: 'NodeVolumeDetachTimeout is the total amount
- of time that the controller will spend on waiting for
- all volumes to be detached. The default value is 0, meaning
- that the volumes can be detached without any time limitations.
- NOTE: This value can be overridden while defining a Cluster.Topology
- using this MachineDeploymentClass.'
- type: string
- strategy:
- description: 'The deployment strategy to use to replace
- existing machines with new ones. NOTE: This value can
- be overridden while defining a Cluster.Topology using
- this MachineDeploymentClass.'
- properties:
- rollingUpdate:
- description: Rolling update config params. Present only
- if MachineDeploymentStrategyType = RollingUpdate.
- properties:
- deletePolicy:
- description: DeletePolicy defines the policy used
- by the MachineDeployment to identify nodes to
- delete when downscaling. Valid values are "Random,
- "Newest", "Oldest" When no value is supplied,
- the default DeletePolicy of MachineSet is used
- enum:
- - Random
- - Newest
- - Oldest
- type: string
- maxSurge:
- anyOf:
- - type: integer
- - type: string
- description: 'The maximum number of machines that
- can be scheduled above the desired number of machines.
- Value can be an absolute number (ex: 5) or a percentage
- of desired machines (ex: 10%). This can not be
- 0 if MaxUnavailable is 0. Absolute number is calculated
- from percentage by rounding up. Defaults to 1.
- Example: when this is set to 30%, the new MachineSet
- can be scaled up immediately when the rolling
- update starts, such that the total number of old
- and new machines do not exceed 130% of desired
- machines. Once old machines have been killed,
- new MachineSet can be scaled up further, ensuring
- that total number of machines running at any time
- during the update is at most 130% of desired machines.'
- x-kubernetes-int-or-string: true
- maxUnavailable:
- anyOf:
- - type: integer
- - type: string
- description: 'The maximum number of machines that
- can be unavailable during the update. Value can
- be an absolute number (ex: 5) or a percentage
- of desired machines (ex: 10%). Absolute number
- is calculated from percentage by rounding down.
- This can not be 0 if MaxSurge is 0. Defaults to
- 0. Example: when this is set to 30%, the old MachineSet
- can be scaled down to 70% of desired machines
- immediately when the rolling update starts. Once
- new machines are ready, old MachineSet can be
- scaled down further, followed by scaling up the
- new MachineSet, ensuring that the total number
- of machines available at all times during the
- update is at least 70% of desired machines.'
- x-kubernetes-int-or-string: true
- type: object
- type:
- description: Type of deployment. Default is RollingUpdate.
- enum:
- - RollingUpdate
- - OnDelete
- type: string
- type: object
- template:
- description: Template is a local struct containing a collection
- of templates for creation of MachineDeployment objects
- representing a set of worker nodes.
- properties:
- bootstrap:
- description: Bootstrap contains the bootstrap template
- reference to be used for the creation of worker Machines.
- properties:
- ref:
- description: Ref is a required reference to a custom
- resource offered by a provider.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an
- object instead of an entire object, this string
- should contain a valid JSON/Go field access
- statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to
- a container within a pod, this would take
- on a value like: "spec.containers{name}" (where
- "name" refers to the name of the container
- that triggered the event) or if no container
- name is specified "spec.containers[2]" (container
- with index 2 in this pod). This syntax is
- chosen only to have some well-defined way
- of referencing a part of an object. TODO:
- this design is not final and this field is
- subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info:
- https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which
- this reference is made, if any. More info:
- https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- required:
- - ref
- type: object
- infrastructure:
- description: Infrastructure contains the infrastructure
- template reference to be used for the creation of
- worker Machines.
- properties:
- ref:
- description: Ref is a required reference to a custom
- resource offered by a provider.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an
- object instead of an entire object, this string
- should contain a valid JSON/Go field access
- statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to
- a container within a pod, this would take
- on a value like: "spec.containers{name}" (where
- "name" refers to the name of the container
- that triggered the event) or if no container
- name is specified "spec.containers[2]" (container
- with index 2 in this pod). This syntax is
- chosen only to have some well-defined way
- of referencing a part of an object. TODO:
- this design is not final and this field is
- subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info:
- https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which
- this reference is made, if any. More info:
- https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- required:
- - ref
- type: object
- metadata:
- description: Metadata is the metadata applied to the
- machines of the MachineDeployment. At runtime this
- metadata is merged with the corresponding metadata
- from the topology.
- properties:
- annotations:
- additionalProperties:
- type: string
- description: 'Annotations is an unstructured key
- value map stored with a resource that may be set
- by external tools to store and retrieve arbitrary
- metadata. They are not queryable and should be
- preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations'
- type: object
- labels:
- additionalProperties:
- type: string
- description: 'Map of string keys and values that
- can be used to organize and categorize (scope
- and select) objects. May match selectors of replication
- controllers and services. More info: http://kubernetes.io/docs/user-guide/labels'
- type: object
- type: object
- required:
- - bootstrap
- - infrastructure
- type: object
- required:
- - class
- - template
- type: object
- type: array
- type: object
- type: object
- status:
- description: ClusterClassStatus defines the observed state of the ClusterClass.
- properties:
- conditions:
- description: Conditions defines current observed state of the ClusterClass.
- items:
- description: Condition defines an observation of a Cluster API resource
- operational state.
- properties:
- lastTransitionTime:
- description: Last time the condition transitioned from one status
- to another. This should be when the underlying condition changed.
- If that is not known, then using the time when the API field
- changed is acceptable.
- format: date-time
- type: string
- message:
- description: A human readable message indicating details about
- the transition. This field may be empty.
- type: string
- reason:
- description: The reason for the condition's last transition
- in CamelCase. The specific API may choose whether or not this
- field is considered a guaranteed API. This field may not be
- empty.
- type: string
- severity:
- description: Severity provides an explicit classification of
- Reason code, so the users or machines can immediately understand
- the current situation and act accordingly. The Severity field
- MUST be set only when Status=False.
- type: string
- status:
- description: Status of the condition, one of True, False, Unknown.
- type: string
- type:
- description: Type of condition in CamelCase or in foo.example.com/CamelCase.
- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important.
- type: string
- required:
- - lastTransitionTime
- - status
- - type
- type: object
- type: array
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: null
- storedVersions: null
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- cert-manager.io/inject-ca-from: capi-system/capi-serving-cert
- controller-gen.kubebuilder.io/version: v0.10.0
- creationTimestamp: null
- labels:
- cluster.x-k8s.io/provider: cluster-api
- clusterctl.cluster.x-k8s.io: ""
- name: clusterresourcesetbindings.addons.cluster.x-k8s.io
-spec:
- conversion:
- strategy: Webhook
- webhook:
- clientConfig:
- caBundle: Cg==
- service:
- name: capi-webhook-service
- namespace: capi-system
- path: /convert
- conversionReviewVersions:
- - v1
- - v1beta1
- group: addons.cluster.x-k8s.io
- names:
- categories:
- - cluster-api
- kind: ClusterResourceSetBinding
- listKind: ClusterResourceSetBindingList
- plural: clusterresourcesetbindings
- singular: clusterresourcesetbinding
- scope: Namespaced
- versions:
- - name: v1alpha3
- schema:
- openAPIV3Schema:
- description: ClusterResourceSetBinding lists all matching ClusterResourceSets
- with the cluster it belongs to.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: ClusterResourceSetBindingSpec defines the desired state of
- ClusterResourceSetBinding.
- properties:
- bindings:
- description: Bindings is a list of ClusterResourceSets and their resources.
- items:
- description: ResourceSetBinding keeps info on all of the resources
- in a ClusterResourceSet.
- properties:
- clusterResourceSetName:
- description: ClusterResourceSetName is the name of the ClusterResourceSet
- that is applied to the owner cluster of the binding.
- type: string
- resources:
- description: Resources is a list of resources that the ClusterResourceSet
- has.
- items:
- description: ResourceBinding shows the status of a resource
- that belongs to a ClusterResourceSet matched by the owner
- cluster of the ClusterResourceSetBinding object.
- properties:
- applied:
- description: Applied is to track if a resource is applied
- to the cluster or not.
- type: boolean
- hash:
- description: Hash is the hash of a resource's data. This
- can be used to decide if a resource is changed. For
- "ApplyOnce" ClusterResourceSet.spec.strategy, this is
- no-op as that strategy does not act on change.
- type: string
- kind:
- description: 'Kind of the resource. Supported kinds are:
- Secrets and ConfigMaps.'
- enum:
- - Secret
- - ConfigMap
- type: string
- lastAppliedTime:
- description: LastAppliedTime identifies when this resource
- was last applied to the cluster.
- format: date-time
- type: string
- name:
- description: Name of the resource that is in the same
- namespace with ClusterResourceSet object.
- minLength: 1
- type: string
- required:
- - applied
- - kind
- - name
- type: object
- type: array
- required:
- - clusterResourceSetName
- type: object
- type: array
- type: object
- type: object
- served: true
- storage: false
- subresources:
- status: {}
- - additionalPrinterColumns:
- - description: Time duration since creation of ClusterResourceSetBinding
- jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1alpha4
- schema:
- openAPIV3Schema:
- description: ClusterResourceSetBinding lists all matching ClusterResourceSets
- with the cluster it belongs to.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: ClusterResourceSetBindingSpec defines the desired state of
- ClusterResourceSetBinding.
- properties:
- bindings:
- description: Bindings is a list of ClusterResourceSets and their resources.
- items:
- description: ResourceSetBinding keeps info on all of the resources
- in a ClusterResourceSet.
- properties:
- clusterResourceSetName:
- description: ClusterResourceSetName is the name of the ClusterResourceSet
- that is applied to the owner cluster of the binding.
- type: string
- resources:
- description: Resources is a list of resources that the ClusterResourceSet
- has.
- items:
- description: ResourceBinding shows the status of a resource
- that belongs to a ClusterResourceSet matched by the owner
- cluster of the ClusterResourceSetBinding object.
- properties:
- applied:
- description: Applied is to track if a resource is applied
- to the cluster or not.
- type: boolean
- hash:
- description: Hash is the hash of a resource's data. This
- can be used to decide if a resource is changed. For
- "ApplyOnce" ClusterResourceSet.spec.strategy, this is
- no-op as that strategy does not act on change.
- type: string
- kind:
- description: 'Kind of the resource. Supported kinds are:
- Secrets and ConfigMaps.'
- enum:
- - Secret
- - ConfigMap
- type: string
- lastAppliedTime:
- description: LastAppliedTime identifies when this resource
- was last applied to the cluster.
- format: date-time
- type: string
- name:
- description: Name of the resource that is in the same
- namespace with ClusterResourceSet object.
- minLength: 1
- type: string
- required:
- - applied
- - kind
- - name
- type: object
- type: array
- required:
- - clusterResourceSetName
- type: object
- type: array
- type: object
- type: object
- served: true
- storage: false
- subresources:
- status: {}
- - additionalPrinterColumns:
- - description: Time duration since creation of ClusterResourceSetBinding
- jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1beta1
- schema:
- openAPIV3Schema:
- description: ClusterResourceSetBinding lists all matching ClusterResourceSets
- with the cluster it belongs to.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: ClusterResourceSetBindingSpec defines the desired state of
- ClusterResourceSetBinding.
- properties:
- bindings:
- description: Bindings is a list of ClusterResourceSets and their resources.
- items:
- description: ResourceSetBinding keeps info on all of the resources
- in a ClusterResourceSet.
- properties:
- clusterResourceSetName:
- description: ClusterResourceSetName is the name of the ClusterResourceSet
- that is applied to the owner cluster of the binding.
- type: string
- resources:
- description: Resources is a list of resources that the ClusterResourceSet
- has.
- items:
- description: ResourceBinding shows the status of a resource
- that belongs to a ClusterResourceSet matched by the owner
- cluster of the ClusterResourceSetBinding object.
- properties:
- applied:
- description: Applied is to track if a resource is applied
- to the cluster or not.
- type: boolean
- hash:
- description: Hash is the hash of a resource's data. This
- can be used to decide if a resource is changed. For
- "ApplyOnce" ClusterResourceSet.spec.strategy, this is
- no-op as that strategy does not act on change.
- type: string
- kind:
- description: 'Kind of the resource. Supported kinds are:
- Secrets and ConfigMaps.'
- enum:
- - Secret
- - ConfigMap
- type: string
- lastAppliedTime:
- description: LastAppliedTime identifies when this resource
- was last applied to the cluster.
- format: date-time
- type: string
- name:
- description: Name of the resource that is in the same
- namespace with ClusterResourceSet object.
- minLength: 1
- type: string
- required:
- - applied
- - kind
- - name
- type: object
- type: array
- required:
- - clusterResourceSetName
- type: object
- type: array
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: null
- storedVersions: null
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- cert-manager.io/inject-ca-from: capi-system/capi-serving-cert
- controller-gen.kubebuilder.io/version: v0.10.0
- creationTimestamp: null
- labels:
- cluster.x-k8s.io/provider: cluster-api
- clusterctl.cluster.x-k8s.io: ""
- name: clusterresourcesets.addons.cluster.x-k8s.io
-spec:
- conversion:
- strategy: Webhook
- webhook:
- clientConfig:
- caBundle: Cg==
- service:
- name: capi-webhook-service
- namespace: capi-system
- path: /convert
- conversionReviewVersions:
- - v1
- - v1beta1
- group: addons.cluster.x-k8s.io
- names:
- categories:
- - cluster-api
- kind: ClusterResourceSet
- listKind: ClusterResourceSetList
- plural: clusterresourcesets
- singular: clusterresourceset
- scope: Namespaced
- versions:
- - name: v1alpha3
- schema:
- openAPIV3Schema:
- description: ClusterResourceSet is the Schema for the clusterresourcesets
- API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: ClusterResourceSetSpec defines the desired state of ClusterResourceSet.
- properties:
- clusterSelector:
- description: Label selector for Clusters. The Clusters that are selected
- by this will be the ones affected by this ClusterResourceSet. It
- must match the Cluster labels. This field is immutable.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements.
- The requirements are ANDed.
- items:
- description: A label selector requirement is a selector that
- contains values, a key, and an operator that relates the key
- and values.
- properties:
- key:
- description: key is the label key that the selector applies
- to.
- type: string
- operator:
- description: operator represents a key's relationship to
- a set of values. Valid operators are In, NotIn, Exists
- and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the
- operator is In or NotIn, the values array must be non-empty.
- If the operator is Exists or DoesNotExist, the values
- array must be empty. This array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs. A single
- {key,value} in the matchLabels map is equivalent to an element
- of matchExpressions, whose key field is "key", the operator
- is "In", and the values array contains only "value". The requirements
- are ANDed.
- type: object
- type: object
- resources:
- description: Resources is a list of Secrets/ConfigMaps where each
- contains 1 or more resources to be applied to remote clusters.
- items:
- description: ResourceRef specifies a resource.
- properties:
- kind:
- description: 'Kind of the resource. Supported kinds are: Secrets
- and ConfigMaps.'
- enum:
- - Secret
- - ConfigMap
- type: string
- name:
- description: Name of the resource that is in the same namespace
- with ClusterResourceSet object.
- minLength: 1
- type: string
- required:
- - kind
- - name
- type: object
- type: array
- strategy:
- description: Strategy is the strategy to be used during applying resources.
- Defaults to ApplyOnce. This field is immutable.
- enum:
- - ApplyOnce
- type: string
- required:
- - clusterSelector
- type: object
- status:
- description: ClusterResourceSetStatus defines the observed state of ClusterResourceSet.
- properties:
- conditions:
- description: Conditions defines current state of the ClusterResourceSet.
- items:
- description: Condition defines an observation of a Cluster API resource
- operational state.
- properties:
- lastTransitionTime:
- description: Last time the condition transitioned from one status
- to another. This should be when the underlying condition changed.
- If that is not known, then using the time when the API field
- changed is acceptable.
- format: date-time
- type: string
- message:
- description: A human readable message indicating details about
- the transition. This field may be empty.
- type: string
- reason:
- description: The reason for the condition's last transition
- in CamelCase. The specific API may choose whether or not this
- field is considered a guaranteed API. This field may not be
- empty.
- type: string
- severity:
- description: Severity provides an explicit classification of
- Reason code, so the users or machines can immediately understand
- the current situation and act accordingly. The Severity field
- MUST be set only when Status=False.
- type: string
- status:
- description: Status of the condition, one of True, False, Unknown.
- type: string
- type:
- description: Type of condition in CamelCase or in foo.example.com/CamelCase.
- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important.
- type: string
- required:
- - status
- - type
- type: object
- type: array
- observedGeneration:
- description: ObservedGeneration reflects the generation of the most
- recently observed ClusterResourceSet.
- format: int64
- type: integer
- type: object
- type: object
- served: true
- storage: false
- subresources:
- status: {}
- - additionalPrinterColumns:
- - description: Time duration since creation of ClusterResourceSet
- jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1alpha4
- schema:
- openAPIV3Schema:
- description: ClusterResourceSet is the Schema for the clusterresourcesets
- API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: ClusterResourceSetSpec defines the desired state of ClusterResourceSet.
- properties:
- clusterSelector:
- description: Label selector for Clusters. The Clusters that are selected
- by this will be the ones affected by this ClusterResourceSet. It
- must match the Cluster labels. This field is immutable. Label selector
- cannot be empty.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements.
- The requirements are ANDed.
- items:
- description: A label selector requirement is a selector that
- contains values, a key, and an operator that relates the key
- and values.
- properties:
- key:
- description: key is the label key that the selector applies
- to.
- type: string
- operator:
- description: operator represents a key's relationship to
- a set of values. Valid operators are In, NotIn, Exists
- and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the
- operator is In or NotIn, the values array must be non-empty.
- If the operator is Exists or DoesNotExist, the values
- array must be empty. This array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs. A single
- {key,value} in the matchLabels map is equivalent to an element
- of matchExpressions, whose key field is "key", the operator
- is "In", and the values array contains only "value". The requirements
- are ANDed.
- type: object
- type: object
- resources:
- description: Resources is a list of Secrets/ConfigMaps where each
- contains 1 or more resources to be applied to remote clusters.
- items:
- description: ResourceRef specifies a resource.
- properties:
- kind:
- description: 'Kind of the resource. Supported kinds are: Secrets
- and ConfigMaps.'
- enum:
- - Secret
- - ConfigMap
- type: string
- name:
- description: Name of the resource that is in the same namespace
- with ClusterResourceSet object.
- minLength: 1
- type: string
- required:
- - kind
- - name
- type: object
- type: array
- strategy:
- description: Strategy is the strategy to be used during applying resources.
- Defaults to ApplyOnce. This field is immutable.
- enum:
- - ApplyOnce
- type: string
- required:
- - clusterSelector
- type: object
- status:
- description: ClusterResourceSetStatus defines the observed state of ClusterResourceSet.
- properties:
- conditions:
- description: Conditions defines current state of the ClusterResourceSet.
- items:
- description: Condition defines an observation of a Cluster API resource
- operational state.
- properties:
- lastTransitionTime:
- description: Last time the condition transitioned from one status
- to another. This should be when the underlying condition changed.
- If that is not known, then using the time when the API field
- changed is acceptable.
- format: date-time
- type: string
- message:
- description: A human readable message indicating details about
- the transition. This field may be empty.
- type: string
- reason:
- description: The reason for the condition's last transition
- in CamelCase. The specific API may choose whether or not this
- field is considered a guaranteed API. This field may not be
- empty.
- type: string
- severity:
- description: Severity provides an explicit classification of
- Reason code, so the users or machines can immediately understand
- the current situation and act accordingly. The Severity field
- MUST be set only when Status=False.
- type: string
- status:
- description: Status of the condition, one of True, False, Unknown.
- type: string
- type:
- description: Type of condition in CamelCase or in foo.example.com/CamelCase.
- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important.
- type: string
- required:
- - status
- - type
- type: object
- type: array
- observedGeneration:
- description: ObservedGeneration reflects the generation of the most
- recently observed ClusterResourceSet.
- format: int64
- type: integer
- type: object
- type: object
- served: true
- storage: false
- subresources:
- status: {}
- - additionalPrinterColumns:
- - description: Time duration since creation of ClusterResourceSet
- jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1beta1
- schema:
- openAPIV3Schema:
- description: ClusterResourceSet is the Schema for the clusterresourcesets
- API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: ClusterResourceSetSpec defines the desired state of ClusterResourceSet.
- properties:
- clusterSelector:
- description: Label selector for Clusters. The Clusters that are selected
- by this will be the ones affected by this ClusterResourceSet. It
- must match the Cluster labels. This field is immutable. Label selector
- cannot be empty.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements.
- The requirements are ANDed.
- items:
- description: A label selector requirement is a selector that
- contains values, a key, and an operator that relates the key
- and values.
- properties:
- key:
- description: key is the label key that the selector applies
- to.
- type: string
- operator:
- description: operator represents a key's relationship to
- a set of values. Valid operators are In, NotIn, Exists
- and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the
- operator is In or NotIn, the values array must be non-empty.
- If the operator is Exists or DoesNotExist, the values
- array must be empty. This array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs. A single
- {key,value} in the matchLabels map is equivalent to an element
- of matchExpressions, whose key field is "key", the operator
- is "In", and the values array contains only "value". The requirements
- are ANDed.
- type: object
- type: object
- resources:
- description: Resources is a list of Secrets/ConfigMaps where each
- contains 1 or more resources to be applied to remote clusters.
- items:
- description: ResourceRef specifies a resource.
- properties:
- kind:
- description: 'Kind of the resource. Supported kinds are: Secrets
- and ConfigMaps.'
- enum:
- - Secret
- - ConfigMap
- type: string
- name:
- description: Name of the resource that is in the same namespace
- with ClusterResourceSet object.
- minLength: 1
- type: string
- required:
- - kind
- - name
- type: object
- type: array
- strategy:
- description: Strategy is the strategy to be used during applying resources.
- Defaults to ApplyOnce. This field is immutable.
- enum:
- - ApplyOnce
- type: string
- required:
- - clusterSelector
- type: object
- status:
- description: ClusterResourceSetStatus defines the observed state of ClusterResourceSet.
- properties:
- conditions:
- description: Conditions defines current state of the ClusterResourceSet.
- items:
- description: Condition defines an observation of a Cluster API resource
- operational state.
- properties:
- lastTransitionTime:
- description: Last time the condition transitioned from one status
- to another. This should be when the underlying condition changed.
- If that is not known, then using the time when the API field
- changed is acceptable.
- format: date-time
- type: string
- message:
- description: A human readable message indicating details about
- the transition. This field may be empty.
- type: string
- reason:
- description: The reason for the condition's last transition
- in CamelCase. The specific API may choose whether or not this
- field is considered a guaranteed API. This field may not be
- empty.
- type: string
- severity:
- description: Severity provides an explicit classification of
- Reason code, so the users or machines can immediately understand
- the current situation and act accordingly. The Severity field
- MUST be set only when Status=False.
- type: string
- status:
- description: Status of the condition, one of True, False, Unknown.
- type: string
- type:
- description: Type of condition in CamelCase or in foo.example.com/CamelCase.
- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important.
- type: string
- required:
- - lastTransitionTime
- - status
- - type
- type: object
- type: array
- observedGeneration:
- description: ObservedGeneration reflects the generation of the most
- recently observed ClusterResourceSet.
- format: int64
- type: integer
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: null
- storedVersions: null
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- cert-manager.io/inject-ca-from: capi-system/capi-serving-cert
- controller-gen.kubebuilder.io/version: v0.10.0
- creationTimestamp: null
- labels:
- cluster.x-k8s.io/provider: cluster-api
- clusterctl.cluster.x-k8s.io: ""
- name: clusters.cluster.x-k8s.io
-spec:
- conversion:
- strategy: Webhook
- webhook:
- clientConfig:
- caBundle: Cg==
- service:
- name: capi-webhook-service
- namespace: capi-system
- path: /convert
- conversionReviewVersions:
- - v1
- - v1beta1
- group: cluster.x-k8s.io
- names:
- categories:
- - cluster-api
- kind: Cluster
- listKind: ClusterList
- plural: clusters
- shortNames:
- - cl
- singular: cluster
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - description: Cluster status such as Pending/Provisioning/Provisioned/Deleting/Failed
- jsonPath: .status.phase
- name: Phase
- type: string
- name: v1alpha3
- schema:
- openAPIV3Schema:
- description: Cluster is the Schema for the clusters API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: ClusterSpec defines the desired state of Cluster.
- properties:
- clusterNetwork:
- description: Cluster network configuration.
- properties:
- apiServerPort:
- description: APIServerPort specifies the port the API Server should
- bind to. Defaults to 6443.
- format: int32
- type: integer
- pods:
- description: The network ranges from which Pod networks are allocated.
- properties:
- cidrBlocks:
- items:
- type: string
- type: array
- required:
- - cidrBlocks
- type: object
- serviceDomain:
- description: Domain name for services.
- type: string
- services:
- description: The network ranges from which service VIPs are allocated.
- properties:
- cidrBlocks:
- items:
- type: string
- type: array
- required:
- - cidrBlocks
- type: object
- type: object
- controlPlaneEndpoint:
- description: ControlPlaneEndpoint represents the endpoint used to
- communicate with the control plane.
- properties:
- host:
- description: The hostname on which the API server is serving.
- type: string
- port:
- description: The port on which the API server is serving.
- format: int32
- type: integer
- required:
- - host
- - port
- type: object
- controlPlaneRef:
- description: ControlPlaneRef is an optional reference to a provider-specific
- resource that holds the details for provisioning the Control Plane
- for a Cluster.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object instead of
- an entire object, this string should contain a valid JSON/Go
- field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container within
- a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container that triggered
- the event) or if no container name is specified "spec.containers[2]"
- (container with index 2 in this pod). This syntax is chosen
- only to have some well-defined way of referencing a part of
- an object. TODO: this design is not final and this field is
- subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this reference
- is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- infrastructureRef:
- description: InfrastructureRef is a reference to a provider-specific
- resource that holds the details for provisioning infrastructure
- for a cluster in said provider.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object instead of
- an entire object, this string should contain a valid JSON/Go
- field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container within
- a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container that triggered
- the event) or if no container name is specified "spec.containers[2]"
- (container with index 2 in this pod). This syntax is chosen
- only to have some well-defined way of referencing a part of
- an object. TODO: this design is not final and this field is
- subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this reference
- is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- paused:
- description: Paused can be used to prevent controllers from processing
- the Cluster and all its associated objects.
- type: boolean
- type: object
- status:
- description: ClusterStatus defines the observed state of Cluster.
- properties:
- conditions:
- description: Conditions defines current service state of the cluster.
- items:
- description: Condition defines an observation of a Cluster API resource
- operational state.
- properties:
- lastTransitionTime:
- description: Last time the condition transitioned from one status
- to another. This should be when the underlying condition changed.
- If that is not known, then using the time when the API field
- changed is acceptable.
- format: date-time
- type: string
- message:
- description: A human readable message indicating details about
- the transition. This field may be empty.
- type: string
- reason:
- description: The reason for the condition's last transition
- in CamelCase. The specific API may choose whether or not this
- field is considered a guaranteed API. This field may not be
- empty.
- type: string
- severity:
- description: Severity provides an explicit classification of
- Reason code, so the users or machines can immediately understand
- the current situation and act accordingly. The Severity field
- MUST be set only when Status=False.
- type: string
- status:
- description: Status of the condition, one of True, False, Unknown.
- type: string
- type:
- description: Type of condition in CamelCase or in foo.example.com/CamelCase.
- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important.
- type: string
- required:
- - status
- - type
- type: object
- type: array
- controlPlaneInitialized:
- description: ControlPlaneInitialized defines if the control plane
- has been initialized.
- type: boolean
- controlPlaneReady:
- description: ControlPlaneReady defines if the control plane is ready.
- type: boolean
- failureDomains:
- additionalProperties:
- description: FailureDomainSpec is the Schema for Cluster API failure
- domains. It allows controllers to understand how many failure
- domains a cluster can optionally span across.
- properties:
- attributes:
- additionalProperties:
- type: string
- description: Attributes is a free form map of attributes an
- infrastructure provider might use or require.
- type: object
- controlPlane:
- description: ControlPlane determines if this failure domain
- is suitable for use by control plane machines.
- type: boolean
- type: object
- description: FailureDomains is a slice of failure domain objects synced
- from the infrastructure provider.
- type: object
- failureMessage:
- description: FailureMessage indicates that there is a fatal problem
- reconciling the state, and will be set to a descriptive error message.
- type: string
- failureReason:
- description: FailureReason indicates that there is a fatal problem
- reconciling the state, and will be set to a token value suitable
- for programmatic interpretation.
- type: string
- infrastructureReady:
- description: InfrastructureReady is the state of the infrastructure
- provider.
- type: boolean
- observedGeneration:
- description: ObservedGeneration is the latest generation observed
- by the controller.
- format: int64
- type: integer
- phase:
- description: Phase represents the current phase of cluster actuation.
- E.g. Pending, Running, Terminating, Failed etc.
- type: string
- type: object
- type: object
- served: true
- storage: false
- subresources:
- status: {}
- - additionalPrinterColumns:
- - description: Time duration since creation of Cluster
- jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- - description: Cluster status such as Pending/Provisioning/Provisioned/Deleting/Failed
- jsonPath: .status.phase
- name: Phase
- type: string
- name: v1alpha4
- schema:
- openAPIV3Schema:
- description: Cluster is the Schema for the clusters API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: ClusterSpec defines the desired state of Cluster.
- properties:
- clusterNetwork:
- description: Cluster network configuration.
- properties:
- apiServerPort:
- description: APIServerPort specifies the port the API Server should
- bind to. Defaults to 6443.
- format: int32
- type: integer
- pods:
- description: The network ranges from which Pod networks are allocated.
- properties:
- cidrBlocks:
- items:
- type: string
- type: array
- required:
- - cidrBlocks
- type: object
- serviceDomain:
- description: Domain name for services.
- type: string
- services:
- description: The network ranges from which service VIPs are allocated.
- properties:
- cidrBlocks:
- items:
- type: string
- type: array
- required:
- - cidrBlocks
- type: object
- type: object
- controlPlaneEndpoint:
- description: ControlPlaneEndpoint represents the endpoint used to
- communicate with the control plane.
- properties:
- host:
- description: The hostname on which the API server is serving.
- type: string
- port:
- description: The port on which the API server is serving.
- format: int32
- type: integer
- required:
- - host
- - port
- type: object
- controlPlaneRef:
- description: ControlPlaneRef is an optional reference to a provider-specific
- resource that holds the details for provisioning the Control Plane
- for a Cluster.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object instead of
- an entire object, this string should contain a valid JSON/Go
- field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container within
- a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container that triggered
- the event) or if no container name is specified "spec.containers[2]"
- (container with index 2 in this pod). This syntax is chosen
- only to have some well-defined way of referencing a part of
- an object. TODO: this design is not final and this field is
- subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this reference
- is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- infrastructureRef:
- description: InfrastructureRef is a reference to a provider-specific
- resource that holds the details for provisioning infrastructure
- for a cluster in said provider.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object instead of
- an entire object, this string should contain a valid JSON/Go
- field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container within
- a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container that triggered
- the event) or if no container name is specified "spec.containers[2]"
- (container with index 2 in this pod). This syntax is chosen
- only to have some well-defined way of referencing a part of
- an object. TODO: this design is not final and this field is
- subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this reference
- is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- paused:
- description: Paused can be used to prevent controllers from processing
- the Cluster and all its associated objects.
- type: boolean
- topology:
- description: 'This encapsulates the topology for the cluster. NOTE:
- It is required to enable the ClusterTopology feature gate flag to
- activate managed topologies support; this feature is highly experimental,
- and parts of it might still be not implemented.'
- properties:
- class:
- description: The name of the ClusterClass object to create the
- topology.
- type: string
- controlPlane:
- description: ControlPlane describes the cluster control plane.
- properties:
- metadata:
- description: "Metadata is the metadata applied to the machines
- of the ControlPlane. At runtime this metadata is merged
- with the corresponding metadata from the ClusterClass. \n
- This field is supported if and only if the control plane
- provider template referenced in the ClusterClass is Machine
- based."
- properties:
- annotations:
- additionalProperties:
- type: string
- description: 'Annotations is an unstructured key value
- map stored with a resource that may be set by external
- tools to store and retrieve arbitrary metadata. They
- are not queryable and should be preserved when modifying
- objects. More info: http://kubernetes.io/docs/user-guide/annotations'
- type: object
- labels:
- additionalProperties:
- type: string
- description: 'Map of string keys and values that can be
- used to organize and categorize (scope and select) objects.
- May match selectors of replication controllers and services.
- More info: http://kubernetes.io/docs/user-guide/labels'
- type: object
- type: object
- replicas:
- description: Replicas is the number of control plane nodes.
- If the value is nil, the ControlPlane object is created
- without the number of Replicas and it's assumed that the
- control plane controller does not implement support for
- this field. When specified against a control plane provider
- that lacks support for this field, this value will be ignored.
- format: int32
- type: integer
- type: object
- rolloutAfter:
- description: RolloutAfter performs a rollout of the entire cluster
- one component at a time, control plane first and then machine
- deployments.
- format: date-time
- type: string
- version:
- description: The Kubernetes version of the cluster.
- type: string
- workers:
- description: Workers encapsulates the different constructs that
- form the worker nodes for the cluster.
- properties:
- machineDeployments:
- description: MachineDeployments is a list of machine deployments
- in the cluster.
- items:
- description: MachineDeploymentTopology specifies the different
- parameters for a set of worker nodes in the topology.
- This set of nodes is managed by a MachineDeployment object
- whose lifecycle is managed by the Cluster controller.
- properties:
- class:
- description: Class is the name of the MachineDeploymentClass
- used to create the set of worker nodes. This should
- match one of the deployment classes defined in the
- ClusterClass object mentioned in the `Cluster.Spec.Class`
- field.
- type: string
- metadata:
- description: Metadata is the metadata applied to the
- machines of the MachineDeployment. At runtime this
- metadata is merged with the corresponding metadata
- from the ClusterClass.
- properties:
- annotations:
- additionalProperties:
- type: string
- description: 'Annotations is an unstructured key
- value map stored with a resource that may be set
- by external tools to store and retrieve arbitrary
- metadata. They are not queryable and should be
- preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations'
- type: object
- labels:
- additionalProperties:
- type: string
- description: 'Map of string keys and values that
- can be used to organize and categorize (scope
- and select) objects. May match selectors of replication
- controllers and services. More info: http://kubernetes.io/docs/user-guide/labels'
- type: object
- type: object
- name:
- description: Name is the unique identifier for this
- MachineDeploymentTopology. The value is used with
- other unique identifiers to create a MachineDeployment's
- Name (e.g. cluster's name, etc). In case the name
- is greater than the allowed maximum length, the values
- are hashed together.
- type: string
- replicas:
- description: Replicas is the number of worker nodes
- belonging to this set. If the value is nil, the MachineDeployment
- is created without the number of Replicas (defaulting
- to zero) and it's assumed that an external entity
- (like cluster autoscaler) is responsible for the management
- of this value.
- format: int32
- type: integer
- required:
- - class
- - name
- type: object
- type: array
- type: object
- required:
- - class
- - version
- type: object
- type: object
- status:
- description: ClusterStatus defines the observed state of Cluster.
- properties:
- conditions:
- description: Conditions defines current service state of the cluster.
- items:
- description: Condition defines an observation of a Cluster API resource
- operational state.
- properties:
- lastTransitionTime:
- description: Last time the condition transitioned from one status
- to another. This should be when the underlying condition changed.
- If that is not known, then using the time when the API field
- changed is acceptable.
- format: date-time
- type: string
- message:
- description: A human readable message indicating details about
- the transition. This field may be empty.
- type: string
- reason:
- description: The reason for the condition's last transition
- in CamelCase. The specific API may choose whether or not this
- field is considered a guaranteed API. This field may not be
- empty.
- type: string
- severity:
- description: Severity provides an explicit classification of
- Reason code, so the users or machines can immediately understand
- the current situation and act accordingly. The Severity field
- MUST be set only when Status=False.
- type: string
- status:
- description: Status of the condition, one of True, False, Unknown.
- type: string
- type:
- description: Type of condition in CamelCase or in foo.example.com/CamelCase.
- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important.
- type: string
- required:
- - status
- - type
- type: object
- type: array
- controlPlaneReady:
- description: ControlPlaneReady defines if the control plane is ready.
- type: boolean
- failureDomains:
- additionalProperties:
- description: FailureDomainSpec is the Schema for Cluster API failure
- domains. It allows controllers to understand how many failure
- domains a cluster can optionally span across.
- properties:
- attributes:
- additionalProperties:
- type: string
- description: Attributes is a free form map of attributes an
- infrastructure provider might use or require.
- type: object
- controlPlane:
- description: ControlPlane determines if this failure domain
- is suitable for use by control plane machines.
- type: boolean
- type: object
- description: FailureDomains is a slice of failure domain objects synced
- from the infrastructure provider.
- type: object
- failureMessage:
- description: FailureMessage indicates that there is a fatal problem
- reconciling the state, and will be set to a descriptive error message.
- type: string
- failureReason:
- description: FailureReason indicates that there is a fatal problem
- reconciling the state, and will be set to a token value suitable
- for programmatic interpretation.
- type: string
- infrastructureReady:
- description: InfrastructureReady is the state of the infrastructure
- provider.
- type: boolean
- observedGeneration:
- description: ObservedGeneration is the latest generation observed
- by the controller.
- format: int64
- type: integer
- phase:
- description: Phase represents the current phase of cluster actuation.
- E.g. Pending, Running, Terminating, Failed etc.
- type: string
- type: object
- type: object
- served: true
- storage: false
- subresources:
- status: {}
- - additionalPrinterColumns:
- - description: Cluster status such as Pending/Provisioning/Provisioned/Deleting/Failed
- jsonPath: .status.phase
- name: Phase
- type: string
- - description: Time duration since creation of Cluster
- jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- - description: Kubernetes version associated with this Cluster
- jsonPath: .spec.topology.version
- name: Version
- type: string
- name: v1beta1
- schema:
- openAPIV3Schema:
- description: Cluster is the Schema for the clusters API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: ClusterSpec defines the desired state of Cluster.
- properties:
- clusterNetwork:
- description: Cluster network configuration.
- properties:
- apiServerPort:
- description: APIServerPort specifies the port the API Server should
- bind to. Defaults to 6443.
- format: int32
- type: integer
- pods:
- description: The network ranges from which Pod networks are allocated.
- properties:
- cidrBlocks:
- items:
- type: string
- type: array
- required:
- - cidrBlocks
- type: object
- serviceDomain:
- description: Domain name for services.
- type: string
- services:
- description: The network ranges from which service VIPs are allocated.
- properties:
- cidrBlocks:
- items:
- type: string
- type: array
- required:
- - cidrBlocks
- type: object
- type: object
- controlPlaneEndpoint:
- description: ControlPlaneEndpoint represents the endpoint used to
- communicate with the control plane.
- properties:
- host:
- description: The hostname on which the API server is serving.
- type: string
- port:
- description: The port on which the API server is serving.
- format: int32
- type: integer
- required:
- - host
- - port
- type: object
- controlPlaneRef:
- description: ControlPlaneRef is an optional reference to a provider-specific
- resource that holds the details for provisioning the Control Plane
- for a Cluster.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object instead of
- an entire object, this string should contain a valid JSON/Go
- field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container within
- a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container that triggered
- the event) or if no container name is specified "spec.containers[2]"
- (container with index 2 in this pod). This syntax is chosen
- only to have some well-defined way of referencing a part of
- an object. TODO: this design is not final and this field is
- subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this reference
- is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- infrastructureRef:
- description: InfrastructureRef is a reference to a provider-specific
- resource that holds the details for provisioning infrastructure
- for a cluster in said provider.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object instead of
- an entire object, this string should contain a valid JSON/Go
- field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container within
- a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container that triggered
- the event) or if no container name is specified "spec.containers[2]"
- (container with index 2 in this pod). This syntax is chosen
- only to have some well-defined way of referencing a part of
- an object. TODO: this design is not final and this field is
- subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this reference
- is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- paused:
- description: Paused can be used to prevent controllers from processing
- the Cluster and all its associated objects.
- type: boolean
- topology:
- description: 'This encapsulates the topology for the cluster. NOTE:
- It is required to enable the ClusterTopology feature gate flag to
- activate managed topologies support; this feature is highly experimental,
- and parts of it might still be not implemented.'
- properties:
- class:
- description: The name of the ClusterClass object to create the
- topology.
- type: string
- controlPlane:
- description: ControlPlane describes the cluster control plane.
- properties:
- machineHealthCheck:
- description: MachineHealthCheck allows to enable, disable
- and override the MachineHealthCheck configuration in the
- ClusterClass for this control plane.
- properties:
- enable:
- description: "Enable controls if a MachineHealthCheck
- should be created for the target machines. \n If false:
- No MachineHealthCheck will be created. \n If not set(default):
- A MachineHealthCheck will be created if it is defined
- here or in the associated ClusterClass. If no MachineHealthCheck
- is defined then none will be created. \n If true: A
- MachineHealthCheck is guaranteed to be created. Cluster
- validation will block if `enable` is true and no MachineHealthCheck
- definition is available."
- type: boolean
- maxUnhealthy:
- anyOf:
- - type: integer
- - type: string
- description: Any further remediation is only allowed if
- at most "MaxUnhealthy" machines selected by "selector"
- are not healthy.
- x-kubernetes-int-or-string: true
- nodeStartupTimeout:
- description: Machines older than this duration without
- a node will be considered to have failed and will be
- remediated. If you wish to disable this feature, set
- the value explicitly to 0.
- type: string
- remediationTemplate:
- description: "RemediationTemplate is a reference to a
- remediation template provided by an infrastructure provider.
- \n This field is completely optional, when filled, the
- MachineHealthCheck controller creates a new object from
- the template referenced and hands off remediation of
- the machine to a controller that lives outside of Cluster
- API."
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object
- instead of an entire object, this string should
- contain a valid JSON/Go field access statement,
- such as desiredState.manifest.containers[2]. For
- example, if the object reference is to a container
- within a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container
- that triggered the event) or if no container name
- is specified "spec.containers[2]" (container with
- index 2 in this pod). This syntax is chosen only
- to have some well-defined way of referencing a part
- of an object. TODO: this design is not final and
- this field is subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this
- reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- unhealthyConditions:
- description: UnhealthyConditions contains a list of the
- conditions that determine whether a node is considered
- unhealthy. The conditions are combined in a logical
- OR, i.e. if any of the conditions is met, the node is
- unhealthy.
- items:
- description: UnhealthyCondition represents a Node condition
- type and value with a timeout specified as a duration. When
- the named condition has been in the given status for
- at least the timeout value, a node is considered unhealthy.
- properties:
- status:
- minLength: 1
- type: string
- timeout:
- type: string
- type:
- minLength: 1
- type: string
- required:
- - status
- - timeout
- - type
- type: object
- type: array
- unhealthyRange:
- description: 'Any further remediation is only allowed
- if the number of machines selected by "selector" as
- not healthy is within the range of "UnhealthyRange".
- Takes precedence over MaxUnhealthy. Eg. "[3-5]" - This
- means that remediation will be allowed only when: (a)
- there are at least 3 unhealthy machines (and) (b) there
- are at most 5 unhealthy machines'
- pattern: ^\[[0-9]+-[0-9]+\]$
- type: string
- type: object
- metadata:
- description: "Metadata is the metadata applied to the machines
- of the ControlPlane. At runtime this metadata is merged
- with the corresponding metadata from the ClusterClass. \n
- This field is supported if and only if the control plane
- provider template referenced in the ClusterClass is Machine
- based."
- properties:
- annotations:
- additionalProperties:
- type: string
- description: 'Annotations is an unstructured key value
- map stored with a resource that may be set by external
- tools to store and retrieve arbitrary metadata. They
- are not queryable and should be preserved when modifying
- objects. More info: http://kubernetes.io/docs/user-guide/annotations'
- type: object
- labels:
- additionalProperties:
- type: string
- description: 'Map of string keys and values that can be
- used to organize and categorize (scope and select) objects.
- May match selectors of replication controllers and services.
- More info: http://kubernetes.io/docs/user-guide/labels'
- type: object
- type: object
- nodeDeletionTimeout:
- description: NodeDeletionTimeout defines how long the controller
- will attempt to delete the Node that the Machine hosts after
- the Machine is marked for deletion. A duration of 0 will
- retry deletion indefinitely. Defaults to 10 seconds.
- type: string
- nodeDrainTimeout:
- description: 'NodeDrainTimeout is the total amount of time
- that the controller will spend on draining a node. The default
- value is 0, meaning that the node can be drained without
- any time limitations. NOTE: NodeDrainTimeout is different
- from `kubectl drain --timeout`'
- type: string
- nodeVolumeDetachTimeout:
- description: NodeVolumeDetachTimeout is the total amount of
- time that the controller will spend on waiting for all volumes
- to be detached. The default value is 0, meaning that the
- volumes can be detached without any time limitations.
- type: string
- replicas:
- description: Replicas is the number of control plane nodes.
- If the value is nil, the ControlPlane object is created
- without the number of Replicas and it's assumed that the
- control plane controller does not implement support for
- this field. When specified against a control plane provider
- that lacks support for this field, this value will be ignored.
- format: int32
- type: integer
- type: object
- rolloutAfter:
- description: RolloutAfter performs a rollout of the entire cluster
- one component at a time, control plane first and then machine
- deployments.
- format: date-time
- type: string
- variables:
- description: Variables can be used to customize the Cluster through
- patches. They must comply to the corresponding VariableClasses
- defined in the ClusterClass.
- items:
- description: ClusterVariable can be used to customize the Cluster
- through patches. It must comply to the corresponding ClusterClassVariable
- defined in the ClusterClass.
- properties:
- name:
- description: Name of the variable.
- type: string
- value:
- description: 'Value of the variable. Note: the value will
- be validated against the schema of the corresponding ClusterClassVariable
- from the ClusterClass. Note: We have to use apiextensionsv1.JSON
- instead of a custom JSON type, because controller-tools
- has a hard-coded schema for apiextensionsv1.JSON which
- cannot be produced by another type via controller-tools,
- i.e. it is not possible to have no type field. Ref: https://github.com/kubernetes-sigs/controller-tools/blob/d0e03a142d0ecdd5491593e941ee1d6b5d91dba6/pkg/crd/known_types.go#L106-L111'
- x-kubernetes-preserve-unknown-fields: true
- required:
- - name
- - value
- type: object
- type: array
- version:
- description: The Kubernetes version of the cluster.
- type: string
- workers:
- description: Workers encapsulates the different constructs that
- form the worker nodes for the cluster.
- properties:
- machineDeployments:
- description: MachineDeployments is a list of machine deployments
- in the cluster.
- items:
- description: MachineDeploymentTopology specifies the different
- parameters for a set of worker nodes in the topology.
- This set of nodes is managed by a MachineDeployment object
- whose lifecycle is managed by the Cluster controller.
- properties:
- class:
- description: Class is the name of the MachineDeploymentClass
- used to create the set of worker nodes. This should
- match one of the deployment classes defined in the
- ClusterClass object mentioned in the `Cluster.Spec.Class`
- field.
- type: string
- failureDomain:
- description: FailureDomain is the failure domain the
- machines will be created in. Must match a key in the
- FailureDomains map stored on the cluster object.
- type: string
- machineHealthCheck:
- description: MachineHealthCheck allows to enable, disable
- and override the MachineHealthCheck configuration
- in the ClusterClass for this MachineDeployment.
- properties:
- enable:
- description: "Enable controls if a MachineHealthCheck
- should be created for the target machines. \n
- If false: No MachineHealthCheck will be created.
- \n If not set(default): A MachineHealthCheck will
- be created if it is defined here or in the associated
- ClusterClass. If no MachineHealthCheck is defined
- then none will be created. \n If true: A MachineHealthCheck
- is guaranteed to be created. Cluster validation
- will block if `enable` is true and no MachineHealthCheck
- definition is available."
- type: boolean
- maxUnhealthy:
- anyOf:
- - type: integer
- - type: string
- description: Any further remediation is only allowed
- if at most "MaxUnhealthy" machines selected by
- "selector" are not healthy.
- x-kubernetes-int-or-string: true
- nodeStartupTimeout:
- description: Machines older than this duration without
- a node will be considered to have failed and will
- be remediated. If you wish to disable this feature,
- set the value explicitly to 0.
- type: string
- remediationTemplate:
- description: "RemediationTemplate is a reference
- to a remediation template provided by an infrastructure
- provider. \n This field is completely optional,
- when filled, the MachineHealthCheck controller
- creates a new object from the template referenced
- and hands off remediation of the machine to a
- controller that lives outside of Cluster API."
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an
- object instead of an entire object, this string
- should contain a valid JSON/Go field access
- statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to
- a container within a pod, this would take
- on a value like: "spec.containers{name}" (where
- "name" refers to the name of the container
- that triggered the event) or if no container
- name is specified "spec.containers[2]" (container
- with index 2 in this pod). This syntax is
- chosen only to have some well-defined way
- of referencing a part of an object. TODO:
- this design is not final and this field is
- subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info:
- https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More
- info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which
- this reference is made, if any. More info:
- https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- unhealthyConditions:
- description: UnhealthyConditions contains a list
- of the conditions that determine whether a node
- is considered unhealthy. The conditions are combined
- in a logical OR, i.e. if any of the conditions
- is met, the node is unhealthy.
- items:
- description: UnhealthyCondition represents a Node
- condition type and value with a timeout specified
- as a duration. When the named condition has
- been in the given status for at least the timeout
- value, a node is considered unhealthy.
- properties:
- status:
- minLength: 1
- type: string
- timeout:
- type: string
- type:
- minLength: 1
- type: string
- required:
- - status
- - timeout
- - type
- type: object
- type: array
- unhealthyRange:
- description: 'Any further remediation is only allowed
- if the number of machines selected by "selector"
- as not healthy is within the range of "UnhealthyRange".
- Takes precedence over MaxUnhealthy. Eg. "[3-5]"
- - This means that remediation will be allowed
- only when: (a) there are at least 3 unhealthy
- machines (and) (b) there are at most 5 unhealthy
- machines'
- pattern: ^\[[0-9]+-[0-9]+\]$
- type: string
- type: object
- metadata:
- description: Metadata is the metadata applied to the
- machines of the MachineDeployment. At runtime this
- metadata is merged with the corresponding metadata
- from the ClusterClass.
- properties:
- annotations:
- additionalProperties:
- type: string
- description: 'Annotations is an unstructured key
- value map stored with a resource that may be set
- by external tools to store and retrieve arbitrary
- metadata. They are not queryable and should be
- preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations'
- type: object
- labels:
- additionalProperties:
- type: string
- description: 'Map of string keys and values that
- can be used to organize and categorize (scope
- and select) objects. May match selectors of replication
- controllers and services. More info: http://kubernetes.io/docs/user-guide/labels'
- type: object
- type: object
- minReadySeconds:
- description: Minimum number of seconds for which a newly
- created machine should be ready. Defaults to 0 (machine
- will be considered available as soon as it is ready)
- format: int32
- type: integer
- name:
- description: Name is the unique identifier for this
- MachineDeploymentTopology. The value is used with
- other unique identifiers to create a MachineDeployment's
- Name (e.g. cluster's name, etc). In case the name
- is greater than the allowed maximum length, the values
- are hashed together.
- type: string
- nodeDeletionTimeout:
- description: NodeDeletionTimeout defines how long the
- controller will attempt to delete the Node that the
- Machine hosts after the Machine is marked for deletion.
- A duration of 0 will retry deletion indefinitely.
- Defaults to 10 seconds.
- type: string
- nodeDrainTimeout:
- description: 'NodeDrainTimeout is the total amount of
- time that the controller will spend on draining a
- node. The default value is 0, meaning that the node
- can be drained without any time limitations. NOTE:
- NodeDrainTimeout is different from `kubectl drain
- --timeout`'
- type: string
- nodeVolumeDetachTimeout:
- description: NodeVolumeDetachTimeout is the total amount
- of time that the controller will spend on waiting
- for all volumes to be detached. The default value
- is 0, meaning that the volumes can be detached without
- any time limitations.
- type: string
- replicas:
- description: Replicas is the number of worker nodes
- belonging to this set. If the value is nil, the MachineDeployment
- is created without the number of Replicas (defaulting
- to zero) and it's assumed that an external entity
- (like cluster autoscaler) is responsible for the management
- of this value.
- format: int32
- type: integer
- strategy:
- description: The deployment strategy to use to replace
- existing machines with new ones.
- properties:
- rollingUpdate:
- description: Rolling update config params. Present
- only if MachineDeploymentStrategyType = RollingUpdate.
- properties:
- deletePolicy:
- description: DeletePolicy defines the policy
- used by the MachineDeployment to identify
- nodes to delete when downscaling. Valid values
- are "Random, "Newest", "Oldest" When no value
- is supplied, the default DeletePolicy of MachineSet
- is used
- enum:
- - Random
- - Newest
- - Oldest
- type: string
- maxSurge:
- anyOf:
- - type: integer
- - type: string
- description: 'The maximum number of machines
- that can be scheduled above the desired number
- of machines. Value can be an absolute number
- (ex: 5) or a percentage of desired machines
- (ex: 10%). This can not be 0 if MaxUnavailable
- is 0. Absolute number is calculated from percentage
- by rounding up. Defaults to 1. Example: when
- this is set to 30%, the new MachineSet can
- be scaled up immediately when the rolling
- update starts, such that the total number
- of old and new machines do not exceed 130%
- of desired machines. Once old machines have
- been killed, new MachineSet can be scaled
- up further, ensuring that total number of
- machines running at any time during the update
- is at most 130% of desired machines.'
- x-kubernetes-int-or-string: true
- maxUnavailable:
- anyOf:
- - type: integer
- - type: string
- description: 'The maximum number of machines
- that can be unavailable during the update.
- Value can be an absolute number (ex: 5) or
- a percentage of desired machines (ex: 10%).
- Absolute number is calculated from percentage
- by rounding down. This can not be 0 if MaxSurge
- is 0. Defaults to 0. Example: when this is
- set to 30%, the old MachineSet can be scaled
- down to 70% of desired machines immediately
- when the rolling update starts. Once new machines
- are ready, old MachineSet can be scaled down
- further, followed by scaling up the new MachineSet,
- ensuring that the total number of machines
- available at all times during the update is
- at least 70% of desired machines.'
- x-kubernetes-int-or-string: true
- type: object
- type:
- description: Type of deployment. Default is RollingUpdate.
- enum:
- - RollingUpdate
- - OnDelete
- type: string
- type: object
- variables:
- description: Variables can be used to customize the
- MachineDeployment through patches.
- properties:
- overrides:
- description: Overrides can be used to override Cluster
- level variables.
- items:
- description: ClusterVariable can be used to customize
- the Cluster through patches. It must comply
- to the corresponding ClusterClassVariable defined
- in the ClusterClass.
- properties:
- name:
- description: Name of the variable.
- type: string
- value:
- description: 'Value of the variable. Note:
- the value will be validated against the
- schema of the corresponding ClusterClassVariable
- from the ClusterClass. Note: We have to
- use apiextensionsv1.JSON instead of a custom
- JSON type, because controller-tools has
- a hard-coded schema for apiextensionsv1.JSON
- which cannot be produced by another type
- via controller-tools, i.e. it is not possible
- to have no type field. Ref: https://github.com/kubernetes-sigs/controller-tools/blob/d0e03a142d0ecdd5491593e941ee1d6b5d91dba6/pkg/crd/known_types.go#L106-L111'
- x-kubernetes-preserve-unknown-fields: true
- required:
- - name
- - value
- type: object
- type: array
- type: object
- required:
- - class
- - name
- type: object
- type: array
- type: object
- required:
- - class
- - version
- type: object
- type: object
- status:
- description: ClusterStatus defines the observed state of Cluster.
- properties:
- conditions:
- description: Conditions defines current service state of the cluster.
- items:
- description: Condition defines an observation of a Cluster API resource
- operational state.
- properties:
- lastTransitionTime:
- description: Last time the condition transitioned from one status
- to another. This should be when the underlying condition changed.
- If that is not known, then using the time when the API field
- changed is acceptable.
- format: date-time
- type: string
- message:
- description: A human readable message indicating details about
- the transition. This field may be empty.
- type: string
- reason:
- description: The reason for the condition's last transition
- in CamelCase. The specific API may choose whether or not this
- field is considered a guaranteed API. This field may not be
- empty.
- type: string
- severity:
- description: Severity provides an explicit classification of
- Reason code, so the users or machines can immediately understand
- the current situation and act accordingly. The Severity field
- MUST be set only when Status=False.
- type: string
- status:
- description: Status of the condition, one of True, False, Unknown.
- type: string
- type:
- description: Type of condition in CamelCase or in foo.example.com/CamelCase.
- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important.
- type: string
- required:
- - lastTransitionTime
- - status
- - type
- type: object
- type: array
- controlPlaneReady:
- description: ControlPlaneReady defines if the control plane is ready.
- type: boolean
- failureDomains:
- additionalProperties:
- description: FailureDomainSpec is the Schema for Cluster API failure
- domains. It allows controllers to understand how many failure
- domains a cluster can optionally span across.
- properties:
- attributes:
- additionalProperties:
- type: string
- description: Attributes is a free form map of attributes an
- infrastructure provider might use or require.
- type: object
- controlPlane:
- description: ControlPlane determines if this failure domain
- is suitable for use by control plane machines.
- type: boolean
- type: object
- description: FailureDomains is a slice of failure domain objects synced
- from the infrastructure provider.
- type: object
- failureMessage:
- description: FailureMessage indicates that there is a fatal problem
- reconciling the state, and will be set to a descriptive error message.
- type: string
- failureReason:
- description: FailureReason indicates that there is a fatal problem
- reconciling the state, and will be set to a token value suitable
- for programmatic interpretation.
- type: string
- infrastructureReady:
- description: InfrastructureReady is the state of the infrastructure
- provider.
- type: boolean
- observedGeneration:
- description: ObservedGeneration is the latest generation observed
- by the controller.
- format: int64
- type: integer
- phase:
- description: Phase represents the current phase of cluster actuation.
- E.g. Pending, Running, Terminating, Failed etc.
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: null
- storedVersions: null
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.10.0
- creationTimestamp: null
- labels:
- cluster.x-k8s.io/provider: cluster-api
- clusterctl.cluster.x-k8s.io: ""
- name: extensionconfigs.runtime.cluster.x-k8s.io
-spec:
- group: runtime.cluster.x-k8s.io
- names:
- categories:
- - cluster-api
- kind: ExtensionConfig
- listKind: ExtensionConfigList
- plural: extensionconfigs
- shortNames:
- - ext
- singular: extensionconfig
- scope: Cluster
- versions:
- - additionalPrinterColumns:
- - description: Time duration since creation of ExtensionConfig
- jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1alpha1
- schema:
- openAPIV3Schema:
- description: ExtensionConfig is the Schema for the ExtensionConfig API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: ExtensionConfigSpec is the desired state of the ExtensionConfig
- properties:
- clientConfig:
- description: ClientConfig defines how to communicate with the Extension
- server.
- properties:
- caBundle:
- description: CABundle is a PEM encoded CA bundle which will be
- used to validate the Extension server's server certificate.
- format: byte
- type: string
- service:
- description: "Service is a reference to the Kubernetes service
- for the Extension server. Note: Exactly one of `url` or `service`
- must be specified. \n If the Extension server is running within
- a cluster, then you should use `service`."
- properties:
- name:
- description: Name is the name of the service.
- type: string
- namespace:
- description: Namespace is the namespace of the service.
- type: string
- path:
- description: Path is an optional URL path and if present may
- be any string permissible in a URL. If a path is set it
- will be used as prefix to the hook-specific path.
- type: string
- port:
- description: Port is the port on the service that's hosting
- the Extension server. Defaults to 443. Port should be a
- valid port number (1-65535, inclusive).
- format: int32
- type: integer
- required:
- - name
- - namespace
- type: object
- url:
- description: "URL gives the location of the Extension server,
- in standard URL form (`scheme://host:port/path`). Note: Exactly
- one of `url` or `service` must be specified. \n The scheme must
- be \"https\". \n The `host` should not refer to a service running
- in the cluster; use the `service` field instead. \n A path is
- optional, and if present may be any string permissible in a
- URL. If a path is set it will be used as prefix to the hook-specific
- path. \n Attempting to use a user or basic auth e.g. \"user:password@\"
- is not allowed. Fragments (\"#...\") and query parameters (\"?...\")
- are not allowed either."
- type: string
- type: object
- namespaceSelector:
- description: NamespaceSelector decides whether to call the hook for
- an object based on whether the namespace for that object matches
- the selector. Defaults to the empty LabelSelector, which matches
- all objects.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements.
- The requirements are ANDed.
- items:
- description: A label selector requirement is a selector that
- contains values, a key, and an operator that relates the key
- and values.
- properties:
- key:
- description: key is the label key that the selector applies
- to.
- type: string
- operator:
- description: operator represents a key's relationship to
- a set of values. Valid operators are In, NotIn, Exists
- and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the
- operator is In or NotIn, the values array must be non-empty.
- If the operator is Exists or DoesNotExist, the values
- array must be empty. This array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs. A single
- {key,value} in the matchLabels map is equivalent to an element
- of matchExpressions, whose key field is "key", the operator
- is "In", and the values array contains only "value". The requirements
- are ANDed.
- type: object
- type: object
- required:
- - clientConfig
- type: object
- status:
- description: ExtensionConfigStatus is the current state of the ExtensionConfig
- properties:
- conditions:
- description: Conditions define the current service state of the ExtensionConfig.
- items:
- description: Condition defines an observation of a Cluster API resource
- operational state.
- properties:
- lastTransitionTime:
- description: Last time the condition transitioned from one status
- to another. This should be when the underlying condition changed.
- If that is not known, then using the time when the API field
- changed is acceptable.
- format: date-time
- type: string
- message:
- description: A human readable message indicating details about
- the transition. This field may be empty.
- type: string
- reason:
- description: The reason for the condition's last transition
- in CamelCase. The specific API may choose whether or not this
- field is considered a guaranteed API. This field may not be
- empty.
- type: string
- severity:
- description: Severity provides an explicit classification of
- Reason code, so the users or machines can immediately understand
- the current situation and act accordingly. The Severity field
- MUST be set only when Status=False.
- type: string
- status:
- description: Status of the condition, one of True, False, Unknown.
- type: string
- type:
- description: Type of condition in CamelCase or in foo.example.com/CamelCase.
- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important.
- type: string
- required:
- - lastTransitionTime
- - status
- - type
- type: object
- type: array
- handlers:
- description: Handlers defines the current ExtensionHandlers supported
- by an Extension.
- items:
- description: ExtensionHandler specifies the details of a handler
- for a particular runtime hook registered by an Extension server.
- properties:
- failurePolicy:
- description: FailurePolicy defines how failures in calls to
- the ExtensionHandler should be handled by a client. Defaults
- to Fail if not set.
- type: string
- name:
- description: Name is the unique name of the ExtensionHandler.
- type: string
- requestHook:
- description: RequestHook defines the versioned runtime hook
- which this ExtensionHandler serves.
- properties:
- apiVersion:
- description: APIVersion is the group and version of the
- Hook.
- type: string
- hook:
- description: Hook is the name of the hook.
- type: string
- required:
- - apiVersion
- - hook
- type: object
- timeoutSeconds:
- description: TimeoutSeconds defines the timeout duration for
- client calls to the ExtensionHandler. Defaults to 10 is not
- set.
- format: int32
- type: integer
- required:
- - name
- - requestHook
- type: object
- type: array
- x-kubernetes-list-map-keys:
- - name
- x-kubernetes-list-type: map
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: null
- storedVersions: null
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.10.0
- creationTimestamp: null
- labels:
- cluster.x-k8s.io/provider: cluster-api
- clusterctl.cluster.x-k8s.io: ""
- name: ipaddressclaims.ipam.cluster.x-k8s.io
-spec:
- group: ipam.cluster.x-k8s.io
- names:
- categories:
- - cluster-api
- kind: IPAddressClaim
- listKind: IPAddressClaimList
- plural: ipaddressclaims
- singular: ipaddressclaim
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - description: Name of the pool to allocate an address from
- jsonPath: .spec.poolRef.name
- name: Pool Name
- type: string
- - description: Kind of the pool to allocate an address from
- jsonPath: .spec.poolRef.kind
- name: Pool Kind
- type: string
- name: v1alpha1
- schema:
- openAPIV3Schema:
- description: IPAddressClaim is the Schema for the ipaddressclaim API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: IPAddressClaimSpec is the desired state of an IPAddressClaim.
- properties:
- poolRef:
- description: PoolRef is a reference to the pool from which an IP address
- should be created.
- properties:
- apiGroup:
- description: APIGroup is the group for the resource being referenced.
- If APIGroup is not specified, the specified Kind must be in
- the core API group. For any other third-party types, APIGroup
- is required.
- type: string
- kind:
- description: Kind is the type of resource being referenced
- type: string
- name:
- description: Name is the name of resource being referenced
- type: string
- required:
- - apiGroup
- - kind
- - name
- type: object
- required:
- - poolRef
- type: object
- status:
- description: IPAddressClaimStatus is the observed status of a IPAddressClaim.
- properties:
- addressRef:
- description: AddressRef is a reference to the address that was created
- for this claim.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- conditions:
- description: Conditions summarises the current state of the IPAddressClaim
- items:
- description: Condition defines an observation of a Cluster API resource
- operational state.
- properties:
- lastTransitionTime:
- description: Last time the condition transitioned from one status
- to another. This should be when the underlying condition changed.
- If that is not known, then using the time when the API field
- changed is acceptable.
- format: date-time
- type: string
- message:
- description: A human readable message indicating details about
- the transition. This field may be empty.
- type: string
- reason:
- description: The reason for the condition's last transition
- in CamelCase. The specific API may choose whether or not this
- field is considered a guaranteed API. This field may not be
- empty.
- type: string
- severity:
- description: Severity provides an explicit classification of
- Reason code, so the users or machines can immediately understand
- the current situation and act accordingly. The Severity field
- MUST be set only when Status=False.
- type: string
- status:
- description: Status of the condition, one of True, False, Unknown.
- type: string
- type:
- description: Type of condition in CamelCase or in foo.example.com/CamelCase.
- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important.
- type: string
- required:
- - lastTransitionTime
- - status
- - type
- type: object
- type: array
- required:
- - addressRef
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: null
- storedVersions: null
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.10.0
- creationTimestamp: null
- labels:
- cluster.x-k8s.io/provider: cluster-api
- clusterctl.cluster.x-k8s.io: ""
- name: ipaddresses.ipam.cluster.x-k8s.io
-spec:
- group: ipam.cluster.x-k8s.io
- names:
- categories:
- - cluster-api
- kind: IPAddress
- listKind: IPAddressList
- plural: ipaddresses
- singular: ipaddress
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - description: Address
- jsonPath: .spec.address
- name: Address
- type: string
- - description: Name of the pool the address is from
- jsonPath: .spec.poolRef.name
- name: Pool Name
- type: string
- - description: Kind of the pool the address is from
- jsonPath: .spec.poolRef.kind
- name: Pool Kind
- type: string
- name: v1alpha1
- schema:
- openAPIV3Schema:
- description: IPAddress is the Schema for the ipaddress API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: IPAddressSpec is the desired state of an IPAddress.
- properties:
- address:
- description: Address is the IP address.
- type: string
- claimRef:
- description: ClaimRef is a reference to the claim this IPAddress was
- created for.
- properties:
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- TODO: Add other useful fields. apiVersion, kind, uid?'
- type: string
- type: object
- gateway:
- description: Gateway is the network gateway of the network the address
- is from.
- type: string
- poolRef:
- description: PoolRef is a reference to the pool that this IPAddress
- was created from.
- properties:
- apiGroup:
- description: APIGroup is the group for the resource being referenced.
- If APIGroup is not specified, the specified Kind must be in
- the core API group. For any other third-party types, APIGroup
- is required.
- type: string
- kind:
- description: Kind is the type of resource being referenced
- type: string
- name:
- description: Name is the name of resource being referenced
- type: string
- required:
- - apiGroup
- - kind
- - name
- type: object
- prefix:
- description: Prefix is the prefix of the address.
- type: integer
- required:
- - address
- - claimRef
- - gateway
- - poolRef
- - prefix
- type: object
- type: object
- served: true
- storage: true
- subresources: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: null
- storedVersions: null
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- cert-manager.io/inject-ca-from: capi-system/capi-serving-cert
- controller-gen.kubebuilder.io/version: v0.10.0
- creationTimestamp: null
- labels:
- cluster.x-k8s.io/provider: cluster-api
- clusterctl.cluster.x-k8s.io: ""
- name: machinedeployments.cluster.x-k8s.io
-spec:
- conversion:
- strategy: Webhook
- webhook:
- clientConfig:
- caBundle: Cg==
- service:
- name: capi-webhook-service
- namespace: capi-system
- path: /convert
- conversionReviewVersions:
- - v1
- - v1beta1
- group: cluster.x-k8s.io
- names:
- categories:
- - cluster-api
- kind: MachineDeployment
- listKind: MachineDeploymentList
- plural: machinedeployments
- shortNames:
- - md
- singular: machinedeployment
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - description: MachineDeployment status such as ScalingUp/ScalingDown/Running/Failed/Unknown
- jsonPath: .status.phase
- name: Phase
- type: string
- - description: Total number of non-terminated machines targeted by this MachineDeployment
- jsonPath: .status.replicas
- name: Replicas
- type: integer
- - description: Total number of ready machines targeted by this MachineDeployment
- jsonPath: .status.readyReplicas
- name: Ready
- type: integer
- - description: Total number of non-terminated machines targeted by this deployment
- that have the desired template spec
- jsonPath: .status.updatedReplicas
- name: Updated
- type: integer
- - description: Total number of unavailable machines targeted by this MachineDeployment
- jsonPath: .status.unavailableReplicas
- name: Unavailable
- type: integer
- name: v1alpha3
- schema:
- openAPIV3Schema:
- description: MachineDeployment is the Schema for the machinedeployments API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: MachineDeploymentSpec defines the desired state of MachineDeployment.
- properties:
- clusterName:
- description: ClusterName is the name of the Cluster this object belongs
- to.
- minLength: 1
- type: string
- minReadySeconds:
- description: Minimum number of seconds for which a newly created machine
- should be ready. Defaults to 0 (machine will be considered available
- as soon as it is ready)
- format: int32
- type: integer
- paused:
- description: Indicates that the deployment is paused.
- type: boolean
- progressDeadlineSeconds:
- description: The maximum time in seconds for a deployment to make
- progress before it is considered to be failed. The deployment controller
- will continue to process failed deployments and a condition with
- a ProgressDeadlineExceeded reason will be surfaced in the deployment
- status. Note that progress will not be estimated during the time
- a deployment is paused. Defaults to 600s.
- format: int32
- type: integer
- replicas:
- description: Number of desired machines. Defaults to 1. This is a
- pointer to distinguish between explicit zero and not specified.
- format: int32
- type: integer
- revisionHistoryLimit:
- description: The number of old MachineSets to retain to allow rollback.
- This is a pointer to distinguish between explicit zero and not specified.
- Defaults to 1.
- format: int32
- type: integer
- selector:
- description: Label selector for machines. Existing MachineSets whose
- machines are selected by this will be the ones affected by this
- deployment. It must match the machine template's labels.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements.
- The requirements are ANDed.
- items:
- description: A label selector requirement is a selector that
- contains values, a key, and an operator that relates the key
- and values.
- properties:
- key:
- description: key is the label key that the selector applies
- to.
- type: string
- operator:
- description: operator represents a key's relationship to
- a set of values. Valid operators are In, NotIn, Exists
- and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the
- operator is In or NotIn, the values array must be non-empty.
- If the operator is Exists or DoesNotExist, the values
- array must be empty. This array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs. A single
- {key,value} in the matchLabels map is equivalent to an element
- of matchExpressions, whose key field is "key", the operator
- is "In", and the values array contains only "value". The requirements
- are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- strategy:
- description: The deployment strategy to use to replace existing machines
- with new ones.
- properties:
- rollingUpdate:
- description: Rolling update config params. Present only if MachineDeploymentStrategyType
- = RollingUpdate.
- properties:
- maxSurge:
- anyOf:
- - type: integer
- - type: string
- description: 'The maximum number of machines that can be scheduled
- above the desired number of machines. Value can be an absolute
- number (ex: 5) or a percentage of desired machines (ex:
- 10%). This can not be 0 if MaxUnavailable is 0. Absolute
- number is calculated from percentage by rounding up. Defaults
- to 1. Example: when this is set to 30%, the new MachineSet
- can be scaled up immediately when the rolling update starts,
- such that the total number of old and new machines do not
- exceed 130% of desired machines. Once old machines have
- been killed, new MachineSet can be scaled up further, ensuring
- that total number of machines running at any time during
- the update is at most 130% of desired machines.'
- x-kubernetes-int-or-string: true
- maxUnavailable:
- anyOf:
- - type: integer
- - type: string
- description: 'The maximum number of machines that can be unavailable
- during the update. Value can be an absolute number (ex:
- 5) or a percentage of desired machines (ex: 10%). Absolute
- number is calculated from percentage by rounding down. This
- can not be 0 if MaxSurge is 0. Defaults to 0. Example: when
- this is set to 30%, the old MachineSet can be scaled down
- to 70% of desired machines immediately when the rolling
- update starts. Once new machines are ready, old MachineSet
- can be scaled down further, followed by scaling up the new
- MachineSet, ensuring that the total number of machines available
- at all times during the update is at least 70% of desired
- machines.'
- x-kubernetes-int-or-string: true
- type: object
- type:
- description: Type of deployment. Currently the only supported
- strategy is "RollingUpdate". Default is RollingUpdate.
- type: string
- type: object
- template:
- description: Template describes the machines that will be created.
- properties:
- metadata:
- description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata'
- properties:
- annotations:
- additionalProperties:
- type: string
- description: 'Annotations is an unstructured key value map
- stored with a resource that may be set by external tools
- to store and retrieve arbitrary metadata. They are not queryable
- and should be preserved when modifying objects. More info:
- http://kubernetes.io/docs/user-guide/annotations'
- type: object
- generateName:
- description: "GenerateName is an optional prefix, used by
- the server, to generate a unique name ONLY IF the Name field
- has not been provided. If this field is used, the name returned
- to the client will be different than the name passed. This
- value will also be combined with a unique suffix. The provided
- value has the same validation rules as the Name field, and
- may be truncated by the length of the suffix required to
- make the value unique on the server. \n If this field is
- specified and the generated name exists, the server will
- NOT return a 409 - instead, it will either return 201 Created
- or 500 with Reason ServerTimeout indicating a unique name
- could not be found in the time allotted, and the client
- should retry (optionally after the time indicated in the
- Retry-After header). \n Applied only if Name is not specified.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency
- \n Deprecated: This field has no function and is going to
- be removed in a next release."
- type: string
- labels:
- additionalProperties:
- type: string
- description: 'Map of string keys and values that can be used
- to organize and categorize (scope and select) objects. May
- match selectors of replication controllers and services.
- More info: http://kubernetes.io/docs/user-guide/labels'
- type: object
- name:
- description: "Name must be unique within a namespace. Is required
- when creating resources, although some resources may allow
- a client to request the generation of an appropriate name
- automatically. Name is primarily intended for creation idempotence
- and configuration definition. Cannot be updated. More info:
- http://kubernetes.io/docs/user-guide/identifiers#names \n
- Deprecated: This field has no function and is going to be
- removed in a next release."
- type: string
- namespace:
- description: "Namespace defines the space within each name
- must be unique. An empty namespace is equivalent to the
- \"default\" namespace, but \"default\" is the canonical
- representation. Not all objects are required to be scoped
- to a namespace - the value of this field for those objects
- will be empty. \n Must be a DNS_LABEL. Cannot be updated.
- More info: http://kubernetes.io/docs/user-guide/namespaces
- \n Deprecated: This field has no function and is going to
- be removed in a next release."
- type: string
- ownerReferences:
- description: "List of objects depended by this object. If
- ALL objects in the list have been deleted, this object will
- be garbage collected. If this object is managed by a controller,
- then an entry in this list will point to this controller,
- with the controller field set to true. There cannot be more
- than one managing controller. \n Deprecated: This field
- has no function and is going to be removed in a next release."
- items:
- description: OwnerReference contains enough information
- to let you identify an owning object. An owning object
- must be in the same namespace as the dependent, or be
- cluster-scoped, so there is no namespace field.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- blockOwnerDeletion:
- description: If true, AND if the owner has the "foregroundDeletion"
- finalizer, then the owner cannot be deleted from the
- key-value store until this reference is removed. See
- https://kubernetes.io/docs/concepts/architecture/garbage-collection/#foreground-deletion
- for how the garbage collector interacts with this
- field and enforces the foreground deletion. Defaults
- to false. To set this field, a user needs "delete"
- permission of the owner, otherwise 422 (Unprocessable
- Entity) will be returned.
- type: boolean
- controller:
- description: If true, this reference points to the managing
- controller.
- type: boolean
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names'
- type: string
- uid:
- description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids'
- type: string
- required:
- - apiVersion
- - kind
- - name
- - uid
- type: object
- x-kubernetes-map-type: atomic
- type: array
- type: object
- spec:
- description: 'Specification of the desired behavior of the machine.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
- properties:
- bootstrap:
- description: Bootstrap is a reference to a local struct which
- encapsulates fields to configure the Machine’s bootstrapping
- mechanism.
- properties:
- configRef:
- description: ConfigRef is a reference to a bootstrap provider-specific
- resource that holds configuration details. The reference
- is optional to allow users/operators to specify Bootstrap.Data
- without the need of a controller.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object
- instead of an entire object, this string should
- contain a valid JSON/Go field access statement,
- such as desiredState.manifest.containers[2]. For
- example, if the object reference is to a container
- within a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container
- that triggered the event) or if no container name
- is specified "spec.containers[2]" (container with
- index 2 in this pod). This syntax is chosen only
- to have some well-defined way of referencing a part
- of an object. TODO: this design is not final and
- this field is subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this
- reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- data:
- description: "Data contains the bootstrap data, such as
- cloud-init details scripts. If nil, the Machine should
- remain in the Pending state. \n Deprecated: Switch to
- DataSecretName."
- type: string
- dataSecretName:
- description: DataSecretName is the name of the secret
- that stores the bootstrap data script. If nil, the Machine
- should remain in the Pending state.
- type: string
- type: object
- clusterName:
- description: ClusterName is the name of the Cluster this object
- belongs to.
- minLength: 1
- type: string
- failureDomain:
- description: FailureDomain is the failure domain the machine
- will be created in. Must match a key in the FailureDomains
- map stored on the cluster object.
- type: string
- infrastructureRef:
- description: InfrastructureRef is a required reference to
- a custom resource offered by an infrastructure provider.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object instead
- of an entire object, this string should contain a valid
- JSON/Go field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container
- within a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container that
- triggered the event) or if no container name is specified
- "spec.containers[2]" (container with index 2 in this
- pod). This syntax is chosen only to have some well-defined
- way of referencing a part of an object. TODO: this design
- is not final and this field is subject to change in
- the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this reference
- is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- nodeDrainTimeout:
- description: 'NodeDrainTimeout is the total amount of time
- that the controller will spend on draining a node. The default
- value is 0, meaning that the node can be drained without
- any time limitations. NOTE: NodeDrainTimeout is different
- from `kubectl drain --timeout`'
- type: string
- providerID:
- description: ProviderID is the identification ID of the machine
- provided by the provider. This field must match the provider
- ID as seen on the node object corresponding to this machine.
- This field is required by higher level consumers of cluster-api.
- Example use case is cluster autoscaler with cluster-api
- as provider. Clean-up logic in the autoscaler compares machines
- to nodes to find out machines at provider which could not
- get registered as Kubernetes nodes. With cluster-api as
- a generic out-of-tree provider for autoscaler, this field
- is required by autoscaler to be able to have a provider
- view of the list of machines. Another list of nodes is queried
- from the k8s apiserver and then a comparison is done to
- find out unregistered machines and are marked for delete.
- This field will be set by the actuators and consumed by
- higher level entities like autoscaler that will be interfacing
- with cluster-api as generic provider.
- type: string
- version:
- description: Version defines the desired Kubernetes version.
- This field is meant to be optionally used by bootstrap providers.
- type: string
- required:
- - bootstrap
- - clusterName
- - infrastructureRef
- type: object
- type: object
- required:
- - clusterName
- - selector
- - template
- type: object
- status:
- description: MachineDeploymentStatus defines the observed state of MachineDeployment.
- properties:
- availableReplicas:
- description: Total number of available machines (ready for at least
- minReadySeconds) targeted by this deployment.
- format: int32
- type: integer
- observedGeneration:
- description: The generation observed by the deployment controller.
- format: int64
- type: integer
- phase:
- description: Phase represents the current phase of a MachineDeployment
- (ScalingUp, ScalingDown, Running, Failed, or Unknown).
- type: string
- readyReplicas:
- description: Total number of ready machines targeted by this deployment.
- format: int32
- type: integer
- replicas:
- description: Total number of non-terminated machines targeted by this
- deployment (their labels match the selector).
- format: int32
- type: integer
- selector:
- description: 'Selector is the same as the label selector but in the
- string format to avoid introspection by clients. The string will
- be in the same format as the query-param syntax. More info about
- label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors'
- type: string
- unavailableReplicas:
- description: Total number of unavailable machines targeted by this
- deployment. This is the total number of machines that are still
- required for the deployment to have 100% available capacity. They
- may either be machines that are running but not yet available or
- machines that still have not been created.
- format: int32
- type: integer
- updatedReplicas:
- description: Total number of non-terminated machines targeted by this
- deployment that have the desired template spec.
- format: int32
- type: integer
- type: object
- type: object
- served: true
- storage: false
- subresources:
- scale:
- labelSelectorPath: .status.selector
- specReplicasPath: .spec.replicas
- statusReplicasPath: .status.replicas
- status: {}
- - additionalPrinterColumns:
- - description: Cluster
- jsonPath: .spec.clusterName
- name: Cluster
- type: string
- - description: Time duration since creation of MachineDeployment
- jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- - description: MachineDeployment status such as ScalingUp/ScalingDown/Running/Failed/Unknown
- jsonPath: .status.phase
- name: Phase
- type: string
- - description: Total number of non-terminated machines targeted by this MachineDeployment
- jsonPath: .status.replicas
- name: Replicas
- type: integer
- - description: Total number of ready machines targeted by this MachineDeployment
- jsonPath: .status.readyReplicas
- name: Ready
- type: integer
- - description: Total number of non-terminated machines targeted by this deployment
- that have the desired template spec
- jsonPath: .status.updatedReplicas
- name: Updated
- type: integer
- - description: Total number of unavailable machines targeted by this MachineDeployment
- jsonPath: .status.unavailableReplicas
- name: Unavailable
- type: integer
- name: v1alpha4
- schema:
- openAPIV3Schema:
- description: MachineDeployment is the Schema for the machinedeployments API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: MachineDeploymentSpec defines the desired state of MachineDeployment.
- properties:
- clusterName:
- description: ClusterName is the name of the Cluster this object belongs
- to.
- minLength: 1
- type: string
- minReadySeconds:
- description: Minimum number of seconds for which a newly created machine
- should be ready. Defaults to 0 (machine will be considered available
- as soon as it is ready)
- format: int32
- type: integer
- paused:
- description: Indicates that the deployment is paused.
- type: boolean
- progressDeadlineSeconds:
- description: The maximum time in seconds for a deployment to make
- progress before it is considered to be failed. The deployment controller
- will continue to process failed deployments and a condition with
- a ProgressDeadlineExceeded reason will be surfaced in the deployment
- status. Note that progress will not be estimated during the time
- a deployment is paused. Defaults to 600s.
- format: int32
- type: integer
- replicas:
- default: 1
- description: Number of desired machines. Defaults to 1. This is a
- pointer to distinguish between explicit zero and not specified.
- format: int32
- type: integer
- revisionHistoryLimit:
- description: The number of old MachineSets to retain to allow rollback.
- This is a pointer to distinguish between explicit zero and not specified.
- Defaults to 1.
- format: int32
- type: integer
- selector:
- description: Label selector for machines. Existing MachineSets whose
- machines are selected by this will be the ones affected by this
- deployment. It must match the machine template's labels.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements.
- The requirements are ANDed.
- items:
- description: A label selector requirement is a selector that
- contains values, a key, and an operator that relates the key
- and values.
- properties:
- key:
- description: key is the label key that the selector applies
- to.
- type: string
- operator:
- description: operator represents a key's relationship to
- a set of values. Valid operators are In, NotIn, Exists
- and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the
- operator is In or NotIn, the values array must be non-empty.
- If the operator is Exists or DoesNotExist, the values
- array must be empty. This array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs. A single
- {key,value} in the matchLabels map is equivalent to an element
- of matchExpressions, whose key field is "key", the operator
- is "In", and the values array contains only "value". The requirements
- are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- strategy:
- description: The deployment strategy to use to replace existing machines
- with new ones.
- properties:
- rollingUpdate:
- description: Rolling update config params. Present only if MachineDeploymentStrategyType
- = RollingUpdate.
- properties:
- deletePolicy:
- description: DeletePolicy defines the policy used by the MachineDeployment
- to identify nodes to delete when downscaling. Valid values
- are "Random, "Newest", "Oldest" When no value is supplied,
- the default DeletePolicy of MachineSet is used
- enum:
- - Random
- - Newest
- - Oldest
- type: string
- maxSurge:
- anyOf:
- - type: integer
- - type: string
- description: 'The maximum number of machines that can be scheduled
- above the desired number of machines. Value can be an absolute
- number (ex: 5) or a percentage of desired machines (ex:
- 10%). This can not be 0 if MaxUnavailable is 0. Absolute
- number is calculated from percentage by rounding up. Defaults
- to 1. Example: when this is set to 30%, the new MachineSet
- can be scaled up immediately when the rolling update starts,
- such that the total number of old and new machines do not
- exceed 130% of desired machines. Once old machines have
- been killed, new MachineSet can be scaled up further, ensuring
- that total number of machines running at any time during
- the update is at most 130% of desired machines.'
- x-kubernetes-int-or-string: true
- maxUnavailable:
- anyOf:
- - type: integer
- - type: string
- description: 'The maximum number of machines that can be unavailable
- during the update. Value can be an absolute number (ex:
- 5) or a percentage of desired machines (ex: 10%). Absolute
- number is calculated from percentage by rounding down. This
- can not be 0 if MaxSurge is 0. Defaults to 0. Example: when
- this is set to 30%, the old MachineSet can be scaled down
- to 70% of desired machines immediately when the rolling
- update starts. Once new machines are ready, old MachineSet
- can be scaled down further, followed by scaling up the new
- MachineSet, ensuring that the total number of machines available
- at all times during the update is at least 70% of desired
- machines.'
- x-kubernetes-int-or-string: true
- type: object
- type:
- description: Type of deployment. Default is RollingUpdate.
- enum:
- - RollingUpdate
- - OnDelete
- type: string
- type: object
- template:
- description: Template describes the machines that will be created.
- properties:
- metadata:
- description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata'
- properties:
- annotations:
- additionalProperties:
- type: string
- description: 'Annotations is an unstructured key value map
- stored with a resource that may be set by external tools
- to store and retrieve arbitrary metadata. They are not queryable
- and should be preserved when modifying objects. More info:
- http://kubernetes.io/docs/user-guide/annotations'
- type: object
- labels:
- additionalProperties:
- type: string
- description: 'Map of string keys and values that can be used
- to organize and categorize (scope and select) objects. May
- match selectors of replication controllers and services.
- More info: http://kubernetes.io/docs/user-guide/labels'
- type: object
- type: object
- spec:
- description: 'Specification of the desired behavior of the machine.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
- properties:
- bootstrap:
- description: Bootstrap is a reference to a local struct which
- encapsulates fields to configure the Machine’s bootstrapping
- mechanism.
- properties:
- configRef:
- description: ConfigRef is a reference to a bootstrap provider-specific
- resource that holds configuration details. The reference
- is optional to allow users/operators to specify Bootstrap.DataSecretName
- without the need of a controller.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object
- instead of an entire object, this string should
- contain a valid JSON/Go field access statement,
- such as desiredState.manifest.containers[2]. For
- example, if the object reference is to a container
- within a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container
- that triggered the event) or if no container name
- is specified "spec.containers[2]" (container with
- index 2 in this pod). This syntax is chosen only
- to have some well-defined way of referencing a part
- of an object. TODO: this design is not final and
- this field is subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this
- reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- dataSecretName:
- description: DataSecretName is the name of the secret
- that stores the bootstrap data script. If nil, the Machine
- should remain in the Pending state.
- type: string
- type: object
- clusterName:
- description: ClusterName is the name of the Cluster this object
- belongs to.
- minLength: 1
- type: string
- failureDomain:
- description: FailureDomain is the failure domain the machine
- will be created in. Must match a key in the FailureDomains
- map stored on the cluster object.
- type: string
- infrastructureRef:
- description: InfrastructureRef is a required reference to
- a custom resource offered by an infrastructure provider.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object instead
- of an entire object, this string should contain a valid
- JSON/Go field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container
- within a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container that
- triggered the event) or if no container name is specified
- "spec.containers[2]" (container with index 2 in this
- pod). This syntax is chosen only to have some well-defined
- way of referencing a part of an object. TODO: this design
- is not final and this field is subject to change in
- the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this reference
- is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- nodeDrainTimeout:
- description: 'NodeDrainTimeout is the total amount of time
- that the controller will spend on draining a node. The default
- value is 0, meaning that the node can be drained without
- any time limitations. NOTE: NodeDrainTimeout is different
- from `kubectl drain --timeout`'
- type: string
- providerID:
- description: ProviderID is the identification ID of the machine
- provided by the provider. This field must match the provider
- ID as seen on the node object corresponding to this machine.
- This field is required by higher level consumers of cluster-api.
- Example use case is cluster autoscaler with cluster-api
- as provider. Clean-up logic in the autoscaler compares machines
- to nodes to find out machines at provider which could not
- get registered as Kubernetes nodes. With cluster-api as
- a generic out-of-tree provider for autoscaler, this field
- is required by autoscaler to be able to have a provider
- view of the list of machines. Another list of nodes is queried
- from the k8s apiserver and then a comparison is done to
- find out unregistered machines and are marked for delete.
- This field will be set by the actuators and consumed by
- higher level entities like autoscaler that will be interfacing
- with cluster-api as generic provider.
- type: string
- version:
- description: Version defines the desired Kubernetes version.
- This field is meant to be optionally used by bootstrap providers.
- type: string
- required:
- - bootstrap
- - clusterName
- - infrastructureRef
- type: object
- type: object
- required:
- - clusterName
- - selector
- - template
- type: object
- status:
- description: MachineDeploymentStatus defines the observed state of MachineDeployment.
- properties:
- availableReplicas:
- description: Total number of available machines (ready for at least
- minReadySeconds) targeted by this deployment.
- format: int32
- type: integer
- conditions:
- description: Conditions defines current service state of the MachineDeployment.
- items:
- description: Condition defines an observation of a Cluster API resource
- operational state.
- properties:
- lastTransitionTime:
- description: Last time the condition transitioned from one status
- to another. This should be when the underlying condition changed.
- If that is not known, then using the time when the API field
- changed is acceptable.
- format: date-time
- type: string
- message:
- description: A human readable message indicating details about
- the transition. This field may be empty.
- type: string
- reason:
- description: The reason for the condition's last transition
- in CamelCase. The specific API may choose whether or not this
- field is considered a guaranteed API. This field may not be
- empty.
- type: string
- severity:
- description: Severity provides an explicit classification of
- Reason code, so the users or machines can immediately understand
- the current situation and act accordingly. The Severity field
- MUST be set only when Status=False.
- type: string
- status:
- description: Status of the condition, one of True, False, Unknown.
- type: string
- type:
- description: Type of condition in CamelCase or in foo.example.com/CamelCase.
- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important.
- type: string
- required:
- - status
- - type
- type: object
- type: array
- observedGeneration:
- description: The generation observed by the deployment controller.
- format: int64
- type: integer
- phase:
- description: Phase represents the current phase of a MachineDeployment
- (ScalingUp, ScalingDown, Running, Failed, or Unknown).
- type: string
- readyReplicas:
- description: Total number of ready machines targeted by this deployment.
- format: int32
- type: integer
- replicas:
- description: Total number of non-terminated machines targeted by this
- deployment (their labels match the selector).
- format: int32
- type: integer
- selector:
- description: 'Selector is the same as the label selector but in the
- string format to avoid introspection by clients. The string will
- be in the same format as the query-param syntax. More info about
- label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors'
- type: string
- unavailableReplicas:
- description: Total number of unavailable machines targeted by this
- deployment. This is the total number of machines that are still
- required for the deployment to have 100% available capacity. They
- may either be machines that are running but not yet available or
- machines that still have not been created.
- format: int32
- type: integer
- updatedReplicas:
- description: Total number of non-terminated machines targeted by this
- deployment that have the desired template spec.
- format: int32
- type: integer
- type: object
- type: object
- served: true
- storage: false
- subresources:
- scale:
- labelSelectorPath: .status.selector
- specReplicasPath: .spec.replicas
- statusReplicasPath: .status.replicas
- status: {}
- - additionalPrinterColumns:
- - description: Cluster
- jsonPath: .spec.clusterName
- name: Cluster
- type: string
- - description: Total number of machines desired by this MachineDeployment
- jsonPath: .spec.replicas
- name: Desired
- priority: 10
- type: integer
- - description: Total number of non-terminated machines targeted by this MachineDeployment
- jsonPath: .status.replicas
- name: Replicas
- type: integer
- - description: Total number of ready machines targeted by this MachineDeployment
- jsonPath: .status.readyReplicas
- name: Ready
- type: integer
- - description: Total number of non-terminated machines targeted by this deployment
- that have the desired template spec
- jsonPath: .status.updatedReplicas
- name: Updated
- type: integer
- - description: Total number of unavailable machines targeted by this MachineDeployment
- jsonPath: .status.unavailableReplicas
- name: Unavailable
- type: integer
- - description: MachineDeployment status such as ScalingUp/ScalingDown/Running/Failed/Unknown
- jsonPath: .status.phase
- name: Phase
- type: string
- - description: Time duration since creation of MachineDeployment
- jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- - description: Kubernetes version associated with this MachineDeployment
- jsonPath: .spec.template.spec.version
- name: Version
- type: string
- name: v1beta1
- schema:
- openAPIV3Schema:
- description: MachineDeployment is the Schema for the machinedeployments API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: MachineDeploymentSpec defines the desired state of MachineDeployment.
- properties:
- clusterName:
- description: ClusterName is the name of the Cluster this object belongs
- to.
- minLength: 1
- type: string
- minReadySeconds:
- description: Minimum number of seconds for which a newly created machine
- should be ready. Defaults to 0 (machine will be considered available
- as soon as it is ready)
- format: int32
- type: integer
- paused:
- description: Indicates that the deployment is paused.
- type: boolean
- progressDeadlineSeconds:
- description: The maximum time in seconds for a deployment to make
- progress before it is considered to be failed. The deployment controller
- will continue to process failed deployments and a condition with
- a ProgressDeadlineExceeded reason will be surfaced in the deployment
- status. Note that progress will not be estimated during the time
- a deployment is paused. Defaults to 600s.
- format: int32
- type: integer
- replicas:
- default: 1
- description: Number of desired machines. Defaults to 1. This is a
- pointer to distinguish between explicit zero and not specified.
- format: int32
- type: integer
- revisionHistoryLimit:
- description: The number of old MachineSets to retain to allow rollback.
- This is a pointer to distinguish between explicit zero and not specified.
- Defaults to 1.
- format: int32
- type: integer
- selector:
- description: Label selector for machines. Existing MachineSets whose
- machines are selected by this will be the ones affected by this
- deployment. It must match the machine template's labels.
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements.
- The requirements are ANDed.
- items:
- description: A label selector requirement is a selector that
- contains values, a key, and an operator that relates the key
- and values.
- properties:
- key:
- description: key is the label key that the selector applies
- to.
- type: string
- operator:
- description: operator represents a key's relationship to
- a set of values. Valid operators are In, NotIn, Exists
- and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the
- operator is In or NotIn, the values array must be non-empty.
- If the operator is Exists or DoesNotExist, the values
- array must be empty. This array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs. A single
- {key,value} in the matchLabels map is equivalent to an element
- of matchExpressions, whose key field is "key", the operator
- is "In", and the values array contains only "value". The requirements
- are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- strategy:
- description: The deployment strategy to use to replace existing machines
- with new ones.
- properties:
- rollingUpdate:
- description: Rolling update config params. Present only if MachineDeploymentStrategyType
- = RollingUpdate.
- properties:
- deletePolicy:
- description: DeletePolicy defines the policy used by the MachineDeployment
- to identify nodes to delete when downscaling. Valid values
- are "Random, "Newest", "Oldest" When no value is supplied,
- the default DeletePolicy of MachineSet is used
- enum:
- - Random
- - Newest
- - Oldest
- type: string
- maxSurge:
- anyOf:
- - type: integer
- - type: string
- description: 'The maximum number of machines that can be scheduled
- above the desired number of machines. Value can be an absolute
- number (ex: 5) or a percentage of desired machines (ex:
- 10%). This can not be 0 if MaxUnavailable is 0. Absolute
- number is calculated from percentage by rounding up. Defaults
- to 1. Example: when this is set to 30%, the new MachineSet
- can be scaled up immediately when the rolling update starts,
- such that the total number of old and new machines do not
- exceed 130% of desired machines. Once old machines have
- been killed, new MachineSet can be scaled up further, ensuring
- that total number of machines running at any time during
- the update is at most 130% of desired machines.'
- x-kubernetes-int-or-string: true
- maxUnavailable:
- anyOf:
- - type: integer
- - type: string
- description: 'The maximum number of machines that can be unavailable
- during the update. Value can be an absolute number (ex:
- 5) or a percentage of desired machines (ex: 10%). Absolute
- number is calculated from percentage by rounding down. This
- can not be 0 if MaxSurge is 0. Defaults to 0. Example: when
- this is set to 30%, the old MachineSet can be scaled down
- to 70% of desired machines immediately when the rolling
- update starts. Once new machines are ready, old MachineSet
- can be scaled down further, followed by scaling up the new
- MachineSet, ensuring that the total number of machines available
- at all times during the update is at least 70% of desired
- machines.'
- x-kubernetes-int-or-string: true
- type: object
- type:
- description: Type of deployment. Default is RollingUpdate.
- enum:
- - RollingUpdate
- - OnDelete
- type: string
- type: object
- template:
- description: Template describes the machines that will be created.
- properties:
- metadata:
- description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata'
- properties:
- annotations:
- additionalProperties:
- type: string
- description: 'Annotations is an unstructured key value map
- stored with a resource that may be set by external tools
- to store and retrieve arbitrary metadata. They are not queryable
- and should be preserved when modifying objects. More info:
- http://kubernetes.io/docs/user-guide/annotations'
- type: object
- labels:
- additionalProperties:
- type: string
- description: 'Map of string keys and values that can be used
- to organize and categorize (scope and select) objects. May
- match selectors of replication controllers and services.
- More info: http://kubernetes.io/docs/user-guide/labels'
- type: object
- type: object
- spec:
- description: 'Specification of the desired behavior of the machine.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
- properties:
- bootstrap:
- description: Bootstrap is a reference to a local struct which
- encapsulates fields to configure the Machine’s bootstrapping
- mechanism.
- properties:
- configRef:
- description: ConfigRef is a reference to a bootstrap provider-specific
- resource that holds configuration details. The reference
- is optional to allow users/operators to specify Bootstrap.DataSecretName
- without the need of a controller.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object
- instead of an entire object, this string should
- contain a valid JSON/Go field access statement,
- such as desiredState.manifest.containers[2]. For
- example, if the object reference is to a container
- within a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container
- that triggered the event) or if no container name
- is specified "spec.containers[2]" (container with
- index 2 in this pod). This syntax is chosen only
- to have some well-defined way of referencing a part
- of an object. TODO: this design is not final and
- this field is subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this
- reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- dataSecretName:
- description: DataSecretName is the name of the secret
- that stores the bootstrap data script. If nil, the Machine
- should remain in the Pending state.
- type: string
- type: object
- clusterName:
- description: ClusterName is the name of the Cluster this object
- belongs to.
- minLength: 1
- type: string
- failureDomain:
- description: FailureDomain is the failure domain the machine
- will be created in. Must match a key in the FailureDomains
- map stored on the cluster object.
- type: string
- infrastructureRef:
- description: InfrastructureRef is a required reference to
- a custom resource offered by an infrastructure provider.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object instead
- of an entire object, this string should contain a valid
- JSON/Go field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container
- within a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container that
- triggered the event) or if no container name is specified
- "spec.containers[2]" (container with index 2 in this
- pod). This syntax is chosen only to have some well-defined
- way of referencing a part of an object. TODO: this design
- is not final and this field is subject to change in
- the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this reference
- is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- nodeDeletionTimeout:
- description: NodeDeletionTimeout defines how long the controller
- will attempt to delete the Node that the Machine hosts after
- the Machine is marked for deletion. A duration of 0 will
- retry deletion indefinitely. Defaults to 10 seconds.
- type: string
- nodeDrainTimeout:
- description: 'NodeDrainTimeout is the total amount of time
- that the controller will spend on draining a node. The default
- value is 0, meaning that the node can be drained without
- any time limitations. NOTE: NodeDrainTimeout is different
- from `kubectl drain --timeout`'
- type: string
- nodeVolumeDetachTimeout:
- description: NodeVolumeDetachTimeout is the total amount of
- time that the controller will spend on waiting for all volumes
- to be detached. The default value is 0, meaning that the
- volumes can be detached without any time limitations.
- type: string
- providerID:
- description: ProviderID is the identification ID of the machine
- provided by the provider. This field must match the provider
- ID as seen on the node object corresponding to this machine.
- This field is required by higher level consumers of cluster-api.
- Example use case is cluster autoscaler with cluster-api
- as provider. Clean-up logic in the autoscaler compares machines
- to nodes to find out machines at provider which could not
- get registered as Kubernetes nodes. With cluster-api as
- a generic out-of-tree provider for autoscaler, this field
- is required by autoscaler to be able to have a provider
- view of the list of machines. Another list of nodes is queried
- from the k8s apiserver and then a comparison is done to
- find out unregistered machines and are marked for delete.
- This field will be set by the actuators and consumed by
- higher level entities like autoscaler that will be interfacing
- with cluster-api as generic provider.
- type: string
- version:
- description: Version defines the desired Kubernetes version.
- This field is meant to be optionally used by bootstrap providers.
- type: string
- required:
- - bootstrap
- - clusterName
- - infrastructureRef
- type: object
- type: object
- required:
- - clusterName
- - selector
- - template
- type: object
- status:
- description: MachineDeploymentStatus defines the observed state of MachineDeployment.
- properties:
- availableReplicas:
- description: Total number of available machines (ready for at least
- minReadySeconds) targeted by this deployment.
- format: int32
- type: integer
- conditions:
- description: Conditions defines current service state of the MachineDeployment.
- items:
- description: Condition defines an observation of a Cluster API resource
- operational state.
- properties:
- lastTransitionTime:
- description: Last time the condition transitioned from one status
- to another. This should be when the underlying condition changed.
- If that is not known, then using the time when the API field
- changed is acceptable.
- format: date-time
- type: string
- message:
- description: A human readable message indicating details about
- the transition. This field may be empty.
- type: string
- reason:
- description: The reason for the condition's last transition
- in CamelCase. The specific API may choose whether or not this
- field is considered a guaranteed API. This field may not be
- empty.
- type: string
- severity:
- description: Severity provides an explicit classification of
- Reason code, so the users or machines can immediately understand
- the current situation and act accordingly. The Severity field
- MUST be set only when Status=False.
- type: string
- status:
- description: Status of the condition, one of True, False, Unknown.
- type: string
- type:
- description: Type of condition in CamelCase or in foo.example.com/CamelCase.
- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important.
- type: string
- required:
- - lastTransitionTime
- - status
- - type
- type: object
- type: array
- observedGeneration:
- description: The generation observed by the deployment controller.
- format: int64
- type: integer
- phase:
- description: Phase represents the current phase of a MachineDeployment
- (ScalingUp, ScalingDown, Running, Failed, or Unknown).
- type: string
- readyReplicas:
- description: Total number of ready machines targeted by this deployment.
- format: int32
- type: integer
- replicas:
- description: Total number of non-terminated machines targeted by this
- deployment (their labels match the selector).
- format: int32
- type: integer
- selector:
- description: 'Selector is the same as the label selector but in the
- string format to avoid introspection by clients. The string will
- be in the same format as the query-param syntax. More info about
- label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors'
- type: string
- unavailableReplicas:
- description: Total number of unavailable machines targeted by this
- deployment. This is the total number of machines that are still
- required for the deployment to have 100% available capacity. They
- may either be machines that are running but not yet available or
- machines that still have not been created.
- format: int32
- type: integer
- updatedReplicas:
- description: Total number of non-terminated machines targeted by this
- deployment that have the desired template spec.
- format: int32
- type: integer
- type: object
- type: object
- served: true
- storage: true
- subresources:
- scale:
- labelSelectorPath: .status.selector
- specReplicasPath: .spec.replicas
- statusReplicasPath: .status.replicas
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: null
- storedVersions: null
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- cert-manager.io/inject-ca-from: capi-system/capi-serving-cert
- controller-gen.kubebuilder.io/version: v0.10.0
- creationTimestamp: null
- labels:
- cluster.x-k8s.io/provider: cluster-api
- clusterctl.cluster.x-k8s.io: ""
- name: machinehealthchecks.cluster.x-k8s.io
-spec:
- conversion:
- strategy: Webhook
- webhook:
- clientConfig:
- caBundle: Cg==
- service:
- name: capi-webhook-service
- namespace: capi-system
- path: /convert
- conversionReviewVersions:
- - v1
- - v1beta1
- group: cluster.x-k8s.io
- names:
- categories:
- - cluster-api
- kind: MachineHealthCheck
- listKind: MachineHealthCheckList
- plural: machinehealthchecks
- shortNames:
- - mhc
- - mhcs
- singular: machinehealthcheck
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - description: Maximum number of unhealthy machines allowed
- jsonPath: .spec.maxUnhealthy
- name: MaxUnhealthy
- type: string
- - description: Number of machines currently monitored
- jsonPath: .status.expectedMachines
- name: ExpectedMachines
- type: integer
- - description: Current observed healthy machines
- jsonPath: .status.currentHealthy
- name: CurrentHealthy
- type: integer
- name: v1alpha3
- schema:
- openAPIV3Schema:
- description: MachineHealthCheck is the Schema for the machinehealthchecks
- API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: Specification of machine health check policy
- properties:
- clusterName:
- description: ClusterName is the name of the Cluster this object belongs
- to.
- minLength: 1
- type: string
- maxUnhealthy:
- anyOf:
- - type: integer
- - type: string
- description: Any further remediation is only allowed if at most "MaxUnhealthy"
- machines selected by "selector" are not healthy.
- x-kubernetes-int-or-string: true
- nodeStartupTimeout:
- description: Machines older than this duration without a node will
- be considered to have failed and will be remediated.
- type: string
- remediationTemplate:
- description: "RemediationTemplate is a reference to a remediation
- template provided by an infrastructure provider. \n This field is
- completely optional, when filled, the MachineHealthCheck controller
- creates a new object from the template referenced and hands off
- remediation of the machine to a controller that lives outside of
- Cluster API."
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object instead of
- an entire object, this string should contain a valid JSON/Go
- field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container within
- a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container that triggered
- the event) or if no container name is specified "spec.containers[2]"
- (container with index 2 in this pod). This syntax is chosen
- only to have some well-defined way of referencing a part of
- an object. TODO: this design is not final and this field is
- subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this reference
- is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- selector:
- description: Label selector to match machines whose health will be
- exercised
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements.
- The requirements are ANDed.
- items:
- description: A label selector requirement is a selector that
- contains values, a key, and an operator that relates the key
- and values.
- properties:
- key:
- description: key is the label key that the selector applies
- to.
- type: string
- operator:
- description: operator represents a key's relationship to
- a set of values. Valid operators are In, NotIn, Exists
- and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the
- operator is In or NotIn, the values array must be non-empty.
- If the operator is Exists or DoesNotExist, the values
- array must be empty. This array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs. A single
- {key,value} in the matchLabels map is equivalent to an element
- of matchExpressions, whose key field is "key", the operator
- is "In", and the values array contains only "value". The requirements
- are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- unhealthyConditions:
- description: UnhealthyConditions contains a list of the conditions
- that determine whether a node is considered unhealthy. The conditions
- are combined in a logical OR, i.e. if any of the conditions is met,
- the node is unhealthy.
- items:
- description: UnhealthyCondition represents a Node condition type
- and value with a timeout specified as a duration. When the named
- condition has been in the given status for at least the timeout
- value, a node is considered unhealthy.
- properties:
- status:
- minLength: 1
- type: string
- timeout:
- type: string
- type:
- minLength: 1
- type: string
- required:
- - status
- - timeout
- - type
- type: object
- minItems: 1
- type: array
- required:
- - clusterName
- - selector
- - unhealthyConditions
- type: object
- status:
- description: Most recently observed status of MachineHealthCheck resource
- properties:
- conditions:
- description: Conditions defines current service state of the MachineHealthCheck.
- items:
- description: Condition defines an observation of a Cluster API resource
- operational state.
- properties:
- lastTransitionTime:
- description: Last time the condition transitioned from one status
- to another. This should be when the underlying condition changed.
- If that is not known, then using the time when the API field
- changed is acceptable.
- format: date-time
- type: string
- message:
- description: A human readable message indicating details about
- the transition. This field may be empty.
- type: string
- reason:
- description: The reason for the condition's last transition
- in CamelCase. The specific API may choose whether or not this
- field is considered a guaranteed API. This field may not be
- empty.
- type: string
- severity:
- description: Severity provides an explicit classification of
- Reason code, so the users or machines can immediately understand
- the current situation and act accordingly. The Severity field
- MUST be set only when Status=False.
- type: string
- status:
- description: Status of the condition, one of True, False, Unknown.
- type: string
- type:
- description: Type of condition in CamelCase or in foo.example.com/CamelCase.
- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important.
- type: string
- required:
- - status
- - type
- type: object
- type: array
- currentHealthy:
- description: total number of healthy machines counted by this machine
- health check
- format: int32
- minimum: 0
- type: integer
- expectedMachines:
- description: total number of machines counted by this machine health
- check
- format: int32
- minimum: 0
- type: integer
- observedGeneration:
- description: ObservedGeneration is the latest generation observed
- by the controller.
- format: int64
- type: integer
- remediationsAllowed:
- description: RemediationsAllowed is the number of further remediations
- allowed by this machine health check before maxUnhealthy short circuiting
- will be applied
- format: int32
- minimum: 0
- type: integer
- targets:
- description: Targets shows the current list of machines the machine
- health check is watching
- items:
- type: string
- type: array
- type: object
- type: object
- served: true
- storage: false
- subresources:
- status: {}
- - additionalPrinterColumns:
- - description: Cluster
- jsonPath: .spec.clusterName
- name: Cluster
- type: string
- - description: Time duration since creation of MachineHealthCheck
- jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- - description: Maximum number of unhealthy machines allowed
- jsonPath: .spec.maxUnhealthy
- name: MaxUnhealthy
- type: string
- - description: Number of machines currently monitored
- jsonPath: .status.expectedMachines
- name: ExpectedMachines
- type: integer
- - description: Current observed healthy machines
- jsonPath: .status.currentHealthy
- name: CurrentHealthy
- type: integer
- name: v1alpha4
- schema:
- openAPIV3Schema:
- description: MachineHealthCheck is the Schema for the machinehealthchecks
- API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: Specification of machine health check policy
- properties:
- clusterName:
- description: ClusterName is the name of the Cluster this object belongs
- to.
- minLength: 1
- type: string
- maxUnhealthy:
- anyOf:
- - type: integer
- - type: string
- description: Any further remediation is only allowed if at most "MaxUnhealthy"
- machines selected by "selector" are not healthy.
- x-kubernetes-int-or-string: true
- nodeStartupTimeout:
- description: Machines older than this duration without a node will
- be considered to have failed and will be remediated. If not set,
- this value is defaulted to 10 minutes. If you wish to disable this
- feature, set the value explicitly to 0.
- type: string
- remediationTemplate:
- description: "RemediationTemplate is a reference to a remediation
- template provided by an infrastructure provider. \n This field is
- completely optional, when filled, the MachineHealthCheck controller
- creates a new object from the template referenced and hands off
- remediation of the machine to a controller that lives outside of
- Cluster API."
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object instead of
- an entire object, this string should contain a valid JSON/Go
- field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container within
- a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container that triggered
- the event) or if no container name is specified "spec.containers[2]"
- (container with index 2 in this pod). This syntax is chosen
- only to have some well-defined way of referencing a part of
- an object. TODO: this design is not final and this field is
- subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this reference
- is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- selector:
- description: Label selector to match machines whose health will be
- exercised
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements.
- The requirements are ANDed.
- items:
- description: A label selector requirement is a selector that
- contains values, a key, and an operator that relates the key
- and values.
- properties:
- key:
- description: key is the label key that the selector applies
- to.
- type: string
- operator:
- description: operator represents a key's relationship to
- a set of values. Valid operators are In, NotIn, Exists
- and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the
- operator is In or NotIn, the values array must be non-empty.
- If the operator is Exists or DoesNotExist, the values
- array must be empty. This array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs. A single
- {key,value} in the matchLabels map is equivalent to an element
- of matchExpressions, whose key field is "key", the operator
- is "In", and the values array contains only "value". The requirements
- are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- unhealthyConditions:
- description: UnhealthyConditions contains a list of the conditions
- that determine whether a node is considered unhealthy. The conditions
- are combined in a logical OR, i.e. if any of the conditions is met,
- the node is unhealthy.
- items:
- description: UnhealthyCondition represents a Node condition type
- and value with a timeout specified as a duration. When the named
- condition has been in the given status for at least the timeout
- value, a node is considered unhealthy.
- properties:
- status:
- minLength: 1
- type: string
- timeout:
- type: string
- type:
- minLength: 1
- type: string
- required:
- - status
- - timeout
- - type
- type: object
- minItems: 1
- type: array
- unhealthyRange:
- description: 'Any further remediation is only allowed if the number
- of machines selected by "selector" as not healthy is within the
- range of "UnhealthyRange". Takes precedence over MaxUnhealthy. Eg.
- "[3-5]" - This means that remediation will be allowed only when:
- (a) there are at least 3 unhealthy machines (and) (b) there are
- at most 5 unhealthy machines'
- pattern: ^\[[0-9]+-[0-9]+\]$
- type: string
- required:
- - clusterName
- - selector
- - unhealthyConditions
- type: object
- status:
- description: Most recently observed status of MachineHealthCheck resource
- properties:
- conditions:
- description: Conditions defines current service state of the MachineHealthCheck.
- items:
- description: Condition defines an observation of a Cluster API resource
- operational state.
- properties:
- lastTransitionTime:
- description: Last time the condition transitioned from one status
- to another. This should be when the underlying condition changed.
- If that is not known, then using the time when the API field
- changed is acceptable.
- format: date-time
- type: string
- message:
- description: A human readable message indicating details about
- the transition. This field may be empty.
- type: string
- reason:
- description: The reason for the condition's last transition
- in CamelCase. The specific API may choose whether or not this
- field is considered a guaranteed API. This field may not be
- empty.
- type: string
- severity:
- description: Severity provides an explicit classification of
- Reason code, so the users or machines can immediately understand
- the current situation and act accordingly. The Severity field
- MUST be set only when Status=False.
- type: string
- status:
- description: Status of the condition, one of True, False, Unknown.
- type: string
- type:
- description: Type of condition in CamelCase or in foo.example.com/CamelCase.
- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important.
- type: string
- required:
- - status
- - type
- type: object
- type: array
- currentHealthy:
- description: total number of healthy machines counted by this machine
- health check
- format: int32
- minimum: 0
- type: integer
- expectedMachines:
- description: total number of machines counted by this machine health
- check
- format: int32
- minimum: 0
- type: integer
- observedGeneration:
- description: ObservedGeneration is the latest generation observed
- by the controller.
- format: int64
- type: integer
- remediationsAllowed:
- description: RemediationsAllowed is the number of further remediations
- allowed by this machine health check before maxUnhealthy short circuiting
- will be applied
- format: int32
- minimum: 0
- type: integer
- targets:
- description: Targets shows the current list of machines the machine
- health check is watching
- items:
- type: string
- type: array
- type: object
- type: object
- served: true
- storage: false
- subresources:
- status: {}
- - additionalPrinterColumns:
- - description: Cluster
- jsonPath: .spec.clusterName
- name: Cluster
- type: string
- - description: Number of machines currently monitored
- jsonPath: .status.expectedMachines
- name: ExpectedMachines
- type: integer
- - description: Maximum number of unhealthy machines allowed
- jsonPath: .spec.maxUnhealthy
- name: MaxUnhealthy
- type: string
- - description: Current observed healthy machines
- jsonPath: .status.currentHealthy
- name: CurrentHealthy
- type: integer
- - description: Time duration since creation of MachineHealthCheck
- jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1beta1
- schema:
- openAPIV3Schema:
- description: MachineHealthCheck is the Schema for the machinehealthchecks
- API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: Specification of machine health check policy
- properties:
- clusterName:
- description: ClusterName is the name of the Cluster this object belongs
- to.
- minLength: 1
- type: string
- maxUnhealthy:
- anyOf:
- - type: integer
- - type: string
- description: Any further remediation is only allowed if at most "MaxUnhealthy"
- machines selected by "selector" are not healthy.
- x-kubernetes-int-or-string: true
- nodeStartupTimeout:
- description: Machines older than this duration without a node will
- be considered to have failed and will be remediated. If not set,
- this value is defaulted to 10 minutes. If you wish to disable this
- feature, set the value explicitly to 0.
- type: string
- remediationTemplate:
- description: "RemediationTemplate is a reference to a remediation
- template provided by an infrastructure provider. \n This field is
- completely optional, when filled, the MachineHealthCheck controller
- creates a new object from the template referenced and hands off
- remediation of the machine to a controller that lives outside of
- Cluster API."
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object instead of
- an entire object, this string should contain a valid JSON/Go
- field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container within
- a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container that triggered
- the event) or if no container name is specified "spec.containers[2]"
- (container with index 2 in this pod). This syntax is chosen
- only to have some well-defined way of referencing a part of
- an object. TODO: this design is not final and this field is
- subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this reference
- is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- selector:
- description: Label selector to match machines whose health will be
- exercised
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements.
- The requirements are ANDed.
- items:
- description: A label selector requirement is a selector that
- contains values, a key, and an operator that relates the key
- and values.
- properties:
- key:
- description: key is the label key that the selector applies
- to.
- type: string
- operator:
- description: operator represents a key's relationship to
- a set of values. Valid operators are In, NotIn, Exists
- and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the
- operator is In or NotIn, the values array must be non-empty.
- If the operator is Exists or DoesNotExist, the values
- array must be empty. This array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs. A single
- {key,value} in the matchLabels map is equivalent to an element
- of matchExpressions, whose key field is "key", the operator
- is "In", and the values array contains only "value". The requirements
- are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- unhealthyConditions:
- description: UnhealthyConditions contains a list of the conditions
- that determine whether a node is considered unhealthy. The conditions
- are combined in a logical OR, i.e. if any of the conditions is met,
- the node is unhealthy.
- items:
- description: UnhealthyCondition represents a Node condition type
- and value with a timeout specified as a duration. When the named
- condition has been in the given status for at least the timeout
- value, a node is considered unhealthy.
- properties:
- status:
- minLength: 1
- type: string
- timeout:
- type: string
- type:
- minLength: 1
- type: string
- required:
- - status
- - timeout
- - type
- type: object
- minItems: 1
- type: array
- unhealthyRange:
- description: 'Any further remediation is only allowed if the number
- of machines selected by "selector" as not healthy is within the
- range of "UnhealthyRange". Takes precedence over MaxUnhealthy. Eg.
- "[3-5]" - This means that remediation will be allowed only when:
- (a) there are at least 3 unhealthy machines (and) (b) there are
- at most 5 unhealthy machines'
- pattern: ^\[[0-9]+-[0-9]+\]$
- type: string
- required:
- - clusterName
- - selector
- - unhealthyConditions
- type: object
- status:
- description: Most recently observed status of MachineHealthCheck resource
- properties:
- conditions:
- description: Conditions defines current service state of the MachineHealthCheck.
- items:
- description: Condition defines an observation of a Cluster API resource
- operational state.
- properties:
- lastTransitionTime:
- description: Last time the condition transitioned from one status
- to another. This should be when the underlying condition changed.
- If that is not known, then using the time when the API field
- changed is acceptable.
- format: date-time
- type: string
- message:
- description: A human readable message indicating details about
- the transition. This field may be empty.
- type: string
- reason:
- description: The reason for the condition's last transition
- in CamelCase. The specific API may choose whether or not this
- field is considered a guaranteed API. This field may not be
- empty.
- type: string
- severity:
- description: Severity provides an explicit classification of
- Reason code, so the users or machines can immediately understand
- the current situation and act accordingly. The Severity field
- MUST be set only when Status=False.
- type: string
- status:
- description: Status of the condition, one of True, False, Unknown.
- type: string
- type:
- description: Type of condition in CamelCase or in foo.example.com/CamelCase.
- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important.
- type: string
- required:
- - lastTransitionTime
- - status
- - type
- type: object
- type: array
- currentHealthy:
- description: total number of healthy machines counted by this machine
- health check
- format: int32
- minimum: 0
- type: integer
- expectedMachines:
- description: total number of machines counted by this machine health
- check
- format: int32
- minimum: 0
- type: integer
- observedGeneration:
- description: ObservedGeneration is the latest generation observed
- by the controller.
- format: int64
- type: integer
- remediationsAllowed:
- description: RemediationsAllowed is the number of further remediations
- allowed by this machine health check before maxUnhealthy short circuiting
- will be applied
- format: int32
- minimum: 0
- type: integer
- targets:
- description: Targets shows the current list of machines the machine
- health check is watching
- items:
- type: string
- type: array
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: null
- storedVersions: null
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- cert-manager.io/inject-ca-from: capi-system/capi-serving-cert
- controller-gen.kubebuilder.io/version: v0.10.0
- creationTimestamp: null
- labels:
- cluster.x-k8s.io/provider: cluster-api
- clusterctl.cluster.x-k8s.io: ""
- name: machinepools.cluster.x-k8s.io
-spec:
- conversion:
- strategy: Webhook
- webhook:
- clientConfig:
- caBundle: Cg==
- service:
- name: capi-webhook-service
- namespace: capi-system
- path: /convert
- conversionReviewVersions:
- - v1
- - v1beta1
- group: cluster.x-k8s.io
- names:
- categories:
- - cluster-api
- kind: MachinePool
- listKind: MachinePoolList
- plural: machinepools
- shortNames:
- - mp
- singular: machinepool
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - description: MachinePool replicas count
- jsonPath: .status.replicas
- name: Replicas
- type: string
- - description: MachinePool status such as Terminating/Pending/Provisioning/Running/Failed
- etc
- jsonPath: .status.phase
- name: Phase
- type: string
- - description: Kubernetes version associated with this MachinePool
- jsonPath: .spec.template.spec.version
- name: Version
- type: string
- name: v1alpha3
- schema:
- openAPIV3Schema:
- description: MachinePool is the Schema for the machinepools API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: MachinePoolSpec defines the desired state of MachinePool.
- properties:
- clusterName:
- description: ClusterName is the name of the Cluster this object belongs
- to.
- minLength: 1
- type: string
- failureDomains:
- description: FailureDomains is the list of failure domains this MachinePool
- should be attached to.
- items:
- type: string
- type: array
- minReadySeconds:
- description: Minimum number of seconds for which a newly created machine
- instances should be ready. Defaults to 0 (machine instance will
- be considered available as soon as it is ready)
- format: int32
- type: integer
- providerIDList:
- description: ProviderIDList are the identification IDs of machine
- instances provided by the provider. This field must match the provider
- IDs as seen on the node objects corresponding to a machine pool's
- machine instances.
- items:
- type: string
- type: array
- replicas:
- description: Number of desired machines. Defaults to 1. This is a
- pointer to distinguish between explicit zero and not specified.
- format: int32
- type: integer
- strategy:
- description: The deployment strategy to use to replace existing machine
- instances with new ones.
- properties:
- rollingUpdate:
- description: Rolling update config params. Present only if MachineDeploymentStrategyType
- = RollingUpdate.
- properties:
- maxSurge:
- anyOf:
- - type: integer
- - type: string
- description: 'The maximum number of machines that can be scheduled
- above the desired number of machines. Value can be an absolute
- number (ex: 5) or a percentage of desired machines (ex:
- 10%). This can not be 0 if MaxUnavailable is 0. Absolute
- number is calculated from percentage by rounding up. Defaults
- to 1. Example: when this is set to 30%, the new MachineSet
- can be scaled up immediately when the rolling update starts,
- such that the total number of old and new machines do not
- exceed 130% of desired machines. Once old machines have
- been killed, new MachineSet can be scaled up further, ensuring
- that total number of machines running at any time during
- the update is at most 130% of desired machines.'
- x-kubernetes-int-or-string: true
- maxUnavailable:
- anyOf:
- - type: integer
- - type: string
- description: 'The maximum number of machines that can be unavailable
- during the update. Value can be an absolute number (ex:
- 5) or a percentage of desired machines (ex: 10%). Absolute
- number is calculated from percentage by rounding down. This
- can not be 0 if MaxSurge is 0. Defaults to 0. Example: when
- this is set to 30%, the old MachineSet can be scaled down
- to 70% of desired machines immediately when the rolling
- update starts. Once new machines are ready, old MachineSet
- can be scaled down further, followed by scaling up the new
- MachineSet, ensuring that the total number of machines available
- at all times during the update is at least 70% of desired
- machines.'
- x-kubernetes-int-or-string: true
- type: object
- type:
- description: Type of deployment. Currently the only supported
- strategy is "RollingUpdate". Default is RollingUpdate.
- type: string
- type: object
- template:
- description: Template describes the machines that will be created.
- properties:
- metadata:
- description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata'
- properties:
- annotations:
- additionalProperties:
- type: string
- description: 'Annotations is an unstructured key value map
- stored with a resource that may be set by external tools
- to store and retrieve arbitrary metadata. They are not queryable
- and should be preserved when modifying objects. More info:
- http://kubernetes.io/docs/user-guide/annotations'
- type: object
- generateName:
- description: "GenerateName is an optional prefix, used by
- the server, to generate a unique name ONLY IF the Name field
- has not been provided. If this field is used, the name returned
- to the client will be different than the name passed. This
- value will also be combined with a unique suffix. The provided
- value has the same validation rules as the Name field, and
- may be truncated by the length of the suffix required to
- make the value unique on the server. \n If this field is
- specified and the generated name exists, the server will
- NOT return a 409 - instead, it will either return 201 Created
- or 500 with Reason ServerTimeout indicating a unique name
- could not be found in the time allotted, and the client
- should retry (optionally after the time indicated in the
- Retry-After header). \n Applied only if Name is not specified.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency
- \n Deprecated: This field has no function and is going to
- be removed in a next release."
- type: string
- labels:
- additionalProperties:
- type: string
- description: 'Map of string keys and values that can be used
- to organize and categorize (scope and select) objects. May
- match selectors of replication controllers and services.
- More info: http://kubernetes.io/docs/user-guide/labels'
- type: object
- name:
- description: "Name must be unique within a namespace. Is required
- when creating resources, although some resources may allow
- a client to request the generation of an appropriate name
- automatically. Name is primarily intended for creation idempotence
- and configuration definition. Cannot be updated. More info:
- http://kubernetes.io/docs/user-guide/identifiers#names \n
- Deprecated: This field has no function and is going to be
- removed in a next release."
- type: string
- namespace:
- description: "Namespace defines the space within each name
- must be unique. An empty namespace is equivalent to the
- \"default\" namespace, but \"default\" is the canonical
- representation. Not all objects are required to be scoped
- to a namespace - the value of this field for those objects
- will be empty. \n Must be a DNS_LABEL. Cannot be updated.
- More info: http://kubernetes.io/docs/user-guide/namespaces
- \n Deprecated: This field has no function and is going to
- be removed in a next release."
- type: string
- ownerReferences:
- description: "List of objects depended by this object. If
- ALL objects in the list have been deleted, this object will
- be garbage collected. If this object is managed by a controller,
- then an entry in this list will point to this controller,
- with the controller field set to true. There cannot be more
- than one managing controller. \n Deprecated: This field
- has no function and is going to be removed in a next release."
- items:
- description: OwnerReference contains enough information
- to let you identify an owning object. An owning object
- must be in the same namespace as the dependent, or be
- cluster-scoped, so there is no namespace field.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- blockOwnerDeletion:
- description: If true, AND if the owner has the "foregroundDeletion"
- finalizer, then the owner cannot be deleted from the
- key-value store until this reference is removed. See
- https://kubernetes.io/docs/concepts/architecture/garbage-collection/#foreground-deletion
- for how the garbage collector interacts with this
- field and enforces the foreground deletion. Defaults
- to false. To set this field, a user needs "delete"
- permission of the owner, otherwise 422 (Unprocessable
- Entity) will be returned.
- type: boolean
- controller:
- description: If true, this reference points to the managing
- controller.
- type: boolean
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names'
- type: string
- uid:
- description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids'
- type: string
- required:
- - apiVersion
- - kind
- - name
- - uid
- type: object
- x-kubernetes-map-type: atomic
- type: array
- type: object
- spec:
- description: 'Specification of the desired behavior of the machine.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
- properties:
- bootstrap:
- description: Bootstrap is a reference to a local struct which
- encapsulates fields to configure the Machine’s bootstrapping
- mechanism.
- properties:
- configRef:
- description: ConfigRef is a reference to a bootstrap provider-specific
- resource that holds configuration details. The reference
- is optional to allow users/operators to specify Bootstrap.Data
- without the need of a controller.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object
- instead of an entire object, this string should
- contain a valid JSON/Go field access statement,
- such as desiredState.manifest.containers[2]. For
- example, if the object reference is to a container
- within a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container
- that triggered the event) or if no container name
- is specified "spec.containers[2]" (container with
- index 2 in this pod). This syntax is chosen only
- to have some well-defined way of referencing a part
- of an object. TODO: this design is not final and
- this field is subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this
- reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- data:
- description: "Data contains the bootstrap data, such as
- cloud-init details scripts. If nil, the Machine should
- remain in the Pending state. \n Deprecated: Switch to
- DataSecretName."
- type: string
- dataSecretName:
- description: DataSecretName is the name of the secret
- that stores the bootstrap data script. If nil, the Machine
- should remain in the Pending state.
- type: string
- type: object
- clusterName:
- description: ClusterName is the name of the Cluster this object
- belongs to.
- minLength: 1
- type: string
- failureDomain:
- description: FailureDomain is the failure domain the machine
- will be created in. Must match a key in the FailureDomains
- map stored on the cluster object.
- type: string
- infrastructureRef:
- description: InfrastructureRef is a required reference to
- a custom resource offered by an infrastructure provider.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object instead
- of an entire object, this string should contain a valid
- JSON/Go field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container
- within a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container that
- triggered the event) or if no container name is specified
- "spec.containers[2]" (container with index 2 in this
- pod). This syntax is chosen only to have some well-defined
- way of referencing a part of an object. TODO: this design
- is not final and this field is subject to change in
- the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this reference
- is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- nodeDrainTimeout:
- description: 'NodeDrainTimeout is the total amount of time
- that the controller will spend on draining a node. The default
- value is 0, meaning that the node can be drained without
- any time limitations. NOTE: NodeDrainTimeout is different
- from `kubectl drain --timeout`'
- type: string
- providerID:
- description: ProviderID is the identification ID of the machine
- provided by the provider. This field must match the provider
- ID as seen on the node object corresponding to this machine.
- This field is required by higher level consumers of cluster-api.
- Example use case is cluster autoscaler with cluster-api
- as provider. Clean-up logic in the autoscaler compares machines
- to nodes to find out machines at provider which could not
- get registered as Kubernetes nodes. With cluster-api as
- a generic out-of-tree provider for autoscaler, this field
- is required by autoscaler to be able to have a provider
- view of the list of machines. Another list of nodes is queried
- from the k8s apiserver and then a comparison is done to
- find out unregistered machines and are marked for delete.
- This field will be set by the actuators and consumed by
- higher level entities like autoscaler that will be interfacing
- with cluster-api as generic provider.
- type: string
- version:
- description: Version defines the desired Kubernetes version.
- This field is meant to be optionally used by bootstrap providers.
- type: string
- required:
- - bootstrap
- - clusterName
- - infrastructureRef
- type: object
- type: object
- required:
- - clusterName
- - template
- type: object
- status:
- description: MachinePoolStatus defines the observed state of MachinePool.
- properties:
- availableReplicas:
- description: The number of available replicas (ready for at least
- minReadySeconds) for this MachinePool.
- format: int32
- type: integer
- bootstrapReady:
- description: BootstrapReady is the state of the bootstrap provider.
- type: boolean
- conditions:
- description: Conditions define the current service state of the MachinePool.
- items:
- description: Condition defines an observation of a Cluster API resource
- operational state.
- properties:
- lastTransitionTime:
- description: Last time the condition transitioned from one status
- to another. This should be when the underlying condition changed.
- If that is not known, then using the time when the API field
- changed is acceptable.
- format: date-time
- type: string
- message:
- description: A human readable message indicating details about
- the transition. This field may be empty.
- type: string
- reason:
- description: The reason for the condition's last transition
- in CamelCase. The specific API may choose whether or not this
- field is considered a guaranteed API. This field may not be
- empty.
- type: string
- severity:
- description: Severity provides an explicit classification of
- Reason code, so the users or machines can immediately understand
- the current situation and act accordingly. The Severity field
- MUST be set only when Status=False.
- type: string
- status:
- description: Status of the condition, one of True, False, Unknown.
- type: string
- type:
- description: Type of condition in CamelCase or in foo.example.com/CamelCase.
- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important.
- type: string
- required:
- - status
- - type
- type: object
- type: array
- failureMessage:
- description: FailureMessage indicates that there is a problem reconciling
- the state, and will be set to a descriptive error message.
- type: string
- failureReason:
- description: FailureReason indicates that there is a problem reconciling
- the state, and will be set to a token value suitable for programmatic
- interpretation.
- type: string
- infrastructureReady:
- description: InfrastructureReady is the state of the infrastructure
- provider.
- type: boolean
- nodeRefs:
- description: NodeRefs will point to the corresponding Nodes if it
- they exist.
- items:
- description: "ObjectReference contains enough information to let
- you inspect or modify the referred object. --- New uses of this
- type are discouraged because of difficulty describing its usage
- when embedded in APIs. 1. Ignored fields. It includes many fields
- which are not generally honored. For instance, ResourceVersion
- and FieldPath are both very rarely valid in actual usage. 2. Invalid
- usage help. It is impossible to add specific help for individual
- usage. In most embedded usages, there are particular restrictions
- like, \"must refer only to types A and B\" or \"UID not honored\"
- or \"name must be restricted\". Those cannot be well described
- when embedded. 3. Inconsistent validation. Because the usages
- are different, the validation rules are different by usage, which
- makes it hard for users to predict what will happen. 4. The fields
- are both imprecise and overly precise. Kind is not a precise
- mapping to a URL. This can produce ambiguity during interpretation
- and require a REST mapping. In most cases, the dependency is
- on the group,resource tuple and the version of the actual struct
- is irrelevant. 5. We cannot easily change it. Because this type
- is embedded in many locations, updates to this type will affect
- numerous schemas. Don't make new APIs embed an underspecified
- API type they do not control. \n Instead of using this type, create
- a locally provided and used type that is well-focused on your
- reference. For example, ServiceReferences for admission registration:
- https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533
- ."
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object instead of
- an entire object, this string should contain a valid JSON/Go
- field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container within
- a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container that triggered
- the event) or if no container name is specified "spec.containers[2]"
- (container with index 2 in this pod). This syntax is chosen
- only to have some well-defined way of referencing a part of
- an object. TODO: this design is not final and this field is
- subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this reference
- is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- type: array
- observedGeneration:
- description: ObservedGeneration is the latest generation observed
- by the controller.
- format: int64
- type: integer
- phase:
- description: Phase represents the current phase of cluster actuation.
- E.g. Pending, Running, Terminating, Failed etc.
- type: string
- readyReplicas:
- description: The number of ready replicas for this MachinePool. A
- machine is considered ready when the node has been created and is
- "Ready".
- format: int32
- type: integer
- replicas:
- description: Replicas is the most recently observed number of replicas.
- format: int32
- type: integer
- unavailableReplicas:
- description: Total number of unavailable machine instances targeted
- by this machine pool. This is the total number of machine instances
- that are still required for the machine pool to have 100% available
- capacity. They may either be machine instances that are running
- but not yet available or machine instances that still have not been
- created.
- format: int32
- type: integer
- type: object
- type: object
- served: true
- storage: false
- subresources:
- scale:
- specReplicasPath: .spec.replicas
- statusReplicasPath: .status.replicas
- status: {}
- - additionalPrinterColumns:
- - description: Time duration since creation of MachinePool
- jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- - description: MachinePool replicas count
- jsonPath: .status.replicas
- name: Replicas
- type: string
- - description: MachinePool status such as Terminating/Pending/Provisioning/Running/Failed
- etc
- jsonPath: .status.phase
- name: Phase
- type: string
- - description: Kubernetes version associated with this MachinePool
- jsonPath: .spec.template.spec.version
- name: Version
- type: string
- name: v1alpha4
- schema:
- openAPIV3Schema:
- description: MachinePool is the Schema for the machinepools API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: MachinePoolSpec defines the desired state of MachinePool.
- properties:
- clusterName:
- description: ClusterName is the name of the Cluster this object belongs
- to.
- minLength: 1
- type: string
- failureDomains:
- description: FailureDomains is the list of failure domains this MachinePool
- should be attached to.
- items:
- type: string
- type: array
- minReadySeconds:
- description: Minimum number of seconds for which a newly created machine
- instances should be ready. Defaults to 0 (machine instance will
- be considered available as soon as it is ready)
- format: int32
- type: integer
- providerIDList:
- description: ProviderIDList are the identification IDs of machine
- instances provided by the provider. This field must match the provider
- IDs as seen on the node objects corresponding to a machine pool's
- machine instances.
- items:
- type: string
- type: array
- replicas:
- description: Number of desired machines. Defaults to 1. This is a
- pointer to distinguish between explicit zero and not specified.
- format: int32
- type: integer
- template:
- description: Template describes the machines that will be created.
- properties:
- metadata:
- description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata'
- properties:
- annotations:
- additionalProperties:
- type: string
- description: 'Annotations is an unstructured key value map
- stored with a resource that may be set by external tools
- to store and retrieve arbitrary metadata. They are not queryable
- and should be preserved when modifying objects. More info:
- http://kubernetes.io/docs/user-guide/annotations'
- type: object
- labels:
- additionalProperties:
- type: string
- description: 'Map of string keys and values that can be used
- to organize and categorize (scope and select) objects. May
- match selectors of replication controllers and services.
- More info: http://kubernetes.io/docs/user-guide/labels'
- type: object
- type: object
- spec:
- description: 'Specification of the desired behavior of the machine.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
- properties:
- bootstrap:
- description: Bootstrap is a reference to a local struct which
- encapsulates fields to configure the Machine’s bootstrapping
- mechanism.
- properties:
- configRef:
- description: ConfigRef is a reference to a bootstrap provider-specific
- resource that holds configuration details. The reference
- is optional to allow users/operators to specify Bootstrap.DataSecretName
- without the need of a controller.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object
- instead of an entire object, this string should
- contain a valid JSON/Go field access statement,
- such as desiredState.manifest.containers[2]. For
- example, if the object reference is to a container
- within a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container
- that triggered the event) or if no container name
- is specified "spec.containers[2]" (container with
- index 2 in this pod). This syntax is chosen only
- to have some well-defined way of referencing a part
- of an object. TODO: this design is not final and
- this field is subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this
- reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- dataSecretName:
- description: DataSecretName is the name of the secret
- that stores the bootstrap data script. If nil, the Machine
- should remain in the Pending state.
- type: string
- type: object
- clusterName:
- description: ClusterName is the name of the Cluster this object
- belongs to.
- minLength: 1
- type: string
- failureDomain:
- description: FailureDomain is the failure domain the machine
- will be created in. Must match a key in the FailureDomains
- map stored on the cluster object.
- type: string
- infrastructureRef:
- description: InfrastructureRef is a required reference to
- a custom resource offered by an infrastructure provider.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object instead
- of an entire object, this string should contain a valid
- JSON/Go field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container
- within a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container that
- triggered the event) or if no container name is specified
- "spec.containers[2]" (container with index 2 in this
- pod). This syntax is chosen only to have some well-defined
- way of referencing a part of an object. TODO: this design
- is not final and this field is subject to change in
- the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this reference
- is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- nodeDrainTimeout:
- description: 'NodeDrainTimeout is the total amount of time
- that the controller will spend on draining a node. The default
- value is 0, meaning that the node can be drained without
- any time limitations. NOTE: NodeDrainTimeout is different
- from `kubectl drain --timeout`'
- type: string
- providerID:
- description: ProviderID is the identification ID of the machine
- provided by the provider. This field must match the provider
- ID as seen on the node object corresponding to this machine.
- This field is required by higher level consumers of cluster-api.
- Example use case is cluster autoscaler with cluster-api
- as provider. Clean-up logic in the autoscaler compares machines
- to nodes to find out machines at provider which could not
- get registered as Kubernetes nodes. With cluster-api as
- a generic out-of-tree provider for autoscaler, this field
- is required by autoscaler to be able to have a provider
- view of the list of machines. Another list of nodes is queried
- from the k8s apiserver and then a comparison is done to
- find out unregistered machines and are marked for delete.
- This field will be set by the actuators and consumed by
- higher level entities like autoscaler that will be interfacing
- with cluster-api as generic provider.
- type: string
- version:
- description: Version defines the desired Kubernetes version.
- This field is meant to be optionally used by bootstrap providers.
- type: string
- required:
- - bootstrap
- - clusterName
- - infrastructureRef
- type: object
- type: object
- required:
- - clusterName
- - template
- type: object
- status:
- description: MachinePoolStatus defines the observed state of MachinePool.
- properties:
- availableReplicas:
- description: The number of available replicas (ready for at least
- minReadySeconds) for this MachinePool.
- format: int32
- type: integer
- bootstrapReady:
- description: BootstrapReady is the state of the bootstrap provider.
- type: boolean
- conditions:
- description: Conditions define the current service state of the MachinePool.
- items:
- description: Condition defines an observation of a Cluster API resource
- operational state.
- properties:
- lastTransitionTime:
- description: Last time the condition transitioned from one status
- to another. This should be when the underlying condition changed.
- If that is not known, then using the time when the API field
- changed is acceptable.
- format: date-time
- type: string
- message:
- description: A human readable message indicating details about
- the transition. This field may be empty.
- type: string
- reason:
- description: The reason for the condition's last transition
- in CamelCase. The specific API may choose whether or not this
- field is considered a guaranteed API. This field may not be
- empty.
- type: string
- severity:
- description: Severity provides an explicit classification of
- Reason code, so the users or machines can immediately understand
- the current situation and act accordingly. The Severity field
- MUST be set only when Status=False.
- type: string
- status:
- description: Status of the condition, one of True, False, Unknown.
- type: string
- type:
- description: Type of condition in CamelCase or in foo.example.com/CamelCase.
- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important.
- type: string
- required:
- - status
- - type
- type: object
- type: array
- failureMessage:
- description: FailureMessage indicates that there is a problem reconciling
- the state, and will be set to a descriptive error message.
- type: string
- failureReason:
- description: FailureReason indicates that there is a problem reconciling
- the state, and will be set to a token value suitable for programmatic
- interpretation.
- type: string
- infrastructureReady:
- description: InfrastructureReady is the state of the infrastructure
- provider.
- type: boolean
- nodeRefs:
- description: NodeRefs will point to the corresponding Nodes if it
- they exist.
- items:
- description: "ObjectReference contains enough information to let
- you inspect or modify the referred object. --- New uses of this
- type are discouraged because of difficulty describing its usage
- when embedded in APIs. 1. Ignored fields. It includes many fields
- which are not generally honored. For instance, ResourceVersion
- and FieldPath are both very rarely valid in actual usage. 2. Invalid
- usage help. It is impossible to add specific help for individual
- usage. In most embedded usages, there are particular restrictions
- like, \"must refer only to types A and B\" or \"UID not honored\"
- or \"name must be restricted\". Those cannot be well described
- when embedded. 3. Inconsistent validation. Because the usages
- are different, the validation rules are different by usage, which
- makes it hard for users to predict what will happen. 4. The fields
- are both imprecise and overly precise. Kind is not a precise
- mapping to a URL. This can produce ambiguity during interpretation
- and require a REST mapping. In most cases, the dependency is
- on the group,resource tuple and the version of the actual struct
- is irrelevant. 5. We cannot easily change it. Because this type
- is embedded in many locations, updates to this type will affect
- numerous schemas. Don't make new APIs embed an underspecified
- API type they do not control. \n Instead of using this type, create
- a locally provided and used type that is well-focused on your
- reference. For example, ServiceReferences for admission registration:
- https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533
- ."
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object instead of
- an entire object, this string should contain a valid JSON/Go
- field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container within
- a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container that triggered
- the event) or if no container name is specified "spec.containers[2]"
- (container with index 2 in this pod). This syntax is chosen
- only to have some well-defined way of referencing a part of
- an object. TODO: this design is not final and this field is
- subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this reference
- is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- type: array
- observedGeneration:
- description: ObservedGeneration is the latest generation observed
- by the controller.
- format: int64
- type: integer
- phase:
- description: Phase represents the current phase of cluster actuation.
- E.g. Pending, Running, Terminating, Failed etc.
- type: string
- readyReplicas:
- description: The number of ready replicas for this MachinePool. A
- machine is considered ready when the node has been created and is
- "Ready".
- format: int32
- type: integer
- replicas:
- description: Replicas is the most recently observed number of replicas.
- format: int32
- type: integer
- unavailableReplicas:
- description: Total number of unavailable machine instances targeted
- by this machine pool. This is the total number of machine instances
- that are still required for the machine pool to have 100% available
- capacity. They may either be machine instances that are running
- but not yet available or machine instances that still have not been
- created.
- format: int32
- type: integer
- type: object
- type: object
- served: true
- storage: false
- subresources:
- scale:
- specReplicasPath: .spec.replicas
- statusReplicasPath: .status.replicas
- status: {}
- - additionalPrinterColumns:
- - description: Cluster
- jsonPath: .spec.clusterName
- name: Cluster
- type: string
- - description: Total number of machines desired by this MachinePool
- jsonPath: .spec.replicas
- name: Desired
- priority: 10
- type: integer
- - description: MachinePool replicas count
- jsonPath: .status.replicas
- name: Replicas
- type: string
- - description: MachinePool status such as Terminating/Pending/Provisioning/Running/Failed
- etc
- jsonPath: .status.phase
- name: Phase
- type: string
- - description: Time duration since creation of MachinePool
- jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- - description: Kubernetes version associated with this MachinePool
- jsonPath: .spec.template.spec.version
- name: Version
- type: string
- name: v1beta1
- schema:
- openAPIV3Schema:
- description: MachinePool is the Schema for the machinepools API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: MachinePoolSpec defines the desired state of MachinePool.
- properties:
- clusterName:
- description: ClusterName is the name of the Cluster this object belongs
- to.
- minLength: 1
- type: string
- failureDomains:
- description: FailureDomains is the list of failure domains this MachinePool
- should be attached to.
- items:
- type: string
- type: array
- minReadySeconds:
- description: Minimum number of seconds for which a newly created machine
- instances should be ready. Defaults to 0 (machine instance will
- be considered available as soon as it is ready)
- format: int32
- type: integer
- providerIDList:
- description: ProviderIDList are the identification IDs of machine
- instances provided by the provider. This field must match the provider
- IDs as seen on the node objects corresponding to a machine pool's
- machine instances.
- items:
- type: string
- type: array
- replicas:
- description: Number of desired machines. Defaults to 1. This is a
- pointer to distinguish between explicit zero and not specified.
- format: int32
- type: integer
- template:
- description: Template describes the machines that will be created.
- properties:
- metadata:
- description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata'
- properties:
- annotations:
- additionalProperties:
- type: string
- description: 'Annotations is an unstructured key value map
- stored with a resource that may be set by external tools
- to store and retrieve arbitrary metadata. They are not queryable
- and should be preserved when modifying objects. More info:
- http://kubernetes.io/docs/user-guide/annotations'
- type: object
- labels:
- additionalProperties:
- type: string
- description: 'Map of string keys and values that can be used
- to organize and categorize (scope and select) objects. May
- match selectors of replication controllers and services.
- More info: http://kubernetes.io/docs/user-guide/labels'
- type: object
- type: object
- spec:
- description: 'Specification of the desired behavior of the machine.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
- properties:
- bootstrap:
- description: Bootstrap is a reference to a local struct which
- encapsulates fields to configure the Machine’s bootstrapping
- mechanism.
- properties:
- configRef:
- description: ConfigRef is a reference to a bootstrap provider-specific
- resource that holds configuration details. The reference
- is optional to allow users/operators to specify Bootstrap.DataSecretName
- without the need of a controller.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object
- instead of an entire object, this string should
- contain a valid JSON/Go field access statement,
- such as desiredState.manifest.containers[2]. For
- example, if the object reference is to a container
- within a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container
- that triggered the event) or if no container name
- is specified "spec.containers[2]" (container with
- index 2 in this pod). This syntax is chosen only
- to have some well-defined way of referencing a part
- of an object. TODO: this design is not final and
- this field is subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this
- reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- dataSecretName:
- description: DataSecretName is the name of the secret
- that stores the bootstrap data script. If nil, the Machine
- should remain in the Pending state.
- type: string
- type: object
- clusterName:
- description: ClusterName is the name of the Cluster this object
- belongs to.
- minLength: 1
- type: string
- failureDomain:
- description: FailureDomain is the failure domain the machine
- will be created in. Must match a key in the FailureDomains
- map stored on the cluster object.
- type: string
- infrastructureRef:
- description: InfrastructureRef is a required reference to
- a custom resource offered by an infrastructure provider.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object instead
- of an entire object, this string should contain a valid
- JSON/Go field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container
- within a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container that
- triggered the event) or if no container name is specified
- "spec.containers[2]" (container with index 2 in this
- pod). This syntax is chosen only to have some well-defined
- way of referencing a part of an object. TODO: this design
- is not final and this field is subject to change in
- the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this reference
- is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- nodeDeletionTimeout:
- description: NodeDeletionTimeout defines how long the controller
- will attempt to delete the Node that the Machine hosts after
- the Machine is marked for deletion. A duration of 0 will
- retry deletion indefinitely. Defaults to 10 seconds.
- type: string
- nodeDrainTimeout:
- description: 'NodeDrainTimeout is the total amount of time
- that the controller will spend on draining a node. The default
- value is 0, meaning that the node can be drained without
- any time limitations. NOTE: NodeDrainTimeout is different
- from `kubectl drain --timeout`'
- type: string
- nodeVolumeDetachTimeout:
- description: NodeVolumeDetachTimeout is the total amount of
- time that the controller will spend on waiting for all volumes
- to be detached. The default value is 0, meaning that the
- volumes can be detached without any time limitations.
- type: string
- providerID:
- description: ProviderID is the identification ID of the machine
- provided by the provider. This field must match the provider
- ID as seen on the node object corresponding to this machine.
- This field is required by higher level consumers of cluster-api.
- Example use case is cluster autoscaler with cluster-api
- as provider. Clean-up logic in the autoscaler compares machines
- to nodes to find out machines at provider which could not
- get registered as Kubernetes nodes. With cluster-api as
- a generic out-of-tree provider for autoscaler, this field
- is required by autoscaler to be able to have a provider
- view of the list of machines. Another list of nodes is queried
- from the k8s apiserver and then a comparison is done to
- find out unregistered machines and are marked for delete.
- This field will be set by the actuators and consumed by
- higher level entities like autoscaler that will be interfacing
- with cluster-api as generic provider.
- type: string
- version:
- description: Version defines the desired Kubernetes version.
- This field is meant to be optionally used by bootstrap providers.
- type: string
- required:
- - bootstrap
- - clusterName
- - infrastructureRef
- type: object
- type: object
- required:
- - clusterName
- - template
- type: object
- status:
- description: MachinePoolStatus defines the observed state of MachinePool.
- properties:
- availableReplicas:
- description: The number of available replicas (ready for at least
- minReadySeconds) for this MachinePool.
- format: int32
- type: integer
- bootstrapReady:
- description: BootstrapReady is the state of the bootstrap provider.
- type: boolean
- conditions:
- description: Conditions define the current service state of the MachinePool.
- items:
- description: Condition defines an observation of a Cluster API resource
- operational state.
- properties:
- lastTransitionTime:
- description: Last time the condition transitioned from one status
- to another. This should be when the underlying condition changed.
- If that is not known, then using the time when the API field
- changed is acceptable.
- format: date-time
- type: string
- message:
- description: A human readable message indicating details about
- the transition. This field may be empty.
- type: string
- reason:
- description: The reason for the condition's last transition
- in CamelCase. The specific API may choose whether or not this
- field is considered a guaranteed API. This field may not be
- empty.
- type: string
- severity:
- description: Severity provides an explicit classification of
- Reason code, so the users or machines can immediately understand
- the current situation and act accordingly. The Severity field
- MUST be set only when Status=False.
- type: string
- status:
- description: Status of the condition, one of True, False, Unknown.
- type: string
- type:
- description: Type of condition in CamelCase or in foo.example.com/CamelCase.
- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important.
- type: string
- required:
- - lastTransitionTime
- - status
- - type
- type: object
- type: array
- failureMessage:
- description: FailureMessage indicates that there is a problem reconciling
- the state, and will be set to a descriptive error message.
- type: string
- failureReason:
- description: FailureReason indicates that there is a problem reconciling
- the state, and will be set to a token value suitable for programmatic
- interpretation.
- type: string
- infrastructureReady:
- description: InfrastructureReady is the state of the infrastructure
- provider.
- type: boolean
- nodeRefs:
- description: NodeRefs will point to the corresponding Nodes if it
- they exist.
- items:
- description: "ObjectReference contains enough information to let
- you inspect or modify the referred object. --- New uses of this
- type are discouraged because of difficulty describing its usage
- when embedded in APIs. 1. Ignored fields. It includes many fields
- which are not generally honored. For instance, ResourceVersion
- and FieldPath are both very rarely valid in actual usage. 2. Invalid
- usage help. It is impossible to add specific help for individual
- usage. In most embedded usages, there are particular restrictions
- like, \"must refer only to types A and B\" or \"UID not honored\"
- or \"name must be restricted\". Those cannot be well described
- when embedded. 3. Inconsistent validation. Because the usages
- are different, the validation rules are different by usage, which
- makes it hard for users to predict what will happen. 4. The fields
- are both imprecise and overly precise. Kind is not a precise
- mapping to a URL. This can produce ambiguity during interpretation
- and require a REST mapping. In most cases, the dependency is
- on the group,resource tuple and the version of the actual struct
- is irrelevant. 5. We cannot easily change it. Because this type
- is embedded in many locations, updates to this type will affect
- numerous schemas. Don't make new APIs embed an underspecified
- API type they do not control. \n Instead of using this type, create
- a locally provided and used type that is well-focused on your
- reference. For example, ServiceReferences for admission registration:
- https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533
- ."
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object instead of
- an entire object, this string should contain a valid JSON/Go
- field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container within
- a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container that triggered
- the event) or if no container name is specified "spec.containers[2]"
- (container with index 2 in this pod). This syntax is chosen
- only to have some well-defined way of referencing a part of
- an object. TODO: this design is not final and this field is
- subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this reference
- is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- type: array
- observedGeneration:
- description: ObservedGeneration is the latest generation observed
- by the controller.
- format: int64
- type: integer
- phase:
- description: Phase represents the current phase of cluster actuation.
- E.g. Pending, Running, Terminating, Failed etc.
- type: string
- readyReplicas:
- description: The number of ready replicas for this MachinePool. A
- machine is considered ready when the node has been created and is
- "Ready".
- format: int32
- type: integer
- replicas:
- description: Replicas is the most recently observed number of replicas.
- format: int32
- type: integer
- unavailableReplicas:
- description: Total number of unavailable machine instances targeted
- by this machine pool. This is the total number of machine instances
- that are still required for the machine pool to have 100% available
- capacity. They may either be machine instances that are running
- but not yet available or machine instances that still have not been
- created.
- format: int32
- type: integer
- type: object
- type: object
- served: true
- storage: true
- subresources:
- scale:
- specReplicasPath: .spec.replicas
- statusReplicasPath: .status.replicas
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: null
- storedVersions: null
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- cert-manager.io/inject-ca-from: capi-system/capi-serving-cert
- controller-gen.kubebuilder.io/version: v0.10.0
- creationTimestamp: null
- labels:
- cluster.x-k8s.io/provider: cluster-api
- clusterctl.cluster.x-k8s.io: ""
- name: machines.cluster.x-k8s.io
-spec:
- conversion:
- strategy: Webhook
- webhook:
- clientConfig:
- caBundle: Cg==
- service:
- name: capi-webhook-service
- namespace: capi-system
- path: /convert
- conversionReviewVersions:
- - v1
- - v1beta1
- group: cluster.x-k8s.io
- names:
- categories:
- - cluster-api
- kind: Machine
- listKind: MachineList
- plural: machines
- shortNames:
- - ma
- singular: machine
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - description: Provider ID
- jsonPath: .spec.providerID
- name: ProviderID
- type: string
- - description: Machine status such as Terminating/Pending/Running/Failed etc
- jsonPath: .status.phase
- name: Phase
- type: string
- - description: Kubernetes version associated with this Machine
- jsonPath: .spec.version
- name: Version
- type: string
- - description: Node name associated with this machine
- jsonPath: .status.nodeRef.name
- name: NodeName
- priority: 1
- type: string
- name: v1alpha3
- schema:
- openAPIV3Schema:
- description: Machine is the Schema for the machines API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: MachineSpec defines the desired state of Machine.
- properties:
- bootstrap:
- description: Bootstrap is a reference to a local struct which encapsulates
- fields to configure the Machine’s bootstrapping mechanism.
- properties:
- configRef:
- description: ConfigRef is a reference to a bootstrap provider-specific
- resource that holds configuration details. The reference is
- optional to allow users/operators to specify Bootstrap.Data
- without the need of a controller.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object instead
- of an entire object, this string should contain a valid
- JSON/Go field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container within
- a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container that triggered
- the event) or if no container name is specified "spec.containers[2]"
- (container with index 2 in this pod). This syntax is chosen
- only to have some well-defined way of referencing a part
- of an object. TODO: this design is not final and this field
- is subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this reference
- is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- data:
- description: "Data contains the bootstrap data, such as cloud-init
- details scripts. If nil, the Machine should remain in the Pending
- state. \n Deprecated: Switch to DataSecretName."
- type: string
- dataSecretName:
- description: DataSecretName is the name of the secret that stores
- the bootstrap data script. If nil, the Machine should remain
- in the Pending state.
- type: string
- type: object
- clusterName:
- description: ClusterName is the name of the Cluster this object belongs
- to.
- minLength: 1
- type: string
- failureDomain:
- description: FailureDomain is the failure domain the machine will
- be created in. Must match a key in the FailureDomains map stored
- on the cluster object.
- type: string
- infrastructureRef:
- description: InfrastructureRef is a required reference to a custom
- resource offered by an infrastructure provider.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object instead of
- an entire object, this string should contain a valid JSON/Go
- field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container within
- a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container that triggered
- the event) or if no container name is specified "spec.containers[2]"
- (container with index 2 in this pod). This syntax is chosen
- only to have some well-defined way of referencing a part of
- an object. TODO: this design is not final and this field is
- subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this reference
- is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- nodeDrainTimeout:
- description: 'NodeDrainTimeout is the total amount of time that the
- controller will spend on draining a node. The default value is 0,
- meaning that the node can be drained without any time limitations.
- NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`'
- type: string
- providerID:
- description: ProviderID is the identification ID of the machine provided
- by the provider. This field must match the provider ID as seen on
- the node object corresponding to this machine. This field is required
- by higher level consumers of cluster-api. Example use case is cluster
- autoscaler with cluster-api as provider. Clean-up logic in the autoscaler
- compares machines to nodes to find out machines at provider which
- could not get registered as Kubernetes nodes. With cluster-api as
- a generic out-of-tree provider for autoscaler, this field is required
- by autoscaler to be able to have a provider view of the list of
- machines. Another list of nodes is queried from the k8s apiserver
- and then a comparison is done to find out unregistered machines
- and are marked for delete. This field will be set by the actuators
- and consumed by higher level entities like autoscaler that will
- be interfacing with cluster-api as generic provider.
- type: string
- version:
- description: Version defines the desired Kubernetes version. This
- field is meant to be optionally used by bootstrap providers.
- type: string
- required:
- - bootstrap
- - clusterName
- - infrastructureRef
- type: object
- status:
- description: MachineStatus defines the observed state of Machine.
- properties:
- addresses:
- description: Addresses is a list of addresses assigned to the machine.
- This field is copied from the infrastructure provider reference.
- items:
- description: MachineAddress contains information for the node's
- address.
- properties:
- address:
- description: The machine address.
- type: string
- type:
- description: Machine address type, one of Hostname, ExternalIP
- or InternalIP.
- type: string
- required:
- - address
- - type
- type: object
- type: array
- bootstrapReady:
- description: BootstrapReady is the state of the bootstrap provider.
- type: boolean
- conditions:
- description: Conditions defines current service state of the Machine.
- items:
- description: Condition defines an observation of a Cluster API resource
- operational state.
- properties:
- lastTransitionTime:
- description: Last time the condition transitioned from one status
- to another. This should be when the underlying condition changed.
- If that is not known, then using the time when the API field
- changed is acceptable.
- format: date-time
- type: string
- message:
- description: A human readable message indicating details about
- the transition. This field may be empty.
- type: string
- reason:
- description: The reason for the condition's last transition
- in CamelCase. The specific API may choose whether or not this
- field is considered a guaranteed API. This field may not be
- empty.
- type: string
- severity:
- description: Severity provides an explicit classification of
- Reason code, so the users or machines can immediately understand
- the current situation and act accordingly. The Severity field
- MUST be set only when Status=False.
- type: string
- status:
- description: Status of the condition, one of True, False, Unknown.
- type: string
- type:
- description: Type of condition in CamelCase or in foo.example.com/CamelCase.
- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important.
- type: string
- required:
- - status
- - type
- type: object
- type: array
- failureMessage:
- description: "FailureMessage will be set in the event that there is
- a terminal problem reconciling the Machine and will contain a more
- verbose string suitable for logging and human consumption. \n This
- field should not be set for transitive errors that a controller
- faces that are expected to be fixed automatically over time (like
- service outages), but instead indicate that something is fundamentally
- wrong with the Machine's spec or the configuration of the controller,
- and that manual intervention is required. Examples of terminal errors
- would be invalid combinations of settings in the spec, values that
- are unsupported by the controller, or the responsible controller
- itself being critically misconfigured. \n Any transient errors that
- occur during the reconciliation of Machines can be added as events
- to the Machine object and/or logged in the controller's output."
- type: string
- failureReason:
- description: "FailureReason will be set in the event that there is
- a terminal problem reconciling the Machine and will contain a succinct
- value suitable for machine interpretation. \n This field should
- not be set for transitive errors that a controller faces that are
- expected to be fixed automatically over time (like service outages),
- but instead indicate that something is fundamentally wrong with
- the Machine's spec or the configuration of the controller, and that
- manual intervention is required. Examples of terminal errors would
- be invalid combinations of settings in the spec, values that are
- unsupported by the controller, or the responsible controller itself
- being critically misconfigured. \n Any transient errors that occur
- during the reconciliation of Machines can be added as events to
- the Machine object and/or logged in the controller's output."
- type: string
- infrastructureReady:
- description: InfrastructureReady is the state of the infrastructure
- provider.
- type: boolean
- lastUpdated:
- description: LastUpdated identifies when the phase of the Machine
- last transitioned.
- format: date-time
- type: string
- nodeRef:
- description: NodeRef will point to the corresponding Node if it exists.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object instead of
- an entire object, this string should contain a valid JSON/Go
- field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container within
- a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container that triggered
- the event) or if no container name is specified "spec.containers[2]"
- (container with index 2 in this pod). This syntax is chosen
- only to have some well-defined way of referencing a part of
- an object. TODO: this design is not final and this field is
- subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this reference
- is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- observedGeneration:
- description: ObservedGeneration is the latest generation observed
- by the controller.
- format: int64
- type: integer
- phase:
- description: Phase represents the current phase of machine actuation.
- E.g. Pending, Running, Terminating, Failed etc.
- type: string
- version:
- description: Version specifies the current version of Kubernetes running
- on the corresponding Node. This is meant to be a means of bubbling
- up status from the Node to the Machine. It is entirely optional,
- but useful for end-user UX if it’s present.
- type: string
- type: object
- type: object
- served: true
- storage: false
- subresources:
- status: {}
- - additionalPrinterColumns:
- - description: Cluster
- jsonPath: .spec.clusterName
- name: Cluster
- type: string
- - description: Time duration since creation of Machine
- jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- - description: Provider ID
- jsonPath: .spec.providerID
- name: ProviderID
- type: string
- - description: Machine status such as Terminating/Pending/Running/Failed etc
- jsonPath: .status.phase
- name: Phase
- type: string
- - description: Kubernetes version associated with this Machine
- jsonPath: .spec.version
- name: Version
- type: string
- - description: Node name associated with this machine
- jsonPath: .status.nodeRef.name
- name: NodeName
- priority: 1
- type: string
- name: v1alpha4
- schema:
- openAPIV3Schema:
- description: Machine is the Schema for the machines API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: MachineSpec defines the desired state of Machine.
- properties:
- bootstrap:
- description: Bootstrap is a reference to a local struct which encapsulates
- fields to configure the Machine’s bootstrapping mechanism.
- properties:
- configRef:
- description: ConfigRef is a reference to a bootstrap provider-specific
- resource that holds configuration details. The reference is
- optional to allow users/operators to specify Bootstrap.DataSecretName
- without the need of a controller.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object instead
- of an entire object, this string should contain a valid
- JSON/Go field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container within
- a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container that triggered
- the event) or if no container name is specified "spec.containers[2]"
- (container with index 2 in this pod). This syntax is chosen
- only to have some well-defined way of referencing a part
- of an object. TODO: this design is not final and this field
- is subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this reference
- is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- dataSecretName:
- description: DataSecretName is the name of the secret that stores
- the bootstrap data script. If nil, the Machine should remain
- in the Pending state.
- type: string
- type: object
- clusterName:
- description: ClusterName is the name of the Cluster this object belongs
- to.
- minLength: 1
- type: string
- failureDomain:
- description: FailureDomain is the failure domain the machine will
- be created in. Must match a key in the FailureDomains map stored
- on the cluster object.
- type: string
- infrastructureRef:
- description: InfrastructureRef is a required reference to a custom
- resource offered by an infrastructure provider.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object instead of
- an entire object, this string should contain a valid JSON/Go
- field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container within
- a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container that triggered
- the event) or if no container name is specified "spec.containers[2]"
- (container with index 2 in this pod). This syntax is chosen
- only to have some well-defined way of referencing a part of
- an object. TODO: this design is not final and this field is
- subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this reference
- is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- nodeDrainTimeout:
- description: 'NodeDrainTimeout is the total amount of time that the
- controller will spend on draining a node. The default value is 0,
- meaning that the node can be drained without any time limitations.
- NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`'
- type: string
- providerID:
- description: ProviderID is the identification ID of the machine provided
- by the provider. This field must match the provider ID as seen on
- the node object corresponding to this machine. This field is required
- by higher level consumers of cluster-api. Example use case is cluster
- autoscaler with cluster-api as provider. Clean-up logic in the autoscaler
- compares machines to nodes to find out machines at provider which
- could not get registered as Kubernetes nodes. With cluster-api as
- a generic out-of-tree provider for autoscaler, this field is required
- by autoscaler to be able to have a provider view of the list of
- machines. Another list of nodes is queried from the k8s apiserver
- and then a comparison is done to find out unregistered machines
- and are marked for delete. This field will be set by the actuators
- and consumed by higher level entities like autoscaler that will
- be interfacing with cluster-api as generic provider.
- type: string
- version:
- description: Version defines the desired Kubernetes version. This
- field is meant to be optionally used by bootstrap providers.
- type: string
- required:
- - bootstrap
- - clusterName
- - infrastructureRef
- type: object
- status:
- description: MachineStatus defines the observed state of Machine.
- properties:
- addresses:
- description: Addresses is a list of addresses assigned to the machine.
- This field is copied from the infrastructure provider reference.
- items:
- description: MachineAddress contains information for the node's
- address.
- properties:
- address:
- description: The machine address.
- type: string
- type:
- description: Machine address type, one of Hostname, ExternalIP
- or InternalIP.
- type: string
- required:
- - address
- - type
- type: object
- type: array
- bootstrapReady:
- description: BootstrapReady is the state of the bootstrap provider.
- type: boolean
- conditions:
- description: Conditions defines current service state of the Machine.
- items:
- description: Condition defines an observation of a Cluster API resource
- operational state.
- properties:
- lastTransitionTime:
- description: Last time the condition transitioned from one status
- to another. This should be when the underlying condition changed.
- If that is not known, then using the time when the API field
- changed is acceptable.
- format: date-time
- type: string
- message:
- description: A human readable message indicating details about
- the transition. This field may be empty.
- type: string
- reason:
- description: The reason for the condition's last transition
- in CamelCase. The specific API may choose whether or not this
- field is considered a guaranteed API. This field may not be
- empty.
- type: string
- severity:
- description: Severity provides an explicit classification of
- Reason code, so the users or machines can immediately understand
- the current situation and act accordingly. The Severity field
- MUST be set only when Status=False.
- type: string
- status:
- description: Status of the condition, one of True, False, Unknown.
- type: string
- type:
- description: Type of condition in CamelCase or in foo.example.com/CamelCase.
- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important.
- type: string
- required:
- - status
- - type
- type: object
- type: array
- failureMessage:
- description: "FailureMessage will be set in the event that there is
- a terminal problem reconciling the Machine and will contain a more
- verbose string suitable for logging and human consumption. \n This
- field should not be set for transitive errors that a controller
- faces that are expected to be fixed automatically over time (like
- service outages), but instead indicate that something is fundamentally
- wrong with the Machine's spec or the configuration of the controller,
- and that manual intervention is required. Examples of terminal errors
- would be invalid combinations of settings in the spec, values that
- are unsupported by the controller, or the responsible controller
- itself being critically misconfigured. \n Any transient errors that
- occur during the reconciliation of Machines can be added as events
- to the Machine object and/or logged in the controller's output."
- type: string
- failureReason:
- description: "FailureReason will be set in the event that there is
- a terminal problem reconciling the Machine and will contain a succinct
- value suitable for machine interpretation. \n This field should
- not be set for transitive errors that a controller faces that are
- expected to be fixed automatically over time (like service outages),
- but instead indicate that something is fundamentally wrong with
- the Machine's spec or the configuration of the controller, and that
- manual intervention is required. Examples of terminal errors would
- be invalid combinations of settings in the spec, values that are
- unsupported by the controller, or the responsible controller itself
- being critically misconfigured. \n Any transient errors that occur
- during the reconciliation of Machines can be added as events to
- the Machine object and/or logged in the controller's output."
- type: string
- infrastructureReady:
- description: InfrastructureReady is the state of the infrastructure
- provider.
- type: boolean
- lastUpdated:
- description: LastUpdated identifies when the phase of the Machine
- last transitioned.
- format: date-time
- type: string
- nodeInfo:
- description: 'NodeInfo is a set of ids/uuids to uniquely identify
- the node. More info: https://kubernetes.io/docs/concepts/nodes/node/#info'
- properties:
- architecture:
- description: The Architecture reported by the node
- type: string
- bootID:
- description: Boot ID reported by the node.
- type: string
- containerRuntimeVersion:
- description: ContainerRuntime Version reported by the node through
- runtime remote API (e.g. containerd://1.4.2).
- type: string
- kernelVersion:
- description: Kernel Version reported by the node from 'uname -r'
- (e.g. 3.16.0-0.bpo.4-amd64).
- type: string
- kubeProxyVersion:
- description: KubeProxy Version reported by the node.
- type: string
- kubeletVersion:
- description: Kubelet Version reported by the node.
- type: string
- machineID:
- description: 'MachineID reported by the node. For unique machine
- identification in the cluster this field is preferred. Learn
- more from man(5) machine-id: http://man7.org/linux/man-pages/man5/machine-id.5.html'
- type: string
- operatingSystem:
- description: The Operating System reported by the node
- type: string
- osImage:
- description: OS Image reported by the node from /etc/os-release
- (e.g. Debian GNU/Linux 7 (wheezy)).
- type: string
- systemUUID:
- description: SystemUUID reported by the node. For unique machine
- identification MachineID is preferred. This field is specific
- to Red Hat hosts https://access.redhat.com/documentation/en-us/red_hat_subscription_management/1/html/rhsm/uuid
- type: string
- required:
- - architecture
- - bootID
- - containerRuntimeVersion
- - kernelVersion
- - kubeProxyVersion
- - kubeletVersion
- - machineID
- - operatingSystem
- - osImage
- - systemUUID
- type: object
- nodeRef:
- description: NodeRef will point to the corresponding Node if it exists.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object instead of
- an entire object, this string should contain a valid JSON/Go
- field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container within
- a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container that triggered
- the event) or if no container name is specified "spec.containers[2]"
- (container with index 2 in this pod). This syntax is chosen
- only to have some well-defined way of referencing a part of
- an object. TODO: this design is not final and this field is
- subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this reference
- is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- observedGeneration:
- description: ObservedGeneration is the latest generation observed
- by the controller.
- format: int64
- type: integer
- phase:
- description: Phase represents the current phase of machine actuation.
- E.g. Pending, Running, Terminating, Failed etc.
- type: string
- version:
- description: Version specifies the current version of Kubernetes running
- on the corresponding Node. This is meant to be a means of bubbling
- up status from the Node to the Machine. It is entirely optional,
- but useful for end-user UX if it’s present.
- type: string
- type: object
- type: object
- served: true
- storage: false
- subresources:
- status: {}
- - additionalPrinterColumns:
- - description: Cluster
- jsonPath: .spec.clusterName
- name: Cluster
- type: string
- - description: Node name associated with this machine
- jsonPath: .status.nodeRef.name
- name: NodeName
- type: string
- - description: Provider ID
- jsonPath: .spec.providerID
- name: ProviderID
- type: string
- - description: Machine status such as Terminating/Pending/Running/Failed etc
- jsonPath: .status.phase
- name: Phase
- type: string
- - description: Time duration since creation of Machine
- jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- - description: Kubernetes version associated with this Machine
- jsonPath: .spec.version
- name: Version
- type: string
- name: v1beta1
- schema:
- openAPIV3Schema:
- description: Machine is the Schema for the machines API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: MachineSpec defines the desired state of Machine.
- properties:
- bootstrap:
- description: Bootstrap is a reference to a local struct which encapsulates
- fields to configure the Machine’s bootstrapping mechanism.
- properties:
- configRef:
- description: ConfigRef is a reference to a bootstrap provider-specific
- resource that holds configuration details. The reference is
- optional to allow users/operators to specify Bootstrap.DataSecretName
- without the need of a controller.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object instead
- of an entire object, this string should contain a valid
- JSON/Go field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container within
- a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container that triggered
- the event) or if no container name is specified "spec.containers[2]"
- (container with index 2 in this pod). This syntax is chosen
- only to have some well-defined way of referencing a part
- of an object. TODO: this design is not final and this field
- is subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this reference
- is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- dataSecretName:
- description: DataSecretName is the name of the secret that stores
- the bootstrap data script. If nil, the Machine should remain
- in the Pending state.
- type: string
- type: object
- clusterName:
- description: ClusterName is the name of the Cluster this object belongs
- to.
- minLength: 1
- type: string
- failureDomain:
- description: FailureDomain is the failure domain the machine will
- be created in. Must match a key in the FailureDomains map stored
- on the cluster object.
- type: string
- infrastructureRef:
- description: InfrastructureRef is a required reference to a custom
- resource offered by an infrastructure provider.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object instead of
- an entire object, this string should contain a valid JSON/Go
- field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container within
- a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container that triggered
- the event) or if no container name is specified "spec.containers[2]"
- (container with index 2 in this pod). This syntax is chosen
- only to have some well-defined way of referencing a part of
- an object. TODO: this design is not final and this field is
- subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this reference
- is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- nodeDeletionTimeout:
- description: NodeDeletionTimeout defines how long the controller will
- attempt to delete the Node that the Machine hosts after the Machine
- is marked for deletion. A duration of 0 will retry deletion indefinitely.
- Defaults to 10 seconds.
- type: string
- nodeDrainTimeout:
- description: 'NodeDrainTimeout is the total amount of time that the
- controller will spend on draining a node. The default value is 0,
- meaning that the node can be drained without any time limitations.
- NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`'
- type: string
- nodeVolumeDetachTimeout:
- description: NodeVolumeDetachTimeout is the total amount of time that
- the controller will spend on waiting for all volumes to be detached.
- The default value is 0, meaning that the volumes can be detached
- without any time limitations.
- type: string
- providerID:
- description: ProviderID is the identification ID of the machine provided
- by the provider. This field must match the provider ID as seen on
- the node object corresponding to this machine. This field is required
- by higher level consumers of cluster-api. Example use case is cluster
- autoscaler with cluster-api as provider. Clean-up logic in the autoscaler
- compares machines to nodes to find out machines at provider which
- could not get registered as Kubernetes nodes. With cluster-api as
- a generic out-of-tree provider for autoscaler, this field is required
- by autoscaler to be able to have a provider view of the list of
- machines. Another list of nodes is queried from the k8s apiserver
- and then a comparison is done to find out unregistered machines
- and are marked for delete. This field will be set by the actuators
- and consumed by higher level entities like autoscaler that will
- be interfacing with cluster-api as generic provider.
- type: string
- version:
- description: Version defines the desired Kubernetes version. This
- field is meant to be optionally used by bootstrap providers.
- type: string
- required:
- - bootstrap
- - clusterName
- - infrastructureRef
- type: object
- status:
- description: MachineStatus defines the observed state of Machine.
- properties:
- addresses:
- description: Addresses is a list of addresses assigned to the machine.
- This field is copied from the infrastructure provider reference.
- items:
- description: MachineAddress contains information for the node's
- address.
- properties:
- address:
- description: The machine address.
- type: string
- type:
- description: Machine address type, one of Hostname, ExternalIP
- or InternalIP.
- type: string
- required:
- - address
- - type
- type: object
- type: array
- bootstrapReady:
- description: BootstrapReady is the state of the bootstrap provider.
- type: boolean
- certificatesExpiryDate:
- description: CertificatesExpiryDate is the expiry date of the machine
- certificates. This value is only set for control plane machines.
- format: date-time
- type: string
- conditions:
- description: Conditions defines current service state of the Machine.
- items:
- description: Condition defines an observation of a Cluster API resource
- operational state.
- properties:
- lastTransitionTime:
- description: Last time the condition transitioned from one status
- to another. This should be when the underlying condition changed.
- If that is not known, then using the time when the API field
- changed is acceptable.
- format: date-time
- type: string
- message:
- description: A human readable message indicating details about
- the transition. This field may be empty.
- type: string
- reason:
- description: The reason for the condition's last transition
- in CamelCase. The specific API may choose whether or not this
- field is considered a guaranteed API. This field may not be
- empty.
- type: string
- severity:
- description: Severity provides an explicit classification of
- Reason code, so the users or machines can immediately understand
- the current situation and act accordingly. The Severity field
- MUST be set only when Status=False.
- type: string
- status:
- description: Status of the condition, one of True, False, Unknown.
- type: string
- type:
- description: Type of condition in CamelCase or in foo.example.com/CamelCase.
- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important.
- type: string
- required:
- - lastTransitionTime
- - status
- - type
- type: object
- type: array
- failureMessage:
- description: "FailureMessage will be set in the event that there is
- a terminal problem reconciling the Machine and will contain a more
- verbose string suitable for logging and human consumption. \n This
- field should not be set for transitive errors that a controller
- faces that are expected to be fixed automatically over time (like
- service outages), but instead indicate that something is fundamentally
- wrong with the Machine's spec or the configuration of the controller,
- and that manual intervention is required. Examples of terminal errors
- would be invalid combinations of settings in the spec, values that
- are unsupported by the controller, or the responsible controller
- itself being critically misconfigured. \n Any transient errors that
- occur during the reconciliation of Machines can be added as events
- to the Machine object and/or logged in the controller's output."
- type: string
- failureReason:
- description: "FailureReason will be set in the event that there is
- a terminal problem reconciling the Machine and will contain a succinct
- value suitable for machine interpretation. \n This field should
- not be set for transitive errors that a controller faces that are
- expected to be fixed automatically over time (like service outages),
- but instead indicate that something is fundamentally wrong with
- the Machine's spec or the configuration of the controller, and that
- manual intervention is required. Examples of terminal errors would
- be invalid combinations of settings in the spec, values that are
- unsupported by the controller, or the responsible controller itself
- being critically misconfigured. \n Any transient errors that occur
- during the reconciliation of Machines can be added as events to
- the Machine object and/or logged in the controller's output."
- type: string
- infrastructureReady:
- description: InfrastructureReady is the state of the infrastructure
- provider.
- type: boolean
- lastUpdated:
- description: LastUpdated identifies when the phase of the Machine
- last transitioned.
- format: date-time
- type: string
- nodeInfo:
- description: 'NodeInfo is a set of ids/uuids to uniquely identify
- the node. More info: https://kubernetes.io/docs/concepts/nodes/node/#info'
- properties:
- architecture:
- description: The Architecture reported by the node
- type: string
- bootID:
- description: Boot ID reported by the node.
- type: string
- containerRuntimeVersion:
- description: ContainerRuntime Version reported by the node through
- runtime remote API (e.g. containerd://1.4.2).
- type: string
- kernelVersion:
- description: Kernel Version reported by the node from 'uname -r'
- (e.g. 3.16.0-0.bpo.4-amd64).
- type: string
- kubeProxyVersion:
- description: KubeProxy Version reported by the node.
- type: string
- kubeletVersion:
- description: Kubelet Version reported by the node.
- type: string
- machineID:
- description: 'MachineID reported by the node. For unique machine
- identification in the cluster this field is preferred. Learn
- more from man(5) machine-id: http://man7.org/linux/man-pages/man5/machine-id.5.html'
- type: string
- operatingSystem:
- description: The Operating System reported by the node
- type: string
- osImage:
- description: OS Image reported by the node from /etc/os-release
- (e.g. Debian GNU/Linux 7 (wheezy)).
- type: string
- systemUUID:
- description: SystemUUID reported by the node. For unique machine
- identification MachineID is preferred. This field is specific
- to Red Hat hosts https://access.redhat.com/documentation/en-us/red_hat_subscription_management/1/html/rhsm/uuid
- type: string
- required:
- - architecture
- - bootID
- - containerRuntimeVersion
- - kernelVersion
- - kubeProxyVersion
- - kubeletVersion
- - machineID
- - operatingSystem
- - osImage
- - systemUUID
- type: object
- nodeRef:
- description: NodeRef will point to the corresponding Node if it exists.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object instead of
- an entire object, this string should contain a valid JSON/Go
- field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container within
- a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container that triggered
- the event) or if no container name is specified "spec.containers[2]"
- (container with index 2 in this pod). This syntax is chosen
- only to have some well-defined way of referencing a part of
- an object. TODO: this design is not final and this field is
- subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this reference
- is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- observedGeneration:
- description: ObservedGeneration is the latest generation observed
- by the controller.
- format: int64
- type: integer
- phase:
- description: Phase represents the current phase of machine actuation.
- E.g. Pending, Running, Terminating, Failed etc.
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: null
- storedVersions: null
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- cert-manager.io/inject-ca-from: capi-system/capi-serving-cert
- controller-gen.kubebuilder.io/version: v0.10.0
- creationTimestamp: null
- labels:
- cluster.x-k8s.io/provider: cluster-api
- clusterctl.cluster.x-k8s.io: ""
- name: machinesets.cluster.x-k8s.io
-spec:
- conversion:
- strategy: Webhook
- webhook:
- clientConfig:
- caBundle: Cg==
- service:
- name: capi-webhook-service
- namespace: capi-system
- path: /convert
- conversionReviewVersions:
- - v1
- - v1beta1
- group: cluster.x-k8s.io
- names:
- categories:
- - cluster-api
- kind: MachineSet
- listKind: MachineSetList
- plural: machinesets
- shortNames:
- - ms
- singular: machineset
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - description: Total number of non-terminated machines targeted by this machineset
- jsonPath: .status.replicas
- name: Replicas
- type: integer
- - description: Total number of available machines (ready for at least minReadySeconds)
- jsonPath: .status.availableReplicas
- name: Available
- type: integer
- - description: Total number of ready machines targeted by this machineset.
- jsonPath: .status.readyReplicas
- name: Ready
- type: integer
- name: v1alpha3
- schema:
- openAPIV3Schema:
- description: MachineSet is the Schema for the machinesets API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: MachineSetSpec defines the desired state of MachineSet.
- properties:
- clusterName:
- description: ClusterName is the name of the Cluster this object belongs
- to.
- minLength: 1
- type: string
- deletePolicy:
- description: DeletePolicy defines the policy used to identify nodes
- to delete when downscaling. Defaults to "Random". Valid values
- are "Random, "Newest", "Oldest"
- enum:
- - Random
- - Newest
- - Oldest
- type: string
- minReadySeconds:
- description: MinReadySeconds is the minimum number of seconds for
- which a newly created machine should be ready. Defaults to 0 (machine
- will be considered available as soon as it is ready)
- format: int32
- type: integer
- replicas:
- description: Replicas is the number of desired replicas. This is a
- pointer to distinguish between explicit zero and unspecified. Defaults
- to 1.
- format: int32
- type: integer
- selector:
- description: 'Selector is a label query over machines that should
- match the replica count. Label keys and values that must match in
- order to be controlled by this MachineSet. It must match the machine
- template''s labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors'
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements.
- The requirements are ANDed.
- items:
- description: A label selector requirement is a selector that
- contains values, a key, and an operator that relates the key
- and values.
- properties:
- key:
- description: key is the label key that the selector applies
- to.
- type: string
- operator:
- description: operator represents a key's relationship to
- a set of values. Valid operators are In, NotIn, Exists
- and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the
- operator is In or NotIn, the values array must be non-empty.
- If the operator is Exists or DoesNotExist, the values
- array must be empty. This array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs. A single
- {key,value} in the matchLabels map is equivalent to an element
- of matchExpressions, whose key field is "key", the operator
- is "In", and the values array contains only "value". The requirements
- are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- template:
- description: Template is the object that describes the machine that
- will be created if insufficient replicas are detected. Object references
- to custom resources are treated as templates.
- properties:
- metadata:
- description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata'
- properties:
- annotations:
- additionalProperties:
- type: string
- description: 'Annotations is an unstructured key value map
- stored with a resource that may be set by external tools
- to store and retrieve arbitrary metadata. They are not queryable
- and should be preserved when modifying objects. More info:
- http://kubernetes.io/docs/user-guide/annotations'
- type: object
- generateName:
- description: "GenerateName is an optional prefix, used by
- the server, to generate a unique name ONLY IF the Name field
- has not been provided. If this field is used, the name returned
- to the client will be different than the name passed. This
- value will also be combined with a unique suffix. The provided
- value has the same validation rules as the Name field, and
- may be truncated by the length of the suffix required to
- make the value unique on the server. \n If this field is
- specified and the generated name exists, the server will
- NOT return a 409 - instead, it will either return 201 Created
- or 500 with Reason ServerTimeout indicating a unique name
- could not be found in the time allotted, and the client
- should retry (optionally after the time indicated in the
- Retry-After header). \n Applied only if Name is not specified.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#idempotency
- \n Deprecated: This field has no function and is going to
- be removed in a next release."
- type: string
- labels:
- additionalProperties:
- type: string
- description: 'Map of string keys and values that can be used
- to organize and categorize (scope and select) objects. May
- match selectors of replication controllers and services.
- More info: http://kubernetes.io/docs/user-guide/labels'
- type: object
- name:
- description: "Name must be unique within a namespace. Is required
- when creating resources, although some resources may allow
- a client to request the generation of an appropriate name
- automatically. Name is primarily intended for creation idempotence
- and configuration definition. Cannot be updated. More info:
- http://kubernetes.io/docs/user-guide/identifiers#names \n
- Deprecated: This field has no function and is going to be
- removed in a next release."
- type: string
- namespace:
- description: "Namespace defines the space within each name
- must be unique. An empty namespace is equivalent to the
- \"default\" namespace, but \"default\" is the canonical
- representation. Not all objects are required to be scoped
- to a namespace - the value of this field for those objects
- will be empty. \n Must be a DNS_LABEL. Cannot be updated.
- More info: http://kubernetes.io/docs/user-guide/namespaces
- \n Deprecated: This field has no function and is going to
- be removed in a next release."
- type: string
- ownerReferences:
- description: "List of objects depended by this object. If
- ALL objects in the list have been deleted, this object will
- be garbage collected. If this object is managed by a controller,
- then an entry in this list will point to this controller,
- with the controller field set to true. There cannot be more
- than one managing controller. \n Deprecated: This field
- has no function and is going to be removed in a next release."
- items:
- description: OwnerReference contains enough information
- to let you identify an owning object. An owning object
- must be in the same namespace as the dependent, or be
- cluster-scoped, so there is no namespace field.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- blockOwnerDeletion:
- description: If true, AND if the owner has the "foregroundDeletion"
- finalizer, then the owner cannot be deleted from the
- key-value store until this reference is removed. See
- https://kubernetes.io/docs/concepts/architecture/garbage-collection/#foreground-deletion
- for how the garbage collector interacts with this
- field and enforces the foreground deletion. Defaults
- to false. To set this field, a user needs "delete"
- permission of the owner, otherwise 422 (Unprocessable
- Entity) will be returned.
- type: boolean
- controller:
- description: If true, this reference points to the managing
- controller.
- type: boolean
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names'
- type: string
- uid:
- description: 'UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids'
- type: string
- required:
- - apiVersion
- - kind
- - name
- - uid
- type: object
- x-kubernetes-map-type: atomic
- type: array
- type: object
- spec:
- description: 'Specification of the desired behavior of the machine.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
- properties:
- bootstrap:
- description: Bootstrap is a reference to a local struct which
- encapsulates fields to configure the Machine’s bootstrapping
- mechanism.
- properties:
- configRef:
- description: ConfigRef is a reference to a bootstrap provider-specific
- resource that holds configuration details. The reference
- is optional to allow users/operators to specify Bootstrap.Data
- without the need of a controller.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object
- instead of an entire object, this string should
- contain a valid JSON/Go field access statement,
- such as desiredState.manifest.containers[2]. For
- example, if the object reference is to a container
- within a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container
- that triggered the event) or if no container name
- is specified "spec.containers[2]" (container with
- index 2 in this pod). This syntax is chosen only
- to have some well-defined way of referencing a part
- of an object. TODO: this design is not final and
- this field is subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this
- reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- data:
- description: "Data contains the bootstrap data, such as
- cloud-init details scripts. If nil, the Machine should
- remain in the Pending state. \n Deprecated: Switch to
- DataSecretName."
- type: string
- dataSecretName:
- description: DataSecretName is the name of the secret
- that stores the bootstrap data script. If nil, the Machine
- should remain in the Pending state.
- type: string
- type: object
- clusterName:
- description: ClusterName is the name of the Cluster this object
- belongs to.
- minLength: 1
- type: string
- failureDomain:
- description: FailureDomain is the failure domain the machine
- will be created in. Must match a key in the FailureDomains
- map stored on the cluster object.
- type: string
- infrastructureRef:
- description: InfrastructureRef is a required reference to
- a custom resource offered by an infrastructure provider.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object instead
- of an entire object, this string should contain a valid
- JSON/Go field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container
- within a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container that
- triggered the event) or if no container name is specified
- "spec.containers[2]" (container with index 2 in this
- pod). This syntax is chosen only to have some well-defined
- way of referencing a part of an object. TODO: this design
- is not final and this field is subject to change in
- the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this reference
- is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- nodeDrainTimeout:
- description: 'NodeDrainTimeout is the total amount of time
- that the controller will spend on draining a node. The default
- value is 0, meaning that the node can be drained without
- any time limitations. NOTE: NodeDrainTimeout is different
- from `kubectl drain --timeout`'
- type: string
- providerID:
- description: ProviderID is the identification ID of the machine
- provided by the provider. This field must match the provider
- ID as seen on the node object corresponding to this machine.
- This field is required by higher level consumers of cluster-api.
- Example use case is cluster autoscaler with cluster-api
- as provider. Clean-up logic in the autoscaler compares machines
- to nodes to find out machines at provider which could not
- get registered as Kubernetes nodes. With cluster-api as
- a generic out-of-tree provider for autoscaler, this field
- is required by autoscaler to be able to have a provider
- view of the list of machines. Another list of nodes is queried
- from the k8s apiserver and then a comparison is done to
- find out unregistered machines and are marked for delete.
- This field will be set by the actuators and consumed by
- higher level entities like autoscaler that will be interfacing
- with cluster-api as generic provider.
- type: string
- version:
- description: Version defines the desired Kubernetes version.
- This field is meant to be optionally used by bootstrap providers.
- type: string
- required:
- - bootstrap
- - clusterName
- - infrastructureRef
- type: object
- type: object
- required:
- - clusterName
- - selector
- type: object
- status:
- description: MachineSetStatus defines the observed state of MachineSet.
- properties:
- availableReplicas:
- description: The number of available replicas (ready for at least
- minReadySeconds) for this MachineSet.
- format: int32
- type: integer
- failureMessage:
- type: string
- failureReason:
- description: "In the event that there is a terminal problem reconciling
- the replicas, both FailureReason and FailureMessage will be set.
- FailureReason will be populated with a succinct value suitable for
- machine interpretation, while FailureMessage will contain a more
- verbose string suitable for logging and human consumption. \n These
- fields should not be set for transitive errors that a controller
- faces that are expected to be fixed automatically over time (like
- service outages), but instead indicate that something is fundamentally
- wrong with the MachineTemplate's spec or the configuration of the
- machine controller, and that manual intervention is required. Examples
- of terminal errors would be invalid combinations of settings in
- the spec, values that are unsupported by the machine controller,
- or the responsible machine controller itself being critically misconfigured.
- \n Any transient errors that occur during the reconciliation of
- Machines can be added as events to the MachineSet object and/or
- logged in the controller's output."
- type: string
- fullyLabeledReplicas:
- description: The number of replicas that have labels matching the
- labels of the machine template of the MachineSet.
- format: int32
- type: integer
- observedGeneration:
- description: ObservedGeneration reflects the generation of the most
- recently observed MachineSet.
- format: int64
- type: integer
- readyReplicas:
- description: The number of ready replicas for this MachineSet. A machine
- is considered ready when the node has been created and is "Ready".
- format: int32
- type: integer
- replicas:
- description: Replicas is the most recently observed number of replicas.
- format: int32
- type: integer
- selector:
- description: 'Selector is the same as the label selector but in the
- string format to avoid introspection by clients. The string will
- be in the same format as the query-param syntax. More info about
- label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors'
- type: string
- type: object
- type: object
- served: true
- storage: false
- subresources:
- scale:
- labelSelectorPath: .status.selector
- specReplicasPath: .spec.replicas
- statusReplicasPath: .status.replicas
- status: {}
- - additionalPrinterColumns:
- - description: Cluster
- jsonPath: .spec.clusterName
- name: Cluster
- type: string
- - description: Time duration since creation of MachineSet
- jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- - description: Total number of non-terminated machines targeted by this machineset
- jsonPath: .status.replicas
- name: Replicas
- type: integer
- - description: Total number of available machines (ready for at least minReadySeconds)
- jsonPath: .status.availableReplicas
- name: Available
- type: integer
- - description: Total number of ready machines targeted by this machineset.
- jsonPath: .status.readyReplicas
- name: Ready
- type: integer
- name: v1alpha4
- schema:
- openAPIV3Schema:
- description: MachineSet is the Schema for the machinesets API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: MachineSetSpec defines the desired state of MachineSet.
- properties:
- clusterName:
- description: ClusterName is the name of the Cluster this object belongs
- to.
- minLength: 1
- type: string
- deletePolicy:
- description: DeletePolicy defines the policy used to identify nodes
- to delete when downscaling. Defaults to "Random". Valid values
- are "Random, "Newest", "Oldest"
- enum:
- - Random
- - Newest
- - Oldest
- type: string
- minReadySeconds:
- description: MinReadySeconds is the minimum number of seconds for
- which a newly created machine should be ready. Defaults to 0 (machine
- will be considered available as soon as it is ready)
- format: int32
- type: integer
- replicas:
- default: 1
- description: Replicas is the number of desired replicas. This is a
- pointer to distinguish between explicit zero and unspecified. Defaults
- to 1.
- format: int32
- type: integer
- selector:
- description: 'Selector is a label query over machines that should
- match the replica count. Label keys and values that must match in
- order to be controlled by this MachineSet. It must match the machine
- template''s labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors'
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements.
- The requirements are ANDed.
- items:
- description: A label selector requirement is a selector that
- contains values, a key, and an operator that relates the key
- and values.
- properties:
- key:
- description: key is the label key that the selector applies
- to.
- type: string
- operator:
- description: operator represents a key's relationship to
- a set of values. Valid operators are In, NotIn, Exists
- and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the
- operator is In or NotIn, the values array must be non-empty.
- If the operator is Exists or DoesNotExist, the values
- array must be empty. This array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs. A single
- {key,value} in the matchLabels map is equivalent to an element
- of matchExpressions, whose key field is "key", the operator
- is "In", and the values array contains only "value". The requirements
- are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- template:
- description: Template is the object that describes the machine that
- will be created if insufficient replicas are detected. Object references
- to custom resources are treated as templates.
- properties:
- metadata:
- description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata'
- properties:
- annotations:
- additionalProperties:
- type: string
- description: 'Annotations is an unstructured key value map
- stored with a resource that may be set by external tools
- to store and retrieve arbitrary metadata. They are not queryable
- and should be preserved when modifying objects. More info:
- http://kubernetes.io/docs/user-guide/annotations'
- type: object
- labels:
- additionalProperties:
- type: string
- description: 'Map of string keys and values that can be used
- to organize and categorize (scope and select) objects. May
- match selectors of replication controllers and services.
- More info: http://kubernetes.io/docs/user-guide/labels'
- type: object
- type: object
- spec:
- description: 'Specification of the desired behavior of the machine.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
- properties:
- bootstrap:
- description: Bootstrap is a reference to a local struct which
- encapsulates fields to configure the Machine’s bootstrapping
- mechanism.
- properties:
- configRef:
- description: ConfigRef is a reference to a bootstrap provider-specific
- resource that holds configuration details. The reference
- is optional to allow users/operators to specify Bootstrap.DataSecretName
- without the need of a controller.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object
- instead of an entire object, this string should
- contain a valid JSON/Go field access statement,
- such as desiredState.manifest.containers[2]. For
- example, if the object reference is to a container
- within a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container
- that triggered the event) or if no container name
- is specified "spec.containers[2]" (container with
- index 2 in this pod). This syntax is chosen only
- to have some well-defined way of referencing a part
- of an object. TODO: this design is not final and
- this field is subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this
- reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- dataSecretName:
- description: DataSecretName is the name of the secret
- that stores the bootstrap data script. If nil, the Machine
- should remain in the Pending state.
- type: string
- type: object
- clusterName:
- description: ClusterName is the name of the Cluster this object
- belongs to.
- minLength: 1
- type: string
- failureDomain:
- description: FailureDomain is the failure domain the machine
- will be created in. Must match a key in the FailureDomains
- map stored on the cluster object.
- type: string
- infrastructureRef:
- description: InfrastructureRef is a required reference to
- a custom resource offered by an infrastructure provider.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object instead
- of an entire object, this string should contain a valid
- JSON/Go field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container
- within a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container that
- triggered the event) or if no container name is specified
- "spec.containers[2]" (container with index 2 in this
- pod). This syntax is chosen only to have some well-defined
- way of referencing a part of an object. TODO: this design
- is not final and this field is subject to change in
- the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this reference
- is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- nodeDrainTimeout:
- description: 'NodeDrainTimeout is the total amount of time
- that the controller will spend on draining a node. The default
- value is 0, meaning that the node can be drained without
- any time limitations. NOTE: NodeDrainTimeout is different
- from `kubectl drain --timeout`'
- type: string
- providerID:
- description: ProviderID is the identification ID of the machine
- provided by the provider. This field must match the provider
- ID as seen on the node object corresponding to this machine.
- This field is required by higher level consumers of cluster-api.
- Example use case is cluster autoscaler with cluster-api
- as provider. Clean-up logic in the autoscaler compares machines
- to nodes to find out machines at provider which could not
- get registered as Kubernetes nodes. With cluster-api as
- a generic out-of-tree provider for autoscaler, this field
- is required by autoscaler to be able to have a provider
- view of the list of machines. Another list of nodes is queried
- from the k8s apiserver and then a comparison is done to
- find out unregistered machines and are marked for delete.
- This field will be set by the actuators and consumed by
- higher level entities like autoscaler that will be interfacing
- with cluster-api as generic provider.
- type: string
- version:
- description: Version defines the desired Kubernetes version.
- This field is meant to be optionally used by bootstrap providers.
- type: string
- required:
- - bootstrap
- - clusterName
- - infrastructureRef
- type: object
- type: object
- required:
- - clusterName
- - selector
- type: object
- status:
- description: MachineSetStatus defines the observed state of MachineSet.
- properties:
- availableReplicas:
- description: The number of available replicas (ready for at least
- minReadySeconds) for this MachineSet.
- format: int32
- type: integer
- conditions:
- description: Conditions defines current service state of the MachineSet.
- items:
- description: Condition defines an observation of a Cluster API resource
- operational state.
- properties:
- lastTransitionTime:
- description: Last time the condition transitioned from one status
- to another. This should be when the underlying condition changed.
- If that is not known, then using the time when the API field
- changed is acceptable.
- format: date-time
- type: string
- message:
- description: A human readable message indicating details about
- the transition. This field may be empty.
- type: string
- reason:
- description: The reason for the condition's last transition
- in CamelCase. The specific API may choose whether or not this
- field is considered a guaranteed API. This field may not be
- empty.
- type: string
- severity:
- description: Severity provides an explicit classification of
- Reason code, so the users or machines can immediately understand
- the current situation and act accordingly. The Severity field
- MUST be set only when Status=False.
- type: string
- status:
- description: Status of the condition, one of True, False, Unknown.
- type: string
- type:
- description: Type of condition in CamelCase or in foo.example.com/CamelCase.
- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important.
- type: string
- required:
- - status
- - type
- type: object
- type: array
- failureMessage:
- type: string
- failureReason:
- description: "In the event that there is a terminal problem reconciling
- the replicas, both FailureReason and FailureMessage will be set.
- FailureReason will be populated with a succinct value suitable for
- machine interpretation, while FailureMessage will contain a more
- verbose string suitable for logging and human consumption. \n These
- fields should not be set for transitive errors that a controller
- faces that are expected to be fixed automatically over time (like
- service outages), but instead indicate that something is fundamentally
- wrong with the MachineTemplate's spec or the configuration of the
- machine controller, and that manual intervention is required. Examples
- of terminal errors would be invalid combinations of settings in
- the spec, values that are unsupported by the machine controller,
- or the responsible machine controller itself being critically misconfigured.
- \n Any transient errors that occur during the reconciliation of
- Machines can be added as events to the MachineSet object and/or
- logged in the controller's output."
- type: string
- fullyLabeledReplicas:
- description: The number of replicas that have labels matching the
- labels of the machine template of the MachineSet.
- format: int32
- type: integer
- observedGeneration:
- description: ObservedGeneration reflects the generation of the most
- recently observed MachineSet.
- format: int64
- type: integer
- readyReplicas:
- description: The number of ready replicas for this MachineSet. A machine
- is considered ready when the node has been created and is "Ready".
- format: int32
- type: integer
- replicas:
- description: Replicas is the most recently observed number of replicas.
- format: int32
- type: integer
- selector:
- description: 'Selector is the same as the label selector but in the
- string format to avoid introspection by clients. The string will
- be in the same format as the query-param syntax. More info about
- label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors'
- type: string
- type: object
- type: object
- served: true
- storage: false
- subresources:
- scale:
- labelSelectorPath: .status.selector
- specReplicasPath: .spec.replicas
- statusReplicasPath: .status.replicas
- status: {}
- - additionalPrinterColumns:
- - description: Cluster
- jsonPath: .spec.clusterName
- name: Cluster
- type: string
- - description: Total number of machines desired by this machineset
- jsonPath: .spec.replicas
- name: Desired
- priority: 10
- type: integer
- - description: Total number of non-terminated machines targeted by this machineset
- jsonPath: .status.replicas
- name: Replicas
- type: integer
- - description: Total number of ready machines targeted by this machineset.
- jsonPath: .status.readyReplicas
- name: Ready
- type: integer
- - description: Total number of available machines (ready for at least minReadySeconds)
- jsonPath: .status.availableReplicas
- name: Available
- type: integer
- - description: Time duration since creation of MachineSet
- jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- - description: Kubernetes version associated with this MachineSet
- jsonPath: .spec.template.spec.version
- name: Version
- type: string
- name: v1beta1
- schema:
- openAPIV3Schema:
- description: MachineSet is the Schema for the machinesets API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: MachineSetSpec defines the desired state of MachineSet.
- properties:
- clusterName:
- description: ClusterName is the name of the Cluster this object belongs
- to.
- minLength: 1
- type: string
- deletePolicy:
- description: DeletePolicy defines the policy used to identify nodes
- to delete when downscaling. Defaults to "Random". Valid values
- are "Random, "Newest", "Oldest"
- enum:
- - Random
- - Newest
- - Oldest
- type: string
- minReadySeconds:
- description: MinReadySeconds is the minimum number of seconds for
- which a newly created machine should be ready. Defaults to 0 (machine
- will be considered available as soon as it is ready)
- format: int32
- type: integer
- replicas:
- default: 1
- description: Replicas is the number of desired replicas. This is a
- pointer to distinguish between explicit zero and unspecified. Defaults
- to 1.
- format: int32
- type: integer
- selector:
- description: 'Selector is a label query over machines that should
- match the replica count. Label keys and values that must match in
- order to be controlled by this MachineSet. It must match the machine
- template''s labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors'
- properties:
- matchExpressions:
- description: matchExpressions is a list of label selector requirements.
- The requirements are ANDed.
- items:
- description: A label selector requirement is a selector that
- contains values, a key, and an operator that relates the key
- and values.
- properties:
- key:
- description: key is the label key that the selector applies
- to.
- type: string
- operator:
- description: operator represents a key's relationship to
- a set of values. Valid operators are In, NotIn, Exists
- and DoesNotExist.
- type: string
- values:
- description: values is an array of string values. If the
- operator is In or NotIn, the values array must be non-empty.
- If the operator is Exists or DoesNotExist, the values
- array must be empty. This array is replaced during a strategic
- merge patch.
- items:
- type: string
- type: array
- required:
- - key
- - operator
- type: object
- type: array
- matchLabels:
- additionalProperties:
- type: string
- description: matchLabels is a map of {key,value} pairs. A single
- {key,value} in the matchLabels map is equivalent to an element
- of matchExpressions, whose key field is "key", the operator
- is "In", and the values array contains only "value". The requirements
- are ANDed.
- type: object
- type: object
- x-kubernetes-map-type: atomic
- template:
- description: Template is the object that describes the machine that
- will be created if insufficient replicas are detected. Object references
- to custom resources are treated as templates.
- properties:
- metadata:
- description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata'
- properties:
- annotations:
- additionalProperties:
- type: string
- description: 'Annotations is an unstructured key value map
- stored with a resource that may be set by external tools
- to store and retrieve arbitrary metadata. They are not queryable
- and should be preserved when modifying objects. More info:
- http://kubernetes.io/docs/user-guide/annotations'
- type: object
- labels:
- additionalProperties:
- type: string
- description: 'Map of string keys and values that can be used
- to organize and categorize (scope and select) objects. May
- match selectors of replication controllers and services.
- More info: http://kubernetes.io/docs/user-guide/labels'
- type: object
- type: object
- spec:
- description: 'Specification of the desired behavior of the machine.
- More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status'
- properties:
- bootstrap:
- description: Bootstrap is a reference to a local struct which
- encapsulates fields to configure the Machine’s bootstrapping
- mechanism.
- properties:
- configRef:
- description: ConfigRef is a reference to a bootstrap provider-specific
- resource that holds configuration details. The reference
- is optional to allow users/operators to specify Bootstrap.DataSecretName
- without the need of a controller.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object
- instead of an entire object, this string should
- contain a valid JSON/Go field access statement,
- such as desiredState.manifest.containers[2]. For
- example, if the object reference is to a container
- within a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container
- that triggered the event) or if no container name
- is specified "spec.containers[2]" (container with
- index 2 in this pod). This syntax is chosen only
- to have some well-defined way of referencing a part
- of an object. TODO: this design is not final and
- this field is subject to change in the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info:
- https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this
- reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- dataSecretName:
- description: DataSecretName is the name of the secret
- that stores the bootstrap data script. If nil, the Machine
- should remain in the Pending state.
- type: string
- type: object
- clusterName:
- description: ClusterName is the name of the Cluster this object
- belongs to.
- minLength: 1
- type: string
- failureDomain:
- description: FailureDomain is the failure domain the machine
- will be created in. Must match a key in the FailureDomains
- map stored on the cluster object.
- type: string
- infrastructureRef:
- description: InfrastructureRef is a required reference to
- a custom resource offered by an infrastructure provider.
- properties:
- apiVersion:
- description: API version of the referent.
- type: string
- fieldPath:
- description: 'If referring to a piece of an object instead
- of an entire object, this string should contain a valid
- JSON/Go field access statement, such as desiredState.manifest.containers[2].
- For example, if the object reference is to a container
- within a pod, this would take on a value like: "spec.containers{name}"
- (where "name" refers to the name of the container that
- triggered the event) or if no container name is specified
- "spec.containers[2]" (container with index 2 in this
- pod). This syntax is chosen only to have some well-defined
- way of referencing a part of an object. TODO: this design
- is not final and this field is subject to change in
- the future.'
- type: string
- kind:
- description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- name:
- description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
- type: string
- namespace:
- description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
- type: string
- resourceVersion:
- description: 'Specific resourceVersion to which this reference
- is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
- type: string
- uid:
- description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
- type: string
- type: object
- x-kubernetes-map-type: atomic
- nodeDeletionTimeout:
- description: NodeDeletionTimeout defines how long the controller
- will attempt to delete the Node that the Machine hosts after
- the Machine is marked for deletion. A duration of 0 will
- retry deletion indefinitely. Defaults to 10 seconds.
- type: string
- nodeDrainTimeout:
- description: 'NodeDrainTimeout is the total amount of time
- that the controller will spend on draining a node. The default
- value is 0, meaning that the node can be drained without
- any time limitations. NOTE: NodeDrainTimeout is different
- from `kubectl drain --timeout`'
- type: string
- nodeVolumeDetachTimeout:
- description: NodeVolumeDetachTimeout is the total amount of
- time that the controller will spend on waiting for all volumes
- to be detached. The default value is 0, meaning that the
- volumes can be detached without any time limitations.
- type: string
- providerID:
- description: ProviderID is the identification ID of the machine
- provided by the provider. This field must match the provider
- ID as seen on the node object corresponding to this machine.
- This field is required by higher level consumers of cluster-api.
- Example use case is cluster autoscaler with cluster-api
- as provider. Clean-up logic in the autoscaler compares machines
- to nodes to find out machines at provider which could not
- get registered as Kubernetes nodes. With cluster-api as
- a generic out-of-tree provider for autoscaler, this field
- is required by autoscaler to be able to have a provider
- view of the list of machines. Another list of nodes is queried
- from the k8s apiserver and then a comparison is done to
- find out unregistered machines and are marked for delete.
- This field will be set by the actuators and consumed by
- higher level entities like autoscaler that will be interfacing
- with cluster-api as generic provider.
- type: string
- version:
- description: Version defines the desired Kubernetes version.
- This field is meant to be optionally used by bootstrap providers.
- type: string
- required:
- - bootstrap
- - clusterName
- - infrastructureRef
- type: object
- type: object
- required:
- - clusterName
- - selector
- type: object
- status:
- description: MachineSetStatus defines the observed state of MachineSet.
- properties:
- availableReplicas:
- description: The number of available replicas (ready for at least
- minReadySeconds) for this MachineSet.
- format: int32
- type: integer
- conditions:
- description: Conditions defines current service state of the MachineSet.
- items:
- description: Condition defines an observation of a Cluster API resource
- operational state.
- properties:
- lastTransitionTime:
- description: Last time the condition transitioned from one status
- to another. This should be when the underlying condition changed.
- If that is not known, then using the time when the API field
- changed is acceptable.
- format: date-time
- type: string
- message:
- description: A human readable message indicating details about
- the transition. This field may be empty.
- type: string
- reason:
- description: The reason for the condition's last transition
- in CamelCase. The specific API may choose whether or not this
- field is considered a guaranteed API. This field may not be
- empty.
- type: string
- severity:
- description: Severity provides an explicit classification of
- Reason code, so the users or machines can immediately understand
- the current situation and act accordingly. The Severity field
- MUST be set only when Status=False.
- type: string
- status:
- description: Status of the condition, one of True, False, Unknown.
- type: string
- type:
- description: Type of condition in CamelCase or in foo.example.com/CamelCase.
- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important.
- type: string
- required:
- - lastTransitionTime
- - status
- - type
- type: object
- type: array
- failureMessage:
- type: string
- failureReason:
- description: "In the event that there is a terminal problem reconciling
- the replicas, both FailureReason and FailureMessage will be set.
- FailureReason will be populated with a succinct value suitable for
- machine interpretation, while FailureMessage will contain a more
- verbose string suitable for logging and human consumption. \n These
- fields should not be set for transitive errors that a controller
- faces that are expected to be fixed automatically over time (like
- service outages), but instead indicate that something is fundamentally
- wrong with the MachineTemplate's spec or the configuration of the
- machine controller, and that manual intervention is required. Examples
- of terminal errors would be invalid combinations of settings in
- the spec, values that are unsupported by the machine controller,
- or the responsible machine controller itself being critically misconfigured.
- \n Any transient errors that occur during the reconciliation of
- Machines can be added as events to the MachineSet object and/or
- logged in the controller's output."
- type: string
- fullyLabeledReplicas:
- description: The number of replicas that have labels matching the
- labels of the machine template of the MachineSet.
- format: int32
- type: integer
- observedGeneration:
- description: ObservedGeneration reflects the generation of the most
- recently observed MachineSet.
- format: int64
- type: integer
- readyReplicas:
- description: The number of ready replicas for this MachineSet. A machine
- is considered ready when the node has been created and is "Ready".
- format: int32
- type: integer
- replicas:
- description: Replicas is the most recently observed number of replicas.
- format: int32
- type: integer
- selector:
- description: 'Selector is the same as the label selector but in the
- string format to avoid introspection by clients. The string will
- be in the same format as the query-param syntax. More info about
- label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors'
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- scale:
- labelSelectorPath: .status.selector
- specReplicasPath: .spec.replicas
- statusReplicasPath: .status.replicas
- status: {}
-status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: null
- storedVersions: null
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- labels:
- cluster.x-k8s.io/provider: cluster-api
- clusterctl.cluster.x-k8s.io: ""
- name: capi-manager
- namespace: capi-system
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- labels:
- cluster.x-k8s.io/provider: cluster-api
- clusterctl.cluster.x-k8s.io: ""
- name: capi-leader-election-role
- namespace: capi-system
-rules:
-- apiGroups:
- - ""
- resources:
- - events
- verbs:
- - create
-- apiGroups:
- - coordination.k8s.io
- resources:
- - leases
- verbs:
- - get
- - list
- - watch
- - create
- - update
- - patch
- - delete
----
-aggregationRule:
- clusterRoleSelectors:
- - matchLabels:
- cluster.x-k8s.io/aggregate-to-manager: "true"
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- labels:
- cluster.x-k8s.io/provider: cluster-api
- clusterctl.cluster.x-k8s.io: ""
- name: capi-system-capi-aggregated-manager-role
-rules: []
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- labels:
- cluster.x-k8s.io/aggregate-to-manager: "true"
- cluster.x-k8s.io/provider: cluster-api
- clusterctl.cluster.x-k8s.io: ""
- name: capi-system-capi-manager-role
-rules:
-- apiGroups:
- - ""
- resources:
- - namespaces
- verbs:
- - get
- - list
- - watch
-- apiGroups:
- - addons.cluster.x-k8s.io
- resources:
- - '*'
- verbs:
- - create
- - delete
- - get
- - list
- - patch
- - update
- - watch
-- apiGroups:
- - addons.cluster.x-k8s.io
- resources:
- - clusterresourcesets/finalizers
- - clusterresourcesets/status
- verbs:
- - get
- - patch
- - update
-- apiGroups:
- - apiextensions.k8s.io
- resources:
- - customresourcedefinitions
- verbs:
- - get
- - list
- - watch
-- apiGroups:
- - bootstrap.cluster.x-k8s.io
- - controlplane.cluster.x-k8s.io
- - infrastructure.cluster.x-k8s.io
- resources:
- - '*'
- verbs:
- - create
- - delete
- - get
- - list
- - patch
- - update
- - watch
-- apiGroups:
- - bootstrap.cluster.x-k8s.io
- - infrastructure.cluster.x-k8s.io
- resources:
- - '*'
- verbs:
- - create
- - delete
- - get
- - list
- - patch
- - update
- - watch
-- apiGroups:
- - cluster.x-k8s.io
- resources:
- - clusterclasses
- verbs:
- - create
- - delete
- - get
- - list
- - patch
- - update
- - watch
-- apiGroups:
- - cluster.x-k8s.io
- resources:
- - clusterclasses
- - clusterclasses/status
- verbs:
- - get
- - list
- - patch
- - update
- - watch
-- apiGroups:
- - cluster.x-k8s.io
- resources:
- - clusters
- verbs:
- - get
- - list
- - watch
-- apiGroups:
- - cluster.x-k8s.io
- resources:
- - clusters
- - clusters/finalizers
- - clusters/status
- verbs:
- - create
- - delete
- - get
- - list
- - patch
- - update
- - watch
-- apiGroups:
- - cluster.x-k8s.io
- resources:
- - clusters
- - clusters/status
- verbs:
- - create
- - delete
- - get
- - list
- - patch
- - update
- - watch
-- apiGroups:
- - cluster.x-k8s.io
- resources:
- - machinedeployments
- verbs:
- - create
- - delete
- - get
- - list
- - patch
- - update
- - watch
-- apiGroups:
- - cluster.x-k8s.io
- resources:
- - machinedeployments
- - machinedeployments/finalizers
- verbs:
- - get
- - list
- - patch
- - update
- - watch
-- apiGroups:
- - cluster.x-k8s.io
- resources:
- - machinedeployments
- - machinedeployments/finalizers
- - machinedeployments/status
- verbs:
- - create
- - delete
- - get
- - list
- - patch
- - update
- - watch
-- apiGroups:
- - cluster.x-k8s.io
- resources:
- - machinehealthchecks
- verbs:
- - create
- - delete
- - get
- - list
- - patch
- - update
- - watch
-- apiGroups:
- - cluster.x-k8s.io
- resources:
- - machinehealthchecks
- - machinehealthchecks/finalizers
- - machinehealthchecks/status
- verbs:
- - get
- - list
- - patch
- - update
- - watch
-- apiGroups:
- - cluster.x-k8s.io
- resources:
- - machinepools
- - machinepools/finalizers
- - machinepools/status
- verbs:
- - create
- - delete
- - get
- - list
- - patch
- - update
- - watch
-- apiGroups:
- - cluster.x-k8s.io
- resources:
- - machines
- - machines/finalizers
- - machines/status
- verbs:
- - create
- - delete
- - get
- - list
- - patch
- - update
- - watch
-- apiGroups:
- - cluster.x-k8s.io
- resources:
- - machines
- - machines/status
- verbs:
- - delete
- - get
- - list
- - watch
-- apiGroups:
- - cluster.x-k8s.io
- resources:
- - machinesets
- verbs:
- - get
- - list
- - watch
-- apiGroups:
- - cluster.x-k8s.io
- resources:
- - machinesets
- - machinesets/finalizers
- verbs:
- - get
- - list
- - patch
- - update
- - watch
-- apiGroups:
- - cluster.x-k8s.io
- resources:
- - machinesets
- - machinesets/finalizers
- - machinesets/status
- verbs:
- - create
- - delete
- - get
- - list
- - patch
- - update
- - watch
-- apiGroups:
- - ""
- resources:
- - configmaps
- verbs:
- - get
- - list
- - patch
- - watch
-- apiGroups:
- - ""
- resources:
- - events
- verbs:
- - create
- - get
- - list
- - patch
- - watch
-- apiGroups:
- - ""
- resources:
- - nodes
- verbs:
- - create
- - delete
- - get
- - list
- - patch
- - update
- - watch
-- apiGroups:
- - ""
- resources:
- - secrets
- verbs:
- - create
- - delete
- - get
- - list
- - patch
- - watch
-- apiGroups:
- - ipam.cluster.x-k8s.io
- resources:
- - ipaddressclaims
- verbs:
- - get
- - list
- - watch
-- apiGroups:
- - runtime.cluster.x-k8s.io
- resources:
- - extensionconfigs
- - extensionconfigs/status
- verbs:
- - get
- - list
- - patch
- - update
- - watch
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
- creationTimestamp: null
- labels:
- cluster.x-k8s.io/provider: cluster-api
- clusterctl.cluster.x-k8s.io: ""
- name: capi-leader-election-rolebinding
- namespace: capi-system
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: Role
- name: capi-leader-election-role
-subjects:
-- kind: ServiceAccount
- name: capi-manager
- namespace: capi-system
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- creationTimestamp: null
- labels:
- cluster.x-k8s.io/provider: cluster-api
- clusterctl.cluster.x-k8s.io: ""
- name: capi-system-capi-manager-rolebinding
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: capi-system-capi-aggregated-manager-role
-subjects:
-- kind: ServiceAccount
- name: capi-manager
- namespace: capi-system
----
-apiVersion: v1
-kind: Service
-metadata:
- labels:
- cluster.x-k8s.io/provider: cluster-api
- clusterctl.cluster.x-k8s.io: ""
- name: capi-webhook-service
- namespace: capi-system
-spec:
- ports:
- - port: 443
- targetPort: webhook-server
- selector:
- cluster.x-k8s.io/provider: cluster-api
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- creationTimestamp: null
- labels:
- cluster.x-k8s.io/provider: cluster-api
- clusterctl.cluster.x-k8s.io: ""
- control-plane: controller-manager
- name: capi-controller-manager
- namespace: capi-system
-spec:
- replicas: 1
- selector:
- matchLabels:
- cluster.x-k8s.io/provider: cluster-api
- control-plane: controller-manager
- strategy: {}
- template:
- metadata:
- creationTimestamp: null
- labels:
- cluster.x-k8s.io/provider: cluster-api
- control-plane: controller-manager
- spec:
- containers:
- - args:
- - --leader-elect
- - --metrics-bind-addr=localhost:8080
- - --feature-gates=MachinePool=false,ClusterResourceSet=true,ClusterTopology=true,RuntimeSDK=false
- command:
- - /manager
- env:
- - name: POD_NAMESPACE
- valueFrom:
- fieldRef:
- fieldPath: metadata.namespace
- - name: POD_NAME
- valueFrom:
- fieldRef:
- fieldPath: metadata.name
- - name: POD_UID
- valueFrom:
- fieldRef:
- fieldPath: metadata.uid
- image: registry.k8s.io/cluster-api/cluster-api-controller:v1.3.0
- imagePullPolicy: IfNotPresent
- livenessProbe:
- httpGet:
- path: /healthz
- port: healthz
- name: manager
- ports:
- - containerPort: 9443
- name: webhook-server
- protocol: TCP
- - containerPort: 9440
- name: healthz
- protocol: TCP
- readinessProbe:
- httpGet:
- path: /readyz
- port: healthz
- resources: {}
- volumeMounts:
- - mountPath: /tmp/k8s-webhook-server/serving-certs
- name: cert
- readOnly: true
- serviceAccountName: capi-manager
- terminationGracePeriodSeconds: 10
- tolerations:
- - effect: NoSchedule
- key: node-role.kubernetes.io/master
- - effect: NoSchedule
- key: node-role.kubernetes.io/control-plane
- volumes:
- - name: cert
- secret:
- secretName: capi-webhook-service-cert
-status: {}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- labels:
- cluster.x-k8s.io/provider: cluster-api
- clusterctl.cluster.x-k8s.io: ""
- name: capi-serving-cert
- namespace: capi-system
-spec:
- dnsNames:
- - capi-webhook-service.capi-system.svc
- - capi-webhook-service.capi-system.svc.cluster.local
- issuerRef:
- kind: Issuer
- name: capi-selfsigned-issuer
- secretName: capi-webhook-service-cert
- subject:
- organizations:
- - k8s-sig-cluster-lifecycle
----
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- labels:
- cluster.x-k8s.io/provider: cluster-api
- clusterctl.cluster.x-k8s.io: ""
- name: capi-selfsigned-issuer
- namespace: capi-system
-spec:
- selfSigned: {}
----
-apiVersion: admissionregistration.k8s.io/v1
-kind: MutatingWebhookConfiguration
-metadata:
- annotations:
- cert-manager.io/inject-ca-from: capi-system/capi-serving-cert
- creationTimestamp: null
- labels:
- cluster.x-k8s.io/provider: cluster-api
- clusterctl.cluster.x-k8s.io: ""
- name: capi-mutating-webhook-configuration
-webhooks:
-- admissionReviewVersions:
- - v1
- - v1beta1
- clientConfig:
- service:
- name: capi-webhook-service
- namespace: capi-system
- path: /mutate-cluster-x-k8s-io-v1beta1-machine
- failurePolicy: Fail
- matchPolicy: Equivalent
- name: default.machine.cluster.x-k8s.io
- rules:
- - apiGroups:
- - cluster.x-k8s.io
- apiVersions:
- - v1beta1
- operations:
- - CREATE
- - UPDATE
- resources:
- - machines
- sideEffects: None
-- admissionReviewVersions:
- - v1
- - v1beta1
- clientConfig:
- service:
- name: capi-webhook-service
- namespace: capi-system
- path: /mutate-cluster-x-k8s-io-v1beta1-machinedeployment
- failurePolicy: Fail
- matchPolicy: Equivalent
- name: default.machinedeployment.cluster.x-k8s.io
- rules:
- - apiGroups:
- - cluster.x-k8s.io
- apiVersions:
- - v1beta1
- operations:
- - CREATE
- - UPDATE
- resources:
- - machinedeployments
- sideEffects: None
-- admissionReviewVersions:
- - v1
- - v1beta1
- clientConfig:
- service:
- name: capi-webhook-service
- namespace: capi-system
- path: /mutate-cluster-x-k8s-io-v1beta1-machinehealthcheck
- failurePolicy: Fail
- matchPolicy: Equivalent
- name: default.machinehealthcheck.cluster.x-k8s.io
- rules:
- - apiGroups:
- - cluster.x-k8s.io
- apiVersions:
- - v1beta1
- operations:
- - CREATE
- - UPDATE
- resources:
- - machinehealthchecks
- sideEffects: None
-- admissionReviewVersions:
- - v1
- - v1beta1
- clientConfig:
- service:
- name: capi-webhook-service
- namespace: capi-system
- path: /mutate-cluster-x-k8s-io-v1beta1-machineset
- failurePolicy: Fail
- matchPolicy: Equivalent
- name: default.machineset.cluster.x-k8s.io
- rules:
- - apiGroups:
- - cluster.x-k8s.io
- apiVersions:
- - v1beta1
- operations:
- - CREATE
- - UPDATE
- resources:
- - machinesets
- sideEffects: None
-- admissionReviewVersions:
- - v1
- - v1beta1
- clientConfig:
- service:
- name: capi-webhook-service
- namespace: capi-system
- path: /mutate-cluster-x-k8s-io-v1beta1-cluster
- failurePolicy: Fail
- matchPolicy: Equivalent
- name: default.cluster.cluster.x-k8s.io
- rules:
- - apiGroups:
- - cluster.x-k8s.io
- apiVersions:
- - v1beta1
- operations:
- - CREATE
- - UPDATE
- resources:
- - clusters
- sideEffects: None
-- admissionReviewVersions:
- - v1
- - v1beta1
- clientConfig:
- service:
- name: capi-webhook-service
- namespace: capi-system
- path: /mutate-cluster-x-k8s-io-v1beta1-clusterclass
- failurePolicy: Fail
- matchPolicy: Equivalent
- name: default.clusterclass.cluster.x-k8s.io
- rules:
- - apiGroups:
- - cluster.x-k8s.io
- apiVersions:
- - v1beta1
- operations:
- - CREATE
- - UPDATE
- resources:
- - clusterclasses
- sideEffects: None
-- admissionReviewVersions:
- - v1
- - v1beta1
- clientConfig:
- service:
- name: capi-webhook-service
- namespace: capi-system
- path: /mutate-runtime-cluster-x-k8s-io-v1alpha1-extensionconfig
- failurePolicy: Fail
- matchPolicy: Equivalent
- name: default.extensionconfig.runtime.addons.cluster.x-k8s.io
- rules:
- - apiGroups:
- - runtime.cluster.x-k8s.io
- apiVersions:
- - v1alpha1
- operations:
- - CREATE
- - UPDATE
- resources:
- - extensionconfigs
- sideEffects: None
-- admissionReviewVersions:
- - v1
- - v1beta1
- clientConfig:
- service:
- name: capi-webhook-service
- namespace: capi-system
- path: /mutate-cluster-x-k8s-io-v1beta1-machinepool
- failurePolicy: Fail
- matchPolicy: Equivalent
- name: default.machinepool.cluster.x-k8s.io
- rules:
- - apiGroups:
- - cluster.x-k8s.io
- apiVersions:
- - v1beta1
- operations:
- - CREATE
- - UPDATE
- resources:
- - machinepools
- sideEffects: None
-- admissionReviewVersions:
- - v1
- - v1beta1
- clientConfig:
- service:
- name: capi-webhook-service
- namespace: capi-system
- path: /mutate-addons-cluster-x-k8s-io-v1beta1-clusterresourceset
- failurePolicy: Fail
- matchPolicy: Equivalent
- name: default.clusterresourceset.addons.cluster.x-k8s.io
- rules:
- - apiGroups:
- - addons.cluster.x-k8s.io
- apiVersions:
- - v1beta1
- operations:
- - CREATE
- - UPDATE
- resources:
- - clusterresourcesets
- sideEffects: None
----
-apiVersion: admissionregistration.k8s.io/v1
-kind: ValidatingWebhookConfiguration
-metadata:
- annotations:
- cert-manager.io/inject-ca-from: capi-system/capi-serving-cert
- creationTimestamp: null
- labels:
- cluster.x-k8s.io/provider: cluster-api
- clusterctl.cluster.x-k8s.io: ""
- name: capi-validating-webhook-configuration
-webhooks:
-- admissionReviewVersions:
- - v1
- - v1beta1
- clientConfig:
- service:
- name: capi-webhook-service
- namespace: capi-system
- path: /validate-cluster-x-k8s-io-v1beta1-machine
- failurePolicy: Fail
- matchPolicy: Equivalent
- name: validation.machine.cluster.x-k8s.io
- rules:
- - apiGroups:
- - cluster.x-k8s.io
- apiVersions:
- - v1beta1
- operations:
- - CREATE
- - UPDATE
- resources:
- - machines
- sideEffects: None
-- admissionReviewVersions:
- - v1
- - v1beta1
- clientConfig:
- service:
- name: capi-webhook-service
- namespace: capi-system
- path: /validate-cluster-x-k8s-io-v1beta1-machinedeployment
- failurePolicy: Fail
- matchPolicy: Equivalent
- name: validation.machinedeployment.cluster.x-k8s.io
- rules:
- - apiGroups:
- - cluster.x-k8s.io
- apiVersions:
- - v1beta1
- operations:
- - CREATE
- - UPDATE
- resources:
- - machinedeployments
- sideEffects: None
-- admissionReviewVersions:
- - v1
- - v1beta1
- clientConfig:
- service:
- name: capi-webhook-service
- namespace: capi-system
- path: /validate-cluster-x-k8s-io-v1beta1-machinehealthcheck
- failurePolicy: Fail
- matchPolicy: Equivalent
- name: validation.machinehealthcheck.cluster.x-k8s.io
- rules:
- - apiGroups:
- - cluster.x-k8s.io
- apiVersions:
- - v1beta1
- operations:
- - CREATE
- - UPDATE
- resources:
- - machinehealthchecks
- sideEffects: None
-- admissionReviewVersions:
- - v1
- - v1beta1
- clientConfig:
- service:
- name: capi-webhook-service
- namespace: capi-system
- path: /validate-cluster-x-k8s-io-v1beta1-machineset
- failurePolicy: Fail
- matchPolicy: Equivalent
- name: validation.machineset.cluster.x-k8s.io
- rules:
- - apiGroups:
- - cluster.x-k8s.io
- apiVersions:
- - v1beta1
- operations:
- - CREATE
- - UPDATE
- resources:
- - machinesets
- sideEffects: None
-- admissionReviewVersions:
- - v1
- - v1beta1
- clientConfig:
- service:
- name: capi-webhook-service
- namespace: capi-system
- path: /validate-cluster-x-k8s-io-v1beta1-cluster
- failurePolicy: Fail
- matchPolicy: Equivalent
- name: validation.cluster.cluster.x-k8s.io
- rules:
- - apiGroups:
- - cluster.x-k8s.io
- apiVersions:
- - v1beta1
- operations:
- - CREATE
- - UPDATE
- - DELETE
- resources:
- - clusters
- sideEffects: None
-- admissionReviewVersions:
- - v1
- - v1beta1
- clientConfig:
- service:
- name: capi-webhook-service
- namespace: capi-system
- path: /validate-cluster-x-k8s-io-v1beta1-clusterclass
- failurePolicy: Fail
- matchPolicy: Equivalent
- name: validation.clusterclass.cluster.x-k8s.io
- rules:
- - apiGroups:
- - cluster.x-k8s.io
- apiVersions:
- - v1beta1
- operations:
- - CREATE
- - UPDATE
- - DELETE
- resources:
- - clusterclasses
- sideEffects: None
-- admissionReviewVersions:
- - v1
- - v1beta1
- clientConfig:
- service:
- name: capi-webhook-service
- namespace: capi-system
- path: /validate-runtime-cluster-x-k8s-io-v1alpha1-extensionconfig
- failurePolicy: Fail
- matchPolicy: Equivalent
- name: validation.extensionconfig.runtime.cluster.x-k8s.io
- rules:
- - apiGroups:
- - runtime.cluster.x-k8s.io
- apiVersions:
- - v1alpha1
- operations:
- - CREATE
- - UPDATE
- resources:
- - extensionconfigs
- sideEffects: None
-- admissionReviewVersions:
- - v1
- - v1beta1
- clientConfig:
- service:
- name: capi-webhook-service
- namespace: capi-system
- path: /validate-cluster-x-k8s-io-v1beta1-machinepool
- failurePolicy: Fail
- matchPolicy: Equivalent
- name: validation.machinepool.cluster.x-k8s.io
- rules:
- - apiGroups:
- - cluster.x-k8s.io
- apiVersions:
- - v1beta1
- operations:
- - CREATE
- - UPDATE
- resources:
- - machinepools
- sideEffects: None
-- admissionReviewVersions:
- - v1
- - v1beta1
- clientConfig:
- service:
- name: capi-webhook-service
- namespace: capi-system
- path: /validate-addons-cluster-x-k8s-io-v1beta1-clusterresourceset
- failurePolicy: Fail
- matchPolicy: Equivalent
- name: validation.clusterresourceset.addons.cluster.x-k8s.io
- rules:
- - apiGroups:
- - addons.cluster.x-k8s.io
- apiVersions:
- - v1beta1
- operations:
- - CREATE
- - UPDATE
- resources:
- - clusterresourcesets
- sideEffects: None
-- admissionReviewVersions:
- - v1
- - v1beta1
- clientConfig:
- service:
- name: capi-webhook-service
- namespace: capi-system
- path: /validate-ipam-cluster-x-k8s-io-v1alpha1-ipaddress
- failurePolicy: Fail
- matchPolicy: Equivalent
- name: validation.ipaddress.ipam.cluster.x-k8s.io
- rules:
- - apiGroups:
- - ipam.cluster.x-k8s.io
- apiVersions:
- - v1alpha1
- operations:
- - CREATE
- - UPDATE
- - DELETE
- resources:
- - ipaddresses
- sideEffects: None
-- admissionReviewVersions:
- - v1
- - v1beta1
- clientConfig:
- service:
- name: capi-webhook-service
- namespace: capi-system
- path: /validate-ipam-cluster-x-k8s-io-v1alpha1-ipaddressclaim
- failurePolicy: Fail
- matchPolicy: Equivalent
- name: validation.ipaddressclaim.ipam.cluster.x-k8s.io
- rules:
- - apiGroups:
- - ipam.cluster.x-k8s.io
- apiVersions:
- - v1alpha1
- operations:
- - CREATE
- - UPDATE
- - DELETE
- resources:
- - ipaddressclaims
- sideEffects: None
diff --git a/atmosphere/operator/manifests/capi-provider.yml b/atmosphere/operator/manifests/capi-provider.yml
deleted file mode 100644
index 56c0eb7..0000000
--- a/atmosphere/operator/manifests/capi-provider.yml
+++ /dev/null
@@ -1,12126 +0,0 @@
-apiVersion: v1
-kind: Namespace
-metadata:
- labels:
- cluster.x-k8s.io/provider: infrastructure-openstack
- name: capo-system
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- cert-manager.io/inject-ca-from: capo-system/capo-serving-cert
- controller-gen.kubebuilder.io/version: v0.9.2
- labels:
- cluster.x-k8s.io/provider: infrastructure-openstack
- cluster.x-k8s.io/v1alpha3: v1alpha3
- cluster.x-k8s.io/v1beta1: v1alpha4_v1alpha5_v1alpha6
- name: openstackclusters.infrastructure.cluster.x-k8s.io
-spec:
- conversion:
- strategy: Webhook
- webhook:
- clientConfig:
- caBundle: Cg==
- service:
- name: capo-webhook-service
- namespace: capo-system
- path: /convert
- conversionReviewVersions:
- - v1
- - v1beta1
- group: infrastructure.cluster.x-k8s.io
- names:
- categories:
- - cluster-api
- kind: OpenStackCluster
- listKind: OpenStackClusterList
- plural: openstackclusters
- shortNames:
- - osc
- singular: openstackcluster
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - description: Cluster to which this OpenStackCluster belongs
- jsonPath: .metadata.labels.cluster\.x-k8s\.io/cluster-name
- name: Cluster
- type: string
- - description: Cluster infrastructure is ready for OpenStack instances
- jsonPath: .status.ready
- name: Ready
- type: string
- - description: Network the cluster is using
- jsonPath: .status.network.id
- name: Network
- type: string
- - description: Subnet the cluster is using
- jsonPath: .status.network.subnet.id
- name: Subnet
- type: string
- - description: API Endpoint
- jsonPath: .spec.controlPlaneEndpoint.host
- name: Endpoint
- priority: 1
- type: string
- - description: Bastion floating IP
- jsonPath: .status.bastion.floatingIP
- name: Bastion
- type: string
- - description: Time duration since creation of OpenStackCluster
- jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1alpha3
- schema:
- openAPIV3Schema:
- description: OpenStackCluster is the Schema for the openstackclusters API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: OpenStackClusterSpec defines the desired state of OpenStackCluster.
- properties:
- apiServerFloatingIP:
- description: APIServerFloatingIP is the floatingIP which will be associated
- to the APIServer. The floatingIP will be created if it not already
- exists.
- type: string
- apiServerLoadBalancerAdditionalPorts:
- description: APIServerLoadBalancerAdditionalPorts adds additional
- ports to the APIServerLoadBalancer
- items:
- type: integer
- type: array
- apiServerPort:
- description: APIServerPort is the port on which the listener on the
- APIServer will be created
- type: integer
- bastion:
- description: "Bastion is the OpenStack instance to login the nodes
- \n As a rolling update is not ideal during a bastion host session,
- we prevent changes to a running bastion configuration. Set `enabled:
- false` to make changes."
- properties:
- availabilityZone:
- type: string
- enabled:
- type: boolean
- instance:
- description: Instance for the bastion itself
- properties:
- cloudName:
- description: The name of the cloud to use from the clouds
- secret
- type: string
- cloudsSecret:
- description: The name of the secret containing the openstack
- credentials
- properties:
- name:
- description: name is unique within a namespace to reference
- a secret resource.
- type: string
- namespace:
- description: namespace defines the space within which
- the secret name must be unique.
- type: string
- type: object
- x-kubernetes-map-type: atomic
- configDrive:
- description: Config Drive support
- type: boolean
- flavor:
- description: The flavor reference for the flavor for your
- server instance.
- type: string
- floatingIP:
- description: The floatingIP which will be associated to the
- machine, only used for master. The floatingIP should have
- been created and haven't been associated.
- type: string
- image:
- description: The name of the image to use for your server
- instance. If the RootVolume is specified, this will be ignored
- and use rootVolume directly.
- type: string
- instanceID:
- description: InstanceID is the OpenStack instance ID for this
- machine.
- type: string
- networks:
- description: A networks object. Required parameter when there
- are multiple networks defined for the tenant. When you do
- not specify the networks parameter, the server attaches
- to the only network created for the current tenant.
- items:
- properties:
- filter:
- description: Filters for optional network query
- properties:
- adminStateUp:
- type: boolean
- description:
- type: string
- id:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- shared:
- type: boolean
- sortDir:
- type: string
- sortKey:
- type: string
- status:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- fixedIp:
- description: A fixed IPv4 address for the NIC.
- type: string
- subnets:
- description: Subnet within a network to use
- items:
- properties:
- filter:
- description: Filters for optional network query
- properties:
- cidr:
- type: string
- description:
- type: string
- enableDhcp:
- type: boolean
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- networkId:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- subnetpoolId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- uuid:
- description: The UUID of the network. Required
- if you omit the port attribute.
- type: string
- type: object
- type: array
- uuid:
- description: The UUID of the network. Required if you
- omit the port attribute.
- type: string
- type: object
- type: array
- providerID:
- description: ProviderID is the unique identifier as specified
- by the cloud provider.
- type: string
- rootVolume:
- description: The volume metadata to boot from
- properties:
- deviceType:
- type: string
- diskSize:
- type: integer
- sourceType:
- type: string
- sourceUUID:
- type: string
- type: object
- securityGroups:
- description: The names of the security groups to assign to
- the instance
- items:
- properties:
- filter:
- description: Filters used to query security groups in
- openstack
- properties:
- description:
- type: string
- id:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- name:
- description: Security Group name
- type: string
- uuid:
- description: Security Group UID
- type: string
- type: object
- type: array
- serverGroupID:
- description: The server group to assign the machine to
- type: string
- serverMetadata:
- additionalProperties:
- type: string
- description: Metadata mapping. Allows you to create a map
- of key value pairs to add to the server instance.
- type: object
- sshKeyName:
- description: The ssh key to inject in the instance
- type: string
- subnet:
- description: UUID, IP address of a port from this subnet will
- be marked as AccessIPv4 on the created compute instance
- type: string
- tags:
- description: Machine tags Requires Nova api 2.52 minimum!
- items:
- type: string
- type: array
- trunk:
- description: Whether the server instance is created on a trunk
- port or not.
- type: boolean
- userDataSecret:
- description: The name of the secret containing the user data
- (startup script in most cases)
- properties:
- name:
- description: name is unique within a namespace to reference
- a secret resource.
- type: string
- namespace:
- description: namespace defines the space within which
- the secret name must be unique.
- type: string
- type: object
- x-kubernetes-map-type: atomic
- required:
- - flavor
- type: object
- type: object
- cloudName:
- description: The name of the cloud to use from the clouds secret
- type: string
- cloudsSecret:
- description: The name of the secret containing the openstack credentials
- properties:
- name:
- description: name is unique within a namespace to reference a
- secret resource.
- type: string
- namespace:
- description: namespace defines the space within which the secret
- name must be unique.
- type: string
- type: object
- x-kubernetes-map-type: atomic
- controlPlaneAvailabilityZones:
- description: ControlPlaneAvailabilityZones is the az to deploy control
- plane to
- items:
- type: string
- type: array
- controlPlaneEndpoint:
- description: ControlPlaneEndpoint represents the endpoint used to
- communicate with the control plane.
- properties:
- host:
- description: The hostname on which the API server is serving.
- type: string
- port:
- description: The port on which the API server is serving.
- format: int32
- type: integer
- required:
- - host
- - port
- type: object
- disablePortSecurity:
- description: DisablePortSecurity disables the port security of the
- network created for the Kubernetes cluster, which also disables
- SecurityGroups
- type: boolean
- dnsNameservers:
- description: DNSNameservers is the list of nameservers for OpenStack
- Subnet being created. Set this value when you need create a new
- network/subnet while the access through DNS is required.
- items:
- type: string
- type: array
- externalNetworkId:
- description: ExternalNetworkID is the ID of an external OpenStack
- Network. This is necessary to get public internet to the VMs.
- type: string
- externalRouterIPs:
- description: ExternalRouterIPs is an array of externalIPs on the respective
- subnets. This is necessary if the router needs a fixed ip in a specific
- subnet.
- items:
- properties:
- fixedIP:
- description: The FixedIP in the corresponding subnet
- type: string
- subnet:
- description: The subnet in which the FixedIP is used for the
- Gateway of this router
- properties:
- filter:
- description: Filters for optional network query
- properties:
- cidr:
- type: string
- description:
- type: string
- enableDhcp:
- type: boolean
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- networkId:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- subnetpoolId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- uuid:
- description: The UUID of the network. Required if you omit
- the port attribute.
- type: string
- type: object
- required:
- - subnet
- type: object
- type: array
- managedAPIServerLoadBalancer:
- description: 'ManagedAPIServerLoadBalancer defines whether a LoadBalancer
- for the APIServer should be created. If set to true the following
- properties are mandatory: APIServerFloatingIP, APIServerPort'
- type: boolean
- managedSecurityGroups:
- description: 'ManagedSecurityGroups defines that kubernetes manages
- the OpenStack security groups for now, that means that we''ll create
- security group allows traffic to/from machines belonging to that
- group based on Calico CNI plugin default network requirements: BGP
- and IP-in-IP for master node(s) and worker node(s) respectively.
- In the future, we could make this more flexible.'
- type: boolean
- network:
- description: If NodeCIDR cannot be set this can be used to detect
- an existing network.
- properties:
- adminStateUp:
- type: boolean
- description:
- type: string
- id:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- shared:
- type: boolean
- sortDir:
- type: string
- sortKey:
- type: string
- status:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- nodeCidr:
- description: NodeCIDR is the OpenStack Subnet to be created. Cluster
- actuator will create a network, a subnet with NodeCIDR, and a router
- connected to this subnet. If you leave this empty, no network will
- be created.
- type: string
- subnet:
- description: If NodeCIDR cannot be set this can be used to detect
- an existing subnet.
- properties:
- cidr:
- type: string
- description:
- type: string
- enableDhcp:
- type: boolean
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- networkId:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- subnetpoolId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- tags:
- description: Tags for all resources in cluster
- items:
- type: string
- type: array
- useOctavia:
- description: UseOctavia is weather LoadBalancer Service is Octavia
- or not
- type: boolean
- type: object
- status:
- description: OpenStackClusterStatus defines the observed state of OpenStackCluster.
- properties:
- bastion:
- properties:
- configDrive:
- type: boolean
- failureDomain:
- type: string
- flavor:
- type: string
- floatingIP:
- type: string
- id:
- type: string
- image:
- type: string
- ip:
- type: string
- metadata:
- additionalProperties:
- type: string
- type: object
- name:
- type: string
- networks:
- items:
- description: Network represents basic information about the
- associated OpenStach Neutron Network.
- properties:
- apiServerLoadBalancer:
- description: Be careful when using APIServerLoadBalancer,
- because this field is optional and therefore not set in
- all cases
- properties:
- id:
- type: string
- internalIP:
- type: string
- ip:
- type: string
- name:
- type: string
- required:
- - id
- - internalIP
- - ip
- - name
- type: object
- id:
- type: string
- name:
- type: string
- router:
- description: Router represents basic information about the
- associated OpenStack Neutron Router.
- properties:
- id:
- type: string
- name:
- type: string
- tags:
- items:
- type: string
- type: array
- required:
- - id
- - name
- type: object
- subnet:
- description: Subnet represents basic information about the
- associated OpenStack Neutron Subnet.
- properties:
- cidr:
- type: string
- id:
- type: string
- name:
- type: string
- tags:
- items:
- type: string
- type: array
- required:
- - cidr
- - id
- - name
- type: object
- tags:
- items:
- type: string
- type: array
- required:
- - id
- - name
- type: object
- type: array
- rootVolume:
- properties:
- deviceType:
- type: string
- diskSize:
- type: integer
- sourceType:
- type: string
- sourceUUID:
- type: string
- type: object
- securigyGroups:
- items:
- type: string
- type: array
- serverGroupID:
- type: string
- sshKeyName:
- type: string
- state:
- description: InstanceState describes the state of an OpenStack
- instance.
- type: string
- subnet:
- type: string
- tags:
- items:
- type: string
- type: array
- trunk:
- type: boolean
- userData:
- type: string
- type: object
- bastionSecurityGroup:
- description: SecurityGroup represents the basic information of the
- associated OpenStack Neutron Security Group.
- properties:
- id:
- type: string
- name:
- type: string
- rules:
- items:
- description: SecurityGroupRule represent the basic information
- of the associated OpenStack Security Group Role.
- properties:
- description:
- type: string
- direction:
- type: string
- etherType:
- type: string
- name:
- type: string
- portRangeMax:
- type: integer
- portRangeMin:
- type: integer
- protocol:
- type: string
- remoteGroupID:
- type: string
- remoteIPPrefix:
- type: string
- securityGroupID:
- type: string
- required:
- - description
- - direction
- - etherType
- - name
- - portRangeMax
- - portRangeMin
- - protocol
- - remoteGroupID
- - remoteIPPrefix
- - securityGroupID
- type: object
- type: array
- required:
- - id
- - name
- - rules
- type: object
- controlPlaneSecurityGroup:
- description: 'ControlPlaneSecurityGroups contains all the information
- about the OpenStack Security Group that needs to be applied to control
- plane nodes. TODO: Maybe instead of two properties, we add a property
- to the group?'
- properties:
- id:
- type: string
- name:
- type: string
- rules:
- items:
- description: SecurityGroupRule represent the basic information
- of the associated OpenStack Security Group Role.
- properties:
- description:
- type: string
- direction:
- type: string
- etherType:
- type: string
- name:
- type: string
- portRangeMax:
- type: integer
- portRangeMin:
- type: integer
- protocol:
- type: string
- remoteGroupID:
- type: string
- remoteIPPrefix:
- type: string
- securityGroupID:
- type: string
- required:
- - description
- - direction
- - etherType
- - name
- - portRangeMax
- - portRangeMin
- - protocol
- - remoteGroupID
- - remoteIPPrefix
- - securityGroupID
- type: object
- type: array
- required:
- - id
- - name
- - rules
- type: object
- externalNetwork:
- description: External Network contains information about the created
- OpenStack external network.
- properties:
- apiServerLoadBalancer:
- description: Be careful when using APIServerLoadBalancer, because
- this field is optional and therefore not set in all cases
- properties:
- id:
- type: string
- internalIP:
- type: string
- ip:
- type: string
- name:
- type: string
- required:
- - id
- - internalIP
- - ip
- - name
- type: object
- id:
- type: string
- name:
- type: string
- router:
- description: Router represents basic information about the associated
- OpenStack Neutron Router.
- properties:
- id:
- type: string
- name:
- type: string
- tags:
- items:
- type: string
- type: array
- required:
- - id
- - name
- type: object
- subnet:
- description: Subnet represents basic information about the associated
- OpenStack Neutron Subnet.
- properties:
- cidr:
- type: string
- id:
- type: string
- name:
- type: string
- tags:
- items:
- type: string
- type: array
- required:
- - cidr
- - id
- - name
- type: object
- tags:
- items:
- type: string
- type: array
- required:
- - id
- - name
- type: object
- failureDomains:
- additionalProperties:
- description: FailureDomainSpec is the Schema for Cluster API failure
- domains. It allows controllers to understand how many failure
- domains a cluster can optionally span across.
- properties:
- attributes:
- additionalProperties:
- type: string
- description: Attributes is a free form map of attributes an
- infrastructure provider might use or require.
- type: object
- controlPlane:
- description: ControlPlane determines if this failure domain
- is suitable for use by control plane machines.
- type: boolean
- type: object
- description: FailureDomains represent OpenStack availability zones
- type: object
- network:
- description: Network contains all information about the created OpenStack
- Network. It includes Subnets and Router.
- properties:
- apiServerLoadBalancer:
- description: Be careful when using APIServerLoadBalancer, because
- this field is optional and therefore not set in all cases
- properties:
- id:
- type: string
- internalIP:
- type: string
- ip:
- type: string
- name:
- type: string
- required:
- - id
- - internalIP
- - ip
- - name
- type: object
- id:
- type: string
- name:
- type: string
- router:
- description: Router represents basic information about the associated
- OpenStack Neutron Router.
- properties:
- id:
- type: string
- name:
- type: string
- tags:
- items:
- type: string
- type: array
- required:
- - id
- - name
- type: object
- subnet:
- description: Subnet represents basic information about the associated
- OpenStack Neutron Subnet.
- properties:
- cidr:
- type: string
- id:
- type: string
- name:
- type: string
- tags:
- items:
- type: string
- type: array
- required:
- - cidr
- - id
- - name
- type: object
- tags:
- items:
- type: string
- type: array
- required:
- - id
- - name
- type: object
- ready:
- type: boolean
- workerSecurityGroup:
- description: WorkerSecurityGroup contains all the information about
- the OpenStack Security Group that needs to be applied to worker
- nodes.
- properties:
- id:
- type: string
- name:
- type: string
- rules:
- items:
- description: SecurityGroupRule represent the basic information
- of the associated OpenStack Security Group Role.
- properties:
- description:
- type: string
- direction:
- type: string
- etherType:
- type: string
- name:
- type: string
- portRangeMax:
- type: integer
- portRangeMin:
- type: integer
- protocol:
- type: string
- remoteGroupID:
- type: string
- remoteIPPrefix:
- type: string
- securityGroupID:
- type: string
- required:
- - description
- - direction
- - etherType
- - name
- - portRangeMax
- - portRangeMin
- - protocol
- - remoteGroupID
- - remoteIPPrefix
- - securityGroupID
- type: object
- type: array
- required:
- - id
- - name
- - rules
- type: object
- required:
- - ready
- type: object
- type: object
- served: true
- storage: false
- subresources:
- status: {}
- - additionalPrinterColumns:
- - description: Cluster to which this OpenStackCluster belongs
- jsonPath: .metadata.labels.cluster\.x-k8s\.io/cluster-name
- name: Cluster
- type: string
- - description: Cluster infrastructure is ready for OpenStack instances
- jsonPath: .status.ready
- name: Ready
- type: string
- - description: Network the cluster is using
- jsonPath: .status.network.id
- name: Network
- type: string
- - description: Subnet the cluster is using
- jsonPath: .status.network.subnet.id
- name: Subnet
- type: string
- - description: API Endpoint
- jsonPath: .spec.controlPlaneEndpoint.host
- name: Endpoint
- priority: 1
- type: string
- - description: Bastion address for breakglass access
- jsonPath: .status.bastion.floatingIP
- name: Bastion IP
- type: string
- - description: Time duration since creation of OpenStackCluster
- jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1alpha4
- schema:
- openAPIV3Schema:
- description: OpenStackCluster is the Schema for the openstackclusters API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: OpenStackClusterSpec defines the desired state of OpenStackCluster.
- properties:
- allowAllInClusterTraffic:
- description: AllowAllInClusterTraffic is only used when managed security
- groups are in use. If set to true, the rules for the managed security
- groups are configured so that all ingress and egress between cluster
- nodes is permitted, allowing CNIs other than Calico to be used.
- type: boolean
- apiServerFixedIP:
- description: APIServerFixedIP is the fixed IP which will be associated
- with the API server. In the case where the API server has a floating
- IP but not a managed load balancer, this field is not used. If a
- managed load balancer is used and this field is not specified, a
- fixed IP will be dynamically allocated for the load balancer. If
- a managed load balancer is not used AND the API server floating
- IP is disabled, this field MUST be specified and should correspond
- to a pre-allocated port that holds the fixed IP to be used as a
- VIP.
- type: string
- apiServerFloatingIP:
- description: APIServerFloatingIP is the floatingIP which will be associated
- with the API server. The floatingIP will be created if it does not
- already exist. If not specified, a new floatingIP is allocated.
- This field is not used if DisableAPIServerFloatingIP is set to true.
- type: string
- apiServerLoadBalancerAdditionalPorts:
- description: APIServerLoadBalancerAdditionalPorts adds additional
- ports to the APIServerLoadBalancer
- items:
- type: integer
- type: array
- apiServerPort:
- description: APIServerPort is the port on which the listener on the
- APIServer will be created
- type: integer
- bastion:
- description: "Bastion is the OpenStack instance to login the nodes
- \n As a rolling update is not ideal during a bastion host session,
- we prevent changes to a running bastion configuration. Set `enabled:
- false` to make changes."
- properties:
- availabilityZone:
- type: string
- enabled:
- type: boolean
- instance:
- description: Instance for the bastion itself
- properties:
- cloudName:
- description: The name of the cloud to use from the clouds
- secret
- type: string
- configDrive:
- description: Config Drive support
- type: boolean
- flavor:
- description: The flavor reference for the flavor for your
- server instance.
- type: string
- floatingIP:
- description: The floatingIP which will be associated to the
- machine, only used for master. The floatingIP should have
- been created and haven't been associated.
- type: string
- identityRef:
- description: IdentityRef is a reference to a identity to be
- used when reconciling this cluster
- properties:
- kind:
- description: Kind of the identity. Must be supported by
- the infrastructure provider and may be either cluster
- or namespace-scoped.
- minLength: 1
- type: string
- name:
- description: Name of the infrastructure identity to be
- used. Must be either a cluster-scoped resource, or namespaced-scoped
- resource the same namespace as the resource(s) being
- provisioned.
- type: string
- required:
- - kind
- - name
- type: object
- image:
- description: The name of the image to use for your server
- instance. If the RootVolume is specified, this will be ignored
- and use rootVolume directly.
- type: string
- instanceID:
- description: InstanceID is the OpenStack instance ID for this
- machine.
- type: string
- networks:
- description: A networks object. Required parameter when there
- are multiple networks defined for the tenant. When you do
- not specify both networks and ports parameters, the server
- attaches to the only network created for the current tenant.
- items:
- properties:
- filter:
- description: Filters for optional network query
- properties:
- adminStateUp:
- type: boolean
- description:
- type: string
- id:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- shared:
- type: boolean
- sortDir:
- type: string
- sortKey:
- type: string
- status:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- fixedIP:
- description: A fixed IPv4 address for the NIC.
- type: string
- subnets:
- description: Subnet within a network to use
- items:
- properties:
- filter:
- description: Filters for optional subnet query
- properties:
- cidr:
- type: string
- description:
- type: string
- enableDhcp:
- type: boolean
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- networkId:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- subnetpoolId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- uuid:
- description: Optional UUID of the subnet. If specified
- this will not be validated prior to server creation.
- If specified, the enclosing `NetworkParam` must
- also be specified by UUID.
- type: string
- type: object
- type: array
- uuid:
- description: Optional UUID of the network. If specified
- this will not be validated prior to server creation.
- Required if `Subnets` specifies a subnet by UUID.
- type: string
- type: object
- type: array
- ports:
- description: Ports to be attached to the server instance.
- They are created if a port with the given name does not
- already exist. When you do not specify both networks and
- ports parameters, the server attaches to the only network
- created for the current tenant.
- items:
- properties:
- adminStateUp:
- type: boolean
- allowedAddressPairs:
- items:
- properties:
- ipAddress:
- type: string
- macAddress:
- type: string
- type: object
- type: array
- description:
- type: string
- disablePortSecurity:
- description: DisablePortSecurity enables or disables
- the port security when set. When not set, it takes
- the value of the corresponding field at the network
- level.
- type: boolean
- fixedIPs:
- description: Specify pairs of subnet and/or IP address.
- These should be subnets of the network with the given
- NetworkID.
- items:
- properties:
- ipAddress:
- type: string
- subnetId:
- type: string
- required:
- - subnetId
- type: object
- type: array
- hostId:
- description: The ID of the host where the port is allocated
- type: string
- macAddress:
- type: string
- nameSuffix:
- description: Used to make the name of the port unique.
- If unspecified, instead the 0-based index of the port
- in the list is used.
- type: string
- networkId:
- description: ID of the OpenStack network on which to
- create the port. If unspecified, create the port on
- the default cluster network.
- type: string
- profile:
- additionalProperties:
- type: string
- description: A dictionary that enables the application
- running on the specified host to pass and receive
- virtual network interface (VIF) port-specific information
- to the plug-in.
- type: object
- projectId:
- type: string
- securityGroups:
- items:
- type: string
- type: array
- tags:
- description: Tags applied to the port (and corresponding
- trunk, if a trunk is configured.) These tags are applied
- in addition to the instance's tags, which will also
- be applied to the port.
- items:
- type: string
- type: array
- tenantId:
- type: string
- trunk:
- description: Enables and disables trunk at port level.
- If not provided, openStackMachine.Spec.Trunk is inherited.
- type: boolean
- vnicType:
- description: The virtual network interface card (vNIC)
- type that is bound to the neutron port.
- type: string
- type: object
- type: array
- providerID:
- description: ProviderID is the unique identifier as specified
- by the cloud provider.
- type: string
- rootVolume:
- description: The volume metadata to boot from
- properties:
- deviceType:
- type: string
- diskSize:
- type: integer
- sourceType:
- type: string
- sourceUUID:
- type: string
- type: object
- securityGroups:
- description: The names of the security groups to assign to
- the instance
- items:
- properties:
- filter:
- description: Filters used to query security groups in
- openstack
- properties:
- description:
- type: string
- id:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- name:
- description: Security Group name
- type: string
- uuid:
- description: Security Group UID
- type: string
- type: object
- type: array
- serverGroupID:
- description: The server group to assign the machine to
- type: string
- serverMetadata:
- additionalProperties:
- type: string
- description: Metadata mapping. Allows you to create a map
- of key value pairs to add to the server instance.
- type: object
- sshKeyName:
- description: The ssh key to inject in the instance
- type: string
- subnet:
- description: UUID, IP address of a port from this subnet will
- be marked as AccessIPv4 on the created compute instance
- type: string
- tags:
- description: Machine tags Requires Nova api 2.52 minimum!
- items:
- type: string
- type: array
- trunk:
- description: Whether the server instance is created on a trunk
- port or not.
- type: boolean
- required:
- - flavor
- type: object
- type: object
- cloudName:
- description: The name of the cloud to use from the clouds secret
- type: string
- controlPlaneAvailabilityZones:
- description: ControlPlaneAvailabilityZones is the az to deploy control
- plane to
- items:
- type: string
- type: array
- controlPlaneEndpoint:
- description: ControlPlaneEndpoint represents the endpoint used to
- communicate with the control plane.
- properties:
- host:
- description: The hostname on which the API server is serving.
- type: string
- port:
- description: The port on which the API server is serving.
- format: int32
- type: integer
- required:
- - host
- - port
- type: object
- disableAPIServerFloatingIP:
- description: DisableAPIServerFloatingIP determines whether or not
- to attempt to attach a floating IP to the API server. This allows
- for the creation of clusters when attaching a floating IP to the
- API server (and hence, in many cases, exposing the API server to
- the internet) is not possible or desirable, e.g. if using a shared
- VLAN for communication between management and workload clusters
- or when the management cluster is inside the project network. This
- option requires that the API server use a VIP on the cluster network
- so that the underlying machines can change without changing ControlPlaneEndpoint.Host.
- When using a managed load balancer, this VIP will be managed automatically.
- If not using a managed load balancer, cluster configuration will
- fail without additional configuration to manage the VIP on the control
- plane machines, which falls outside of the scope of this controller.
- type: boolean
- disablePortSecurity:
- description: DisablePortSecurity disables the port security of the
- network created for the Kubernetes cluster, which also disables
- SecurityGroups
- type: boolean
- dnsNameservers:
- description: DNSNameservers is the list of nameservers for OpenStack
- Subnet being created. Set this value when you need create a new
- network/subnet while the access through DNS is required.
- items:
- type: string
- type: array
- externalNetworkId:
- description: ExternalNetworkID is the ID of an external OpenStack
- Network. This is necessary to get public internet to the VMs.
- type: string
- externalRouterIPs:
- description: ExternalRouterIPs is an array of externalIPs on the respective
- subnets. This is necessary if the router needs a fixed ip in a specific
- subnet.
- items:
- properties:
- fixedIP:
- description: The FixedIP in the corresponding subnet
- type: string
- subnet:
- description: The subnet in which the FixedIP is used for the
- Gateway of this router
- properties:
- filter:
- description: Filters for optional subnet query
- properties:
- cidr:
- type: string
- description:
- type: string
- enableDhcp:
- type: boolean
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- networkId:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- subnetpoolId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- uuid:
- description: Optional UUID of the subnet. If specified this
- will not be validated prior to server creation. If specified,
- the enclosing `NetworkParam` must also be specified by
- UUID.
- type: string
- type: object
- required:
- - subnet
- type: object
- type: array
- identityRef:
- description: IdentityRef is a reference to a identity to be used when
- reconciling this cluster
- properties:
- kind:
- description: Kind of the identity. Must be supported by the infrastructure
- provider and may be either cluster or namespace-scoped.
- minLength: 1
- type: string
- name:
- description: Name of the infrastructure identity to be used. Must
- be either a cluster-scoped resource, or namespaced-scoped resource
- the same namespace as the resource(s) being provisioned.
- type: string
- required:
- - kind
- - name
- type: object
- managedAPIServerLoadBalancer:
- description: ManagedAPIServerLoadBalancer defines whether a LoadBalancer
- for the APIServer should be created.
- type: boolean
- managedSecurityGroups:
- description: ManagedSecurityGroups determines whether OpenStack security
- groups for the cluster will be managed by the OpenStack provider
- or whether pre-existing security groups will be specified as part
- of the configuration. By default, the managed security groups have
- rules that allow the Kubelet, etcd, the Kubernetes API server and
- the Calico CNI plugin to function correctly.
- type: boolean
- network:
- description: If NodeCIDR cannot be set this can be used to detect
- an existing network.
- properties:
- adminStateUp:
- type: boolean
- description:
- type: string
- id:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- shared:
- type: boolean
- sortDir:
- type: string
- sortKey:
- type: string
- status:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- nodeCidr:
- description: NodeCIDR is the OpenStack Subnet to be created. Cluster
- actuator will create a network, a subnet with NodeCIDR, and a router
- connected to this subnet. If you leave this empty, no network will
- be created.
- type: string
- subnet:
- description: If NodeCIDR cannot be set this can be used to detect
- an existing subnet.
- properties:
- cidr:
- type: string
- description:
- type: string
- enableDhcp:
- type: boolean
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- networkId:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- subnetpoolId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- tags:
- description: Tags for all resources in cluster
- items:
- type: string
- type: array
- type: object
- status:
- description: OpenStackClusterStatus defines the observed state of OpenStackCluster.
- properties:
- bastion:
- properties:
- configDrive:
- type: boolean
- failureDomain:
- type: string
- flavor:
- type: string
- floatingIP:
- type: string
- id:
- type: string
- image:
- type: string
- ip:
- type: string
- metadata:
- additionalProperties:
- type: string
- type: object
- name:
- type: string
- networks:
- items:
- description: Network represents basic information about an OpenStack
- Neutron Network associated with an instance's port.
- properties:
- apiServerLoadBalancer:
- description: Be careful when using APIServerLoadBalancer,
- because this field is optional and therefore not set in
- all cases
- properties:
- id:
- type: string
- internalIP:
- type: string
- ip:
- type: string
- name:
- type: string
- required:
- - id
- - internalIP
- - ip
- - name
- type: object
- id:
- type: string
- name:
- type: string
- port:
- properties:
- adminStateUp:
- type: boolean
- allowedAddressPairs:
- items:
- properties:
- ipAddress:
- type: string
- macAddress:
- type: string
- type: object
- type: array
- description:
- type: string
- disablePortSecurity:
- description: DisablePortSecurity enables or disables
- the port security when set. When not set, it takes
- the value of the corresponding field at the network
- level.
- type: boolean
- fixedIPs:
- description: Specify pairs of subnet and/or IP address.
- These should be subnets of the network with the given
- NetworkID.
- items:
- properties:
- ipAddress:
- type: string
- subnetId:
- type: string
- required:
- - subnetId
- type: object
- type: array
- hostId:
- description: The ID of the host where the port is allocated
- type: string
- macAddress:
- type: string
- nameSuffix:
- description: Used to make the name of the port unique.
- If unspecified, instead the 0-based index of the port
- in the list is used.
- type: string
- networkId:
- description: ID of the OpenStack network on which to
- create the port. If unspecified, create the port on
- the default cluster network.
- type: string
- profile:
- additionalProperties:
- type: string
- description: A dictionary that enables the application
- running on the specified host to pass and receive
- virtual network interface (VIF) port-specific information
- to the plug-in.
- type: object
- projectId:
- type: string
- securityGroups:
- items:
- type: string
- type: array
- tags:
- description: Tags applied to the port (and corresponding
- trunk, if a trunk is configured.) These tags are applied
- in addition to the instance's tags, which will also
- be applied to the port.
- items:
- type: string
- type: array
- tenantId:
- type: string
- trunk:
- description: Enables and disables trunk at port level.
- If not provided, openStackMachine.Spec.Trunk is inherited.
- type: boolean
- vnicType:
- description: The virtual network interface card (vNIC)
- type that is bound to the neutron port.
- type: string
- type: object
- router:
- description: Router represents basic information about the
- associated OpenStack Neutron Router.
- properties:
- id:
- type: string
- name:
- type: string
- tags:
- items:
- type: string
- type: array
- required:
- - id
- - name
- type: object
- subnet:
- description: Subnet represents basic information about the
- associated OpenStack Neutron Subnet.
- properties:
- cidr:
- type: string
- id:
- type: string
- name:
- type: string
- tags:
- items:
- type: string
- type: array
- required:
- - cidr
- - id
- - name
- type: object
- tags:
- items:
- type: string
- type: array
- required:
- - id
- - name
- type: object
- type: array
- rootVolume:
- properties:
- deviceType:
- type: string
- diskSize:
- type: integer
- sourceType:
- type: string
- sourceUUID:
- type: string
- type: object
- securigyGroups:
- items:
- type: string
- type: array
- serverGroupID:
- type: string
- sshKeyName:
- type: string
- state:
- description: InstanceState describes the state of an OpenStack
- instance.
- type: string
- subnet:
- type: string
- tags:
- items:
- type: string
- type: array
- trunk:
- type: boolean
- userData:
- type: string
- type: object
- bastionSecurityGroup:
- description: SecurityGroup represents the basic information of the
- associated OpenStack Neutron Security Group.
- properties:
- id:
- type: string
- name:
- type: string
- rules:
- items:
- description: SecurityGroupRule represent the basic information
- of the associated OpenStack Security Group Role.
- properties:
- description:
- type: string
- direction:
- type: string
- etherType:
- type: string
- name:
- type: string
- portRangeMax:
- type: integer
- portRangeMin:
- type: integer
- protocol:
- type: string
- remoteGroupID:
- type: string
- remoteIPPrefix:
- type: string
- securityGroupID:
- type: string
- required:
- - description
- - direction
- - etherType
- - name
- - portRangeMax
- - portRangeMin
- - protocol
- - remoteGroupID
- - remoteIPPrefix
- - securityGroupID
- type: object
- type: array
- required:
- - id
- - name
- - rules
- type: object
- controlPlaneSecurityGroup:
- description: 'ControlPlaneSecurityGroups contains all the information
- about the OpenStack Security Group that needs to be applied to control
- plane nodes. TODO: Maybe instead of two properties, we add a property
- to the group?'
- properties:
- id:
- type: string
- name:
- type: string
- rules:
- items:
- description: SecurityGroupRule represent the basic information
- of the associated OpenStack Security Group Role.
- properties:
- description:
- type: string
- direction:
- type: string
- etherType:
- type: string
- name:
- type: string
- portRangeMax:
- type: integer
- portRangeMin:
- type: integer
- protocol:
- type: string
- remoteGroupID:
- type: string
- remoteIPPrefix:
- type: string
- securityGroupID:
- type: string
- required:
- - description
- - direction
- - etherType
- - name
- - portRangeMax
- - portRangeMin
- - protocol
- - remoteGroupID
- - remoteIPPrefix
- - securityGroupID
- type: object
- type: array
- required:
- - id
- - name
- - rules
- type: object
- externalNetwork:
- description: External Network contains information about the created
- OpenStack external network.
- properties:
- apiServerLoadBalancer:
- description: Be careful when using APIServerLoadBalancer, because
- this field is optional and therefore not set in all cases
- properties:
- id:
- type: string
- internalIP:
- type: string
- ip:
- type: string
- name:
- type: string
- required:
- - id
- - internalIP
- - ip
- - name
- type: object
- id:
- type: string
- name:
- type: string
- port:
- properties:
- adminStateUp:
- type: boolean
- allowedAddressPairs:
- items:
- properties:
- ipAddress:
- type: string
- macAddress:
- type: string
- type: object
- type: array
- description:
- type: string
- disablePortSecurity:
- description: DisablePortSecurity enables or disables the port
- security when set. When not set, it takes the value of the
- corresponding field at the network level.
- type: boolean
- fixedIPs:
- description: Specify pairs of subnet and/or IP address. These
- should be subnets of the network with the given NetworkID.
- items:
- properties:
- ipAddress:
- type: string
- subnetId:
- type: string
- required:
- - subnetId
- type: object
- type: array
- hostId:
- description: The ID of the host where the port is allocated
- type: string
- macAddress:
- type: string
- nameSuffix:
- description: Used to make the name of the port unique. If
- unspecified, instead the 0-based index of the port in the
- list is used.
- type: string
- networkId:
- description: ID of the OpenStack network on which to create
- the port. If unspecified, create the port on the default
- cluster network.
- type: string
- profile:
- additionalProperties:
- type: string
- description: A dictionary that enables the application running
- on the specified host to pass and receive virtual network
- interface (VIF) port-specific information to the plug-in.
- type: object
- projectId:
- type: string
- securityGroups:
- items:
- type: string
- type: array
- tags:
- description: Tags applied to the port (and corresponding trunk,
- if a trunk is configured.) These tags are applied in addition
- to the instance's tags, which will also be applied to the
- port.
- items:
- type: string
- type: array
- tenantId:
- type: string
- trunk:
- description: Enables and disables trunk at port level. If
- not provided, openStackMachine.Spec.Trunk is inherited.
- type: boolean
- vnicType:
- description: The virtual network interface card (vNIC) type
- that is bound to the neutron port.
- type: string
- type: object
- router:
- description: Router represents basic information about the associated
- OpenStack Neutron Router.
- properties:
- id:
- type: string
- name:
- type: string
- tags:
- items:
- type: string
- type: array
- required:
- - id
- - name
- type: object
- subnet:
- description: Subnet represents basic information about the associated
- OpenStack Neutron Subnet.
- properties:
- cidr:
- type: string
- id:
- type: string
- name:
- type: string
- tags:
- items:
- type: string
- type: array
- required:
- - cidr
- - id
- - name
- type: object
- tags:
- items:
- type: string
- type: array
- required:
- - id
- - name
- type: object
- failureDomains:
- additionalProperties:
- description: FailureDomainSpec is the Schema for Cluster API failure
- domains. It allows controllers to understand how many failure
- domains a cluster can optionally span across.
- properties:
- attributes:
- additionalProperties:
- type: string
- description: Attributes is a free form map of attributes an
- infrastructure provider might use or require.
- type: object
- controlPlane:
- description: ControlPlane determines if this failure domain
- is suitable for use by control plane machines.
- type: boolean
- type: object
- description: FailureDomains represent OpenStack availability zones
- type: object
- failureMessage:
- description: "FailureMessage will be set in the event that there is
- a terminal problem reconciling the OpenStackCluster and will contain
- a more verbose string suitable for logging and human consumption.
- \n This field should not be set for transitive errors that a controller
- faces that are expected to be fixed automatically over time (like
- service outages), but instead indicate that something is fundamentally
- wrong with the OpenStackCluster's spec or the configuration of the
- controller, and that manual intervention is required. Examples of
- terminal errors would be invalid combinations of settings in the
- spec, values that are unsupported by the controller, or the responsible
- controller itself being critically misconfigured. \n Any transient
- errors that occur during the reconciliation of OpenStackClusters
- can be added as events to the OpenStackCluster object and/or logged
- in the controller's output."
- type: string
- failureReason:
- description: "FailureReason will be set in the event that there is
- a terminal problem reconciling the OpenStackCluster and will contain
- a succinct value suitable for machine interpretation. \n This field
- should not be set for transitive errors that a controller faces
- that are expected to be fixed automatically over time (like service
- outages), but instead indicate that something is fundamentally wrong
- with the OpenStackCluster's spec or the configuration of the controller,
- and that manual intervention is required. Examples of terminal errors
- would be invalid combinations of settings in the spec, values that
- are unsupported by the controller, or the responsible controller
- itself being critically misconfigured. \n Any transient errors that
- occur during the reconciliation of OpenStackClusters can be added
- as events to the OpenStackCluster object and/or logged in the controller's
- output."
- type: string
- network:
- description: Network contains all information about the created OpenStack
- Network. It includes Subnets and Router.
- properties:
- apiServerLoadBalancer:
- description: Be careful when using APIServerLoadBalancer, because
- this field is optional and therefore not set in all cases
- properties:
- id:
- type: string
- internalIP:
- type: string
- ip:
- type: string
- name:
- type: string
- required:
- - id
- - internalIP
- - ip
- - name
- type: object
- id:
- type: string
- name:
- type: string
- port:
- properties:
- adminStateUp:
- type: boolean
- allowedAddressPairs:
- items:
- properties:
- ipAddress:
- type: string
- macAddress:
- type: string
- type: object
- type: array
- description:
- type: string
- disablePortSecurity:
- description: DisablePortSecurity enables or disables the port
- security when set. When not set, it takes the value of the
- corresponding field at the network level.
- type: boolean
- fixedIPs:
- description: Specify pairs of subnet and/or IP address. These
- should be subnets of the network with the given NetworkID.
- items:
- properties:
- ipAddress:
- type: string
- subnetId:
- type: string
- required:
- - subnetId
- type: object
- type: array
- hostId:
- description: The ID of the host where the port is allocated
- type: string
- macAddress:
- type: string
- nameSuffix:
- description: Used to make the name of the port unique. If
- unspecified, instead the 0-based index of the port in the
- list is used.
- type: string
- networkId:
- description: ID of the OpenStack network on which to create
- the port. If unspecified, create the port on the default
- cluster network.
- type: string
- profile:
- additionalProperties:
- type: string
- description: A dictionary that enables the application running
- on the specified host to pass and receive virtual network
- interface (VIF) port-specific information to the plug-in.
- type: object
- projectId:
- type: string
- securityGroups:
- items:
- type: string
- type: array
- tags:
- description: Tags applied to the port (and corresponding trunk,
- if a trunk is configured.) These tags are applied in addition
- to the instance's tags, which will also be applied to the
- port.
- items:
- type: string
- type: array
- tenantId:
- type: string
- trunk:
- description: Enables and disables trunk at port level. If
- not provided, openStackMachine.Spec.Trunk is inherited.
- type: boolean
- vnicType:
- description: The virtual network interface card (vNIC) type
- that is bound to the neutron port.
- type: string
- type: object
- router:
- description: Router represents basic information about the associated
- OpenStack Neutron Router.
- properties:
- id:
- type: string
- name:
- type: string
- tags:
- items:
- type: string
- type: array
- required:
- - id
- - name
- type: object
- subnet:
- description: Subnet represents basic information about the associated
- OpenStack Neutron Subnet.
- properties:
- cidr:
- type: string
- id:
- type: string
- name:
- type: string
- tags:
- items:
- type: string
- type: array
- required:
- - cidr
- - id
- - name
- type: object
- tags:
- items:
- type: string
- type: array
- required:
- - id
- - name
- type: object
- ready:
- type: boolean
- workerSecurityGroup:
- description: WorkerSecurityGroup contains all the information about
- the OpenStack Security Group that needs to be applied to worker
- nodes.
- properties:
- id:
- type: string
- name:
- type: string
- rules:
- items:
- description: SecurityGroupRule represent the basic information
- of the associated OpenStack Security Group Role.
- properties:
- description:
- type: string
- direction:
- type: string
- etherType:
- type: string
- name:
- type: string
- portRangeMax:
- type: integer
- portRangeMin:
- type: integer
- protocol:
- type: string
- remoteGroupID:
- type: string
- remoteIPPrefix:
- type: string
- securityGroupID:
- type: string
- required:
- - description
- - direction
- - etherType
- - name
- - portRangeMax
- - portRangeMin
- - protocol
- - remoteGroupID
- - remoteIPPrefix
- - securityGroupID
- type: object
- type: array
- required:
- - id
- - name
- - rules
- type: object
- required:
- - ready
- type: object
- type: object
- served: true
- storage: false
- subresources:
- status: {}
- - additionalPrinterColumns:
- - description: Cluster to which this OpenStackCluster belongs
- jsonPath: .metadata.labels.cluster\.x-k8s\.io/cluster-name
- name: Cluster
- type: string
- - description: Cluster infrastructure is ready for OpenStack instances
- jsonPath: .status.ready
- name: Ready
- type: string
- - description: Network the cluster is using
- jsonPath: .status.network.id
- name: Network
- type: string
- - description: Subnet the cluster is using
- jsonPath: .status.network.subnet.id
- name: Subnet
- type: string
- - description: API Endpoint
- jsonPath: .spec.controlPlaneEndpoint.host
- name: Endpoint
- priority: 1
- type: string
- - description: Bastion address for breakglass access
- jsonPath: .status.bastion.floatingIP
- name: Bastion IP
- type: string
- - description: Time duration since creation of OpenStackCluster
- jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1alpha5
- schema:
- openAPIV3Schema:
- description: OpenStackCluster is the Schema for the openstackclusters API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: OpenStackClusterSpec defines the desired state of OpenStackCluster.
- properties:
- allowAllInClusterTraffic:
- description: AllowAllInClusterTraffic is only used when managed security
- groups are in use. If set to true, the rules for the managed security
- groups are configured so that all ingress and egress between cluster
- nodes is permitted, allowing CNIs other than Calico to be used.
- type: boolean
- apiServerFixedIP:
- description: APIServerFixedIP is the fixed IP which will be associated
- with the API server. In the case where the API server has a floating
- IP but not a managed load balancer, this field is not used. If a
- managed load balancer is used and this field is not specified, a
- fixed IP will be dynamically allocated for the load balancer. If
- a managed load balancer is not used AND the API server floating
- IP is disabled, this field MUST be specified and should correspond
- to a pre-allocated port that holds the fixed IP to be used as a
- VIP.
- type: string
- apiServerFloatingIP:
- description: APIServerFloatingIP is the floatingIP which will be associated
- with the API server. The floatingIP will be created if it does not
- already exist. If not specified, a new floatingIP is allocated.
- This field is not used if DisableAPIServerFloatingIP is set to true.
- type: string
- apiServerLoadBalancer:
- description: 'APIServerLoadBalancer configures the optional LoadBalancer
- for the APIServer. It must be activated by setting `enabled: true`.'
- properties:
- additionalPorts:
- description: AdditionalPorts adds additional tcp ports to the
- load balancer.
- items:
- type: integer
- type: array
- allowedCidrs:
- description: AllowedCIDRs restrict access to all API-Server listeners
- to the given address CIDRs.
- items:
- type: string
- type: array
- enabled:
- description: Enabled defines whether a load balancer should be
- created.
- type: boolean
- type: object
- apiServerPort:
- description: APIServerPort is the port on which the listener on the
- APIServer will be created
- type: integer
- bastion:
- description: "Bastion is the OpenStack instance to login the nodes
- \n As a rolling update is not ideal during a bastion host session,
- we prevent changes to a running bastion configuration. Set `enabled:
- false` to make changes."
- properties:
- availabilityZone:
- type: string
- enabled:
- type: boolean
- instance:
- description: Instance for the bastion itself
- properties:
- cloudName:
- description: The name of the cloud to use from the clouds
- secret
- type: string
- configDrive:
- description: Config Drive support
- type: boolean
- flavor:
- description: The flavor reference for the flavor for your
- server instance.
- type: string
- floatingIP:
- description: The floatingIP which will be associated to the
- machine, only used for master. The floatingIP should have
- been created and haven't been associated.
- type: string
- identityRef:
- description: IdentityRef is a reference to a identity to be
- used when reconciling this cluster
- properties:
- kind:
- description: Kind of the identity. Must be supported by
- the infrastructure provider and may be either cluster
- or namespace-scoped.
- minLength: 1
- type: string
- name:
- description: Name of the infrastructure identity to be
- used. Must be either a cluster-scoped resource, or namespaced-scoped
- resource the same namespace as the resource(s) being
- provisioned.
- type: string
- required:
- - kind
- - name
- type: object
- image:
- description: The name of the image to use for your server
- instance. If the RootVolume is specified, this will be ignored
- and use rootVolume directly.
- type: string
- imageUUID:
- description: The uuid of the image to use for your server
- instance. if it's empty, Image name will be used
- type: string
- instanceID:
- description: InstanceID is the OpenStack instance ID for this
- machine.
- type: string
- networks:
- description: A networks object. Required parameter when there
- are multiple networks defined for the tenant. When you do
- not specify both networks and ports parameters, the server
- attaches to the only network created for the current tenant.
- items:
- properties:
- filter:
- description: Filters for optional network query
- properties:
- description:
- type: string
- id:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- fixedIP:
- description: A fixed IPv4 address for the NIC.
- type: string
- subnets:
- description: Subnet within a network to use
- items:
- properties:
- filter:
- description: Filters for optional subnet query
- properties:
- cidr:
- type: string
- description:
- type: string
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- uuid:
- description: Optional UUID of the subnet. If specified
- this will not be validated prior to server creation.
- If specified, the enclosing `NetworkParam` must
- also be specified by UUID.
- type: string
- type: object
- type: array
- uuid:
- description: Optional UUID of the network. If specified
- this will not be validated prior to server creation.
- Required if `Subnets` specifies a subnet by UUID.
- type: string
- type: object
- type: array
- ports:
- description: Ports to be attached to the server instance.
- They are created if a port with the given name does not
- already exist. When you do not specify both networks and
- ports parameters, the server attaches to the only network
- created for the current tenant.
- items:
- properties:
- adminStateUp:
- type: boolean
- allowedAddressPairs:
- items:
- properties:
- ipAddress:
- type: string
- macAddress:
- type: string
- type: object
- type: array
- description:
- type: string
- disablePortSecurity:
- description: DisablePortSecurity enables or disables
- the port security when set. When not set, it takes
- the value of the corresponding field at the network
- level.
- type: boolean
- fixedIPs:
- description: Specify pairs of subnet and/or IP address.
- These should be subnets of the network with the given
- NetworkID.
- items:
- properties:
- ipAddress:
- type: string
- subnet:
- description: Subnet is an openstack subnet query
- that will return the id of a subnet to create
- the fixed IP of a port in. This query must not
- return more than one subnet.
- properties:
- cidr:
- type: string
- description:
- type: string
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- required:
- - subnet
- type: object
- type: array
- hostId:
- description: The ID of the host where the port is allocated
- type: string
- macAddress:
- type: string
- nameSuffix:
- description: Used to make the name of the port unique.
- If unspecified, instead the 0-based index of the port
- in the list is used.
- type: string
- network:
- description: Network is a query for an openstack network
- that the port will be created or discovered on. This
- will fail if the query returns more than one network.
- properties:
- description:
- type: string
- id:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- profile:
- additionalProperties:
- type: string
- description: A dictionary that enables the application
- running on the specified host to pass and receive
- virtual network interface (VIF) port-specific information
- to the plug-in.
- type: object
- projectId:
- type: string
- securityGroupFilters:
- description: The names, uuids, filters or any combination
- these of the security groups to assign to the instance
- items:
- properties:
- filter:
- description: Filters used to query security groups
- in openstack
- properties:
- description:
- type: string
- id:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- name:
- description: Security Group name
- type: string
- uuid:
- description: Security Group UID
- type: string
- type: object
- type: array
- securityGroups:
- description: The uuids of the security groups to assign
- to the instance
- items:
- type: string
- type: array
- tags:
- description: Tags applied to the port (and corresponding
- trunk, if a trunk is configured.) These tags are applied
- in addition to the instance's tags, which will also
- be applied to the port.
- items:
- type: string
- type: array
- tenantId:
- type: string
- trunk:
- description: Enables and disables trunk at port level.
- If not provided, openStackMachine.Spec.Trunk is inherited.
- type: boolean
- vnicType:
- description: The virtual network interface card (vNIC)
- type that is bound to the neutron port.
- type: string
- type: object
- type: array
- providerID:
- description: ProviderID is the unique identifier as specified
- by the cloud provider.
- type: string
- rootVolume:
- description: The volume metadata to boot from
- properties:
- availabilityZone:
- type: string
- diskSize:
- type: integer
- volumeType:
- type: string
- type: object
- securityGroups:
- description: The names of the security groups to assign to
- the instance
- items:
- properties:
- filter:
- description: Filters used to query security groups in
- openstack
- properties:
- description:
- type: string
- id:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- name:
- description: Security Group name
- type: string
- uuid:
- description: Security Group UID
- type: string
- type: object
- type: array
- serverGroupID:
- description: The server group to assign the machine to
- type: string
- serverMetadata:
- additionalProperties:
- type: string
- description: Metadata mapping. Allows you to create a map
- of key value pairs to add to the server instance.
- type: object
- sshKeyName:
- description: The ssh key to inject in the instance
- type: string
- subnet:
- description: UUID, IP address of a port from this subnet will
- be marked as AccessIPv4 on the created compute instance
- type: string
- tags:
- description: Machine tags Requires Nova api 2.52 minimum!
- items:
- type: string
- type: array
- trunk:
- description: Whether the server instance is created on a trunk
- port or not.
- type: boolean
- required:
- - flavor
- type: object
- type: object
- cloudName:
- description: The name of the cloud to use from the clouds secret
- type: string
- controlPlaneAvailabilityZones:
- description: ControlPlaneAvailabilityZones is the az to deploy control
- plane to
- items:
- type: string
- type: array
- controlPlaneEndpoint:
- description: ControlPlaneEndpoint represents the endpoint used to
- communicate with the control plane.
- properties:
- host:
- description: The hostname on which the API server is serving.
- type: string
- port:
- description: The port on which the API server is serving.
- format: int32
- type: integer
- required:
- - host
- - port
- type: object
- disableAPIServerFloatingIP:
- description: DisableAPIServerFloatingIP determines whether or not
- to attempt to attach a floating IP to the API server. This allows
- for the creation of clusters when attaching a floating IP to the
- API server (and hence, in many cases, exposing the API server to
- the internet) is not possible or desirable, e.g. if using a shared
- VLAN for communication between management and workload clusters
- or when the management cluster is inside the project network. This
- option requires that the API server use a VIP on the cluster network
- so that the underlying machines can change without changing ControlPlaneEndpoint.Host.
- When using a managed load balancer, this VIP will be managed automatically.
- If not using a managed load balancer, cluster configuration will
- fail without additional configuration to manage the VIP on the control
- plane machines, which falls outside of the scope of this controller.
- type: boolean
- disablePortSecurity:
- description: DisablePortSecurity disables the port security of the
- network created for the Kubernetes cluster, which also disables
- SecurityGroups
- type: boolean
- dnsNameservers:
- description: DNSNameservers is the list of nameservers for OpenStack
- Subnet being created. Set this value when you need create a new
- network/subnet while the access through DNS is required.
- items:
- type: string
- type: array
- externalNetworkId:
- description: ExternalNetworkID is the ID of an external OpenStack
- Network. This is necessary to get public internet to the VMs.
- type: string
- externalRouterIPs:
- description: ExternalRouterIPs is an array of externalIPs on the respective
- subnets. This is necessary if the router needs a fixed ip in a specific
- subnet.
- items:
- properties:
- fixedIP:
- description: The FixedIP in the corresponding subnet
- type: string
- subnet:
- description: The subnet in which the FixedIP is used for the
- Gateway of this router
- properties:
- filter:
- description: Filters for optional subnet query
- properties:
- cidr:
- type: string
- description:
- type: string
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- uuid:
- description: Optional UUID of the subnet. If specified this
- will not be validated prior to server creation. If specified,
- the enclosing `NetworkParam` must also be specified by
- UUID.
- type: string
- type: object
- required:
- - subnet
- type: object
- type: array
- identityRef:
- description: IdentityRef is a reference to a identity to be used when
- reconciling this cluster
- properties:
- kind:
- description: Kind of the identity. Must be supported by the infrastructure
- provider and may be either cluster or namespace-scoped.
- minLength: 1
- type: string
- name:
- description: Name of the infrastructure identity to be used. Must
- be either a cluster-scoped resource, or namespaced-scoped resource
- the same namespace as the resource(s) being provisioned.
- type: string
- required:
- - kind
- - name
- type: object
- managedSecurityGroups:
- description: ManagedSecurityGroups determines whether OpenStack security
- groups for the cluster will be managed by the OpenStack provider
- or whether pre-existing security groups will be specified as part
- of the configuration. By default, the managed security groups have
- rules that allow the Kubelet, etcd, the Kubernetes API server and
- the Calico CNI plugin to function correctly.
- type: boolean
- network:
- description: If NodeCIDR cannot be set this can be used to detect
- an existing network.
- properties:
- description:
- type: string
- id:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- nodeCidr:
- description: NodeCIDR is the OpenStack Subnet to be created. Cluster
- actuator will create a network, a subnet with NodeCIDR, and a router
- connected to this subnet. If you leave this empty, no network will
- be created.
- type: string
- subnet:
- description: If NodeCIDR cannot be set this can be used to detect
- an existing subnet.
- properties:
- cidr:
- type: string
- description:
- type: string
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- tags:
- description: Tags for all resources in cluster
- items:
- type: string
- type: array
- type: object
- status:
- description: OpenStackClusterStatus defines the observed state of OpenStackCluster.
- properties:
- bastion:
- properties:
- configDrive:
- type: boolean
- failureDomain:
- type: string
- flavor:
- type: string
- floatingIP:
- type: string
- id:
- type: string
- image:
- type: string
- imageUUID:
- type: string
- ip:
- type: string
- metadata:
- additionalProperties:
- type: string
- type: object
- name:
- type: string
- networks:
- items:
- description: Network represents basic information about an OpenStack
- Neutron Network associated with an instance's port.
- properties:
- apiServerLoadBalancer:
- description: Be careful when using APIServerLoadBalancer,
- because this field is optional and therefore not set in
- all cases
- properties:
- allowedCIDRs:
- items:
- type: string
- type: array
- id:
- type: string
- internalIP:
- type: string
- ip:
- type: string
- name:
- type: string
- required:
- - id
- - internalIP
- - ip
- - name
- type: object
- id:
- type: string
- name:
- type: string
- port:
- properties:
- adminStateUp:
- type: boolean
- allowedAddressPairs:
- items:
- properties:
- ipAddress:
- type: string
- macAddress:
- type: string
- type: object
- type: array
- description:
- type: string
- disablePortSecurity:
- description: DisablePortSecurity enables or disables
- the port security when set. When not set, it takes
- the value of the corresponding field at the network
- level.
- type: boolean
- fixedIPs:
- description: Specify pairs of subnet and/or IP address.
- These should be subnets of the network with the given
- NetworkID.
- items:
- properties:
- ipAddress:
- type: string
- subnet:
- description: Subnet is an openstack subnet query
- that will return the id of a subnet to create
- the fixed IP of a port in. This query must not
- return more than one subnet.
- properties:
- cidr:
- type: string
- description:
- type: string
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- required:
- - subnet
- type: object
- type: array
- hostId:
- description: The ID of the host where the port is allocated
- type: string
- macAddress:
- type: string
- nameSuffix:
- description: Used to make the name of the port unique.
- If unspecified, instead the 0-based index of the port
- in the list is used.
- type: string
- network:
- description: Network is a query for an openstack network
- that the port will be created or discovered on. This
- will fail if the query returns more than one network.
- properties:
- description:
- type: string
- id:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- profile:
- additionalProperties:
- type: string
- description: A dictionary that enables the application
- running on the specified host to pass and receive
- virtual network interface (VIF) port-specific information
- to the plug-in.
- type: object
- projectId:
- type: string
- securityGroupFilters:
- description: The names, uuids, filters or any combination
- these of the security groups to assign to the instance
- items:
- properties:
- filter:
- description: Filters used to query security groups
- in openstack
- properties:
- description:
- type: string
- id:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- name:
- description: Security Group name
- type: string
- uuid:
- description: Security Group UID
- type: string
- type: object
- type: array
- securityGroups:
- description: The uuids of the security groups to assign
- to the instance
- items:
- type: string
- type: array
- tags:
- description: Tags applied to the port (and corresponding
- trunk, if a trunk is configured.) These tags are applied
- in addition to the instance's tags, which will also
- be applied to the port.
- items:
- type: string
- type: array
- tenantId:
- type: string
- trunk:
- description: Enables and disables trunk at port level.
- If not provided, openStackMachine.Spec.Trunk is inherited.
- type: boolean
- vnicType:
- description: The virtual network interface card (vNIC)
- type that is bound to the neutron port.
- type: string
- type: object
- router:
- description: Router represents basic information about the
- associated OpenStack Neutron Router.
- properties:
- id:
- type: string
- ips:
- items:
- type: string
- type: array
- name:
- type: string
- tags:
- items:
- type: string
- type: array
- required:
- - id
- - name
- type: object
- subnet:
- description: Subnet represents basic information about the
- associated OpenStack Neutron Subnet.
- properties:
- cidr:
- type: string
- id:
- type: string
- name:
- type: string
- tags:
- items:
- type: string
- type: array
- required:
- - cidr
- - id
- - name
- type: object
- tags:
- items:
- type: string
- type: array
- required:
- - id
- - name
- type: object
- type: array
- rootVolume:
- properties:
- availabilityZone:
- type: string
- diskSize:
- type: integer
- volumeType:
- type: string
- type: object
- securigyGroups:
- items:
- type: string
- type: array
- serverGroupID:
- type: string
- sshKeyName:
- type: string
- state:
- description: InstanceState describes the state of an OpenStack
- instance.
- type: string
- subnet:
- type: string
- tags:
- items:
- type: string
- type: array
- trunk:
- type: boolean
- userData:
- type: string
- type: object
- bastionSecurityGroup:
- description: SecurityGroup represents the basic information of the
- associated OpenStack Neutron Security Group.
- properties:
- id:
- type: string
- name:
- type: string
- rules:
- items:
- description: SecurityGroupRule represent the basic information
- of the associated OpenStack Security Group Role.
- properties:
- description:
- type: string
- direction:
- type: string
- etherType:
- type: string
- name:
- type: string
- portRangeMax:
- type: integer
- portRangeMin:
- type: integer
- protocol:
- type: string
- remoteGroupID:
- type: string
- remoteIPPrefix:
- type: string
- securityGroupID:
- type: string
- required:
- - description
- - direction
- - etherType
- - name
- - portRangeMax
- - portRangeMin
- - protocol
- - remoteGroupID
- - remoteIPPrefix
- - securityGroupID
- type: object
- type: array
- required:
- - id
- - name
- - rules
- type: object
- controlPlaneSecurityGroup:
- description: 'ControlPlaneSecurityGroups contains all the information
- about the OpenStack Security Group that needs to be applied to control
- plane nodes. TODO: Maybe instead of two properties, we add a property
- to the group?'
- properties:
- id:
- type: string
- name:
- type: string
- rules:
- items:
- description: SecurityGroupRule represent the basic information
- of the associated OpenStack Security Group Role.
- properties:
- description:
- type: string
- direction:
- type: string
- etherType:
- type: string
- name:
- type: string
- portRangeMax:
- type: integer
- portRangeMin:
- type: integer
- protocol:
- type: string
- remoteGroupID:
- type: string
- remoteIPPrefix:
- type: string
- securityGroupID:
- type: string
- required:
- - description
- - direction
- - etherType
- - name
- - portRangeMax
- - portRangeMin
- - protocol
- - remoteGroupID
- - remoteIPPrefix
- - securityGroupID
- type: object
- type: array
- required:
- - id
- - name
- - rules
- type: object
- externalNetwork:
- description: External Network contains information about the created
- OpenStack external network.
- properties:
- apiServerLoadBalancer:
- description: Be careful when using APIServerLoadBalancer, because
- this field is optional and therefore not set in all cases
- properties:
- allowedCIDRs:
- items:
- type: string
- type: array
- id:
- type: string
- internalIP:
- type: string
- ip:
- type: string
- name:
- type: string
- required:
- - id
- - internalIP
- - ip
- - name
- type: object
- id:
- type: string
- name:
- type: string
- port:
- properties:
- adminStateUp:
- type: boolean
- allowedAddressPairs:
- items:
- properties:
- ipAddress:
- type: string
- macAddress:
- type: string
- type: object
- type: array
- description:
- type: string
- disablePortSecurity:
- description: DisablePortSecurity enables or disables the port
- security when set. When not set, it takes the value of the
- corresponding field at the network level.
- type: boolean
- fixedIPs:
- description: Specify pairs of subnet and/or IP address. These
- should be subnets of the network with the given NetworkID.
- items:
- properties:
- ipAddress:
- type: string
- subnet:
- description: Subnet is an openstack subnet query that
- will return the id of a subnet to create the fixed
- IP of a port in. This query must not return more than
- one subnet.
- properties:
- cidr:
- type: string
- description:
- type: string
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- required:
- - subnet
- type: object
- type: array
- hostId:
- description: The ID of the host where the port is allocated
- type: string
- macAddress:
- type: string
- nameSuffix:
- description: Used to make the name of the port unique. If
- unspecified, instead the 0-based index of the port in the
- list is used.
- type: string
- network:
- description: Network is a query for an openstack network that
- the port will be created or discovered on. This will fail
- if the query returns more than one network.
- properties:
- description:
- type: string
- id:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- profile:
- additionalProperties:
- type: string
- description: A dictionary that enables the application running
- on the specified host to pass and receive virtual network
- interface (VIF) port-specific information to the plug-in.
- type: object
- projectId:
- type: string
- securityGroupFilters:
- description: The names, uuids, filters or any combination
- these of the security groups to assign to the instance
- items:
- properties:
- filter:
- description: Filters used to query security groups in
- openstack
- properties:
- description:
- type: string
- id:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- name:
- description: Security Group name
- type: string
- uuid:
- description: Security Group UID
- type: string
- type: object
- type: array
- securityGroups:
- description: The uuids of the security groups to assign to
- the instance
- items:
- type: string
- type: array
- tags:
- description: Tags applied to the port (and corresponding trunk,
- if a trunk is configured.) These tags are applied in addition
- to the instance's tags, which will also be applied to the
- port.
- items:
- type: string
- type: array
- tenantId:
- type: string
- trunk:
- description: Enables and disables trunk at port level. If
- not provided, openStackMachine.Spec.Trunk is inherited.
- type: boolean
- vnicType:
- description: The virtual network interface card (vNIC) type
- that is bound to the neutron port.
- type: string
- type: object
- router:
- description: Router represents basic information about the associated
- OpenStack Neutron Router.
- properties:
- id:
- type: string
- ips:
- items:
- type: string
- type: array
- name:
- type: string
- tags:
- items:
- type: string
- type: array
- required:
- - id
- - name
- type: object
- subnet:
- description: Subnet represents basic information about the associated
- OpenStack Neutron Subnet.
- properties:
- cidr:
- type: string
- id:
- type: string
- name:
- type: string
- tags:
- items:
- type: string
- type: array
- required:
- - cidr
- - id
- - name
- type: object
- tags:
- items:
- type: string
- type: array
- required:
- - id
- - name
- type: object
- failureDomains:
- additionalProperties:
- description: FailureDomainSpec is the Schema for Cluster API failure
- domains. It allows controllers to understand how many failure
- domains a cluster can optionally span across.
- properties:
- attributes:
- additionalProperties:
- type: string
- description: Attributes is a free form map of attributes an
- infrastructure provider might use or require.
- type: object
- controlPlane:
- description: ControlPlane determines if this failure domain
- is suitable for use by control plane machines.
- type: boolean
- type: object
- description: FailureDomains represent OpenStack availability zones
- type: object
- failureMessage:
- description: "FailureMessage will be set in the event that there is
- a terminal problem reconciling the OpenStackCluster and will contain
- a more verbose string suitable for logging and human consumption.
- \n This field should not be set for transitive errors that a controller
- faces that are expected to be fixed automatically over time (like
- service outages), but instead indicate that something is fundamentally
- wrong with the OpenStackCluster's spec or the configuration of the
- controller, and that manual intervention is required. Examples of
- terminal errors would be invalid combinations of settings in the
- spec, values that are unsupported by the controller, or the responsible
- controller itself being critically misconfigured. \n Any transient
- errors that occur during the reconciliation of OpenStackClusters
- can be added as events to the OpenStackCluster object and/or logged
- in the controller's output."
- type: string
- failureReason:
- description: "FailureReason will be set in the event that there is
- a terminal problem reconciling the OpenStackCluster and will contain
- a succinct value suitable for machine interpretation. \n This field
- should not be set for transitive errors that a controller faces
- that are expected to be fixed automatically over time (like service
- outages), but instead indicate that something is fundamentally wrong
- with the OpenStackCluster's spec or the configuration of the controller,
- and that manual intervention is required. Examples of terminal errors
- would be invalid combinations of settings in the spec, values that
- are unsupported by the controller, or the responsible controller
- itself being critically misconfigured. \n Any transient errors that
- occur during the reconciliation of OpenStackClusters can be added
- as events to the OpenStackCluster object and/or logged in the controller's
- output."
- type: string
- network:
- description: Network contains all information about the created OpenStack
- Network. It includes Subnets and Router.
- properties:
- apiServerLoadBalancer:
- description: Be careful when using APIServerLoadBalancer, because
- this field is optional and therefore not set in all cases
- properties:
- allowedCIDRs:
- items:
- type: string
- type: array
- id:
- type: string
- internalIP:
- type: string
- ip:
- type: string
- name:
- type: string
- required:
- - id
- - internalIP
- - ip
- - name
- type: object
- id:
- type: string
- name:
- type: string
- port:
- properties:
- adminStateUp:
- type: boolean
- allowedAddressPairs:
- items:
- properties:
- ipAddress:
- type: string
- macAddress:
- type: string
- type: object
- type: array
- description:
- type: string
- disablePortSecurity:
- description: DisablePortSecurity enables or disables the port
- security when set. When not set, it takes the value of the
- corresponding field at the network level.
- type: boolean
- fixedIPs:
- description: Specify pairs of subnet and/or IP address. These
- should be subnets of the network with the given NetworkID.
- items:
- properties:
- ipAddress:
- type: string
- subnet:
- description: Subnet is an openstack subnet query that
- will return the id of a subnet to create the fixed
- IP of a port in. This query must not return more than
- one subnet.
- properties:
- cidr:
- type: string
- description:
- type: string
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- required:
- - subnet
- type: object
- type: array
- hostId:
- description: The ID of the host where the port is allocated
- type: string
- macAddress:
- type: string
- nameSuffix:
- description: Used to make the name of the port unique. If
- unspecified, instead the 0-based index of the port in the
- list is used.
- type: string
- network:
- description: Network is a query for an openstack network that
- the port will be created or discovered on. This will fail
- if the query returns more than one network.
- properties:
- description:
- type: string
- id:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- profile:
- additionalProperties:
- type: string
- description: A dictionary that enables the application running
- on the specified host to pass and receive virtual network
- interface (VIF) port-specific information to the plug-in.
- type: object
- projectId:
- type: string
- securityGroupFilters:
- description: The names, uuids, filters or any combination
- these of the security groups to assign to the instance
- items:
- properties:
- filter:
- description: Filters used to query security groups in
- openstack
- properties:
- description:
- type: string
- id:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- name:
- description: Security Group name
- type: string
- uuid:
- description: Security Group UID
- type: string
- type: object
- type: array
- securityGroups:
- description: The uuids of the security groups to assign to
- the instance
- items:
- type: string
- type: array
- tags:
- description: Tags applied to the port (and corresponding trunk,
- if a trunk is configured.) These tags are applied in addition
- to the instance's tags, which will also be applied to the
- port.
- items:
- type: string
- type: array
- tenantId:
- type: string
- trunk:
- description: Enables and disables trunk at port level. If
- not provided, openStackMachine.Spec.Trunk is inherited.
- type: boolean
- vnicType:
- description: The virtual network interface card (vNIC) type
- that is bound to the neutron port.
- type: string
- type: object
- router:
- description: Router represents basic information about the associated
- OpenStack Neutron Router.
- properties:
- id:
- type: string
- ips:
- items:
- type: string
- type: array
- name:
- type: string
- tags:
- items:
- type: string
- type: array
- required:
- - id
- - name
- type: object
- subnet:
- description: Subnet represents basic information about the associated
- OpenStack Neutron Subnet.
- properties:
- cidr:
- type: string
- id:
- type: string
- name:
- type: string
- tags:
- items:
- type: string
- type: array
- required:
- - cidr
- - id
- - name
- type: object
- tags:
- items:
- type: string
- type: array
- required:
- - id
- - name
- type: object
- ready:
- type: boolean
- workerSecurityGroup:
- description: WorkerSecurityGroup contains all the information about
- the OpenStack Security Group that needs to be applied to worker
- nodes.
- properties:
- id:
- type: string
- name:
- type: string
- rules:
- items:
- description: SecurityGroupRule represent the basic information
- of the associated OpenStack Security Group Role.
- properties:
- description:
- type: string
- direction:
- type: string
- etherType:
- type: string
- name:
- type: string
- portRangeMax:
- type: integer
- portRangeMin:
- type: integer
- protocol:
- type: string
- remoteGroupID:
- type: string
- remoteIPPrefix:
- type: string
- securityGroupID:
- type: string
- required:
- - description
- - direction
- - etherType
- - name
- - portRangeMax
- - portRangeMin
- - protocol
- - remoteGroupID
- - remoteIPPrefix
- - securityGroupID
- type: object
- type: array
- required:
- - id
- - name
- - rules
- type: object
- required:
- - ready
- type: object
- type: object
- served: true
- storage: false
- subresources:
- status: {}
- - additionalPrinterColumns:
- - description: Cluster to which this OpenStackCluster belongs
- jsonPath: .metadata.labels.cluster\.x-k8s\.io/cluster-name
- name: Cluster
- type: string
- - description: Cluster infrastructure is ready for OpenStack instances
- jsonPath: .status.ready
- name: Ready
- type: string
- - description: Network the cluster is using
- jsonPath: .status.network.id
- name: Network
- type: string
- - description: Subnet the cluster is using
- jsonPath: .status.network.subnet.id
- name: Subnet
- type: string
- - description: API Endpoint
- jsonPath: .spec.controlPlaneEndpoint.host
- name: Endpoint
- priority: 1
- type: string
- - description: Bastion address for breakglass access
- jsonPath: .status.bastion.floatingIP
- name: Bastion IP
- type: string
- - description: Time duration since creation of OpenStackCluster
- jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1alpha6
- schema:
- openAPIV3Schema:
- description: OpenStackCluster is the Schema for the openstackclusters API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: OpenStackClusterSpec defines the desired state of OpenStackCluster.
- properties:
- allowAllInClusterTraffic:
- description: AllowAllInClusterTraffic is only used when managed security
- groups are in use. If set to true, the rules for the managed security
- groups are configured so that all ingress and egress between cluster
- nodes is permitted, allowing CNIs other than Calico to be used.
- type: boolean
- apiServerFixedIP:
- description: APIServerFixedIP is the fixed IP which will be associated
- with the API server. In the case where the API server has a floating
- IP but not a managed load balancer, this field is not used. If a
- managed load balancer is used and this field is not specified, a
- fixed IP will be dynamically allocated for the load balancer. If
- a managed load balancer is not used AND the API server floating
- IP is disabled, this field MUST be specified and should correspond
- to a pre-allocated port that holds the fixed IP to be used as a
- VIP.
- type: string
- apiServerFloatingIP:
- description: APIServerFloatingIP is the floatingIP which will be associated
- with the API server. The floatingIP will be created if it does not
- already exist. If not specified, a new floatingIP is allocated.
- This field is not used if DisableAPIServerFloatingIP is set to true.
- type: string
- apiServerLoadBalancer:
- description: 'APIServerLoadBalancer configures the optional LoadBalancer
- for the APIServer. It must be activated by setting `enabled: true`.'
- properties:
- additionalPorts:
- description: AdditionalPorts adds additional tcp ports to the
- load balancer.
- items:
- type: integer
- type: array
- allowedCidrs:
- description: AllowedCIDRs restrict access to all API-Server listeners
- to the given address CIDRs.
- items:
- type: string
- type: array
- enabled:
- description: Enabled defines whether a load balancer should be
- created.
- type: boolean
- type: object
- apiServerPort:
- description: APIServerPort is the port on which the listener on the
- APIServer will be created
- type: integer
- bastion:
- description: "Bastion is the OpenStack instance to login the nodes
- \n As a rolling update is not ideal during a bastion host session,
- we prevent changes to a running bastion configuration. Set `enabled:
- false` to make changes."
- properties:
- availabilityZone:
- type: string
- enabled:
- type: boolean
- instance:
- description: Instance for the bastion itself
- properties:
- cloudName:
- description: The name of the cloud to use from the clouds
- secret
- type: string
- configDrive:
- description: Config Drive support
- type: boolean
- flavor:
- description: The flavor reference for the flavor for your
- server instance.
- type: string
- floatingIP:
- description: The floatingIP which will be associated to the
- machine, only used for master. The floatingIP should have
- been created and haven't been associated.
- type: string
- identityRef:
- description: IdentityRef is a reference to a identity to be
- used when reconciling this cluster
- properties:
- kind:
- description: Kind of the identity. Must be supported by
- the infrastructure provider and may be either cluster
- or namespace-scoped.
- minLength: 1
- type: string
- name:
- description: Name of the infrastructure identity to be
- used. Must be either a cluster-scoped resource, or namespaced-scoped
- resource the same namespace as the resource(s) being
- provisioned.
- type: string
- required:
- - kind
- - name
- type: object
- image:
- description: The name of the image to use for your server
- instance. If the RootVolume is specified, this will be ignored
- and use rootVolume directly.
- type: string
- imageUUID:
- description: The uuid of the image to use for your server
- instance. if it's empty, Image name will be used
- type: string
- instanceID:
- description: InstanceID is the OpenStack instance ID for this
- machine.
- type: string
- networks:
- description: A networks object. Required parameter when there
- are multiple networks defined for the tenant. When you do
- not specify both networks and ports parameters, the server
- attaches to the only network created for the current tenant.
- items:
- properties:
- filter:
- description: Filters for optional network query
- properties:
- description:
- type: string
- id:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- fixedIP:
- description: A fixed IPv4 address for the NIC.
- type: string
- subnets:
- description: Subnet within a network to use
- items:
- properties:
- filter:
- description: Filters for optional subnet query
- properties:
- cidr:
- type: string
- description:
- type: string
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- uuid:
- description: Optional UUID of the subnet. If specified
- this will not be validated prior to server creation.
- If specified, the enclosing `NetworkParam` must
- also be specified by UUID.
- type: string
- type: object
- type: array
- uuid:
- description: Optional UUID of the network. If specified
- this will not be validated prior to server creation.
- Required if `Subnets` specifies a subnet by UUID.
- type: string
- type: object
- type: array
- ports:
- description: Ports to be attached to the server instance.
- They are created if a port with the given name does not
- already exist. When you do not specify both networks and
- ports parameters, the server attaches to the only network
- created for the current tenant.
- items:
- properties:
- adminStateUp:
- type: boolean
- allowedAddressPairs:
- items:
- properties:
- ipAddress:
- type: string
- macAddress:
- type: string
- type: object
- type: array
- description:
- type: string
- disablePortSecurity:
- description: DisablePortSecurity enables or disables
- the port security when set. When not set, it takes
- the value of the corresponding field at the network
- level.
- type: boolean
- fixedIPs:
- description: Specify pairs of subnet and/or IP address.
- These should be subnets of the network with the given
- NetworkID.
- items:
- properties:
- ipAddress:
- type: string
- subnet:
- description: Subnet is an openstack subnet query
- that will return the id of a subnet to create
- the fixed IP of a port in. This query must not
- return more than one subnet.
- properties:
- cidr:
- type: string
- description:
- type: string
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- required:
- - subnet
- type: object
- type: array
- hostId:
- description: The ID of the host where the port is allocated
- type: string
- macAddress:
- type: string
- nameSuffix:
- description: Used to make the name of the port unique.
- If unspecified, instead the 0-based index of the port
- in the list is used.
- type: string
- network:
- description: Network is a query for an openstack network
- that the port will be created or discovered on. This
- will fail if the query returns more than one network.
- properties:
- description:
- type: string
- id:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- profile:
- additionalProperties:
- type: string
- description: A dictionary that enables the application
- running on the specified host to pass and receive
- virtual network interface (VIF) port-specific information
- to the plug-in.
- type: object
- projectId:
- type: string
- securityGroupFilters:
- description: The names, uuids, filters or any combination
- these of the security groups to assign to the instance
- items:
- properties:
- filter:
- description: Filters used to query security groups
- in openstack
- properties:
- description:
- type: string
- id:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- name:
- description: Security Group name
- type: string
- uuid:
- description: Security Group UID
- type: string
- type: object
- type: array
- securityGroups:
- description: The uuids of the security groups to assign
- to the instance
- items:
- type: string
- type: array
- x-kubernetes-list-type: set
- tags:
- description: Tags applied to the port (and corresponding
- trunk, if a trunk is configured.) These tags are applied
- in addition to the instance's tags, which will also
- be applied to the port.
- items:
- type: string
- type: array
- x-kubernetes-list-type: set
- tenantId:
- type: string
- trunk:
- description: Enables and disables trunk at port level.
- If not provided, openStackMachine.Spec.Trunk is inherited.
- type: boolean
- vnicType:
- description: The virtual network interface card (vNIC)
- type that is bound to the neutron port.
- type: string
- type: object
- type: array
- providerID:
- description: ProviderID is the unique identifier as specified
- by the cloud provider.
- type: string
- rootVolume:
- description: The volume metadata to boot from
- properties:
- availabilityZone:
- type: string
- diskSize:
- type: integer
- volumeType:
- type: string
- type: object
- securityGroups:
- description: The names of the security groups to assign to
- the instance
- items:
- properties:
- filter:
- description: Filters used to query security groups in
- openstack
- properties:
- description:
- type: string
- id:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- name:
- description: Security Group name
- type: string
- uuid:
- description: Security Group UID
- type: string
- type: object
- type: array
- serverGroupID:
- description: The server group to assign the machine to
- type: string
- serverMetadata:
- additionalProperties:
- type: string
- description: Metadata mapping. Allows you to create a map
- of key value pairs to add to the server instance.
- type: object
- sshKeyName:
- description: The ssh key to inject in the instance
- type: string
- subnet:
- description: UUID, IP address of a port from this subnet will
- be marked as AccessIPv4 on the created compute instance
- type: string
- tags:
- description: Machine tags Requires Nova api 2.52 minimum!
- items:
- type: string
- type: array
- x-kubernetes-list-type: set
- trunk:
- description: Whether the server instance is created on a trunk
- port or not.
- type: boolean
- required:
- - flavor
- type: object
- type: object
- cloudName:
- description: The name of the cloud to use from the clouds secret
- type: string
- controlPlaneAvailabilityZones:
- description: ControlPlaneAvailabilityZones is the az to deploy control
- plane to
- items:
- type: string
- type: array
- x-kubernetes-list-type: set
- controlPlaneEndpoint:
- description: ControlPlaneEndpoint represents the endpoint used to
- communicate with the control plane.
- properties:
- host:
- description: The hostname on which the API server is serving.
- type: string
- port:
- description: The port on which the API server is serving.
- format: int32
- type: integer
- required:
- - host
- - port
- type: object
- controlPlaneOmitAvailabilityZone:
- description: Indicates whether to omit the az for control plane nodes,
- allowing the Nova scheduler to make a decision on which az to use
- based on other scheduling constraints
- type: boolean
- disableAPIServerFloatingIP:
- description: DisableAPIServerFloatingIP determines whether or not
- to attempt to attach a floating IP to the API server. This allows
- for the creation of clusters when attaching a floating IP to the
- API server (and hence, in many cases, exposing the API server to
- the internet) is not possible or desirable, e.g. if using a shared
- VLAN for communication between management and workload clusters
- or when the management cluster is inside the project network. This
- option requires that the API server use a VIP on the cluster network
- so that the underlying machines can change without changing ControlPlaneEndpoint.Host.
- When using a managed load balancer, this VIP will be managed automatically.
- If not using a managed load balancer, cluster configuration will
- fail without additional configuration to manage the VIP on the control
- plane machines, which falls outside of the scope of this controller.
- type: boolean
- disablePortSecurity:
- description: DisablePortSecurity disables the port security of the
- network created for the Kubernetes cluster, which also disables
- SecurityGroups
- type: boolean
- dnsNameservers:
- description: DNSNameservers is the list of nameservers for OpenStack
- Subnet being created. Set this value when you need create a new
- network/subnet while the access through DNS is required.
- items:
- type: string
- type: array
- x-kubernetes-list-type: set
- externalNetworkId:
- description: ExternalNetworkID is the ID of an external OpenStack
- Network. This is necessary to get public internet to the VMs.
- type: string
- externalRouterIPs:
- description: ExternalRouterIPs is an array of externalIPs on the respective
- subnets. This is necessary if the router needs a fixed ip in a specific
- subnet.
- items:
- properties:
- fixedIP:
- description: The FixedIP in the corresponding subnet
- type: string
- subnet:
- description: The subnet in which the FixedIP is used for the
- Gateway of this router
- properties:
- filter:
- description: Filters for optional subnet query
- properties:
- cidr:
- type: string
- description:
- type: string
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- uuid:
- description: Optional UUID of the subnet. If specified this
- will not be validated prior to server creation. If specified,
- the enclosing `NetworkParam` must also be specified by
- UUID.
- type: string
- type: object
- required:
- - subnet
- type: object
- type: array
- identityRef:
- description: IdentityRef is a reference to a identity to be used when
- reconciling this cluster
- properties:
- kind:
- description: Kind of the identity. Must be supported by the infrastructure
- provider and may be either cluster or namespace-scoped.
- minLength: 1
- type: string
- name:
- description: Name of the infrastructure identity to be used. Must
- be either a cluster-scoped resource, or namespaced-scoped resource
- the same namespace as the resource(s) being provisioned.
- type: string
- required:
- - kind
- - name
- type: object
- managedSecurityGroups:
- description: ManagedSecurityGroups determines whether OpenStack security
- groups for the cluster will be managed by the OpenStack provider
- or whether pre-existing security groups will be specified as part
- of the configuration. By default, the managed security groups have
- rules that allow the Kubelet, etcd, the Kubernetes API server and
- the Calico CNI plugin to function correctly.
- type: boolean
- network:
- description: If NodeCIDR cannot be set this can be used to detect
- an existing network.
- properties:
- description:
- type: string
- id:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- nodeCidr:
- description: NodeCIDR is the OpenStack Subnet to be created. Cluster
- actuator will create a network, a subnet with NodeCIDR, and a router
- connected to this subnet. If you leave this empty, no network will
- be created.
- type: string
- subnet:
- description: If NodeCIDR cannot be set this can be used to detect
- an existing subnet.
- properties:
- cidr:
- type: string
- description:
- type: string
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- tags:
- description: Tags for all resources in cluster
- items:
- type: string
- type: array
- x-kubernetes-list-type: set
- type: object
- status:
- description: OpenStackClusterStatus defines the observed state of OpenStackCluster.
- properties:
- bastion:
- properties:
- configDrive:
- type: boolean
- failureDomain:
- type: string
- flavor:
- type: string
- floatingIP:
- type: string
- id:
- type: string
- image:
- type: string
- imageUUID:
- type: string
- ip:
- type: string
- metadata:
- additionalProperties:
- type: string
- type: object
- name:
- type: string
- networks:
- items:
- description: Network represents basic information about an OpenStack
- Neutron Network associated with an instance's port.
- properties:
- apiServerLoadBalancer:
- description: Be careful when using APIServerLoadBalancer,
- because this field is optional and therefore not set in
- all cases
- properties:
- allowedCIDRs:
- items:
- type: string
- type: array
- id:
- type: string
- internalIP:
- type: string
- ip:
- type: string
- name:
- type: string
- required:
- - id
- - internalIP
- - ip
- - name
- type: object
- id:
- type: string
- name:
- type: string
- port:
- properties:
- adminStateUp:
- type: boolean
- allowedAddressPairs:
- items:
- properties:
- ipAddress:
- type: string
- macAddress:
- type: string
- type: object
- type: array
- description:
- type: string
- disablePortSecurity:
- description: DisablePortSecurity enables or disables
- the port security when set. When not set, it takes
- the value of the corresponding field at the network
- level.
- type: boolean
- fixedIPs:
- description: Specify pairs of subnet and/or IP address.
- These should be subnets of the network with the given
- NetworkID.
- items:
- properties:
- ipAddress:
- type: string
- subnet:
- description: Subnet is an openstack subnet query
- that will return the id of a subnet to create
- the fixed IP of a port in. This query must not
- return more than one subnet.
- properties:
- cidr:
- type: string
- description:
- type: string
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- required:
- - subnet
- type: object
- type: array
- hostId:
- description: The ID of the host where the port is allocated
- type: string
- macAddress:
- type: string
- nameSuffix:
- description: Used to make the name of the port unique.
- If unspecified, instead the 0-based index of the port
- in the list is used.
- type: string
- network:
- description: Network is a query for an openstack network
- that the port will be created or discovered on. This
- will fail if the query returns more than one network.
- properties:
- description:
- type: string
- id:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- profile:
- additionalProperties:
- type: string
- description: A dictionary that enables the application
- running on the specified host to pass and receive
- virtual network interface (VIF) port-specific information
- to the plug-in.
- type: object
- projectId:
- type: string
- securityGroupFilters:
- description: The names, uuids, filters or any combination
- these of the security groups to assign to the instance
- items:
- properties:
- filter:
- description: Filters used to query security groups
- in openstack
- properties:
- description:
- type: string
- id:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- name:
- description: Security Group name
- type: string
- uuid:
- description: Security Group UID
- type: string
- type: object
- type: array
- securityGroups:
- description: The uuids of the security groups to assign
- to the instance
- items:
- type: string
- type: array
- x-kubernetes-list-type: set
- tags:
- description: Tags applied to the port (and corresponding
- trunk, if a trunk is configured.) These tags are applied
- in addition to the instance's tags, which will also
- be applied to the port.
- items:
- type: string
- type: array
- x-kubernetes-list-type: set
- tenantId:
- type: string
- trunk:
- description: Enables and disables trunk at port level.
- If not provided, openStackMachine.Spec.Trunk is inherited.
- type: boolean
- vnicType:
- description: The virtual network interface card (vNIC)
- type that is bound to the neutron port.
- type: string
- type: object
- router:
- description: Router represents basic information about the
- associated OpenStack Neutron Router.
- properties:
- id:
- type: string
- ips:
- items:
- type: string
- type: array
- name:
- type: string
- tags:
- items:
- type: string
- type: array
- required:
- - id
- - name
- type: object
- subnet:
- description: Subnet represents basic information about the
- associated OpenStack Neutron Subnet.
- properties:
- cidr:
- type: string
- id:
- type: string
- name:
- type: string
- tags:
- items:
- type: string
- type: array
- required:
- - cidr
- - id
- - name
- type: object
- tags:
- items:
- type: string
- type: array
- required:
- - id
- - name
- type: object
- type: array
- rootVolume:
- properties:
- availabilityZone:
- type: string
- diskSize:
- type: integer
- volumeType:
- type: string
- type: object
- securigyGroups:
- items:
- type: string
- type: array
- serverGroupID:
- type: string
- sshKeyName:
- type: string
- state:
- description: InstanceState describes the state of an OpenStack
- instance.
- type: string
- subnet:
- type: string
- tags:
- items:
- type: string
- type: array
- trunk:
- type: boolean
- userData:
- type: string
- type: object
- bastionSecurityGroup:
- description: SecurityGroup represents the basic information of the
- associated OpenStack Neutron Security Group.
- properties:
- id:
- type: string
- name:
- type: string
- rules:
- items:
- description: SecurityGroupRule represent the basic information
- of the associated OpenStack Security Group Role.
- properties:
- description:
- type: string
- direction:
- type: string
- etherType:
- type: string
- name:
- type: string
- portRangeMax:
- type: integer
- portRangeMin:
- type: integer
- protocol:
- type: string
- remoteGroupID:
- type: string
- remoteIPPrefix:
- type: string
- securityGroupID:
- type: string
- required:
- - description
- - direction
- - etherType
- - name
- - portRangeMax
- - portRangeMin
- - protocol
- - remoteGroupID
- - remoteIPPrefix
- - securityGroupID
- type: object
- type: array
- required:
- - id
- - name
- - rules
- type: object
- controlPlaneSecurityGroup:
- description: 'ControlPlaneSecurityGroups contains all the information
- about the OpenStack Security Group that needs to be applied to control
- plane nodes. TODO: Maybe instead of two properties, we add a property
- to the group?'
- properties:
- id:
- type: string
- name:
- type: string
- rules:
- items:
- description: SecurityGroupRule represent the basic information
- of the associated OpenStack Security Group Role.
- properties:
- description:
- type: string
- direction:
- type: string
- etherType:
- type: string
- name:
- type: string
- portRangeMax:
- type: integer
- portRangeMin:
- type: integer
- protocol:
- type: string
- remoteGroupID:
- type: string
- remoteIPPrefix:
- type: string
- securityGroupID:
- type: string
- required:
- - description
- - direction
- - etherType
- - name
- - portRangeMax
- - portRangeMin
- - protocol
- - remoteGroupID
- - remoteIPPrefix
- - securityGroupID
- type: object
- type: array
- required:
- - id
- - name
- - rules
- type: object
- externalNetwork:
- description: External Network contains information about the created
- OpenStack external network.
- properties:
- apiServerLoadBalancer:
- description: Be careful when using APIServerLoadBalancer, because
- this field is optional and therefore not set in all cases
- properties:
- allowedCIDRs:
- items:
- type: string
- type: array
- id:
- type: string
- internalIP:
- type: string
- ip:
- type: string
- name:
- type: string
- required:
- - id
- - internalIP
- - ip
- - name
- type: object
- id:
- type: string
- name:
- type: string
- port:
- properties:
- adminStateUp:
- type: boolean
- allowedAddressPairs:
- items:
- properties:
- ipAddress:
- type: string
- macAddress:
- type: string
- type: object
- type: array
- description:
- type: string
- disablePortSecurity:
- description: DisablePortSecurity enables or disables the port
- security when set. When not set, it takes the value of the
- corresponding field at the network level.
- type: boolean
- fixedIPs:
- description: Specify pairs of subnet and/or IP address. These
- should be subnets of the network with the given NetworkID.
- items:
- properties:
- ipAddress:
- type: string
- subnet:
- description: Subnet is an openstack subnet query that
- will return the id of a subnet to create the fixed
- IP of a port in. This query must not return more than
- one subnet.
- properties:
- cidr:
- type: string
- description:
- type: string
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- required:
- - subnet
- type: object
- type: array
- hostId:
- description: The ID of the host where the port is allocated
- type: string
- macAddress:
- type: string
- nameSuffix:
- description: Used to make the name of the port unique. If
- unspecified, instead the 0-based index of the port in the
- list is used.
- type: string
- network:
- description: Network is a query for an openstack network that
- the port will be created or discovered on. This will fail
- if the query returns more than one network.
- properties:
- description:
- type: string
- id:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- profile:
- additionalProperties:
- type: string
- description: A dictionary that enables the application running
- on the specified host to pass and receive virtual network
- interface (VIF) port-specific information to the plug-in.
- type: object
- projectId:
- type: string
- securityGroupFilters:
- description: The names, uuids, filters or any combination
- these of the security groups to assign to the instance
- items:
- properties:
- filter:
- description: Filters used to query security groups in
- openstack
- properties:
- description:
- type: string
- id:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- name:
- description: Security Group name
- type: string
- uuid:
- description: Security Group UID
- type: string
- type: object
- type: array
- securityGroups:
- description: The uuids of the security groups to assign to
- the instance
- items:
- type: string
- type: array
- x-kubernetes-list-type: set
- tags:
- description: Tags applied to the port (and corresponding trunk,
- if a trunk is configured.) These tags are applied in addition
- to the instance's tags, which will also be applied to the
- port.
- items:
- type: string
- type: array
- x-kubernetes-list-type: set
- tenantId:
- type: string
- trunk:
- description: Enables and disables trunk at port level. If
- not provided, openStackMachine.Spec.Trunk is inherited.
- type: boolean
- vnicType:
- description: The virtual network interface card (vNIC) type
- that is bound to the neutron port.
- type: string
- type: object
- router:
- description: Router represents basic information about the associated
- OpenStack Neutron Router.
- properties:
- id:
- type: string
- ips:
- items:
- type: string
- type: array
- name:
- type: string
- tags:
- items:
- type: string
- type: array
- required:
- - id
- - name
- type: object
- subnet:
- description: Subnet represents basic information about the associated
- OpenStack Neutron Subnet.
- properties:
- cidr:
- type: string
- id:
- type: string
- name:
- type: string
- tags:
- items:
- type: string
- type: array
- required:
- - cidr
- - id
- - name
- type: object
- tags:
- items:
- type: string
- type: array
- required:
- - id
- - name
- type: object
- failureDomains:
- additionalProperties:
- description: FailureDomainSpec is the Schema for Cluster API failure
- domains. It allows controllers to understand how many failure
- domains a cluster can optionally span across.
- properties:
- attributes:
- additionalProperties:
- type: string
- description: Attributes is a free form map of attributes an
- infrastructure provider might use or require.
- type: object
- controlPlane:
- description: ControlPlane determines if this failure domain
- is suitable for use by control plane machines.
- type: boolean
- type: object
- description: FailureDomains represent OpenStack availability zones
- type: object
- failureMessage:
- description: "FailureMessage will be set in the event that there is
- a terminal problem reconciling the OpenStackCluster and will contain
- a more verbose string suitable for logging and human consumption.
- \n This field should not be set for transitive errors that a controller
- faces that are expected to be fixed automatically over time (like
- service outages), but instead indicate that something is fundamentally
- wrong with the OpenStackCluster's spec or the configuration of the
- controller, and that manual intervention is required. Examples of
- terminal errors would be invalid combinations of settings in the
- spec, values that are unsupported by the controller, or the responsible
- controller itself being critically misconfigured. \n Any transient
- errors that occur during the reconciliation of OpenStackClusters
- can be added as events to the OpenStackCluster object and/or logged
- in the controller's output."
- type: string
- failureReason:
- description: "FailureReason will be set in the event that there is
- a terminal problem reconciling the OpenStackCluster and will contain
- a succinct value suitable for machine interpretation. \n This field
- should not be set for transitive errors that a controller faces
- that are expected to be fixed automatically over time (like service
- outages), but instead indicate that something is fundamentally wrong
- with the OpenStackCluster's spec or the configuration of the controller,
- and that manual intervention is required. Examples of terminal errors
- would be invalid combinations of settings in the spec, values that
- are unsupported by the controller, or the responsible controller
- itself being critically misconfigured. \n Any transient errors that
- occur during the reconciliation of OpenStackClusters can be added
- as events to the OpenStackCluster object and/or logged in the controller's
- output."
- type: string
- network:
- description: Network contains all information about the created OpenStack
- Network. It includes Subnets and Router.
- properties:
- apiServerLoadBalancer:
- description: Be careful when using APIServerLoadBalancer, because
- this field is optional and therefore not set in all cases
- properties:
- allowedCIDRs:
- items:
- type: string
- type: array
- id:
- type: string
- internalIP:
- type: string
- ip:
- type: string
- name:
- type: string
- required:
- - id
- - internalIP
- - ip
- - name
- type: object
- id:
- type: string
- name:
- type: string
- port:
- properties:
- adminStateUp:
- type: boolean
- allowedAddressPairs:
- items:
- properties:
- ipAddress:
- type: string
- macAddress:
- type: string
- type: object
- type: array
- description:
- type: string
- disablePortSecurity:
- description: DisablePortSecurity enables or disables the port
- security when set. When not set, it takes the value of the
- corresponding field at the network level.
- type: boolean
- fixedIPs:
- description: Specify pairs of subnet and/or IP address. These
- should be subnets of the network with the given NetworkID.
- items:
- properties:
- ipAddress:
- type: string
- subnet:
- description: Subnet is an openstack subnet query that
- will return the id of a subnet to create the fixed
- IP of a port in. This query must not return more than
- one subnet.
- properties:
- cidr:
- type: string
- description:
- type: string
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- required:
- - subnet
- type: object
- type: array
- hostId:
- description: The ID of the host where the port is allocated
- type: string
- macAddress:
- type: string
- nameSuffix:
- description: Used to make the name of the port unique. If
- unspecified, instead the 0-based index of the port in the
- list is used.
- type: string
- network:
- description: Network is a query for an openstack network that
- the port will be created or discovered on. This will fail
- if the query returns more than one network.
- properties:
- description:
- type: string
- id:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- profile:
- additionalProperties:
- type: string
- description: A dictionary that enables the application running
- on the specified host to pass and receive virtual network
- interface (VIF) port-specific information to the plug-in.
- type: object
- projectId:
- type: string
- securityGroupFilters:
- description: The names, uuids, filters or any combination
- these of the security groups to assign to the instance
- items:
- properties:
- filter:
- description: Filters used to query security groups in
- openstack
- properties:
- description:
- type: string
- id:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- name:
- description: Security Group name
- type: string
- uuid:
- description: Security Group UID
- type: string
- type: object
- type: array
- securityGroups:
- description: The uuids of the security groups to assign to
- the instance
- items:
- type: string
- type: array
- x-kubernetes-list-type: set
- tags:
- description: Tags applied to the port (and corresponding trunk,
- if a trunk is configured.) These tags are applied in addition
- to the instance's tags, which will also be applied to the
- port.
- items:
- type: string
- type: array
- x-kubernetes-list-type: set
- tenantId:
- type: string
- trunk:
- description: Enables and disables trunk at port level. If
- not provided, openStackMachine.Spec.Trunk is inherited.
- type: boolean
- vnicType:
- description: The virtual network interface card (vNIC) type
- that is bound to the neutron port.
- type: string
- type: object
- router:
- description: Router represents basic information about the associated
- OpenStack Neutron Router.
- properties:
- id:
- type: string
- ips:
- items:
- type: string
- type: array
- name:
- type: string
- tags:
- items:
- type: string
- type: array
- required:
- - id
- - name
- type: object
- subnet:
- description: Subnet represents basic information about the associated
- OpenStack Neutron Subnet.
- properties:
- cidr:
- type: string
- id:
- type: string
- name:
- type: string
- tags:
- items:
- type: string
- type: array
- required:
- - cidr
- - id
- - name
- type: object
- tags:
- items:
- type: string
- type: array
- required:
- - id
- - name
- type: object
- ready:
- type: boolean
- workerSecurityGroup:
- description: WorkerSecurityGroup contains all the information about
- the OpenStack Security Group that needs to be applied to worker
- nodes.
- properties:
- id:
- type: string
- name:
- type: string
- rules:
- items:
- description: SecurityGroupRule represent the basic information
- of the associated OpenStack Security Group Role.
- properties:
- description:
- type: string
- direction:
- type: string
- etherType:
- type: string
- name:
- type: string
- portRangeMax:
- type: integer
- portRangeMin:
- type: integer
- protocol:
- type: string
- remoteGroupID:
- type: string
- remoteIPPrefix:
- type: string
- securityGroupID:
- type: string
- required:
- - description
- - direction
- - etherType
- - name
- - portRangeMax
- - portRangeMin
- - protocol
- - remoteGroupID
- - remoteIPPrefix
- - securityGroupID
- type: object
- type: array
- required:
- - id
- - name
- - rules
- type: object
- required:
- - ready
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- cert-manager.io/inject-ca-from: capo-system/capo-serving-cert
- controller-gen.kubebuilder.io/version: v0.9.2
- labels:
- cluster.x-k8s.io/provider: infrastructure-openstack
- cluster.x-k8s.io/v1alpha3: v1alpha3
- cluster.x-k8s.io/v1beta1: v1alpha4_v1alpha5_v1alpha6
- name: openstackclustertemplates.infrastructure.cluster.x-k8s.io
-spec:
- conversion:
- strategy: Webhook
- webhook:
- clientConfig:
- caBundle: Cg==
- service:
- name: capo-webhook-service
- namespace: capo-system
- path: /convert
- conversionReviewVersions:
- - v1
- - v1beta1
- group: infrastructure.cluster.x-k8s.io
- names:
- categories:
- - cluster-api
- kind: OpenStackClusterTemplate
- listKind: OpenStackClusterTemplateList
- plural: openstackclustertemplates
- shortNames:
- - osct
- singular: openstackclustertemplate
- scope: Namespaced
- versions:
- - name: v1alpha4
- schema:
- openAPIV3Schema:
- description: OpenStackClusterTemplate is the Schema for the openstackclustertemplates
- API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: OpenStackClusterTemplateSpec defines the desired state of
- OpenStackClusterTemplate.
- properties:
- template:
- description: OpenStackClusterTemplateResource describes the data needed
- to create a OpenStackCluster from a template.
- properties:
- spec:
- description: OpenStackClusterSpec defines the desired state of
- OpenStackCluster.
- properties:
- allowAllInClusterTraffic:
- description: AllowAllInClusterTraffic is only used when managed
- security groups are in use. If set to true, the rules for
- the managed security groups are configured so that all ingress
- and egress between cluster nodes is permitted, allowing
- CNIs other than Calico to be used.
- type: boolean
- apiServerFixedIP:
- description: APIServerFixedIP is the fixed IP which will be
- associated with the API server. In the case where the API
- server has a floating IP but not a managed load balancer,
- this field is not used. If a managed load balancer is used
- and this field is not specified, a fixed IP will be dynamically
- allocated for the load balancer. If a managed load balancer
- is not used AND the API server floating IP is disabled,
- this field MUST be specified and should correspond to a
- pre-allocated port that holds the fixed IP to be used as
- a VIP.
- type: string
- apiServerFloatingIP:
- description: APIServerFloatingIP is the floatingIP which will
- be associated with the API server. The floatingIP will be
- created if it does not already exist. If not specified,
- a new floatingIP is allocated. This field is not used if
- DisableAPIServerFloatingIP is set to true.
- type: string
- apiServerLoadBalancerAdditionalPorts:
- description: APIServerLoadBalancerAdditionalPorts adds additional
- ports to the APIServerLoadBalancer
- items:
- type: integer
- type: array
- apiServerPort:
- description: APIServerPort is the port on which the listener
- on the APIServer will be created
- type: integer
- bastion:
- description: "Bastion is the OpenStack instance to login the
- nodes \n As a rolling update is not ideal during a bastion
- host session, we prevent changes to a running bastion configuration.
- Set `enabled: false` to make changes."
- properties:
- availabilityZone:
- type: string
- enabled:
- type: boolean
- instance:
- description: Instance for the bastion itself
- properties:
- cloudName:
- description: The name of the cloud to use from the
- clouds secret
- type: string
- configDrive:
- description: Config Drive support
- type: boolean
- flavor:
- description: The flavor reference for the flavor for
- your server instance.
- type: string
- floatingIP:
- description: The floatingIP which will be associated
- to the machine, only used for master. The floatingIP
- should have been created and haven't been associated.
- type: string
- identityRef:
- description: IdentityRef is a reference to a identity
- to be used when reconciling this cluster
- properties:
- kind:
- description: Kind of the identity. Must be supported
- by the infrastructure provider and may be either
- cluster or namespace-scoped.
- minLength: 1
- type: string
- name:
- description: Name of the infrastructure identity
- to be used. Must be either a cluster-scoped
- resource, or namespaced-scoped resource the
- same namespace as the resource(s) being provisioned.
- type: string
- required:
- - kind
- - name
- type: object
- image:
- description: The name of the image to use for your
- server instance. If the RootVolume is specified,
- this will be ignored and use rootVolume directly.
- type: string
- instanceID:
- description: InstanceID is the OpenStack instance
- ID for this machine.
- type: string
- networks:
- description: A networks object. Required parameter
- when there are multiple networks defined for the
- tenant. When you do not specify both networks and
- ports parameters, the server attaches to the only
- network created for the current tenant.
- items:
- properties:
- filter:
- description: Filters for optional network query
- properties:
- adminStateUp:
- type: boolean
- description:
- type: string
- id:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- shared:
- type: boolean
- sortDir:
- type: string
- sortKey:
- type: string
- status:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- fixedIP:
- description: A fixed IPv4 address for the NIC.
- type: string
- subnets:
- description: Subnet within a network to use
- items:
- properties:
- filter:
- description: Filters for optional subnet
- query
- properties:
- cidr:
- type: string
- description:
- type: string
- enableDhcp:
- type: boolean
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- networkId:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- subnetpoolId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- uuid:
- description: Optional UUID of the subnet.
- If specified this will not be validated
- prior to server creation. If specified,
- the enclosing `NetworkParam` must also
- be specified by UUID.
- type: string
- type: object
- type: array
- uuid:
- description: Optional UUID of the network. If
- specified this will not be validated prior
- to server creation. Required if `Subnets`
- specifies a subnet by UUID.
- type: string
- type: object
- type: array
- ports:
- description: Ports to be attached to the server instance.
- They are created if a port with the given name does
- not already exist. When you do not specify both
- networks and ports parameters, the server attaches
- to the only network created for the current tenant.
- items:
- properties:
- adminStateUp:
- type: boolean
- allowedAddressPairs:
- items:
- properties:
- ipAddress:
- type: string
- macAddress:
- type: string
- type: object
- type: array
- description:
- type: string
- disablePortSecurity:
- description: DisablePortSecurity enables or
- disables the port security when set. When
- not set, it takes the value of the corresponding
- field at the network level.
- type: boolean
- fixedIPs:
- description: Specify pairs of subnet and/or
- IP address. These should be subnets of the
- network with the given NetworkID.
- items:
- properties:
- ipAddress:
- type: string
- subnetId:
- type: string
- required:
- - subnetId
- type: object
- type: array
- hostId:
- description: The ID of the host where the port
- is allocated
- type: string
- macAddress:
- type: string
- nameSuffix:
- description: Used to make the name of the port
- unique. If unspecified, instead the 0-based
- index of the port in the list is used.
- type: string
- networkId:
- description: ID of the OpenStack network on
- which to create the port. If unspecified,
- create the port on the default cluster network.
- type: string
- profile:
- additionalProperties:
- type: string
- description: A dictionary that enables the application
- running on the specified host to pass and
- receive virtual network interface (VIF) port-specific
- information to the plug-in.
- type: object
- projectId:
- type: string
- securityGroups:
- items:
- type: string
- type: array
- tags:
- description: Tags applied to the port (and corresponding
- trunk, if a trunk is configured.) These tags
- are applied in addition to the instance's
- tags, which will also be applied to the port.
- items:
- type: string
- type: array
- tenantId:
- type: string
- trunk:
- description: Enables and disables trunk at port
- level. If not provided, openStackMachine.Spec.Trunk
- is inherited.
- type: boolean
- vnicType:
- description: The virtual network interface card
- (vNIC) type that is bound to the neutron port.
- type: string
- type: object
- type: array
- providerID:
- description: ProviderID is the unique identifier as
- specified by the cloud provider.
- type: string
- rootVolume:
- description: The volume metadata to boot from
- properties:
- deviceType:
- type: string
- diskSize:
- type: integer
- sourceType:
- type: string
- sourceUUID:
- type: string
- type: object
- securityGroups:
- description: The names of the security groups to assign
- to the instance
- items:
- properties:
- filter:
- description: Filters used to query security
- groups in openstack
- properties:
- description:
- type: string
- id:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- name:
- description: Security Group name
- type: string
- uuid:
- description: Security Group UID
- type: string
- type: object
- type: array
- serverGroupID:
- description: The server group to assign the machine
- to
- type: string
- serverMetadata:
- additionalProperties:
- type: string
- description: Metadata mapping. Allows you to create
- a map of key value pairs to add to the server instance.
- type: object
- sshKeyName:
- description: The ssh key to inject in the instance
- type: string
- subnet:
- description: UUID, IP address of a port from this
- subnet will be marked as AccessIPv4 on the created
- compute instance
- type: string
- tags:
- description: Machine tags Requires Nova api 2.52 minimum!
- items:
- type: string
- type: array
- trunk:
- description: Whether the server instance is created
- on a trunk port or not.
- type: boolean
- required:
- - flavor
- type: object
- type: object
- cloudName:
- description: The name of the cloud to use from the clouds
- secret
- type: string
- controlPlaneAvailabilityZones:
- description: ControlPlaneAvailabilityZones is the az to deploy
- control plane to
- items:
- type: string
- type: array
- controlPlaneEndpoint:
- description: ControlPlaneEndpoint represents the endpoint
- used to communicate with the control plane.
- properties:
- host:
- description: The hostname on which the API server is serving.
- type: string
- port:
- description: The port on which the API server is serving.
- format: int32
- type: integer
- required:
- - host
- - port
- type: object
- disableAPIServerFloatingIP:
- description: DisableAPIServerFloatingIP determines whether
- or not to attempt to attach a floating IP to the API server.
- This allows for the creation of clusters when attaching
- a floating IP to the API server (and hence, in many cases,
- exposing the API server to the internet) is not possible
- or desirable, e.g. if using a shared VLAN for communication
- between management and workload clusters or when the management
- cluster is inside the project network. This option requires
- that the API server use a VIP on the cluster network so
- that the underlying machines can change without changing
- ControlPlaneEndpoint.Host. When using a managed load balancer,
- this VIP will be managed automatically. If not using a managed
- load balancer, cluster configuration will fail without additional
- configuration to manage the VIP on the control plane machines,
- which falls outside of the scope of this controller.
- type: boolean
- disablePortSecurity:
- description: DisablePortSecurity disables the port security
- of the network created for the Kubernetes cluster, which
- also disables SecurityGroups
- type: boolean
- dnsNameservers:
- description: DNSNameservers is the list of nameservers for
- OpenStack Subnet being created. Set this value when you
- need create a new network/subnet while the access through
- DNS is required.
- items:
- type: string
- type: array
- externalNetworkId:
- description: ExternalNetworkID is the ID of an external OpenStack
- Network. This is necessary to get public internet to the
- VMs.
- type: string
- externalRouterIPs:
- description: ExternalRouterIPs is an array of externalIPs
- on the respective subnets. This is necessary if the router
- needs a fixed ip in a specific subnet.
- items:
- properties:
- fixedIP:
- description: The FixedIP in the corresponding subnet
- type: string
- subnet:
- description: The subnet in which the FixedIP is used
- for the Gateway of this router
- properties:
- filter:
- description: Filters for optional subnet query
- properties:
- cidr:
- type: string
- description:
- type: string
- enableDhcp:
- type: boolean
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- networkId:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- subnetpoolId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- uuid:
- description: Optional UUID of the subnet. If specified
- this will not be validated prior to server creation.
- If specified, the enclosing `NetworkParam` must
- also be specified by UUID.
- type: string
- type: object
- required:
- - subnet
- type: object
- type: array
- identityRef:
- description: IdentityRef is a reference to a identity to be
- used when reconciling this cluster
- properties:
- kind:
- description: Kind of the identity. Must be supported by
- the infrastructure provider and may be either cluster
- or namespace-scoped.
- minLength: 1
- type: string
- name:
- description: Name of the infrastructure identity to be
- used. Must be either a cluster-scoped resource, or namespaced-scoped
- resource the same namespace as the resource(s) being
- provisioned.
- type: string
- required:
- - kind
- - name
- type: object
- managedAPIServerLoadBalancer:
- description: ManagedAPIServerLoadBalancer defines whether
- a LoadBalancer for the APIServer should be created.
- type: boolean
- managedSecurityGroups:
- description: ManagedSecurityGroups determines whether OpenStack
- security groups for the cluster will be managed by the OpenStack
- provider or whether pre-existing security groups will be
- specified as part of the configuration. By default, the
- managed security groups have rules that allow the Kubelet,
- etcd, the Kubernetes API server and the Calico CNI plugin
- to function correctly.
- type: boolean
- network:
- description: If NodeCIDR cannot be set this can be used to
- detect an existing network.
- properties:
- adminStateUp:
- type: boolean
- description:
- type: string
- id:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- shared:
- type: boolean
- sortDir:
- type: string
- sortKey:
- type: string
- status:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- nodeCidr:
- description: NodeCIDR is the OpenStack Subnet to be created.
- Cluster actuator will create a network, a subnet with NodeCIDR,
- and a router connected to this subnet. If you leave this
- empty, no network will be created.
- type: string
- subnet:
- description: If NodeCIDR cannot be set this can be used to
- detect an existing subnet.
- properties:
- cidr:
- type: string
- description:
- type: string
- enableDhcp:
- type: boolean
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- networkId:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- subnetpoolId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- tags:
- description: Tags for all resources in cluster
- items:
- type: string
- type: array
- type: object
- required:
- - spec
- type: object
- required:
- - template
- type: object
- type: object
- served: true
- storage: false
- - name: v1alpha5
- schema:
- openAPIV3Schema:
- description: OpenStackClusterTemplate is the Schema for the openstackclustertemplates
- API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: OpenStackClusterTemplateSpec defines the desired state of
- OpenStackClusterTemplate.
- properties:
- template:
- description: OpenStackClusterTemplateResource describes the data needed
- to create a OpenStackCluster from a template.
- properties:
- spec:
- description: OpenStackClusterSpec defines the desired state of
- OpenStackCluster.
- properties:
- allowAllInClusterTraffic:
- description: AllowAllInClusterTraffic is only used when managed
- security groups are in use. If set to true, the rules for
- the managed security groups are configured so that all ingress
- and egress between cluster nodes is permitted, allowing
- CNIs other than Calico to be used.
- type: boolean
- apiServerFixedIP:
- description: APIServerFixedIP is the fixed IP which will be
- associated with the API server. In the case where the API
- server has a floating IP but not a managed load balancer,
- this field is not used. If a managed load balancer is used
- and this field is not specified, a fixed IP will be dynamically
- allocated for the load balancer. If a managed load balancer
- is not used AND the API server floating IP is disabled,
- this field MUST be specified and should correspond to a
- pre-allocated port that holds the fixed IP to be used as
- a VIP.
- type: string
- apiServerFloatingIP:
- description: APIServerFloatingIP is the floatingIP which will
- be associated with the API server. The floatingIP will be
- created if it does not already exist. If not specified,
- a new floatingIP is allocated. This field is not used if
- DisableAPIServerFloatingIP is set to true.
- type: string
- apiServerLoadBalancer:
- description: 'APIServerLoadBalancer configures the optional
- LoadBalancer for the APIServer. It must be activated by
- setting `enabled: true`.'
- properties:
- additionalPorts:
- description: AdditionalPorts adds additional tcp ports
- to the load balancer.
- items:
- type: integer
- type: array
- allowedCidrs:
- description: AllowedCIDRs restrict access to all API-Server
- listeners to the given address CIDRs.
- items:
- type: string
- type: array
- enabled:
- description: Enabled defines whether a load balancer should
- be created.
- type: boolean
- type: object
- apiServerPort:
- description: APIServerPort is the port on which the listener
- on the APIServer will be created
- type: integer
- bastion:
- description: "Bastion is the OpenStack instance to login the
- nodes \n As a rolling update is not ideal during a bastion
- host session, we prevent changes to a running bastion configuration.
- Set `enabled: false` to make changes."
- properties:
- availabilityZone:
- type: string
- enabled:
- type: boolean
- instance:
- description: Instance for the bastion itself
- properties:
- cloudName:
- description: The name of the cloud to use from the
- clouds secret
- type: string
- configDrive:
- description: Config Drive support
- type: boolean
- flavor:
- description: The flavor reference for the flavor for
- your server instance.
- type: string
- floatingIP:
- description: The floatingIP which will be associated
- to the machine, only used for master. The floatingIP
- should have been created and haven't been associated.
- type: string
- identityRef:
- description: IdentityRef is a reference to a identity
- to be used when reconciling this cluster
- properties:
- kind:
- description: Kind of the identity. Must be supported
- by the infrastructure provider and may be either
- cluster or namespace-scoped.
- minLength: 1
- type: string
- name:
- description: Name of the infrastructure identity
- to be used. Must be either a cluster-scoped
- resource, or namespaced-scoped resource the
- same namespace as the resource(s) being provisioned.
- type: string
- required:
- - kind
- - name
- type: object
- image:
- description: The name of the image to use for your
- server instance. If the RootVolume is specified,
- this will be ignored and use rootVolume directly.
- type: string
- imageUUID:
- description: The uuid of the image to use for your
- server instance. if it's empty, Image name will
- be used
- type: string
- instanceID:
- description: InstanceID is the OpenStack instance
- ID for this machine.
- type: string
- networks:
- description: A networks object. Required parameter
- when there are multiple networks defined for the
- tenant. When you do not specify both networks and
- ports parameters, the server attaches to the only
- network created for the current tenant.
- items:
- properties:
- filter:
- description: Filters for optional network query
- properties:
- description:
- type: string
- id:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- fixedIP:
- description: A fixed IPv4 address for the NIC.
- type: string
- subnets:
- description: Subnet within a network to use
- items:
- properties:
- filter:
- description: Filters for optional subnet
- query
- properties:
- cidr:
- type: string
- description:
- type: string
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- uuid:
- description: Optional UUID of the subnet.
- If specified this will not be validated
- prior to server creation. If specified,
- the enclosing `NetworkParam` must also
- be specified by UUID.
- type: string
- type: object
- type: array
- uuid:
- description: Optional UUID of the network. If
- specified this will not be validated prior
- to server creation. Required if `Subnets`
- specifies a subnet by UUID.
- type: string
- type: object
- type: array
- ports:
- description: Ports to be attached to the server instance.
- They are created if a port with the given name does
- not already exist. When you do not specify both
- networks and ports parameters, the server attaches
- to the only network created for the current tenant.
- items:
- properties:
- adminStateUp:
- type: boolean
- allowedAddressPairs:
- items:
- properties:
- ipAddress:
- type: string
- macAddress:
- type: string
- type: object
- type: array
- description:
- type: string
- disablePortSecurity:
- description: DisablePortSecurity enables or
- disables the port security when set. When
- not set, it takes the value of the corresponding
- field at the network level.
- type: boolean
- fixedIPs:
- description: Specify pairs of subnet and/or
- IP address. These should be subnets of the
- network with the given NetworkID.
- items:
- properties:
- ipAddress:
- type: string
- subnet:
- description: Subnet is an openstack subnet
- query that will return the id of a subnet
- to create the fixed IP of a port in.
- This query must not return more than
- one subnet.
- properties:
- cidr:
- type: string
- description:
- type: string
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- required:
- - subnet
- type: object
- type: array
- hostId:
- description: The ID of the host where the port
- is allocated
- type: string
- macAddress:
- type: string
- nameSuffix:
- description: Used to make the name of the port
- unique. If unspecified, instead the 0-based
- index of the port in the list is used.
- type: string
- network:
- description: Network is a query for an openstack
- network that the port will be created or discovered
- on. This will fail if the query returns more
- than one network.
- properties:
- description:
- type: string
- id:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- profile:
- additionalProperties:
- type: string
- description: A dictionary that enables the application
- running on the specified host to pass and
- receive virtual network interface (VIF) port-specific
- information to the plug-in.
- type: object
- projectId:
- type: string
- securityGroupFilters:
- description: The names, uuids, filters or any
- combination these of the security groups to
- assign to the instance
- items:
- properties:
- filter:
- description: Filters used to query security
- groups in openstack
- properties:
- description:
- type: string
- id:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- name:
- description: Security Group name
- type: string
- uuid:
- description: Security Group UID
- type: string
- type: object
- type: array
- securityGroups:
- description: The uuids of the security groups
- to assign to the instance
- items:
- type: string
- type: array
- tags:
- description: Tags applied to the port (and corresponding
- trunk, if a trunk is configured.) These tags
- are applied in addition to the instance's
- tags, which will also be applied to the port.
- items:
- type: string
- type: array
- tenantId:
- type: string
- trunk:
- description: Enables and disables trunk at port
- level. If not provided, openStackMachine.Spec.Trunk
- is inherited.
- type: boolean
- vnicType:
- description: The virtual network interface card
- (vNIC) type that is bound to the neutron port.
- type: string
- type: object
- type: array
- providerID:
- description: ProviderID is the unique identifier as
- specified by the cloud provider.
- type: string
- rootVolume:
- description: The volume metadata to boot from
- properties:
- availabilityZone:
- type: string
- diskSize:
- type: integer
- volumeType:
- type: string
- type: object
- securityGroups:
- description: The names of the security groups to assign
- to the instance
- items:
- properties:
- filter:
- description: Filters used to query security
- groups in openstack
- properties:
- description:
- type: string
- id:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- name:
- description: Security Group name
- type: string
- uuid:
- description: Security Group UID
- type: string
- type: object
- type: array
- serverGroupID:
- description: The server group to assign the machine
- to
- type: string
- serverMetadata:
- additionalProperties:
- type: string
- description: Metadata mapping. Allows you to create
- a map of key value pairs to add to the server instance.
- type: object
- sshKeyName:
- description: The ssh key to inject in the instance
- type: string
- subnet:
- description: UUID, IP address of a port from this
- subnet will be marked as AccessIPv4 on the created
- compute instance
- type: string
- tags:
- description: Machine tags Requires Nova api 2.52 minimum!
- items:
- type: string
- type: array
- trunk:
- description: Whether the server instance is created
- on a trunk port or not.
- type: boolean
- required:
- - flavor
- type: object
- type: object
- cloudName:
- description: The name of the cloud to use from the clouds
- secret
- type: string
- controlPlaneAvailabilityZones:
- description: ControlPlaneAvailabilityZones is the az to deploy
- control plane to
- items:
- type: string
- type: array
- controlPlaneEndpoint:
- description: ControlPlaneEndpoint represents the endpoint
- used to communicate with the control plane.
- properties:
- host:
- description: The hostname on which the API server is serving.
- type: string
- port:
- description: The port on which the API server is serving.
- format: int32
- type: integer
- required:
- - host
- - port
- type: object
- disableAPIServerFloatingIP:
- description: DisableAPIServerFloatingIP determines whether
- or not to attempt to attach a floating IP to the API server.
- This allows for the creation of clusters when attaching
- a floating IP to the API server (and hence, in many cases,
- exposing the API server to the internet) is not possible
- or desirable, e.g. if using a shared VLAN for communication
- between management and workload clusters or when the management
- cluster is inside the project network. This option requires
- that the API server use a VIP on the cluster network so
- that the underlying machines can change without changing
- ControlPlaneEndpoint.Host. When using a managed load balancer,
- this VIP will be managed automatically. If not using a managed
- load balancer, cluster configuration will fail without additional
- configuration to manage the VIP on the control plane machines,
- which falls outside of the scope of this controller.
- type: boolean
- disablePortSecurity:
- description: DisablePortSecurity disables the port security
- of the network created for the Kubernetes cluster, which
- also disables SecurityGroups
- type: boolean
- dnsNameservers:
- description: DNSNameservers is the list of nameservers for
- OpenStack Subnet being created. Set this value when you
- need create a new network/subnet while the access through
- DNS is required.
- items:
- type: string
- type: array
- externalNetworkId:
- description: ExternalNetworkID is the ID of an external OpenStack
- Network. This is necessary to get public internet to the
- VMs.
- type: string
- externalRouterIPs:
- description: ExternalRouterIPs is an array of externalIPs
- on the respective subnets. This is necessary if the router
- needs a fixed ip in a specific subnet.
- items:
- properties:
- fixedIP:
- description: The FixedIP in the corresponding subnet
- type: string
- subnet:
- description: The subnet in which the FixedIP is used
- for the Gateway of this router
- properties:
- filter:
- description: Filters for optional subnet query
- properties:
- cidr:
- type: string
- description:
- type: string
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- uuid:
- description: Optional UUID of the subnet. If specified
- this will not be validated prior to server creation.
- If specified, the enclosing `NetworkParam` must
- also be specified by UUID.
- type: string
- type: object
- required:
- - subnet
- type: object
- type: array
- identityRef:
- description: IdentityRef is a reference to a identity to be
- used when reconciling this cluster
- properties:
- kind:
- description: Kind of the identity. Must be supported by
- the infrastructure provider and may be either cluster
- or namespace-scoped.
- minLength: 1
- type: string
- name:
- description: Name of the infrastructure identity to be
- used. Must be either a cluster-scoped resource, or namespaced-scoped
- resource the same namespace as the resource(s) being
- provisioned.
- type: string
- required:
- - kind
- - name
- type: object
- managedSecurityGroups:
- description: ManagedSecurityGroups determines whether OpenStack
- security groups for the cluster will be managed by the OpenStack
- provider or whether pre-existing security groups will be
- specified as part of the configuration. By default, the
- managed security groups have rules that allow the Kubelet,
- etcd, the Kubernetes API server and the Calico CNI plugin
- to function correctly.
- type: boolean
- network:
- description: If NodeCIDR cannot be set this can be used to
- detect an existing network.
- properties:
- description:
- type: string
- id:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- nodeCidr:
- description: NodeCIDR is the OpenStack Subnet to be created.
- Cluster actuator will create a network, a subnet with NodeCIDR,
- and a router connected to this subnet. If you leave this
- empty, no network will be created.
- type: string
- subnet:
- description: If NodeCIDR cannot be set this can be used to
- detect an existing subnet.
- properties:
- cidr:
- type: string
- description:
- type: string
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- tags:
- description: Tags for all resources in cluster
- items:
- type: string
- type: array
- type: object
- required:
- - spec
- type: object
- required:
- - template
- type: object
- type: object
- served: true
- storage: false
- - name: v1alpha6
- schema:
- openAPIV3Schema:
- description: OpenStackClusterTemplate is the Schema for the openstackclustertemplates
- API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: OpenStackClusterTemplateSpec defines the desired state of
- OpenStackClusterTemplate.
- properties:
- template:
- description: OpenStackClusterTemplateResource describes the data needed
- to create a OpenStackCluster from a template.
- properties:
- spec:
- description: OpenStackClusterSpec defines the desired state of
- OpenStackCluster.
- properties:
- allowAllInClusterTraffic:
- description: AllowAllInClusterTraffic is only used when managed
- security groups are in use. If set to true, the rules for
- the managed security groups are configured so that all ingress
- and egress between cluster nodes is permitted, allowing
- CNIs other than Calico to be used.
- type: boolean
- apiServerFixedIP:
- description: APIServerFixedIP is the fixed IP which will be
- associated with the API server. In the case where the API
- server has a floating IP but not a managed load balancer,
- this field is not used. If a managed load balancer is used
- and this field is not specified, a fixed IP will be dynamically
- allocated for the load balancer. If a managed load balancer
- is not used AND the API server floating IP is disabled,
- this field MUST be specified and should correspond to a
- pre-allocated port that holds the fixed IP to be used as
- a VIP.
- type: string
- apiServerFloatingIP:
- description: APIServerFloatingIP is the floatingIP which will
- be associated with the API server. The floatingIP will be
- created if it does not already exist. If not specified,
- a new floatingIP is allocated. This field is not used if
- DisableAPIServerFloatingIP is set to true.
- type: string
- apiServerLoadBalancer:
- description: 'APIServerLoadBalancer configures the optional
- LoadBalancer for the APIServer. It must be activated by
- setting `enabled: true`.'
- properties:
- additionalPorts:
- description: AdditionalPorts adds additional tcp ports
- to the load balancer.
- items:
- type: integer
- type: array
- allowedCidrs:
- description: AllowedCIDRs restrict access to all API-Server
- listeners to the given address CIDRs.
- items:
- type: string
- type: array
- enabled:
- description: Enabled defines whether a load balancer should
- be created.
- type: boolean
- type: object
- apiServerPort:
- description: APIServerPort is the port on which the listener
- on the APIServer will be created
- type: integer
- bastion:
- description: "Bastion is the OpenStack instance to login the
- nodes \n As a rolling update is not ideal during a bastion
- host session, we prevent changes to a running bastion configuration.
- Set `enabled: false` to make changes."
- properties:
- availabilityZone:
- type: string
- enabled:
- type: boolean
- instance:
- description: Instance for the bastion itself
- properties:
- cloudName:
- description: The name of the cloud to use from the
- clouds secret
- type: string
- configDrive:
- description: Config Drive support
- type: boolean
- flavor:
- description: The flavor reference for the flavor for
- your server instance.
- type: string
- floatingIP:
- description: The floatingIP which will be associated
- to the machine, only used for master. The floatingIP
- should have been created and haven't been associated.
- type: string
- identityRef:
- description: IdentityRef is a reference to a identity
- to be used when reconciling this cluster
- properties:
- kind:
- description: Kind of the identity. Must be supported
- by the infrastructure provider and may be either
- cluster or namespace-scoped.
- minLength: 1
- type: string
- name:
- description: Name of the infrastructure identity
- to be used. Must be either a cluster-scoped
- resource, or namespaced-scoped resource the
- same namespace as the resource(s) being provisioned.
- type: string
- required:
- - kind
- - name
- type: object
- image:
- description: The name of the image to use for your
- server instance. If the RootVolume is specified,
- this will be ignored and use rootVolume directly.
- type: string
- imageUUID:
- description: The uuid of the image to use for your
- server instance. if it's empty, Image name will
- be used
- type: string
- instanceID:
- description: InstanceID is the OpenStack instance
- ID for this machine.
- type: string
- networks:
- description: A networks object. Required parameter
- when there are multiple networks defined for the
- tenant. When you do not specify both networks and
- ports parameters, the server attaches to the only
- network created for the current tenant.
- items:
- properties:
- filter:
- description: Filters for optional network query
- properties:
- description:
- type: string
- id:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- fixedIP:
- description: A fixed IPv4 address for the NIC.
- type: string
- subnets:
- description: Subnet within a network to use
- items:
- properties:
- filter:
- description: Filters for optional subnet
- query
- properties:
- cidr:
- type: string
- description:
- type: string
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- uuid:
- description: Optional UUID of the subnet.
- If specified this will not be validated
- prior to server creation. If specified,
- the enclosing `NetworkParam` must also
- be specified by UUID.
- type: string
- type: object
- type: array
- uuid:
- description: Optional UUID of the network. If
- specified this will not be validated prior
- to server creation. Required if `Subnets`
- specifies a subnet by UUID.
- type: string
- type: object
- type: array
- ports:
- description: Ports to be attached to the server instance.
- They are created if a port with the given name does
- not already exist. When you do not specify both
- networks and ports parameters, the server attaches
- to the only network created for the current tenant.
- items:
- properties:
- adminStateUp:
- type: boolean
- allowedAddressPairs:
- items:
- properties:
- ipAddress:
- type: string
- macAddress:
- type: string
- type: object
- type: array
- description:
- type: string
- disablePortSecurity:
- description: DisablePortSecurity enables or
- disables the port security when set. When
- not set, it takes the value of the corresponding
- field at the network level.
- type: boolean
- fixedIPs:
- description: Specify pairs of subnet and/or
- IP address. These should be subnets of the
- network with the given NetworkID.
- items:
- properties:
- ipAddress:
- type: string
- subnet:
- description: Subnet is an openstack subnet
- query that will return the id of a subnet
- to create the fixed IP of a port in.
- This query must not return more than
- one subnet.
- properties:
- cidr:
- type: string
- description:
- type: string
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- required:
- - subnet
- type: object
- type: array
- hostId:
- description: The ID of the host where the port
- is allocated
- type: string
- macAddress:
- type: string
- nameSuffix:
- description: Used to make the name of the port
- unique. If unspecified, instead the 0-based
- index of the port in the list is used.
- type: string
- network:
- description: Network is a query for an openstack
- network that the port will be created or discovered
- on. This will fail if the query returns more
- than one network.
- properties:
- description:
- type: string
- id:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- profile:
- additionalProperties:
- type: string
- description: A dictionary that enables the application
- running on the specified host to pass and
- receive virtual network interface (VIF) port-specific
- information to the plug-in.
- type: object
- projectId:
- type: string
- securityGroupFilters:
- description: The names, uuids, filters or any
- combination these of the security groups to
- assign to the instance
- items:
- properties:
- filter:
- description: Filters used to query security
- groups in openstack
- properties:
- description:
- type: string
- id:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- name:
- description: Security Group name
- type: string
- uuid:
- description: Security Group UID
- type: string
- type: object
- type: array
- securityGroups:
- description: The uuids of the security groups
- to assign to the instance
- items:
- type: string
- type: array
- x-kubernetes-list-type: set
- tags:
- description: Tags applied to the port (and corresponding
- trunk, if a trunk is configured.) These tags
- are applied in addition to the instance's
- tags, which will also be applied to the port.
- items:
- type: string
- type: array
- x-kubernetes-list-type: set
- tenantId:
- type: string
- trunk:
- description: Enables and disables trunk at port
- level. If not provided, openStackMachine.Spec.Trunk
- is inherited.
- type: boolean
- vnicType:
- description: The virtual network interface card
- (vNIC) type that is bound to the neutron port.
- type: string
- type: object
- type: array
- providerID:
- description: ProviderID is the unique identifier as
- specified by the cloud provider.
- type: string
- rootVolume:
- description: The volume metadata to boot from
- properties:
- availabilityZone:
- type: string
- diskSize:
- type: integer
- volumeType:
- type: string
- type: object
- securityGroups:
- description: The names of the security groups to assign
- to the instance
- items:
- properties:
- filter:
- description: Filters used to query security
- groups in openstack
- properties:
- description:
- type: string
- id:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- name:
- description: Security Group name
- type: string
- uuid:
- description: Security Group UID
- type: string
- type: object
- type: array
- serverGroupID:
- description: The server group to assign the machine
- to
- type: string
- serverMetadata:
- additionalProperties:
- type: string
- description: Metadata mapping. Allows you to create
- a map of key value pairs to add to the server instance.
- type: object
- sshKeyName:
- description: The ssh key to inject in the instance
- type: string
- subnet:
- description: UUID, IP address of a port from this
- subnet will be marked as AccessIPv4 on the created
- compute instance
- type: string
- tags:
- description: Machine tags Requires Nova api 2.52 minimum!
- items:
- type: string
- type: array
- x-kubernetes-list-type: set
- trunk:
- description: Whether the server instance is created
- on a trunk port or not.
- type: boolean
- required:
- - flavor
- type: object
- type: object
- cloudName:
- description: The name of the cloud to use from the clouds
- secret
- type: string
- controlPlaneAvailabilityZones:
- description: ControlPlaneAvailabilityZones is the az to deploy
- control plane to
- items:
- type: string
- type: array
- x-kubernetes-list-type: set
- controlPlaneEndpoint:
- description: ControlPlaneEndpoint represents the endpoint
- used to communicate with the control plane.
- properties:
- host:
- description: The hostname on which the API server is serving.
- type: string
- port:
- description: The port on which the API server is serving.
- format: int32
- type: integer
- required:
- - host
- - port
- type: object
- controlPlaneOmitAvailabilityZone:
- description: Indicates whether to omit the az for control
- plane nodes, allowing the Nova scheduler to make a decision
- on which az to use based on other scheduling constraints
- type: boolean
- disableAPIServerFloatingIP:
- description: DisableAPIServerFloatingIP determines whether
- or not to attempt to attach a floating IP to the API server.
- This allows for the creation of clusters when attaching
- a floating IP to the API server (and hence, in many cases,
- exposing the API server to the internet) is not possible
- or desirable, e.g. if using a shared VLAN for communication
- between management and workload clusters or when the management
- cluster is inside the project network. This option requires
- that the API server use a VIP on the cluster network so
- that the underlying machines can change without changing
- ControlPlaneEndpoint.Host. When using a managed load balancer,
- this VIP will be managed automatically. If not using a managed
- load balancer, cluster configuration will fail without additional
- configuration to manage the VIP on the control plane machines,
- which falls outside of the scope of this controller.
- type: boolean
- disablePortSecurity:
- description: DisablePortSecurity disables the port security
- of the network created for the Kubernetes cluster, which
- also disables SecurityGroups
- type: boolean
- dnsNameservers:
- description: DNSNameservers is the list of nameservers for
- OpenStack Subnet being created. Set this value when you
- need create a new network/subnet while the access through
- DNS is required.
- items:
- type: string
- type: array
- x-kubernetes-list-type: set
- externalNetworkId:
- description: ExternalNetworkID is the ID of an external OpenStack
- Network. This is necessary to get public internet to the
- VMs.
- type: string
- externalRouterIPs:
- description: ExternalRouterIPs is an array of externalIPs
- on the respective subnets. This is necessary if the router
- needs a fixed ip in a specific subnet.
- items:
- properties:
- fixedIP:
- description: The FixedIP in the corresponding subnet
- type: string
- subnet:
- description: The subnet in which the FixedIP is used
- for the Gateway of this router
- properties:
- filter:
- description: Filters for optional subnet query
- properties:
- cidr:
- type: string
- description:
- type: string
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- uuid:
- description: Optional UUID of the subnet. If specified
- this will not be validated prior to server creation.
- If specified, the enclosing `NetworkParam` must
- also be specified by UUID.
- type: string
- type: object
- required:
- - subnet
- type: object
- type: array
- identityRef:
- description: IdentityRef is a reference to a identity to be
- used when reconciling this cluster
- properties:
- kind:
- description: Kind of the identity. Must be supported by
- the infrastructure provider and may be either cluster
- or namespace-scoped.
- minLength: 1
- type: string
- name:
- description: Name of the infrastructure identity to be
- used. Must be either a cluster-scoped resource, or namespaced-scoped
- resource the same namespace as the resource(s) being
- provisioned.
- type: string
- required:
- - kind
- - name
- type: object
- managedSecurityGroups:
- description: ManagedSecurityGroups determines whether OpenStack
- security groups for the cluster will be managed by the OpenStack
- provider or whether pre-existing security groups will be
- specified as part of the configuration. By default, the
- managed security groups have rules that allow the Kubelet,
- etcd, the Kubernetes API server and the Calico CNI plugin
- to function correctly.
- type: boolean
- network:
- description: If NodeCIDR cannot be set this can be used to
- detect an existing network.
- properties:
- description:
- type: string
- id:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- nodeCidr:
- description: NodeCIDR is the OpenStack Subnet to be created.
- Cluster actuator will create a network, a subnet with NodeCIDR,
- and a router connected to this subnet. If you leave this
- empty, no network will be created.
- type: string
- subnet:
- description: If NodeCIDR cannot be set this can be used to
- detect an existing subnet.
- properties:
- cidr:
- type: string
- description:
- type: string
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- tags:
- description: Tags for all resources in cluster
- items:
- type: string
- type: array
- x-kubernetes-list-type: set
- type: object
- required:
- - spec
- type: object
- required:
- - template
- type: object
- type: object
- served: true
- storage: true
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- cert-manager.io/inject-ca-from: capo-system/capo-serving-cert
- controller-gen.kubebuilder.io/version: v0.9.2
- labels:
- cluster.x-k8s.io/provider: infrastructure-openstack
- cluster.x-k8s.io/v1alpha3: v1alpha3
- cluster.x-k8s.io/v1beta1: v1alpha4_v1alpha5_v1alpha6
- name: openstackmachines.infrastructure.cluster.x-k8s.io
-spec:
- conversion:
- strategy: Webhook
- webhook:
- clientConfig:
- caBundle: Cg==
- service:
- name: capo-webhook-service
- namespace: capo-system
- path: /convert
- conversionReviewVersions:
- - v1
- - v1beta1
- group: infrastructure.cluster.x-k8s.io
- names:
- categories:
- - cluster-api
- kind: OpenStackMachine
- listKind: OpenStackMachineList
- plural: openstackmachines
- shortNames:
- - osm
- singular: openstackmachine
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - description: Cluster to which this OpenStackMachine belongs
- jsonPath: .metadata.labels.cluster\.x-k8s\.io/cluster-name
- name: Cluster
- type: string
- - description: OpenStack instance state
- jsonPath: .status.instanceState
- name: InstanceState
- type: string
- - description: Machine ready status
- jsonPath: .status.ready
- name: Ready
- type: string
- - description: OpenStack instance ID
- jsonPath: .spec.providerID
- name: ProviderID
- type: string
- - description: Machine object which owns with this OpenStackMachine
- jsonPath: .metadata.ownerReferences[?(@.kind=="Machine")].name
- name: Machine
- type: string
- - description: Time duration since creation of OpenStackMachine
- jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1alpha3
- schema:
- openAPIV3Schema:
- description: OpenStackMachine is the Schema for the openstackmachines API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: OpenStackMachineSpec defines the desired state of OpenStackMachine.
- properties:
- cloudName:
- description: The name of the cloud to use from the clouds secret
- type: string
- cloudsSecret:
- description: The name of the secret containing the openstack credentials
- properties:
- name:
- description: name is unique within a namespace to reference a
- secret resource.
- type: string
- namespace:
- description: namespace defines the space within which the secret
- name must be unique.
- type: string
- type: object
- x-kubernetes-map-type: atomic
- configDrive:
- description: Config Drive support
- type: boolean
- flavor:
- description: The flavor reference for the flavor for your server instance.
- type: string
- floatingIP:
- description: The floatingIP which will be associated to the machine,
- only used for master. The floatingIP should have been created and
- haven't been associated.
- type: string
- image:
- description: The name of the image to use for your server instance.
- If the RootVolume is specified, this will be ignored and use rootVolume
- directly.
- type: string
- instanceID:
- description: InstanceID is the OpenStack instance ID for this machine.
- type: string
- networks:
- description: A networks object. Required parameter when there are
- multiple networks defined for the tenant. When you do not specify
- the networks parameter, the server attaches to the only network
- created for the current tenant.
- items:
- properties:
- filter:
- description: Filters for optional network query
- properties:
- adminStateUp:
- type: boolean
- description:
- type: string
- id:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- shared:
- type: boolean
- sortDir:
- type: string
- sortKey:
- type: string
- status:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- fixedIp:
- description: A fixed IPv4 address for the NIC.
- type: string
- subnets:
- description: Subnet within a network to use
- items:
- properties:
- filter:
- description: Filters for optional network query
- properties:
- cidr:
- type: string
- description:
- type: string
- enableDhcp:
- type: boolean
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- networkId:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- subnetpoolId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- uuid:
- description: The UUID of the network. Required if you
- omit the port attribute.
- type: string
- type: object
- type: array
- uuid:
- description: The UUID of the network. Required if you omit the
- port attribute.
- type: string
- type: object
- type: array
- providerID:
- description: ProviderID is the unique identifier as specified by the
- cloud provider.
- type: string
- rootVolume:
- description: The volume metadata to boot from
- properties:
- deviceType:
- type: string
- diskSize:
- type: integer
- sourceType:
- type: string
- sourceUUID:
- type: string
- type: object
- securityGroups:
- description: The names of the security groups to assign to the instance
- items:
- properties:
- filter:
- description: Filters used to query security groups in openstack
- properties:
- description:
- type: string
- id:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- name:
- description: Security Group name
- type: string
- uuid:
- description: Security Group UID
- type: string
- type: object
- type: array
- serverGroupID:
- description: The server group to assign the machine to
- type: string
- serverMetadata:
- additionalProperties:
- type: string
- description: Metadata mapping. Allows you to create a map of key value
- pairs to add to the server instance.
- type: object
- sshKeyName:
- description: The ssh key to inject in the instance
- type: string
- subnet:
- description: UUID, IP address of a port from this subnet will be marked
- as AccessIPv4 on the created compute instance
- type: string
- tags:
- description: Machine tags Requires Nova api 2.52 minimum!
- items:
- type: string
- type: array
- trunk:
- description: Whether the server instance is created on a trunk port
- or not.
- type: boolean
- userDataSecret:
- description: The name of the secret containing the user data (startup
- script in most cases)
- properties:
- name:
- description: name is unique within a namespace to reference a
- secret resource.
- type: string
- namespace:
- description: namespace defines the space within which the secret
- name must be unique.
- type: string
- type: object
- x-kubernetes-map-type: atomic
- required:
- - flavor
- type: object
- status:
- description: OpenStackMachineStatus defines the observed state of OpenStackMachine.
- properties:
- addresses:
- description: Addresses contains the OpenStack instance associated
- addresses.
- items:
- description: NodeAddress contains information for the node's address.
- properties:
- address:
- description: The node address.
- type: string
- type:
- description: Node address type, one of Hostname, ExternalIP
- or InternalIP.
- type: string
- required:
- - address
- - type
- type: object
- type: array
- conditions:
- description: Conditions provide observations of the operational state
- of a Cluster API resource.
- items:
- description: Condition defines an observation of a Cluster API resource
- operational state.
- properties:
- lastTransitionTime:
- description: Last time the condition transitioned from one status
- to another. This should be when the underlying condition changed.
- If that is not known, then using the time when the API field
- changed is acceptable.
- format: date-time
- type: string
- message:
- description: A human readable message indicating details about
- the transition. This field may be empty.
- type: string
- reason:
- description: The reason for the condition's last transition
- in CamelCase. The specific API may choose whether or not this
- field is considered a guaranteed API. This field may not be
- empty.
- type: string
- severity:
- description: Severity provides an explicit classification of
- Reason code, so the users or machines can immediately understand
- the current situation and act accordingly. The Severity field
- MUST be set only when Status=False.
- type: string
- status:
- description: Status of the condition, one of True, False, Unknown.
- type: string
- type:
- description: Type of condition in CamelCase or in foo.example.com/CamelCase.
- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important.
- type: string
- required:
- - lastTransitionTime
- - status
- - type
- type: object
- type: array
- errorMessage:
- description: "FailureMessage will be set in the event that there is
- a terminal problem reconciling the Machine and will contain a more
- verbose string suitable for logging and human consumption. \n This
- field should not be set for transitive errors that a controller
- faces that are expected to be fixed automatically over time (like
- service outages), but instead indicate that something is fundamentally
- wrong with the Machine's spec or the configuration of the controller,
- and that manual intervention is required. Examples of terminal errors
- would be invalid combinations of settings in the spec, values that
- are unsupported by the controller, or the responsible controller
- itself being critically misconfigured. \n Any transient errors that
- occur during the reconciliation of Machines can be added as events
- to the Machine object and/or logged in the controller's output."
- type: string
- errorReason:
- description: MachineStatusError defines errors states for Machine
- objects.
- type: string
- instanceState:
- description: InstanceState is the state of the OpenStack instance
- for this machine.
- type: string
- ready:
- description: Ready is true when the provider resource is ready.
- type: boolean
- type: object
- type: object
- served: true
- storage: false
- subresources:
- status: {}
- - additionalPrinterColumns:
- - description: Cluster to which this OpenStackMachine belongs
- jsonPath: .metadata.labels.cluster\.x-k8s\.io/cluster-name
- name: Cluster
- type: string
- - description: OpenStack instance state
- jsonPath: .status.instanceState
- name: InstanceState
- type: string
- - description: Machine ready status
- jsonPath: .status.ready
- name: Ready
- type: string
- - description: OpenStack instance ID
- jsonPath: .spec.providerID
- name: ProviderID
- type: string
- - description: Machine object which owns with this OpenStackMachine
- jsonPath: .metadata.ownerReferences[?(@.kind=="Machine")].name
- name: Machine
- type: string
- - description: Time duration since creation of OpenStackMachine
- jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1alpha4
- schema:
- openAPIV3Schema:
- description: OpenStackMachine is the Schema for the openstackmachines API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: OpenStackMachineSpec defines the desired state of OpenStackMachine.
- properties:
- cloudName:
- description: The name of the cloud to use from the clouds secret
- type: string
- configDrive:
- description: Config Drive support
- type: boolean
- flavor:
- description: The flavor reference for the flavor for your server instance.
- type: string
- floatingIP:
- description: The floatingIP which will be associated to the machine,
- only used for master. The floatingIP should have been created and
- haven't been associated.
- type: string
- identityRef:
- description: IdentityRef is a reference to a identity to be used when
- reconciling this cluster
- properties:
- kind:
- description: Kind of the identity. Must be supported by the infrastructure
- provider and may be either cluster or namespace-scoped.
- minLength: 1
- type: string
- name:
- description: Name of the infrastructure identity to be used. Must
- be either a cluster-scoped resource, or namespaced-scoped resource
- the same namespace as the resource(s) being provisioned.
- type: string
- required:
- - kind
- - name
- type: object
- image:
- description: The name of the image to use for your server instance.
- If the RootVolume is specified, this will be ignored and use rootVolume
- directly.
- type: string
- instanceID:
- description: InstanceID is the OpenStack instance ID for this machine.
- type: string
- networks:
- description: A networks object. Required parameter when there are
- multiple networks defined for the tenant. When you do not specify
- both networks and ports parameters, the server attaches to the only
- network created for the current tenant.
- items:
- properties:
- filter:
- description: Filters for optional network query
- properties:
- adminStateUp:
- type: boolean
- description:
- type: string
- id:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- shared:
- type: boolean
- sortDir:
- type: string
- sortKey:
- type: string
- status:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- fixedIP:
- description: A fixed IPv4 address for the NIC.
- type: string
- subnets:
- description: Subnet within a network to use
- items:
- properties:
- filter:
- description: Filters for optional subnet query
- properties:
- cidr:
- type: string
- description:
- type: string
- enableDhcp:
- type: boolean
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- networkId:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- subnetpoolId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- uuid:
- description: Optional UUID of the subnet. If specified
- this will not be validated prior to server creation.
- If specified, the enclosing `NetworkParam` must also
- be specified by UUID.
- type: string
- type: object
- type: array
- uuid:
- description: Optional UUID of the network. If specified this
- will not be validated prior to server creation. Required if
- `Subnets` specifies a subnet by UUID.
- type: string
- type: object
- type: array
- ports:
- description: Ports to be attached to the server instance. They are
- created if a port with the given name does not already exist. When
- you do not specify both networks and ports parameters, the server
- attaches to the only network created for the current tenant.
- items:
- properties:
- adminStateUp:
- type: boolean
- allowedAddressPairs:
- items:
- properties:
- ipAddress:
- type: string
- macAddress:
- type: string
- type: object
- type: array
- description:
- type: string
- disablePortSecurity:
- description: DisablePortSecurity enables or disables the port
- security when set. When not set, it takes the value of the
- corresponding field at the network level.
- type: boolean
- fixedIPs:
- description: Specify pairs of subnet and/or IP address. These
- should be subnets of the network with the given NetworkID.
- items:
- properties:
- ipAddress:
- type: string
- subnetId:
- type: string
- required:
- - subnetId
- type: object
- type: array
- hostId:
- description: The ID of the host where the port is allocated
- type: string
- macAddress:
- type: string
- nameSuffix:
- description: Used to make the name of the port unique. If unspecified,
- instead the 0-based index of the port in the list is used.
- type: string
- networkId:
- description: ID of the OpenStack network on which to create
- the port. If unspecified, create the port on the default cluster
- network.
- type: string
- profile:
- additionalProperties:
- type: string
- description: A dictionary that enables the application running
- on the specified host to pass and receive virtual network
- interface (VIF) port-specific information to the plug-in.
- type: object
- projectId:
- type: string
- securityGroups:
- items:
- type: string
- type: array
- tags:
- description: Tags applied to the port (and corresponding trunk,
- if a trunk is configured.) These tags are applied in addition
- to the instance's tags, which will also be applied to the
- port.
- items:
- type: string
- type: array
- tenantId:
- type: string
- trunk:
- description: Enables and disables trunk at port level. If not
- provided, openStackMachine.Spec.Trunk is inherited.
- type: boolean
- vnicType:
- description: The virtual network interface card (vNIC) type
- that is bound to the neutron port.
- type: string
- type: object
- type: array
- providerID:
- description: ProviderID is the unique identifier as specified by the
- cloud provider.
- type: string
- rootVolume:
- description: The volume metadata to boot from
- properties:
- deviceType:
- type: string
- diskSize:
- type: integer
- sourceType:
- type: string
- sourceUUID:
- type: string
- type: object
- securityGroups:
- description: The names of the security groups to assign to the instance
- items:
- properties:
- filter:
- description: Filters used to query security groups in openstack
- properties:
- description:
- type: string
- id:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- name:
- description: Security Group name
- type: string
- uuid:
- description: Security Group UID
- type: string
- type: object
- type: array
- serverGroupID:
- description: The server group to assign the machine to
- type: string
- serverMetadata:
- additionalProperties:
- type: string
- description: Metadata mapping. Allows you to create a map of key value
- pairs to add to the server instance.
- type: object
- sshKeyName:
- description: The ssh key to inject in the instance
- type: string
- subnet:
- description: UUID, IP address of a port from this subnet will be marked
- as AccessIPv4 on the created compute instance
- type: string
- tags:
- description: Machine tags Requires Nova api 2.52 minimum!
- items:
- type: string
- type: array
- trunk:
- description: Whether the server instance is created on a trunk port
- or not.
- type: boolean
- required:
- - flavor
- type: object
- status:
- description: OpenStackMachineStatus defines the observed state of OpenStackMachine.
- properties:
- addresses:
- description: Addresses contains the OpenStack instance associated
- addresses.
- items:
- description: NodeAddress contains information for the node's address.
- properties:
- address:
- description: The node address.
- type: string
- type:
- description: Node address type, one of Hostname, ExternalIP
- or InternalIP.
- type: string
- required:
- - address
- - type
- type: object
- type: array
- conditions:
- description: Conditions provide observations of the operational state
- of a Cluster API resource.
- items:
- description: Condition defines an observation of a Cluster API resource
- operational state.
- properties:
- lastTransitionTime:
- description: Last time the condition transitioned from one status
- to another. This should be when the underlying condition changed.
- If that is not known, then using the time when the API field
- changed is acceptable.
- format: date-time
- type: string
- message:
- description: A human readable message indicating details about
- the transition. This field may be empty.
- type: string
- reason:
- description: The reason for the condition's last transition
- in CamelCase. The specific API may choose whether or not this
- field is considered a guaranteed API. This field may not be
- empty.
- type: string
- severity:
- description: Severity provides an explicit classification of
- Reason code, so the users or machines can immediately understand
- the current situation and act accordingly. The Severity field
- MUST be set only when Status=False.
- type: string
- status:
- description: Status of the condition, one of True, False, Unknown.
- type: string
- type:
- description: Type of condition in CamelCase or in foo.example.com/CamelCase.
- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important.
- type: string
- required:
- - lastTransitionTime
- - status
- - type
- type: object
- type: array
- errorMessage:
- description: "FailureMessage will be set in the event that there is
- a terminal problem reconciling the Machine and will contain a more
- verbose string suitable for logging and human consumption. \n This
- field should not be set for transitive errors that a controller
- faces that are expected to be fixed automatically over time (like
- service outages), but instead indicate that something is fundamentally
- wrong with the Machine's spec or the configuration of the controller,
- and that manual intervention is required. Examples of terminal errors
- would be invalid combinations of settings in the spec, values that
- are unsupported by the controller, or the responsible controller
- itself being critically misconfigured. \n Any transient errors that
- occur during the reconciliation of Machines can be added as events
- to the Machine object and/or logged in the controller's output."
- type: string
- errorReason:
- description: MachineStatusError defines errors states for Machine
- objects.
- type: string
- instanceState:
- description: InstanceState is the state of the OpenStack instance
- for this machine.
- type: string
- ready:
- description: Ready is true when the provider resource is ready.
- type: boolean
- type: object
- type: object
- served: true
- storage: false
- subresources:
- status: {}
- - additionalPrinterColumns:
- - description: Cluster to which this OpenStackMachine belongs
- jsonPath: .metadata.labels.cluster\.x-k8s\.io/cluster-name
- name: Cluster
- type: string
- - description: OpenStack instance state
- jsonPath: .status.instanceState
- name: InstanceState
- type: string
- - description: Machine ready status
- jsonPath: .status.ready
- name: Ready
- type: string
- - description: OpenStack instance ID
- jsonPath: .spec.providerID
- name: ProviderID
- type: string
- - description: Machine object which owns with this OpenStackMachine
- jsonPath: .metadata.ownerReferences[?(@.kind=="Machine")].name
- name: Machine
- type: string
- - description: Time duration since creation of OpenStackMachine
- jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1alpha5
- schema:
- openAPIV3Schema:
- description: OpenStackMachine is the Schema for the openstackmachines API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: OpenStackMachineSpec defines the desired state of OpenStackMachine.
- properties:
- cloudName:
- description: The name of the cloud to use from the clouds secret
- type: string
- configDrive:
- description: Config Drive support
- type: boolean
- flavor:
- description: The flavor reference for the flavor for your server instance.
- type: string
- floatingIP:
- description: The floatingIP which will be associated to the machine,
- only used for master. The floatingIP should have been created and
- haven't been associated.
- type: string
- identityRef:
- description: IdentityRef is a reference to a identity to be used when
- reconciling this cluster
- properties:
- kind:
- description: Kind of the identity. Must be supported by the infrastructure
- provider and may be either cluster or namespace-scoped.
- minLength: 1
- type: string
- name:
- description: Name of the infrastructure identity to be used. Must
- be either a cluster-scoped resource, or namespaced-scoped resource
- the same namespace as the resource(s) being provisioned.
- type: string
- required:
- - kind
- - name
- type: object
- image:
- description: The name of the image to use for your server instance.
- If the RootVolume is specified, this will be ignored and use rootVolume
- directly.
- type: string
- imageUUID:
- description: The uuid of the image to use for your server instance.
- if it's empty, Image name will be used
- type: string
- instanceID:
- description: InstanceID is the OpenStack instance ID for this machine.
- type: string
- networks:
- description: A networks object. Required parameter when there are
- multiple networks defined for the tenant. When you do not specify
- both networks and ports parameters, the server attaches to the only
- network created for the current tenant.
- items:
- properties:
- filter:
- description: Filters for optional network query
- properties:
- description:
- type: string
- id:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- fixedIP:
- description: A fixed IPv4 address for the NIC.
- type: string
- subnets:
- description: Subnet within a network to use
- items:
- properties:
- filter:
- description: Filters for optional subnet query
- properties:
- cidr:
- type: string
- description:
- type: string
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- uuid:
- description: Optional UUID of the subnet. If specified
- this will not be validated prior to server creation.
- If specified, the enclosing `NetworkParam` must also
- be specified by UUID.
- type: string
- type: object
- type: array
- uuid:
- description: Optional UUID of the network. If specified this
- will not be validated prior to server creation. Required if
- `Subnets` specifies a subnet by UUID.
- type: string
- type: object
- type: array
- ports:
- description: Ports to be attached to the server instance. They are
- created if a port with the given name does not already exist. When
- you do not specify both networks and ports parameters, the server
- attaches to the only network created for the current tenant.
- items:
- properties:
- adminStateUp:
- type: boolean
- allowedAddressPairs:
- items:
- properties:
- ipAddress:
- type: string
- macAddress:
- type: string
- type: object
- type: array
- description:
- type: string
- disablePortSecurity:
- description: DisablePortSecurity enables or disables the port
- security when set. When not set, it takes the value of the
- corresponding field at the network level.
- type: boolean
- fixedIPs:
- description: Specify pairs of subnet and/or IP address. These
- should be subnets of the network with the given NetworkID.
- items:
- properties:
- ipAddress:
- type: string
- subnet:
- description: Subnet is an openstack subnet query that
- will return the id of a subnet to create the fixed IP
- of a port in. This query must not return more than one
- subnet.
- properties:
- cidr:
- type: string
- description:
- type: string
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- required:
- - subnet
- type: object
- type: array
- hostId:
- description: The ID of the host where the port is allocated
- type: string
- macAddress:
- type: string
- nameSuffix:
- description: Used to make the name of the port unique. If unspecified,
- instead the 0-based index of the port in the list is used.
- type: string
- network:
- description: Network is a query for an openstack network that
- the port will be created or discovered on. This will fail
- if the query returns more than one network.
- properties:
- description:
- type: string
- id:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- profile:
- additionalProperties:
- type: string
- description: A dictionary that enables the application running
- on the specified host to pass and receive virtual network
- interface (VIF) port-specific information to the plug-in.
- type: object
- projectId:
- type: string
- securityGroupFilters:
- description: The names, uuids, filters or any combination these
- of the security groups to assign to the instance
- items:
- properties:
- filter:
- description: Filters used to query security groups in
- openstack
- properties:
- description:
- type: string
- id:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- name:
- description: Security Group name
- type: string
- uuid:
- description: Security Group UID
- type: string
- type: object
- type: array
- securityGroups:
- description: The uuids of the security groups to assign to the
- instance
- items:
- type: string
- type: array
- tags:
- description: Tags applied to the port (and corresponding trunk,
- if a trunk is configured.) These tags are applied in addition
- to the instance's tags, which will also be applied to the
- port.
- items:
- type: string
- type: array
- tenantId:
- type: string
- trunk:
- description: Enables and disables trunk at port level. If not
- provided, openStackMachine.Spec.Trunk is inherited.
- type: boolean
- vnicType:
- description: The virtual network interface card (vNIC) type
- that is bound to the neutron port.
- type: string
- type: object
- type: array
- providerID:
- description: ProviderID is the unique identifier as specified by the
- cloud provider.
- type: string
- rootVolume:
- description: The volume metadata to boot from
- properties:
- availabilityZone:
- type: string
- diskSize:
- type: integer
- volumeType:
- type: string
- type: object
- securityGroups:
- description: The names of the security groups to assign to the instance
- items:
- properties:
- filter:
- description: Filters used to query security groups in openstack
- properties:
- description:
- type: string
- id:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- name:
- description: Security Group name
- type: string
- uuid:
- description: Security Group UID
- type: string
- type: object
- type: array
- serverGroupID:
- description: The server group to assign the machine to
- type: string
- serverMetadata:
- additionalProperties:
- type: string
- description: Metadata mapping. Allows you to create a map of key value
- pairs to add to the server instance.
- type: object
- sshKeyName:
- description: The ssh key to inject in the instance
- type: string
- subnet:
- description: UUID, IP address of a port from this subnet will be marked
- as AccessIPv4 on the created compute instance
- type: string
- tags:
- description: Machine tags Requires Nova api 2.52 minimum!
- items:
- type: string
- type: array
- trunk:
- description: Whether the server instance is created on a trunk port
- or not.
- type: boolean
- required:
- - flavor
- type: object
- status:
- description: OpenStackMachineStatus defines the observed state of OpenStackMachine.
- properties:
- addresses:
- description: Addresses contains the OpenStack instance associated
- addresses.
- items:
- description: NodeAddress contains information for the node's address.
- properties:
- address:
- description: The node address.
- type: string
- type:
- description: Node address type, one of Hostname, ExternalIP
- or InternalIP.
- type: string
- required:
- - address
- - type
- type: object
- type: array
- conditions:
- description: Conditions provide observations of the operational state
- of a Cluster API resource.
- items:
- description: Condition defines an observation of a Cluster API resource
- operational state.
- properties:
- lastTransitionTime:
- description: Last time the condition transitioned from one status
- to another. This should be when the underlying condition changed.
- If that is not known, then using the time when the API field
- changed is acceptable.
- format: date-time
- type: string
- message:
- description: A human readable message indicating details about
- the transition. This field may be empty.
- type: string
- reason:
- description: The reason for the condition's last transition
- in CamelCase. The specific API may choose whether or not this
- field is considered a guaranteed API. This field may not be
- empty.
- type: string
- severity:
- description: Severity provides an explicit classification of
- Reason code, so the users or machines can immediately understand
- the current situation and act accordingly. The Severity field
- MUST be set only when Status=False.
- type: string
- status:
- description: Status of the condition, one of True, False, Unknown.
- type: string
- type:
- description: Type of condition in CamelCase or in foo.example.com/CamelCase.
- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important.
- type: string
- required:
- - lastTransitionTime
- - status
- - type
- type: object
- type: array
- failureMessage:
- description: "FailureMessage will be set in the event that there is
- a terminal problem reconciling the Machine and will contain a more
- verbose string suitable for logging and human consumption. \n This
- field should not be set for transitive errors that a controller
- faces that are expected to be fixed automatically over time (like
- service outages), but instead indicate that something is fundamentally
- wrong with the Machine's spec or the configuration of the controller,
- and that manual intervention is required. Examples of terminal errors
- would be invalid combinations of settings in the spec, values that
- are unsupported by the controller, or the responsible controller
- itself being critically misconfigured. \n Any transient errors that
- occur during the reconciliation of Machines can be added as events
- to the Machine object and/or logged in the controller's output."
- type: string
- failureReason:
- description: MachineStatusError defines errors states for Machine
- objects.
- type: string
- instanceState:
- description: InstanceState is the state of the OpenStack instance
- for this machine.
- type: string
- ready:
- description: Ready is true when the provider resource is ready.
- type: boolean
- type: object
- type: object
- served: true
- storage: false
- subresources:
- status: {}
- - additionalPrinterColumns:
- - description: Cluster to which this OpenStackMachine belongs
- jsonPath: .metadata.labels.cluster\.x-k8s\.io/cluster-name
- name: Cluster
- type: string
- - description: OpenStack instance state
- jsonPath: .status.instanceState
- name: InstanceState
- type: string
- - description: Machine ready status
- jsonPath: .status.ready
- name: Ready
- type: string
- - description: OpenStack instance ID
- jsonPath: .spec.providerID
- name: ProviderID
- type: string
- - description: Machine object which owns with this OpenStackMachine
- jsonPath: .metadata.ownerReferences[?(@.kind=="Machine")].name
- name: Machine
- type: string
- - description: Time duration since creation of OpenStackMachine
- jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1alpha6
- schema:
- openAPIV3Schema:
- description: OpenStackMachine is the Schema for the openstackmachines API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: OpenStackMachineSpec defines the desired state of OpenStackMachine.
- properties:
- cloudName:
- description: The name of the cloud to use from the clouds secret
- type: string
- configDrive:
- description: Config Drive support
- type: boolean
- flavor:
- description: The flavor reference for the flavor for your server instance.
- type: string
- floatingIP:
- description: The floatingIP which will be associated to the machine,
- only used for master. The floatingIP should have been created and
- haven't been associated.
- type: string
- identityRef:
- description: IdentityRef is a reference to a identity to be used when
- reconciling this cluster
- properties:
- kind:
- description: Kind of the identity. Must be supported by the infrastructure
- provider and may be either cluster or namespace-scoped.
- minLength: 1
- type: string
- name:
- description: Name of the infrastructure identity to be used. Must
- be either a cluster-scoped resource, or namespaced-scoped resource
- the same namespace as the resource(s) being provisioned.
- type: string
- required:
- - kind
- - name
- type: object
- image:
- description: The name of the image to use for your server instance.
- If the RootVolume is specified, this will be ignored and use rootVolume
- directly.
- type: string
- imageUUID:
- description: The uuid of the image to use for your server instance.
- if it's empty, Image name will be used
- type: string
- instanceID:
- description: InstanceID is the OpenStack instance ID for this machine.
- type: string
- networks:
- description: A networks object. Required parameter when there are
- multiple networks defined for the tenant. When you do not specify
- both networks and ports parameters, the server attaches to the only
- network created for the current tenant.
- items:
- properties:
- filter:
- description: Filters for optional network query
- properties:
- description:
- type: string
- id:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- fixedIP:
- description: A fixed IPv4 address for the NIC.
- type: string
- subnets:
- description: Subnet within a network to use
- items:
- properties:
- filter:
- description: Filters for optional subnet query
- properties:
- cidr:
- type: string
- description:
- type: string
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- uuid:
- description: Optional UUID of the subnet. If specified
- this will not be validated prior to server creation.
- If specified, the enclosing `NetworkParam` must also
- be specified by UUID.
- type: string
- type: object
- type: array
- uuid:
- description: Optional UUID of the network. If specified this
- will not be validated prior to server creation. Required if
- `Subnets` specifies a subnet by UUID.
- type: string
- type: object
- type: array
- ports:
- description: Ports to be attached to the server instance. They are
- created if a port with the given name does not already exist. When
- you do not specify both networks and ports parameters, the server
- attaches to the only network created for the current tenant.
- items:
- properties:
- adminStateUp:
- type: boolean
- allowedAddressPairs:
- items:
- properties:
- ipAddress:
- type: string
- macAddress:
- type: string
- type: object
- type: array
- description:
- type: string
- disablePortSecurity:
- description: DisablePortSecurity enables or disables the port
- security when set. When not set, it takes the value of the
- corresponding field at the network level.
- type: boolean
- fixedIPs:
- description: Specify pairs of subnet and/or IP address. These
- should be subnets of the network with the given NetworkID.
- items:
- properties:
- ipAddress:
- type: string
- subnet:
- description: Subnet is an openstack subnet query that
- will return the id of a subnet to create the fixed IP
- of a port in. This query must not return more than one
- subnet.
- properties:
- cidr:
- type: string
- description:
- type: string
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- required:
- - subnet
- type: object
- type: array
- hostId:
- description: The ID of the host where the port is allocated
- type: string
- macAddress:
- type: string
- nameSuffix:
- description: Used to make the name of the port unique. If unspecified,
- instead the 0-based index of the port in the list is used.
- type: string
- network:
- description: Network is a query for an openstack network that
- the port will be created or discovered on. This will fail
- if the query returns more than one network.
- properties:
- description:
- type: string
- id:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- profile:
- additionalProperties:
- type: string
- description: A dictionary that enables the application running
- on the specified host to pass and receive virtual network
- interface (VIF) port-specific information to the plug-in.
- type: object
- projectId:
- type: string
- securityGroupFilters:
- description: The names, uuids, filters or any combination these
- of the security groups to assign to the instance
- items:
- properties:
- filter:
- description: Filters used to query security groups in
- openstack
- properties:
- description:
- type: string
- id:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- name:
- description: Security Group name
- type: string
- uuid:
- description: Security Group UID
- type: string
- type: object
- type: array
- securityGroups:
- description: The uuids of the security groups to assign to the
- instance
- items:
- type: string
- type: array
- x-kubernetes-list-type: set
- tags:
- description: Tags applied to the port (and corresponding trunk,
- if a trunk is configured.) These tags are applied in addition
- to the instance's tags, which will also be applied to the
- port.
- items:
- type: string
- type: array
- x-kubernetes-list-type: set
- tenantId:
- type: string
- trunk:
- description: Enables and disables trunk at port level. If not
- provided, openStackMachine.Spec.Trunk is inherited.
- type: boolean
- vnicType:
- description: The virtual network interface card (vNIC) type
- that is bound to the neutron port.
- type: string
- type: object
- type: array
- providerID:
- description: ProviderID is the unique identifier as specified by the
- cloud provider.
- type: string
- rootVolume:
- description: The volume metadata to boot from
- properties:
- availabilityZone:
- type: string
- diskSize:
- type: integer
- volumeType:
- type: string
- type: object
- securityGroups:
- description: The names of the security groups to assign to the instance
- items:
- properties:
- filter:
- description: Filters used to query security groups in openstack
- properties:
- description:
- type: string
- id:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- name:
- description: Security Group name
- type: string
- uuid:
- description: Security Group UID
- type: string
- type: object
- type: array
- serverGroupID:
- description: The server group to assign the machine to
- type: string
- serverMetadata:
- additionalProperties:
- type: string
- description: Metadata mapping. Allows you to create a map of key value
- pairs to add to the server instance.
- type: object
- sshKeyName:
- description: The ssh key to inject in the instance
- type: string
- subnet:
- description: UUID, IP address of a port from this subnet will be marked
- as AccessIPv4 on the created compute instance
- type: string
- tags:
- description: Machine tags Requires Nova api 2.52 minimum!
- items:
- type: string
- type: array
- x-kubernetes-list-type: set
- trunk:
- description: Whether the server instance is created on a trunk port
- or not.
- type: boolean
- required:
- - flavor
- type: object
- status:
- description: OpenStackMachineStatus defines the observed state of OpenStackMachine.
- properties:
- addresses:
- description: Addresses contains the OpenStack instance associated
- addresses.
- items:
- description: NodeAddress contains information for the node's address.
- properties:
- address:
- description: The node address.
- type: string
- type:
- description: Node address type, one of Hostname, ExternalIP
- or InternalIP.
- type: string
- required:
- - address
- - type
- type: object
- type: array
- conditions:
- description: Conditions provide observations of the operational state
- of a Cluster API resource.
- items:
- description: Condition defines an observation of a Cluster API resource
- operational state.
- properties:
- lastTransitionTime:
- description: Last time the condition transitioned from one status
- to another. This should be when the underlying condition changed.
- If that is not known, then using the time when the API field
- changed is acceptable.
- format: date-time
- type: string
- message:
- description: A human readable message indicating details about
- the transition. This field may be empty.
- type: string
- reason:
- description: The reason for the condition's last transition
- in CamelCase. The specific API may choose whether or not this
- field is considered a guaranteed API. This field may not be
- empty.
- type: string
- severity:
- description: Severity provides an explicit classification of
- Reason code, so the users or machines can immediately understand
- the current situation and act accordingly. The Severity field
- MUST be set only when Status=False.
- type: string
- status:
- description: Status of the condition, one of True, False, Unknown.
- type: string
- type:
- description: Type of condition in CamelCase or in foo.example.com/CamelCase.
- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important.
- type: string
- required:
- - lastTransitionTime
- - status
- - type
- type: object
- type: array
- failureMessage:
- description: "FailureMessage will be set in the event that there is
- a terminal problem reconciling the Machine and will contain a more
- verbose string suitable for logging and human consumption. \n This
- field should not be set for transitive errors that a controller
- faces that are expected to be fixed automatically over time (like
- service outages), but instead indicate that something is fundamentally
- wrong with the Machine's spec or the configuration of the controller,
- and that manual intervention is required. Examples of terminal errors
- would be invalid combinations of settings in the spec, values that
- are unsupported by the controller, or the responsible controller
- itself being critically misconfigured. \n Any transient errors that
- occur during the reconciliation of Machines can be added as events
- to the Machine object and/or logged in the controller's output."
- type: string
- failureReason:
- description: MachineStatusError defines errors states for Machine
- objects.
- type: string
- instanceState:
- description: InstanceState is the state of the OpenStack instance
- for this machine.
- type: string
- ready:
- description: Ready is true when the provider resource is ready.
- type: boolean
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- annotations:
- cert-manager.io/inject-ca-from: capo-system/capo-serving-cert
- controller-gen.kubebuilder.io/version: v0.9.2
- labels:
- cluster.x-k8s.io/provider: infrastructure-openstack
- cluster.x-k8s.io/v1alpha3: v1alpha3
- cluster.x-k8s.io/v1beta1: v1alpha4_v1alpha5_v1alpha6
- name: openstackmachinetemplates.infrastructure.cluster.x-k8s.io
-spec:
- conversion:
- strategy: Webhook
- webhook:
- clientConfig:
- caBundle: Cg==
- service:
- name: capo-webhook-service
- namespace: capo-system
- path: /convert
- conversionReviewVersions:
- - v1
- - v1beta1
- group: infrastructure.cluster.x-k8s.io
- names:
- categories:
- - cluster-api
- kind: OpenStackMachineTemplate
- listKind: OpenStackMachineTemplateList
- plural: openstackmachinetemplates
- shortNames:
- - osmt
- singular: openstackmachinetemplate
- scope: Namespaced
- versions:
- - name: v1alpha3
- schema:
- openAPIV3Schema:
- description: OpenStackMachineTemplate is the Schema for the openstackmachinetemplates
- API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: OpenStackMachineTemplateSpec defines the desired state of
- OpenStackMachineTemplate.
- properties:
- template:
- description: OpenStackMachineTemplateResource describes the data needed
- to create a OpenStackMachine from a template.
- properties:
- spec:
- description: Spec is the specification of the desired behavior
- of the machine.
- properties:
- cloudName:
- description: The name of the cloud to use from the clouds
- secret
- type: string
- cloudsSecret:
- description: The name of the secret containing the openstack
- credentials
- properties:
- name:
- description: name is unique within a namespace to reference
- a secret resource.
- type: string
- namespace:
- description: namespace defines the space within which
- the secret name must be unique.
- type: string
- type: object
- x-kubernetes-map-type: atomic
- configDrive:
- description: Config Drive support
- type: boolean
- flavor:
- description: The flavor reference for the flavor for your
- server instance.
- type: string
- floatingIP:
- description: The floatingIP which will be associated to the
- machine, only used for master. The floatingIP should have
- been created and haven't been associated.
- type: string
- image:
- description: The name of the image to use for your server
- instance. If the RootVolume is specified, this will be ignored
- and use rootVolume directly.
- type: string
- instanceID:
- description: InstanceID is the OpenStack instance ID for this
- machine.
- type: string
- networks:
- description: A networks object. Required parameter when there
- are multiple networks defined for the tenant. When you do
- not specify the networks parameter, the server attaches
- to the only network created for the current tenant.
- items:
- properties:
- filter:
- description: Filters for optional network query
- properties:
- adminStateUp:
- type: boolean
- description:
- type: string
- id:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- shared:
- type: boolean
- sortDir:
- type: string
- sortKey:
- type: string
- status:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- fixedIp:
- description: A fixed IPv4 address for the NIC.
- type: string
- subnets:
- description: Subnet within a network to use
- items:
- properties:
- filter:
- description: Filters for optional network query
- properties:
- cidr:
- type: string
- description:
- type: string
- enableDhcp:
- type: boolean
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- networkId:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- subnetpoolId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- uuid:
- description: The UUID of the network. Required
- if you omit the port attribute.
- type: string
- type: object
- type: array
- uuid:
- description: The UUID of the network. Required if you
- omit the port attribute.
- type: string
- type: object
- type: array
- providerID:
- description: ProviderID is the unique identifier as specified
- by the cloud provider.
- type: string
- rootVolume:
- description: The volume metadata to boot from
- properties:
- deviceType:
- type: string
- diskSize:
- type: integer
- sourceType:
- type: string
- sourceUUID:
- type: string
- type: object
- securityGroups:
- description: The names of the security groups to assign to
- the instance
- items:
- properties:
- filter:
- description: Filters used to query security groups in
- openstack
- properties:
- description:
- type: string
- id:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- name:
- description: Security Group name
- type: string
- uuid:
- description: Security Group UID
- type: string
- type: object
- type: array
- serverGroupID:
- description: The server group to assign the machine to
- type: string
- serverMetadata:
- additionalProperties:
- type: string
- description: Metadata mapping. Allows you to create a map
- of key value pairs to add to the server instance.
- type: object
- sshKeyName:
- description: The ssh key to inject in the instance
- type: string
- subnet:
- description: UUID, IP address of a port from this subnet will
- be marked as AccessIPv4 on the created compute instance
- type: string
- tags:
- description: Machine tags Requires Nova api 2.52 minimum!
- items:
- type: string
- type: array
- trunk:
- description: Whether the server instance is created on a trunk
- port or not.
- type: boolean
- userDataSecret:
- description: The name of the secret containing the user data
- (startup script in most cases)
- properties:
- name:
- description: name is unique within a namespace to reference
- a secret resource.
- type: string
- namespace:
- description: namespace defines the space within which
- the secret name must be unique.
- type: string
- type: object
- x-kubernetes-map-type: atomic
- required:
- - flavor
- type: object
- required:
- - spec
- type: object
- required:
- - template
- type: object
- type: object
- served: true
- storage: false
- - name: v1alpha4
- schema:
- openAPIV3Schema:
- description: OpenStackMachineTemplate is the Schema for the openstackmachinetemplates
- API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: OpenStackMachineTemplateSpec defines the desired state of
- OpenStackMachineTemplate.
- properties:
- template:
- description: OpenStackMachineTemplateResource describes the data needed
- to create a OpenStackMachine from a template.
- properties:
- spec:
- description: Spec is the specification of the desired behavior
- of the machine.
- properties:
- cloudName:
- description: The name of the cloud to use from the clouds
- secret
- type: string
- configDrive:
- description: Config Drive support
- type: boolean
- flavor:
- description: The flavor reference for the flavor for your
- server instance.
- type: string
- floatingIP:
- description: The floatingIP which will be associated to the
- machine, only used for master. The floatingIP should have
- been created and haven't been associated.
- type: string
- identityRef:
- description: IdentityRef is a reference to a identity to be
- used when reconciling this cluster
- properties:
- kind:
- description: Kind of the identity. Must be supported by
- the infrastructure provider and may be either cluster
- or namespace-scoped.
- minLength: 1
- type: string
- name:
- description: Name of the infrastructure identity to be
- used. Must be either a cluster-scoped resource, or namespaced-scoped
- resource the same namespace as the resource(s) being
- provisioned.
- type: string
- required:
- - kind
- - name
- type: object
- image:
- description: The name of the image to use for your server
- instance. If the RootVolume is specified, this will be ignored
- and use rootVolume directly.
- type: string
- instanceID:
- description: InstanceID is the OpenStack instance ID for this
- machine.
- type: string
- networks:
- description: A networks object. Required parameter when there
- are multiple networks defined for the tenant. When you do
- not specify both networks and ports parameters, the server
- attaches to the only network created for the current tenant.
- items:
- properties:
- filter:
- description: Filters for optional network query
- properties:
- adminStateUp:
- type: boolean
- description:
- type: string
- id:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- shared:
- type: boolean
- sortDir:
- type: string
- sortKey:
- type: string
- status:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- fixedIP:
- description: A fixed IPv4 address for the NIC.
- type: string
- subnets:
- description: Subnet within a network to use
- items:
- properties:
- filter:
- description: Filters for optional subnet query
- properties:
- cidr:
- type: string
- description:
- type: string
- enableDhcp:
- type: boolean
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- networkId:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- subnetpoolId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- uuid:
- description: Optional UUID of the subnet. If specified
- this will not be validated prior to server creation.
- If specified, the enclosing `NetworkParam` must
- also be specified by UUID.
- type: string
- type: object
- type: array
- uuid:
- description: Optional UUID of the network. If specified
- this will not be validated prior to server creation.
- Required if `Subnets` specifies a subnet by UUID.
- type: string
- type: object
- type: array
- ports:
- description: Ports to be attached to the server instance.
- They are created if a port with the given name does not
- already exist. When you do not specify both networks and
- ports parameters, the server attaches to the only network
- created for the current tenant.
- items:
- properties:
- adminStateUp:
- type: boolean
- allowedAddressPairs:
- items:
- properties:
- ipAddress:
- type: string
- macAddress:
- type: string
- type: object
- type: array
- description:
- type: string
- disablePortSecurity:
- description: DisablePortSecurity enables or disables
- the port security when set. When not set, it takes
- the value of the corresponding field at the network
- level.
- type: boolean
- fixedIPs:
- description: Specify pairs of subnet and/or IP address.
- These should be subnets of the network with the given
- NetworkID.
- items:
- properties:
- ipAddress:
- type: string
- subnetId:
- type: string
- required:
- - subnetId
- type: object
- type: array
- hostId:
- description: The ID of the host where the port is allocated
- type: string
- macAddress:
- type: string
- nameSuffix:
- description: Used to make the name of the port unique.
- If unspecified, instead the 0-based index of the port
- in the list is used.
- type: string
- networkId:
- description: ID of the OpenStack network on which to
- create the port. If unspecified, create the port on
- the default cluster network.
- type: string
- profile:
- additionalProperties:
- type: string
- description: A dictionary that enables the application
- running on the specified host to pass and receive
- virtual network interface (VIF) port-specific information
- to the plug-in.
- type: object
- projectId:
- type: string
- securityGroups:
- items:
- type: string
- type: array
- tags:
- description: Tags applied to the port (and corresponding
- trunk, if a trunk is configured.) These tags are applied
- in addition to the instance's tags, which will also
- be applied to the port.
- items:
- type: string
- type: array
- tenantId:
- type: string
- trunk:
- description: Enables and disables trunk at port level.
- If not provided, openStackMachine.Spec.Trunk is inherited.
- type: boolean
- vnicType:
- description: The virtual network interface card (vNIC)
- type that is bound to the neutron port.
- type: string
- type: object
- type: array
- providerID:
- description: ProviderID is the unique identifier as specified
- by the cloud provider.
- type: string
- rootVolume:
- description: The volume metadata to boot from
- properties:
- deviceType:
- type: string
- diskSize:
- type: integer
- sourceType:
- type: string
- sourceUUID:
- type: string
- type: object
- securityGroups:
- description: The names of the security groups to assign to
- the instance
- items:
- properties:
- filter:
- description: Filters used to query security groups in
- openstack
- properties:
- description:
- type: string
- id:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- name:
- description: Security Group name
- type: string
- uuid:
- description: Security Group UID
- type: string
- type: object
- type: array
- serverGroupID:
- description: The server group to assign the machine to
- type: string
- serverMetadata:
- additionalProperties:
- type: string
- description: Metadata mapping. Allows you to create a map
- of key value pairs to add to the server instance.
- type: object
- sshKeyName:
- description: The ssh key to inject in the instance
- type: string
- subnet:
- description: UUID, IP address of a port from this subnet will
- be marked as AccessIPv4 on the created compute instance
- type: string
- tags:
- description: Machine tags Requires Nova api 2.52 minimum!
- items:
- type: string
- type: array
- trunk:
- description: Whether the server instance is created on a trunk
- port or not.
- type: boolean
- required:
- - flavor
- type: object
- required:
- - spec
- type: object
- required:
- - template
- type: object
- type: object
- served: true
- storage: false
- - name: v1alpha5
- schema:
- openAPIV3Schema:
- description: OpenStackMachineTemplate is the Schema for the openstackmachinetemplates
- API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: OpenStackMachineTemplateSpec defines the desired state of
- OpenStackMachineTemplate.
- properties:
- template:
- description: OpenStackMachineTemplateResource describes the data needed
- to create a OpenStackMachine from a template.
- properties:
- spec:
- description: Spec is the specification of the desired behavior
- of the machine.
- properties:
- cloudName:
- description: The name of the cloud to use from the clouds
- secret
- type: string
- configDrive:
- description: Config Drive support
- type: boolean
- flavor:
- description: The flavor reference for the flavor for your
- server instance.
- type: string
- floatingIP:
- description: The floatingIP which will be associated to the
- machine, only used for master. The floatingIP should have
- been created and haven't been associated.
- type: string
- identityRef:
- description: IdentityRef is a reference to a identity to be
- used when reconciling this cluster
- properties:
- kind:
- description: Kind of the identity. Must be supported by
- the infrastructure provider and may be either cluster
- or namespace-scoped.
- minLength: 1
- type: string
- name:
- description: Name of the infrastructure identity to be
- used. Must be either a cluster-scoped resource, or namespaced-scoped
- resource the same namespace as the resource(s) being
- provisioned.
- type: string
- required:
- - kind
- - name
- type: object
- image:
- description: The name of the image to use for your server
- instance. If the RootVolume is specified, this will be ignored
- and use rootVolume directly.
- type: string
- imageUUID:
- description: The uuid of the image to use for your server
- instance. if it's empty, Image name will be used
- type: string
- instanceID:
- description: InstanceID is the OpenStack instance ID for this
- machine.
- type: string
- networks:
- description: A networks object. Required parameter when there
- are multiple networks defined for the tenant. When you do
- not specify both networks and ports parameters, the server
- attaches to the only network created for the current tenant.
- items:
- properties:
- filter:
- description: Filters for optional network query
- properties:
- description:
- type: string
- id:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- fixedIP:
- description: A fixed IPv4 address for the NIC.
- type: string
- subnets:
- description: Subnet within a network to use
- items:
- properties:
- filter:
- description: Filters for optional subnet query
- properties:
- cidr:
- type: string
- description:
- type: string
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- uuid:
- description: Optional UUID of the subnet. If specified
- this will not be validated prior to server creation.
- If specified, the enclosing `NetworkParam` must
- also be specified by UUID.
- type: string
- type: object
- type: array
- uuid:
- description: Optional UUID of the network. If specified
- this will not be validated prior to server creation.
- Required if `Subnets` specifies a subnet by UUID.
- type: string
- type: object
- type: array
- ports:
- description: Ports to be attached to the server instance.
- They are created if a port with the given name does not
- already exist. When you do not specify both networks and
- ports parameters, the server attaches to the only network
- created for the current tenant.
- items:
- properties:
- adminStateUp:
- type: boolean
- allowedAddressPairs:
- items:
- properties:
- ipAddress:
- type: string
- macAddress:
- type: string
- type: object
- type: array
- description:
- type: string
- disablePortSecurity:
- description: DisablePortSecurity enables or disables
- the port security when set. When not set, it takes
- the value of the corresponding field at the network
- level.
- type: boolean
- fixedIPs:
- description: Specify pairs of subnet and/or IP address.
- These should be subnets of the network with the given
- NetworkID.
- items:
- properties:
- ipAddress:
- type: string
- subnet:
- description: Subnet is an openstack subnet query
- that will return the id of a subnet to create
- the fixed IP of a port in. This query must not
- return more than one subnet.
- properties:
- cidr:
- type: string
- description:
- type: string
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- required:
- - subnet
- type: object
- type: array
- hostId:
- description: The ID of the host where the port is allocated
- type: string
- macAddress:
- type: string
- nameSuffix:
- description: Used to make the name of the port unique.
- If unspecified, instead the 0-based index of the port
- in the list is used.
- type: string
- network:
- description: Network is a query for an openstack network
- that the port will be created or discovered on. This
- will fail if the query returns more than one network.
- properties:
- description:
- type: string
- id:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- profile:
- additionalProperties:
- type: string
- description: A dictionary that enables the application
- running on the specified host to pass and receive
- virtual network interface (VIF) port-specific information
- to the plug-in.
- type: object
- projectId:
- type: string
- securityGroupFilters:
- description: The names, uuids, filters or any combination
- these of the security groups to assign to the instance
- items:
- properties:
- filter:
- description: Filters used to query security groups
- in openstack
- properties:
- description:
- type: string
- id:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- name:
- description: Security Group name
- type: string
- uuid:
- description: Security Group UID
- type: string
- type: object
- type: array
- securityGroups:
- description: The uuids of the security groups to assign
- to the instance
- items:
- type: string
- type: array
- tags:
- description: Tags applied to the port (and corresponding
- trunk, if a trunk is configured.) These tags are applied
- in addition to the instance's tags, which will also
- be applied to the port.
- items:
- type: string
- type: array
- tenantId:
- type: string
- trunk:
- description: Enables and disables trunk at port level.
- If not provided, openStackMachine.Spec.Trunk is inherited.
- type: boolean
- vnicType:
- description: The virtual network interface card (vNIC)
- type that is bound to the neutron port.
- type: string
- type: object
- type: array
- providerID:
- description: ProviderID is the unique identifier as specified
- by the cloud provider.
- type: string
- rootVolume:
- description: The volume metadata to boot from
- properties:
- availabilityZone:
- type: string
- diskSize:
- type: integer
- volumeType:
- type: string
- type: object
- securityGroups:
- description: The names of the security groups to assign to
- the instance
- items:
- properties:
- filter:
- description: Filters used to query security groups in
- openstack
- properties:
- description:
- type: string
- id:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- name:
- description: Security Group name
- type: string
- uuid:
- description: Security Group UID
- type: string
- type: object
- type: array
- serverGroupID:
- description: The server group to assign the machine to
- type: string
- serverMetadata:
- additionalProperties:
- type: string
- description: Metadata mapping. Allows you to create a map
- of key value pairs to add to the server instance.
- type: object
- sshKeyName:
- description: The ssh key to inject in the instance
- type: string
- subnet:
- description: UUID, IP address of a port from this subnet will
- be marked as AccessIPv4 on the created compute instance
- type: string
- tags:
- description: Machine tags Requires Nova api 2.52 minimum!
- items:
- type: string
- type: array
- trunk:
- description: Whether the server instance is created on a trunk
- port or not.
- type: boolean
- required:
- - flavor
- type: object
- required:
- - spec
- type: object
- required:
- - template
- type: object
- type: object
- served: true
- storage: false
- - name: v1alpha6
- schema:
- openAPIV3Schema:
- description: OpenStackMachineTemplate is the Schema for the openstackmachinetemplates
- API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: OpenStackMachineTemplateSpec defines the desired state of
- OpenStackMachineTemplate.
- properties:
- template:
- description: OpenStackMachineTemplateResource describes the data needed
- to create a OpenStackMachine from a template.
- properties:
- spec:
- description: Spec is the specification of the desired behavior
- of the machine.
- properties:
- cloudName:
- description: The name of the cloud to use from the clouds
- secret
- type: string
- configDrive:
- description: Config Drive support
- type: boolean
- flavor:
- description: The flavor reference for the flavor for your
- server instance.
- type: string
- floatingIP:
- description: The floatingIP which will be associated to the
- machine, only used for master. The floatingIP should have
- been created and haven't been associated.
- type: string
- identityRef:
- description: IdentityRef is a reference to a identity to be
- used when reconciling this cluster
- properties:
- kind:
- description: Kind of the identity. Must be supported by
- the infrastructure provider and may be either cluster
- or namespace-scoped.
- minLength: 1
- type: string
- name:
- description: Name of the infrastructure identity to be
- used. Must be either a cluster-scoped resource, or namespaced-scoped
- resource the same namespace as the resource(s) being
- provisioned.
- type: string
- required:
- - kind
- - name
- type: object
- image:
- description: The name of the image to use for your server
- instance. If the RootVolume is specified, this will be ignored
- and use rootVolume directly.
- type: string
- imageUUID:
- description: The uuid of the image to use for your server
- instance. if it's empty, Image name will be used
- type: string
- instanceID:
- description: InstanceID is the OpenStack instance ID for this
- machine.
- type: string
- networks:
- description: A networks object. Required parameter when there
- are multiple networks defined for the tenant. When you do
- not specify both networks and ports parameters, the server
- attaches to the only network created for the current tenant.
- items:
- properties:
- filter:
- description: Filters for optional network query
- properties:
- description:
- type: string
- id:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- fixedIP:
- description: A fixed IPv4 address for the NIC.
- type: string
- subnets:
- description: Subnet within a network to use
- items:
- properties:
- filter:
- description: Filters for optional subnet query
- properties:
- cidr:
- type: string
- description:
- type: string
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- uuid:
- description: Optional UUID of the subnet. If specified
- this will not be validated prior to server creation.
- If specified, the enclosing `NetworkParam` must
- also be specified by UUID.
- type: string
- type: object
- type: array
- uuid:
- description: Optional UUID of the network. If specified
- this will not be validated prior to server creation.
- Required if `Subnets` specifies a subnet by UUID.
- type: string
- type: object
- type: array
- ports:
- description: Ports to be attached to the server instance.
- They are created if a port with the given name does not
- already exist. When you do not specify both networks and
- ports parameters, the server attaches to the only network
- created for the current tenant.
- items:
- properties:
- adminStateUp:
- type: boolean
- allowedAddressPairs:
- items:
- properties:
- ipAddress:
- type: string
- macAddress:
- type: string
- type: object
- type: array
- description:
- type: string
- disablePortSecurity:
- description: DisablePortSecurity enables or disables
- the port security when set. When not set, it takes
- the value of the corresponding field at the network
- level.
- type: boolean
- fixedIPs:
- description: Specify pairs of subnet and/or IP address.
- These should be subnets of the network with the given
- NetworkID.
- items:
- properties:
- ipAddress:
- type: string
- subnet:
- description: Subnet is an openstack subnet query
- that will return the id of a subnet to create
- the fixed IP of a port in. This query must not
- return more than one subnet.
- properties:
- cidr:
- type: string
- description:
- type: string
- gateway_ip:
- type: string
- id:
- type: string
- ipVersion:
- type: integer
- ipv6AddressMode:
- type: string
- ipv6RaMode:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- required:
- - subnet
- type: object
- type: array
- hostId:
- description: The ID of the host where the port is allocated
- type: string
- macAddress:
- type: string
- nameSuffix:
- description: Used to make the name of the port unique.
- If unspecified, instead the 0-based index of the port
- in the list is used.
- type: string
- network:
- description: Network is a query for an openstack network
- that the port will be created or discovered on. This
- will fail if the query returns more than one network.
- properties:
- description:
- type: string
- id:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- type: object
- profile:
- additionalProperties:
- type: string
- description: A dictionary that enables the application
- running on the specified host to pass and receive
- virtual network interface (VIF) port-specific information
- to the plug-in.
- type: object
- projectId:
- type: string
- securityGroupFilters:
- description: The names, uuids, filters or any combination
- these of the security groups to assign to the instance
- items:
- properties:
- filter:
- description: Filters used to query security groups
- in openstack
- properties:
- description:
- type: string
- id:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- name:
- description: Security Group name
- type: string
- uuid:
- description: Security Group UID
- type: string
- type: object
- type: array
- securityGroups:
- description: The uuids of the security groups to assign
- to the instance
- items:
- type: string
- type: array
- x-kubernetes-list-type: set
- tags:
- description: Tags applied to the port (and corresponding
- trunk, if a trunk is configured.) These tags are applied
- in addition to the instance's tags, which will also
- be applied to the port.
- items:
- type: string
- type: array
- x-kubernetes-list-type: set
- tenantId:
- type: string
- trunk:
- description: Enables and disables trunk at port level.
- If not provided, openStackMachine.Spec.Trunk is inherited.
- type: boolean
- vnicType:
- description: The virtual network interface card (vNIC)
- type that is bound to the neutron port.
- type: string
- type: object
- type: array
- providerID:
- description: ProviderID is the unique identifier as specified
- by the cloud provider.
- type: string
- rootVolume:
- description: The volume metadata to boot from
- properties:
- availabilityZone:
- type: string
- diskSize:
- type: integer
- volumeType:
- type: string
- type: object
- securityGroups:
- description: The names of the security groups to assign to
- the instance
- items:
- properties:
- filter:
- description: Filters used to query security groups in
- openstack
- properties:
- description:
- type: string
- id:
- type: string
- limit:
- type: integer
- marker:
- type: string
- name:
- type: string
- notTags:
- type: string
- notTagsAny:
- type: string
- projectId:
- type: string
- sortDir:
- type: string
- sortKey:
- type: string
- tags:
- type: string
- tagsAny:
- type: string
- tenantId:
- type: string
- type: object
- name:
- description: Security Group name
- type: string
- uuid:
- description: Security Group UID
- type: string
- type: object
- type: array
- serverGroupID:
- description: The server group to assign the machine to
- type: string
- serverMetadata:
- additionalProperties:
- type: string
- description: Metadata mapping. Allows you to create a map
- of key value pairs to add to the server instance.
- type: object
- sshKeyName:
- description: The ssh key to inject in the instance
- type: string
- subnet:
- description: UUID, IP address of a port from this subnet will
- be marked as AccessIPv4 on the created compute instance
- type: string
- tags:
- description: Machine tags Requires Nova api 2.52 minimum!
- items:
- type: string
- type: array
- x-kubernetes-list-type: set
- trunk:
- description: Whether the server instance is created on a trunk
- port or not.
- type: boolean
- required:
- - flavor
- type: object
- required:
- - spec
- type: object
- required:
- - template
- type: object
- type: object
- served: true
- storage: true
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- labels:
- cluster.x-k8s.io/provider: infrastructure-openstack
- name: capo-manager
- namespace: capo-system
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- labels:
- cluster.x-k8s.io/provider: infrastructure-openstack
- name: capo-leader-election-role
- namespace: capo-system
-rules:
-- apiGroups:
- - ""
- resources:
- - configmaps
- verbs:
- - get
- - list
- - watch
- - create
- - update
- - patch
- - delete
-- apiGroups:
- - ""
- resources:
- - configmaps/status
- verbs:
- - get
- - update
- - patch
-- apiGroups:
- - ""
- resources:
- - events
- verbs:
- - create
-- apiGroups:
- - coordination.k8s.io
- resources:
- - leases
- verbs:
- - get
- - list
- - watch
- - create
- - update
- - patch
- - delete
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- creationTimestamp: null
- labels:
- cluster.x-k8s.io/provider: infrastructure-openstack
- name: capo-manager-role
-rules:
-- apiGroups:
- - ""
- resources:
- - events
- verbs:
- - create
- - get
- - list
- - patch
- - update
- - watch
-- apiGroups:
- - ""
- resources:
- - secrets
- verbs:
- - get
- - list
- - watch
-- apiGroups:
- - cluster.x-k8s.io
- resources:
- - clusters
- - clusters/status
- verbs:
- - get
- - list
- - watch
-- apiGroups:
- - cluster.x-k8s.io
- resources:
- - machines
- - machines/status
- verbs:
- - get
- - list
- - watch
-- apiGroups:
- - infrastructure.cluster.x-k8s.io
- resources:
- - openstackclusters
- verbs:
- - create
- - delete
- - get
- - list
- - patch
- - update
- - watch
-- apiGroups:
- - infrastructure.cluster.x-k8s.io
- resources:
- - openstackclusters/status
- verbs:
- - get
- - patch
- - update
-- apiGroups:
- - infrastructure.cluster.x-k8s.io
- resources:
- - openstackmachines
- verbs:
- - create
- - delete
- - get
- - list
- - patch
- - update
- - watch
-- apiGroups:
- - infrastructure.cluster.x-k8s.io
- resources:
- - openstackmachines/status
- verbs:
- - get
- - patch
- - update
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
- labels:
- cluster.x-k8s.io/provider: infrastructure-openstack
- name: capo-leader-election-rolebinding
- namespace: capo-system
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: Role
- name: capo-leader-election-role
-subjects:
-- kind: ServiceAccount
- name: capo-manager
- namespace: capo-system
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- labels:
- cluster.x-k8s.io/provider: infrastructure-openstack
- name: capo-manager-rolebinding
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: capo-manager-role
-subjects:
-- kind: ServiceAccount
- name: capo-manager
- namespace: capo-system
----
-apiVersion: v1
-kind: Service
-metadata:
- labels:
- cluster.x-k8s.io/provider: infrastructure-openstack
- name: capo-webhook-service
- namespace: capo-system
-spec:
- ports:
- - port: 443
- targetPort: webhook-server
- selector:
- cluster.x-k8s.io/provider: infrastructure-openstack
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- labels:
- cluster.x-k8s.io/provider: infrastructure-openstack
- control-plane: capo-controller-manager
- name: capo-controller-manager
- namespace: capo-system
-spec:
- replicas: 1
- selector:
- matchLabels:
- cluster.x-k8s.io/provider: infrastructure-openstack
- control-plane: capo-controller-manager
- template:
- metadata:
- labels:
- cluster.x-k8s.io/provider: infrastructure-openstack
- control-plane: capo-controller-manager
- spec:
- containers:
- - args:
- - --leader-elect
- - --v=2
- - --metrics-bind-addr=127.0.0.1:8080
- command:
- - /manager
- image: gcr.io/k8s-staging-capi-openstack/capi-openstack-controller:nightly_main_20221109
- imagePullPolicy: IfNotPresent
- livenessProbe:
- httpGet:
- path: /healthz
- port: healthz
- name: manager
- ports:
- - containerPort: 9443
- name: webhook-server
- protocol: TCP
- - containerPort: 9440
- name: healthz
- protocol: TCP
- readinessProbe:
- httpGet:
- path: /readyz
- port: healthz
- volumeMounts:
- - mountPath: /tmp/k8s-webhook-server/serving-certs
- name: cert
- readOnly: true
- serviceAccountName: capo-manager
- terminationGracePeriodSeconds: 10
- tolerations:
- - effect: NoSchedule
- key: node-role.kubernetes.io/master
- - effect: NoSchedule
- key: node-role.kubernetes.io/control-plane
- volumes:
- - name: cert
- secret:
- defaultMode: 420
- secretName: capo-webhook-service-cert
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- labels:
- cluster.x-k8s.io/provider: infrastructure-openstack
- name: capo-serving-cert
- namespace: capo-system
-spec:
- dnsNames:
- - capo-webhook-service.capo-system.svc
- - capo-webhook-service.capo-system.svc.cluster.local
- issuerRef:
- kind: Issuer
- name: capo-selfsigned-issuer
- secretName: capo-webhook-service-cert
----
-apiVersion: cert-manager.io/v1
-kind: Issuer
-metadata:
- labels:
- cluster.x-k8s.io/provider: infrastructure-openstack
- name: capo-selfsigned-issuer
- namespace: capo-system
-spec:
- selfSigned: {}
----
-apiVersion: admissionregistration.k8s.io/v1
-kind: MutatingWebhookConfiguration
-metadata:
- annotations:
- cert-manager.io/inject-ca-from: capo-system/capo-serving-cert
- labels:
- cluster.x-k8s.io/provider: infrastructure-openstack
- name: capo-mutating-webhook-configuration
-webhooks:
-- admissionReviewVersions:
- - v1beta1
- clientConfig:
- service:
- name: capo-webhook-service
- namespace: capo-system
- path: /mutate-infrastructure-cluster-x-k8s-io-v1alpha6-openstackcluster
- failurePolicy: Fail
- matchPolicy: Equivalent
- name: default.openstackcluster.infrastructure.cluster.x-k8s.io
- rules:
- - apiGroups:
- - infrastructure.cluster.x-k8s.io
- apiVersions:
- - v1alpha6
- operations:
- - CREATE
- - UPDATE
- resources:
- - openstackclusters
- sideEffects: None
-- admissionReviewVersions:
- - v1beta1
- clientConfig:
- service:
- name: capo-webhook-service
- namespace: capo-system
- path: /mutate-infrastructure-cluster-x-k8s-io-v1alpha6-openstackclustertemplate
- failurePolicy: Fail
- matchPolicy: Equivalent
- name: default.openstackclustertemplate.infrastructure.cluster.x-k8s.io
- rules:
- - apiGroups:
- - infrastructure.cluster.x-k8s.io
- apiVersions:
- - v1alpha6
- operations:
- - CREATE
- - UPDATE
- resources:
- - openstackclustertemplates
- sideEffects: None
-- admissionReviewVersions:
- - v1beta1
- clientConfig:
- service:
- name: capo-webhook-service
- namespace: capo-system
- path: /mutate-infrastructure-cluster-x-k8s-io-v1alpha6-openstackmachine
- failurePolicy: Fail
- matchPolicy: Equivalent
- name: default.openstackmachine.infrastructure.cluster.x-k8s.io
- rules:
- - apiGroups:
- - infrastructure.cluster.x-k8s.io
- apiVersions:
- - v1alpha6
- operations:
- - CREATE
- - UPDATE
- resources:
- - openstackmachines
- sideEffects: None
----
-apiVersion: admissionregistration.k8s.io/v1
-kind: ValidatingWebhookConfiguration
-metadata:
- annotations:
- cert-manager.io/inject-ca-from: capo-system/capo-serving-cert
- labels:
- cluster.x-k8s.io/provider: infrastructure-openstack
- name: capo-validating-webhook-configuration
-webhooks:
-- admissionReviewVersions:
- - v1beta1
- clientConfig:
- service:
- name: capo-webhook-service
- namespace: capo-system
- path: /validate-infrastructure-cluster-x-k8s-io-v1alpha6-openstackcluster
- failurePolicy: Fail
- matchPolicy: Equivalent
- name: validation.openstackcluster.infrastructure.cluster.x-k8s.io
- rules:
- - apiGroups:
- - infrastructure.cluster.x-k8s.io
- apiVersions:
- - v1alpha6
- operations:
- - CREATE
- - UPDATE
- resources:
- - openstackclusters
- sideEffects: None
-- admissionReviewVersions:
- - v1beta1
- clientConfig:
- service:
- name: capo-webhook-service
- namespace: capo-system
- path: /validate-infrastructure-cluster-x-k8s-io-v1alpha6-openstackclustertemplate
- failurePolicy: Fail
- matchPolicy: Equivalent
- name: validation.openstackclustertemplate.infrastructure.cluster.x-k8s.io
- rules:
- - apiGroups:
- - infrastructure.cluster.x-k8s.io
- apiVersions:
- - v1alpha6
- operations:
- - CREATE
- - UPDATE
- resources:
- - openstackclustertemplates
- sideEffects: None
-- admissionReviewVersions:
- - v1beta1
- clientConfig:
- service:
- name: capo-webhook-service
- namespace: capo-system
- path: /validate-infrastructure-cluster-x-k8s-io-v1alpha6-openstackmachine
- failurePolicy: Fail
- matchPolicy: Equivalent
- name: validation.openstackmachine.infrastructure.cluster.x-k8s.io
- rules:
- - apiGroups:
- - infrastructure.cluster.x-k8s.io
- apiVersions:
- - v1alpha6
- operations:
- - CREATE
- - UPDATE
- resources:
- - openstackmachines
- sideEffects: None
-- admissionReviewVersions:
- - v1beta1
- clientConfig:
- service:
- name: capo-webhook-service
- namespace: capo-system
- path: /validate-infrastructure-cluster-x-k8s-io-v1alpha6-openstackmachinetemplate
- failurePolicy: Fail
- matchPolicy: Equivalent
- name: validation.openstackmachinetemplate.infrastructure.cluster.x-k8s.io
- rules:
- - apiGroups:
- - infrastructure.cluster.x-k8s.io
- apiVersions:
- - v1alpha6
- operations:
- - CREATE
- - UPDATE
- resources:
- - openstackmachinetemplates
- sideEffects: None
diff --git a/atmosphere/operator/manifests/capi-rbac.yml b/atmosphere/operator/manifests/capi-rbac.yml
deleted file mode 100644
index f1f2fdc..0000000
--- a/atmosphere/operator/manifests/capi-rbac.yml
+++ /dev/null
@@ -1,62 +0,0 @@
----
-apiVersion: v1
-kind: Namespace
-metadata:
- name: magnum-system
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- name: magnum-cluster-api
- namespace: magnum-system
-rules:
- - apiGroups: [""]
- resources: [namespaces]
- verbs: [patch]
- - apiGroups: [""]
- resources: [configmaps, secrets]
- verbs: [create, update, patch, get, delete]
- - apiGroups: [cluster.x-k8s.io]
- resources: [clusters]
- verbs: [create, update, patch, get, delete]
- - apiGroups: [cluster.x-k8s.io]
- resources: [clusterclasses]
- verbs: [create, update, patch]
- - apiGroups: [cluster.x-k8s.io]
- resources: [machinedeployments]
- verbs: [list]
- - apiGroups: [bootstrap.cluster.x-k8s.io]
- resources: [kubeadmconfigtemplates]
- verbs: [create, update, patch]
- - apiGroups: [controlplane.cluster.x-k8s.io]
- resources: [kubeadmcontrolplanes]
- verbs: [list]
- - apiGroups: [controlplane.cluster.x-k8s.io]
- resources: [kubeadmcontrolplanetemplates]
- verbs: [create, update, patch]
- - apiGroups: [infrastructure.cluster.x-k8s.io]
- resources: [openstackclustertemplates, openstackmachinetemplates]
- verbs: [create, update, patch]
- - apiGroups: [addons.cluster.x-k8s.io]
- resources: [clusterresourcesets]
- verbs: [create, update, patch, delete]
- - apiGroups: [source.toolkit.fluxcd.io]
- resources: [helmrepositories]
- verbs: [create, update, patch]
- - apiGroups: [helm.toolkit.fluxcd.io]
- resources: [helmreleases]
- verbs: [delete]
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
- name: magnum-cluster-api
- namespace: magnum-system
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: Role
- name: magnum-cluster-api
-subjects:
- - kind: ServiceAccount
- name: magnum-conductor
- namespace: openstack
diff --git a/atmosphere/operator/tasks.py b/atmosphere/operator/tasks.py
deleted file mode 100644
index 2c46dd0..0000000
--- a/atmosphere/operator/tasks.py
+++ /dev/null
@@ -1,42 +0,0 @@
-import glob
-import os
-import subprocess
-
-import pkg_resources
-from taskflow import task
-
-from atmosphere.operator import constants, utils
-
-
-class InstallClusterApiTask(task.Task):
- def execute(self, spec: dict):
- cluster_api_images = [
- i for i in constants.IMAGE_LIST if i.startswith("cluster_api")
- ]
-
- # TODO(mnaser): Move CAPI and CAPO to run on control plane
- manifests_path = pkg_resources.resource_filename(__name__, "manifests")
- manifest_files = glob.glob(os.path.join(manifests_path, "capi-*.yml"))
-
- for manifest in manifest_files:
- with open(manifest) as fd:
- data = fd.read()
-
- # NOTE(mnaser): Replace all the images for Cluster API
- for image in cluster_api_images:
- data = data.replace(
- utils.get_image_ref(image).string(),
- utils.get_image_ref(
- image, override_registry=spec["imageRepository"]
- ).string(),
- )
-
- subprocess.run(
- "kubectl apply -f -",
- shell=True,
- check=True,
- input=data,
- text=True,
- stdout=subprocess.DEVNULL,
- stderr=subprocess.DEVNULL,
- )
diff --git a/roles/cluster_api/README.md b/roles/cluster_api/README.md
deleted file mode 100644
index a3d22cd..0000000
--- a/roles/cluster_api/README.md
+++ /dev/null
@@ -1 +0,0 @@
-# `cluster-api`
diff --git a/roles/cluster_api/meta/main.yml b/roles/cluster_api/meta/main.yml
deleted file mode 100644
index d82cd11..0000000
--- a/roles/cluster_api/meta/main.yml
+++ /dev/null
@@ -1,27 +0,0 @@
-# Copyright (c) 2022 VEXXHOST, Inc.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-galaxy_info:
- author: VEXXHOST, Inc.
- description: Ansible role for Cluster API
- license: Apache-2.0
- min_ansible_version: 5.5.0
- standalone: false
- platforms:
- - name: Ubuntu
- versions:
- - focal
-
-dependencies:
- - role: defaults
diff --git a/roles/cluster_api/tasks/main.yml b/roles/cluster_api/tasks/main.yml
deleted file mode 100644
index d56ada6..0000000
--- a/roles/cluster_api/tasks/main.yml
+++ /dev/null
@@ -1,25 +0,0 @@
-# Copyright (c) 2022 VEXXHOST, Inc.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-- name: Deploy resources
- kubernetes.core.k8s:
- kubeconfig: /etc/kubernetes/admin.conf
- state: present
- template:
- - path: 'templates/capi-bootstrap.yml'
- - path: 'templates/capi-control-plane.yml'
- - path: 'templates/capi-core.yml'
- - path: 'templates/capi-provider.yml'
- - path: 'templates/capi-rbac.yml'
- run_once: true
diff --git a/roles/openstack_helm_magnum/tasks/main.yml b/roles/openstack_helm_magnum/tasks/main.yml
index 587d375..140b15b 100644
--- a/roles/openstack_helm_magnum/tasks/main.yml
+++ b/roles/openstack_helm_magnum/tasks/main.yml
@@ -37,6 +37,18 @@
name: "{{ openstack_helm_magnum_helm_release_name }}"
namespace: "{{ openstack_helm_magnum_helm_release_namespace }}"
+- name: Deploy cluster api
+ kubernetes.core.k8s:
+ kubeconfig: /etc/kubernetes/admin.conf
+ state: present
+ template:
+ - path: 'templates/capi-bootstrap.yml.j2'
+ - path: 'templates/capi-control-plane.yml.j2'
+ - path: 'templates/capi-core.yml.j2'
+ - path: 'templates/capi-provider.yml.j2'
+ - path: 'templates/capi-rbac.yml.j2'
+ run_once: true
+
- name: Deploy Helm chart
run_once: true
kubernetes.core.helm:
@@ -56,7 +68,7 @@
openstack_helm_ingress_service_port: 9511
openstack_helm_ingress_annotations: "{{ openstack_helm_magnum_ingress_annotations }}"
-- name: Deploy Helm chart
+- name: Deploy magnum registry
kubernetes.core.k8s:
state: present
definition:
@@ -358,15 +370,6 @@
nodeSelector:
openstack-control-plane: enabled
-- name: Create Ingress
- ansible.builtin.include_role:
- name: openstack_helm_ingress
- vars:
- openstack_helm_ingress_endpoint: container_infra
- openstack_helm_ingress_service_name: magnum-api
- openstack_helm_ingress_service_port: 9511
- openstack_helm_ingress_annotations: "{{ openstack_helm_magnum_ingress_annotations }}"
-
- name: Create magnum registry Ingress
ansible.builtin.include_role:
name: openstack_helm_ingress
diff --git a/roles/cluster_api/templates/capi-bootstrap.yml b/roles/openstack_helm_magnum/templates/capi-bootstrap.yml.j2
similarity index 100%
rename from roles/cluster_api/templates/capi-bootstrap.yml
rename to roles/openstack_helm_magnum/templates/capi-bootstrap.yml.j2
diff --git a/roles/cluster_api/templates/capi-control-plane.yml b/roles/openstack_helm_magnum/templates/capi-control-plane.yml.j2
similarity index 100%
rename from roles/cluster_api/templates/capi-control-plane.yml
rename to roles/openstack_helm_magnum/templates/capi-control-plane.yml.j2
diff --git a/roles/cluster_api/templates/capi-core.yml b/roles/openstack_helm_magnum/templates/capi-core.yml.j2
similarity index 100%
rename from roles/cluster_api/templates/capi-core.yml
rename to roles/openstack_helm_magnum/templates/capi-core.yml.j2
diff --git a/roles/cluster_api/templates/capi-provider.yml b/roles/openstack_helm_magnum/templates/capi-provider.yml.j2
similarity index 100%
rename from roles/cluster_api/templates/capi-provider.yml
rename to roles/openstack_helm_magnum/templates/capi-provider.yml.j2
diff --git a/roles/cluster_api/templates/capi-rbac.yml b/roles/openstack_helm_magnum/templates/capi-rbac.yml.j2
similarity index 100%
rename from roles/cluster_api/templates/capi-rbac.yml
rename to roles/openstack_helm_magnum/templates/capi-rbac.yml.j2