diff --git a/bootstrap/create.sh b/bootstrap/create.sh index d848fe2..c038d30 100755 --- a/bootstrap/create.sh +++ b/bootstrap/create.sh @@ -8,12 +8,22 @@ export HCLOUD_TOKEN_CCM="$(cat /Users/adam/.hetzner/cloud/projects/cloudlab-prod export HCLOUD_TOKEN_CAPH="$(cat /Users/adam/.hetzner/cloud/projects/cloudlab-prod/tokens/capi)" clusterctl_init() { - clusterctl init \ - --core cluster-api \ - --bootstrap talos \ - --control-plane talos \ - --infrastructure hetzner \ - --wait-providers + apply_manifests_at manifests/prod/addons/cert-manager + kubectl wait --for=condition=Available --timeout=10m -n cert-manager deployment.apps/cert-manager + kubectl wait --for=condition=Available --timeout=10m -n cert-manager deployment.apps/cert-manager-cainjector + kubectl wait --for=condition=Available --timeout=10m -n cert-manager deployment.apps/cert-manager-webhook + # we apply twice to overcome a race condition between custom resources and their definitions + apply_manifests_at manifests/prod/addons/cert-manager + + apply_manifests_at manifests/prod/addons/capi-system + apply_manifests_at manifests/prod/addons/cabpt-system + apply_manifests_at manifests/prod/addons/cacppt-system + apply_manifests_at manifests/prod/addons/caph-system + kubectl wait --for=condition=Available --timeout=10m -n capi-system deployment.apps/capi-controller-manager + kubectl wait --for=condition=Available --timeout=10m -n cabpt-system deployment.apps/cabpt-controller-manager + kubectl wait --for=condition=Available --timeout=10m -n cacppt-system deployment.apps/cacppt-controller-manager + kubectl wait --for=condition=Available --timeout=10m -n caph-system deployment.apps/caph-controller-manager + } write_capi_secret() { diff --git a/bootstrap/destroy.sh b/bootstrap/destroy.sh index f097602..5e6e0e7 100755 --- a/bootstrap/destroy.sh +++ b/bootstrap/destroy.sh @@ -17,3 +17,6 @@ ips=$(hcloud floating-ip list | awk '{print $2 }' | awk 'NR > 1') for ip in $ips; do hcloud floating-ip delete $ip done + +# delete load balancer +hcloud load-balancer list | awk '{print $2 }' | awk 'NR > 1' | xargs -I {} hcloud load-balancer delete {} diff --git a/manifests/prod/addons/cabpt-system/gen-yaml.sh b/manifests/prod/addons/cabpt-system/gen-yaml.sh new file mode 100755 index 0000000..a8112ec --- /dev/null +++ b/manifests/prod/addons/cabpt-system/gen-yaml.sh @@ -0,0 +1,9 @@ +#!/usr/bin/env bash + +set -o errexit +set -o nounset +set -o pipefail + +cd "$(dirname "${BASH_SOURCE[0]}")" + +clusterctl generate provider --bootstrap talos:v0.6.2 > resources/provider.yaml diff --git a/manifests/prod/addons/cabpt-system/kustomization.yaml b/manifests/prod/addons/cabpt-system/kustomization.yaml new file mode 100644 index 0000000..fd6c3c5 --- /dev/null +++ b/manifests/prod/addons/cabpt-system/kustomization.yaml @@ -0,0 +1,17 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - resources/provider.yaml + +patches: + - target: + kind: Deployment + name: cabpt-controller-manager + patch: |- + spec: + template: + spec: + tolerations: + - key: node-role.kubernetes.io/master + effect: NoSchedule diff --git a/manifests/prod/addons/cabpt-system/resources/provider.yaml b/manifests/prod/addons/cabpt-system/resources/provider.yaml new file mode 100644 index 0000000..3bee3be --- /dev/null +++ b/manifests/prod/addons/cabpt-system/resources/provider.yaml @@ -0,0 +1,796 @@ +apiVersion: v1 +kind: Namespace +metadata: + labels: + cluster.x-k8s.io/provider: bootstrap-talos + clusterctl.cluster.x-k8s.io: "" + name: cabpt-system +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: cabpt-system/cabpt-serving-cert + controller-gen.kubebuilder.io/version: v0.12.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: bootstrap-talos + cluster.x-k8s.io/v1alpha3: v1alpha3 + cluster.x-k8s.io/v1alpha4: v1alpha3 + cluster.x-k8s.io/v1beta1: v1alpha3 + clusterctl.cluster.x-k8s.io: "" + name: talosconfigs.bootstrap.cluster.x-k8s.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + caBundle: Cg== + service: + name: cabpt-webhook-service + namespace: cabpt-system + path: /convert + conversionReviewVersions: + - v1 + - v1beta1 + group: bootstrap.cluster.x-k8s.io + names: + categories: + - cluster-api + kind: TalosConfig + listKind: TalosConfigList + plural: talosconfigs + singular: talosconfig + scope: Namespaced + versions: + - name: v1alpha2 + schema: + openAPIV3Schema: + description: TalosConfig is the Schema for the talosconfigs API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: TalosConfigSpec defines the desired state of TalosConfig + properties: + data: + type: string + generateType: + type: string + required: + - generateType + type: object + status: + description: TalosConfigStatus defines the observed state of TalosConfig + properties: + bootstrapData: + description: BootstrapData will be a slice of bootstrap data + format: byte + type: string + errorMessage: + description: ErrorMessage will be set on non-retryable errors + type: string + errorReason: + description: ErrorReason will be set on non-retryable errors + type: string + ready: + description: Ready indicates the BootstrapData field is ready to be + consumed + type: boolean + talosConfig: + description: Talos config will be a string containing the config for + download + type: string + type: object + type: object + served: true + storage: false + subresources: + status: {} + - name: v1alpha3 + schema: + openAPIV3Schema: + description: TalosConfig is the Schema for the talosconfigs API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: TalosConfigSpec defines the desired state of TalosConfig + properties: + configPatches: + items: + properties: + op: + type: string + path: + type: string + value: + x-kubernetes-preserve-unknown-fields: true + required: + - op + - path + type: object + type: array + data: + type: string + generateType: + type: string + hostname: + description: Set hostname in the machine configuration to some value. + properties: + source: + description: "Source of the hostname. \n Allowed values: \"MachineName\" + (use linked Machine's Name)." + type: string + type: object + talosVersion: + type: string + required: + - generateType + type: object + status: + description: TalosConfigStatus defines the observed state of TalosConfig + properties: + conditions: + description: Conditions defines current service state of the TalosConfig. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + dataSecretName: + description: DataSecretName is the name of the secret that stores + the bootstrap data script. + type: string + failureMessage: + description: FailureMessage will be set on non-retryable errors + type: string + failureReason: + description: FailureReason will be set on non-retryable errors + type: string + observedGeneration: + description: ObservedGeneration is the latest generation observed + by the controller. + format: int64 + type: integer + ready: + description: Ready indicates the BootstrapData field is ready to be + consumed + type: boolean + talosConfig: + description: "Talos config will be a string containing the config + for download. \n Deprecated: please use `-talosconfig` + secret." + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: cabpt-system/cabpt-serving-cert + controller-gen.kubebuilder.io/version: v0.12.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: bootstrap-talos + cluster.x-k8s.io/v1alpha3: v1alpha3 + cluster.x-k8s.io/v1alpha4: v1alpha3 + cluster.x-k8s.io/v1beta1: v1alpha3 + clusterctl.cluster.x-k8s.io: "" + name: talosconfigtemplates.bootstrap.cluster.x-k8s.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + caBundle: Cg== + service: + name: cabpt-webhook-service + namespace: cabpt-system + path: /convert + conversionReviewVersions: + - v1 + - v1beta1 + group: bootstrap.cluster.x-k8s.io + names: + categories: + - cluster-api + kind: TalosConfigTemplate + listKind: TalosConfigTemplateList + plural: talosconfigtemplates + singular: talosconfigtemplate + scope: Namespaced + versions: + - name: v1alpha2 + schema: + openAPIV3Schema: + description: TalosConfigTemplate is the Schema for the talosconfigtemplates + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: TalosConfigTemplateSpec defines the desired state of TalosConfigTemplate + properties: + template: + description: TalosConfigTemplateResource defines the Template structure + properties: + spec: + description: TalosConfigSpec defines the desired state of TalosConfig + properties: + data: + type: string + generateType: + type: string + required: + - generateType + type: object + type: object + required: + - template + type: object + type: object + served: true + storage: false + - name: v1alpha3 + schema: + openAPIV3Schema: + description: TalosConfigTemplate is the Schema for the talosconfigtemplates + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: TalosConfigTemplateSpec defines the desired state of TalosConfigTemplate + properties: + template: + description: TalosConfigTemplateResource defines the Template structure + properties: + spec: + description: TalosConfigSpec defines the desired state of TalosConfig + properties: + configPatches: + items: + properties: + op: + type: string + path: + type: string + value: + x-kubernetes-preserve-unknown-fields: true + required: + - op + - path + type: object + type: array + data: + type: string + generateType: + type: string + hostname: + description: Set hostname in the machine configuration to + some value. + properties: + source: + description: "Source of the hostname. \n Allowed values: + \"MachineName\" (use linked Machine's Name)." + type: string + type: object + talosVersion: + type: string + required: + - generateType + type: object + type: object + required: + - template + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + labels: + cluster.x-k8s.io/provider: bootstrap-talos + clusterctl.cluster.x-k8s.io: "" + name: cabpt-leader-election-role + namespace: cabpt-system +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - configmaps/status + verbs: + - get + - update + - patch +- apiGroups: + - "" + resources: + - events + verbs: + - create +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + cluster.x-k8s.io/provider: bootstrap-talos + clusterctl.cluster.x-k8s.io: "" + name: cabpt-manager-role +rules: +- apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - bootstrap.cluster.x-k8s.io + resources: + - talosconfigs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - bootstrap.cluster.x-k8s.io + resources: + - talosconfigs/status + verbs: + - get + - patch + - update +- apiGroups: + - cluster.x-k8s.io + resources: + - clusters + - clusters/status + - machines + - machines/status + verbs: + - get + - list + - watch +- apiGroups: + - exp.cluster.x-k8s.io + resources: + - machinepools + - machinepools/status + verbs: + - get + - list + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + cluster.x-k8s.io/provider: bootstrap-talos + clusterctl.cluster.x-k8s.io: "" + name: cabpt-proxy-role +rules: +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + cluster.x-k8s.io/provider: bootstrap-talos + clusterctl.cluster.x-k8s.io: "" + name: cabpt-talosconfig-editor-role +rules: +- apiGroups: + - bootstrap.cluster.x-k8s.io + resources: + - talosconfigs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - bootstrap.cluster.x-k8s.io + resources: + - talosconfigs/status + verbs: + - get + - patch + - update +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: bootstrap-talos + clusterctl.cluster.x-k8s.io: "" + name: cabpt-leader-election-rolebinding + namespace: cabpt-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: cabpt-leader-election-role +subjects: +- kind: ServiceAccount + name: default + namespace: cabpt-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: bootstrap-talos + clusterctl.cluster.x-k8s.io: "" + name: cabpt-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cabpt-manager-role +subjects: +- kind: ServiceAccount + name: default + namespace: cabpt-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: bootstrap-talos + clusterctl.cluster.x-k8s.io: "" + name: cabpt-proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cabpt-proxy-role +subjects: +- kind: ServiceAccount + name: default + namespace: cabpt-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: bootstrap-talos + clusterctl.cluster.x-k8s.io: "" + name: cabpt-talosconfig-editor-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cabpt-talosconfig-editor-role +subjects: +- kind: ServiceAccount + name: default + namespace: cabpt-system +--- +apiVersion: v1 +kind: Service +metadata: + labels: + cluster.x-k8s.io/provider: bootstrap-talos + clusterctl.cluster.x-k8s.io: "" + control-plane: controller-manager + name: cabpt-controller-manager-metrics-service + namespace: cabpt-system +spec: + ports: + - name: https + port: 8443 + targetPort: https + selector: + cluster.x-k8s.io/provider: bootstrap-talos + control-plane: controller-manager +--- +apiVersion: v1 +kind: Service +metadata: + labels: + cluster.x-k8s.io/provider: bootstrap-talos + clusterctl.cluster.x-k8s.io: "" + name: cabpt-webhook-service + namespace: cabpt-system +spec: + ports: + - port: 443 + targetPort: 9443 + selector: + cluster.x-k8s.io/provider: bootstrap-talos + control-plane: controller-manager +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: bootstrap-talos + clusterctl.cluster.x-k8s.io: "" + control-plane: controller-manager + name: cabpt-controller-manager + namespace: cabpt-system +spec: + replicas: 1 + selector: + matchLabels: + cluster.x-k8s.io/provider: bootstrap-talos + control-plane: controller-manager + strategy: {} + template: + metadata: + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: bootstrap-talos + control-plane: controller-manager + spec: + containers: + - args: + - --metrics-bind-addr=127.0.0.1:8080 + - --enable-leader-election + - --feature-gates=MachinePool=false + command: + - /manager + image: ghcr.io/siderolabs/cluster-api-talos-controller:v0.6.2 + imagePullPolicy: Always + livenessProbe: + httpGet: + path: /healthz + port: healthz + name: manager + ports: + - containerPort: 9443 + name: webhook-server + protocol: TCP + - containerPort: 9440 + name: healthz + protocol: TCP + readinessProbe: + httpGet: + path: /readyz + port: healthz + resources: + limits: + cpu: 500m + memory: 500Mi + requests: + cpu: 100m + memory: 128Mi + volumeMounts: + - mountPath: /tmp/k8s-webhook-server/serving-certs + name: cert + readOnly: true + terminationGracePeriodSeconds: 10 + volumes: + - name: cert + secret: + defaultMode: 420 + secretName: cabpt-webhook-service-cert +status: {} +--- +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + labels: + cluster.x-k8s.io/provider: bootstrap-talos + clusterctl.cluster.x-k8s.io: "" + name: cabpt-serving-cert + namespace: cabpt-system +spec: + dnsNames: + - cabpt-webhook-service.cabpt-system.svc + - cabpt-webhook-service.cabpt-system.svc.cluster.local + issuerRef: + kind: Issuer + name: cabpt-selfsigned-issuer + secretName: cabpt-webhook-service-cert +--- +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + labels: + cluster.x-k8s.io/provider: bootstrap-talos + clusterctl.cluster.x-k8s.io: "" + name: cabpt-selfsigned-issuer + namespace: cabpt-system +spec: + selfSigned: {} +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration +metadata: + annotations: + cert-manager.io/inject-ca-from: cabpt-system/cabpt-serving-cert + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: bootstrap-talos + clusterctl.cluster.x-k8s.io: "" + name: cabpt-validating-webhook-configuration +webhooks: +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: cabpt-webhook-service + namespace: cabpt-system + path: /validate-bootstrap-cluster-x-k8s-io-v1alpha3-talosconfig + failurePolicy: Fail + name: vtalosconfig.cluster.x-k8s.io + rules: + - apiGroups: + - bootstrap.cluster.x-k8s.io + apiVersions: + - v1alpha3 + operations: + - CREATE + - UPDATE + resources: + - talosconfigs + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: cabpt-webhook-service + namespace: cabpt-system + path: /validate-bootstrap-cluster-x-k8s-io-v1alpha3-talosconfigtemplate + failurePolicy: Fail + name: vtalosconfigtemplate.cluster.x-k8s.io + rules: + - apiGroups: + - bootstrap.cluster.x-k8s.io + apiVersions: + - v1alpha3 + operations: + - UPDATE + resources: + - talosconfigtemplates + sideEffects: None diff --git a/manifests/prod/addons/cacppt-system/gen-yaml.sh b/manifests/prod/addons/cacppt-system/gen-yaml.sh new file mode 100755 index 0000000..7473956 --- /dev/null +++ b/manifests/prod/addons/cacppt-system/gen-yaml.sh @@ -0,0 +1,9 @@ +#!/usr/bin/env bash + +set -o errexit +set -o nounset +set -o pipefail + +cd "$(dirname "${BASH_SOURCE[0]}")" + +clusterctl generate provider --control-plane talos:v0.5.3 > resources/provider.yaml diff --git a/manifests/prod/addons/cacppt-system/kustomization.yaml b/manifests/prod/addons/cacppt-system/kustomization.yaml new file mode 100644 index 0000000..6240b56 --- /dev/null +++ b/manifests/prod/addons/cacppt-system/kustomization.yaml @@ -0,0 +1,17 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - resources/provider.yaml + +patches: + - target: + kind: Deployment + name: cacppt-controller-manager + patch: |- + spec: + template: + spec: + tolerations: + - key: node-role.kubernetes.io/master + effect: NoSchedule diff --git a/manifests/prod/addons/cacppt-system/resources/provider.yaml b/manifests/prod/addons/cacppt-system/resources/provider.yaml new file mode 100644 index 0000000..fe54ae3 --- /dev/null +++ b/manifests/prod/addons/cacppt-system/resources/provider.yaml @@ -0,0 +1,788 @@ +apiVersion: v1 +kind: Namespace +metadata: + labels: + cluster.x-k8s.io/provider: control-plane-talos + clusterctl.cluster.x-k8s.io: "" + name: cacppt-system +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: cacppt-system/cacppt-serving-cert + controller-gen.kubebuilder.io/version: v0.12.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: control-plane-talos + cluster.x-k8s.io/v1alpha3: v1alpha3 + cluster.x-k8s.io/v1alpha4: v1alpha3 + cluster.x-k8s.io/v1beta1: v1alpha3 + clusterctl.cluster.x-k8s.io: "" + name: taloscontrolplanes.controlplane.cluster.x-k8s.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + caBundle: Cg== + service: + name: webhook-service + namespace: cacppt-system + path: /convert + conversionReviewVersions: + - v1 + - v1beta1 + group: controlplane.cluster.x-k8s.io + names: + categories: + - cluster-api + kind: TalosControlPlane + listKind: TalosControlPlaneList + plural: taloscontrolplanes + shortNames: + - tcp + singular: taloscontrolplane + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: TalosControlPlane API Server is ready to receive requests + jsonPath: .status.ready + name: Ready + type: boolean + - description: This denotes whether or not the control plane has the uploaded + talos-config configmap + jsonPath: .status.initialized + name: Initialized + type: boolean + - description: Total number of non-terminated machines targeted by this control + plane + jsonPath: .status.replicas + name: Replicas + type: integer + - description: Total number of fully running and ready control plane machines + jsonPath: .status.readyReplicas + name: Ready Replicas + type: integer + - description: Total number of unavailable machines targeted by this control plane + jsonPath: .status.unavailableReplicas + name: Unavailable Replicas + type: integer + name: v1alpha3 + schema: + openAPIV3Schema: + description: TalosControlPlane is the Schema for the taloscontrolplanes API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: TalosControlPlaneSpec defines the desired state of TalosControlPlane + properties: + controlPlaneConfig: + description: ControlPlaneConfig is a two TalosConfigSpecs to use for + initializing and joining machines to the control plane. + properties: + controlplane: + description: TalosConfigSpec defines the desired state of TalosConfig + properties: + configPatches: + items: + properties: + op: + type: string + path: + type: string + value: + x-kubernetes-preserve-unknown-fields: true + required: + - op + - path + type: object + type: array + data: + type: string + generateType: + type: string + hostname: + description: Set hostname in the machine configuration to + some value. + properties: + source: + description: "Source of the hostname. \n Allowed values: + \"MachineName\" (use linked Machine's Name)." + type: string + type: object + talosVersion: + type: string + required: + - generateType + type: object + init: + description: 'Deprecated: starting from cacppt v0.4.0 provider + doesn''t use init configs.' + properties: + configPatches: + items: + properties: + op: + type: string + path: + type: string + value: + x-kubernetes-preserve-unknown-fields: true + required: + - op + - path + type: object + type: array + data: + type: string + generateType: + type: string + hostname: + description: Set hostname in the machine configuration to + some value. + properties: + source: + description: "Source of the hostname. \n Allowed values: + \"MachineName\" (use linked Machine's Name)." + type: string + type: object + talosVersion: + type: string + required: + - generateType + type: object + required: + - controlplane + type: object + infrastructureTemplate: + description: InfrastructureTemplate is a required reference to a custom + resource offered by an infrastructure provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + replicas: + description: Number of desired machines. Defaults to 1. When stacked + etcd is used only odd numbers are permitted, as per [etcd best practice](https://etcd.io/docs/v3.3.12/faq/#why-an-odd-number-of-cluster-members). + This is a pointer to distinguish between explicit zero and not specified. + format: int32 + type: integer + rolloutStrategy: + default: + rollingUpdate: + maxSurge: 1 + type: RollingUpdate + description: The RolloutStrategy to use to replace control plane machines + with new ones. + properties: + rollingUpdate: + description: Rolling update config params. Present only if RolloutStrategyType + = RollingUpdate. + properties: + maxSurge: + anyOf: + - type: integer + - type: string + description: 'The maximum number of control planes that can + be scheduled above or under the desired number of control + planes. Value can be an absolute number 1 or 0. Defaults + to 1. Example: when this is set to 1, the control plane + can be scaled up immediately when the rolling update starts.' + x-kubernetes-int-or-string: true + type: object + type: + description: "Change rollout strategy. \n Supported strategies: + * \"RollingUpdate\". * \"OnDelete\" \n Default is RollingUpdate." + type: string + type: object + version: + description: Version defines the desired Kubernetes version. + minLength: 2 + pattern: ^v(0|[1-9][0-9]*)\.(0|[1-9][0-9]*)\.(0|[1-9][0-9]*)([-0-9a-zA-Z_\.+]*)?$ + type: string + required: + - controlPlaneConfig + - infrastructureTemplate + - version + type: object + status: + description: TalosControlPlaneStatus defines the observed state of TalosControlPlane + properties: + bootstrapped: + description: Bootstrapped denotes whether any nodes received bootstrap + request which is required to start etcd and Kubernetes components + in Talos. + type: boolean + conditions: + description: Conditions defines current service state of the KubeadmControlPlane. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + failureMessage: + description: ErrorMessage indicates that there is a terminal problem + reconciling the state, and will be set to a descriptive error message. + type: string + failureReason: + description: FailureReason indicates that there is a terminal problem + reconciling the state, and will be set to a token value suitable + for programmatic interpretation. + type: string + initialized: + description: Initialized denotes whether or not the control plane + has the uploaded talos-config configmap. + type: boolean + observedGeneration: + description: ObservedGeneration is the latest generation observed + by the controller. + format: int64 + type: integer + ready: + description: Ready denotes that the TalosControlPlane API Server is + ready to receive requests. + type: boolean + readyReplicas: + description: Total number of fully running and ready control plane + machines. + format: int32 + type: integer + replicas: + description: Total number of non-terminated machines targeted by this + control plane (their labels match the selector). + format: int32 + type: integer + selector: + description: 'Selector is the label selector in string format to avoid + introspection by clients, and is used to provide the CRD-based integration + for the scale subresource and additional integrations for things + like kubectl describe.. The string will be in the same format as + the query-param syntax. More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors' + type: string + unavailableReplicas: + description: Total number of unavailable machines targeted by this + control plane. This is the total number of machines that are still + required for the deployment to have 100% available capacity. They + may either be machines that are running but not yet ready or machines + that still have not been created. + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + scale: + labelSelectorPath: .status.selector + specReplicasPath: .spec.replicas + statusReplicasPath: .status.replicas + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + labels: + cluster.x-k8s.io/provider: control-plane-talos + clusterctl.cluster.x-k8s.io: "" + name: cacppt-leader-election-role + namespace: cacppt-system +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - configmaps/status + verbs: + - get + - update + - patch +- apiGroups: + - "" + resources: + - events + verbs: + - create +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + labels: + cluster.x-k8s.io/provider: control-plane-talos + clusterctl.cluster.x-k8s.io: "" + name: cacppt-manager-role + namespace: cacppt-system +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - get + - list + - watch +- apiGroups: + - rbac + resources: + - rolebindings + verbs: + - create + - get + - list + - watch +- apiGroups: + - rbac + resources: + - roles + verbs: + - create + - get + - list + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + cluster.x-k8s.io/provider: control-plane-talos + clusterctl.cluster.x-k8s.io: "" + name: cacppt-manager-role +rules: +- apiGroups: + - bootstrap.cluster.x-k8s.io + - controlplane.cluster.x-k8s.io + - infrastructure.cluster.x-k8s.io + resources: + - '*' + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - cluster.x-k8s.io + resources: + - clusters + - clusters/status + verbs: + - get + - list + - watch +- apiGroups: + - cluster.x-k8s.io + resources: + - machines + - machines/status + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - events + verbs: + - create + - get + - list + - patch + - watch +- apiGroups: + - "" + resources: + - secrets + verbs: + - create + - get + - list + - patch + - update + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + cluster.x-k8s.io/provider: control-plane-talos + clusterctl.cluster.x-k8s.io: "" + name: cacppt-metrics-reader +rules: +- nonResourceURLs: + - /metrics + verbs: + - get +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + cluster.x-k8s.io/provider: control-plane-talos + clusterctl.cluster.x-k8s.io: "" + name: cacppt-proxy-role +rules: +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: control-plane-talos + clusterctl.cluster.x-k8s.io: "" + name: cacppt-leader-election-rolebinding + namespace: cacppt-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: cacppt-leader-election-role +subjects: +- kind: ServiceAccount + name: default + namespace: cacppt-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: control-plane-talos + clusterctl.cluster.x-k8s.io: "" + name: cacppt-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cacppt-manager-role +subjects: +- kind: ServiceAccount + name: default + namespace: cacppt-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: control-plane-talos + clusterctl.cluster.x-k8s.io: "" + name: cacppt-proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cacppt-proxy-role +subjects: +- kind: ServiceAccount + name: default + namespace: cacppt-system +--- +apiVersion: v1 +kind: Service +metadata: + labels: + cluster.x-k8s.io/provider: control-plane-talos + clusterctl.cluster.x-k8s.io: "" + control-plane: controller-manager + name: cacppt-controller-manager-metrics-service + namespace: cacppt-system +spec: + ports: + - name: https + port: 8443 + targetPort: https + selector: + cluster.x-k8s.io/provider: control-plane-talos + control-plane: controller-manager +--- +apiVersion: v1 +kind: Service +metadata: + labels: + cluster.x-k8s.io/provider: control-plane-talos + clusterctl.cluster.x-k8s.io: "" + name: cacppt-webhook-service + namespace: cacppt-system +spec: + ports: + - port: 443 + targetPort: 9443 + selector: + cluster.x-k8s.io/provider: control-plane-talos + control-plane: controller-manager +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: control-plane-talos + clusterctl.cluster.x-k8s.io: "" + control-plane: controller-manager + name: cacppt-controller-manager + namespace: cacppt-system +spec: + replicas: 1 + selector: + matchLabels: + cluster.x-k8s.io/provider: control-plane-talos + control-plane: controller-manager + strategy: {} + template: + metadata: + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: control-plane-talos + control-plane: controller-manager + spec: + containers: + - args: + - --metrics-bind-addr=127.0.0.1:8080 + - --enable-leader-election + command: + - /manager + image: ghcr.io/siderolabs/cluster-api-control-plane-talos-controller:v0.5.3 + imagePullPolicy: Always + name: manager + ports: + - containerPort: 9443 + name: webhook-server + protocol: TCP + resources: + limits: + cpu: "1" + memory: 500Mi + requests: + cpu: 100m + memory: 128Mi + volumeMounts: + - mountPath: /tmp/k8s-webhook-server/serving-certs + name: cert + readOnly: true + terminationGracePeriodSeconds: 10 + volumes: + - name: cert + secret: + defaultMode: 420 + secretName: cacppt-webhook-service-cert +status: {} +--- +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + labels: + cluster.x-k8s.io/provider: control-plane-talos + clusterctl.cluster.x-k8s.io: "" + name: cacppt-serving-cert + namespace: cacppt-system +spec: + dnsNames: + - cacppt-webhook-service.cacppt-system.svc + - cacppt-webhook-service.cacppt-system.svc.cluster.local + issuerRef: + kind: Issuer + name: cacppt-selfsigned-issuer + secretName: cacppt-webhook-service-cert +--- +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + labels: + cluster.x-k8s.io/provider: control-plane-talos + clusterctl.cluster.x-k8s.io: "" + name: cacppt-selfsigned-issuer + namespace: cacppt-system +spec: + selfSigned: {} +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: MutatingWebhookConfiguration +metadata: + annotations: + cert-manager.io/inject-ca-from: cacppt-system/cacppt-serving-cert + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: control-plane-talos + clusterctl.cluster.x-k8s.io: "" + name: cacppt-mutating-webhook-configuration +webhooks: +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: cacppt-webhook-service + namespace: cacppt-system + path: /mutate-controlplane-cluster-x-k8s-io-v1alpha3-taloscontrolplane + failurePolicy: Fail + matchPolicy: Equivalent + name: default.taloscontrolplane.controlplane.cluster.x-k8s.io + rules: + - apiGroups: + - controlplane.cluster.x-k8s.io + apiVersions: + - v1alpha3 + operations: + - CREATE + - UPDATE + resources: + - taloscontrolplanes + sideEffects: None +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration +metadata: + annotations: + cert-manager.io/inject-ca-from: cacppt-system/cacppt-serving-cert + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: control-plane-talos + clusterctl.cluster.x-k8s.io: "" + name: cacppt-validating-webhook-configuration +webhooks: +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: cacppt-webhook-service + namespace: cacppt-system + path: /validate-controlplane-cluster-x-k8s-io-v1alpha3-taloscontrolplane + failurePolicy: Fail + name: validate.taloscontrolplane.controlplane.cluster.x-k8s.io + rules: + - apiGroups: + - controlplane.cluster.x-k8s.io + apiVersions: + - v1alpha3 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - taloscontrolplanes + sideEffects: None diff --git a/manifests/prod/addons/caph-system/gen-yaml.sh b/manifests/prod/addons/caph-system/gen-yaml.sh new file mode 100755 index 0000000..cad6e67 --- /dev/null +++ b/manifests/prod/addons/caph-system/gen-yaml.sh @@ -0,0 +1,9 @@ +#!/usr/bin/env bash + +set -o errexit +set -o nounset +set -o pipefail + +cd "$(dirname "${BASH_SOURCE[0]}")" + +clusterctl generate provider --infrastructure hetzner:v1.0.0-beta.26 > resources/provider.yaml diff --git a/manifests/prod/addons/caph-system/kustomization.yaml b/manifests/prod/addons/caph-system/kustomization.yaml new file mode 100644 index 0000000..f1af081 --- /dev/null +++ b/manifests/prod/addons/caph-system/kustomization.yaml @@ -0,0 +1,17 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - resources/provider.yaml + +patches: + - target: + kind: Deployment + name: caph-controller-manager + patch: |- + spec: + template: + spec: + tolerations: + - key: node-role.kubernetes.io/master + effect: NoSchedule diff --git a/manifests/prod/addons/caph-system/resources/provider.yaml b/manifests/prod/addons/caph-system/resources/provider.yaml new file mode 100644 index 0000000..9f69870 --- /dev/null +++ b/manifests/prod/addons/caph-system/resources/provider.yaml @@ -0,0 +1,4224 @@ +apiVersion: v1 +kind: Namespace +metadata: + labels: + cluster.x-k8s.io/provider: infrastructure-hetzner + clusterctl.cluster.x-k8s.io: "" + control-plane: controller-manager + name: caph-system +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: caph-system/caph-serving-cert + controller-gen.kubebuilder.io/version: v0.12.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: infrastructure-hetzner + cluster.x-k8s.io/v1beta1: v1beta1 + clusterctl.cluster.x-k8s.io: "" + name: hcloudmachines.infrastructure.cluster.x-k8s.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + name: caph-webhook-service + namespace: caph-system + path: /convert + conversionReviewVersions: + - v1 + group: infrastructure.cluster.x-k8s.io + names: + categories: + - cluster-api + kind: HCloudMachine + listKind: HCloudMachineList + plural: hcloudmachines + shortNames: + - capihcm + singular: hcloudmachine + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Cluster to which this HCloudMachine belongs + jsonPath: .metadata.labels.cluster\.x-k8s\.io/cluster-name + name: Cluster + type: string + - description: Machine object which owns with this HCloudMachine + jsonPath: .metadata.ownerReferences[?(@.kind=="Machine")].name + name: Machine + type: string + - description: Phase of HCloudMachine + jsonPath: .status.instanceState + name: Phase + type: string + - description: Time duration since creation of hcloudmachine + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: HCloudMachine is the Schema for the hcloudmachines API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: HCloudMachineSpec defines the desired state of HCloudMachine. + properties: + imageName: + description: ImageName is the reference to the Machine Image from + which to create the machine instance. + minLength: 1 + type: string + placementGroupName: + type: string + providerID: + description: ProviderID is the unique identifier as specified by the + cloud provider. + type: string + publicNetwork: + description: PublicNetwork specifies information for public networks + properties: + enableIPv4: + default: true + type: boolean + enableIPv6: + default: true + type: boolean + type: object + sshKeys: + description: define Machine specific SSH keys, overrides cluster wide + SSH keys + items: + description: SSHKey defines the SSHKey for HCloud. + properties: + fingerprint: + description: Fingerprint of SSH key - added by controller + type: string + name: + description: Name of SSH key + minLength: 1 + type: string + required: + - name + type: object + type: array + type: + description: Type is the HCloud Machine Type for this machine. + enum: + - cpx11 + - cx21 + - cpx21 + - cx31 + - cpx31 + - cx41 + - cpx41 + - cx51 + - cpx51 + - ccx11 + - ccx12 + - ccx13 + - ccx21 + - ccx22 + - ccx23 + - ccx31 + - ccx32 + - ccx33 + - ccx41 + - ccx42 + - ccx43 + - ccx51 + - ccx52 + - ccx53 + - ccx62 + - ccx63 + - cax11 + - cax21 + - cax31 + - cax41 + type: string + required: + - imageName + - type + type: object + status: + description: HCloudMachineStatus defines the observed state of HCloudMachine. + properties: + addresses: + description: Addresses contains the server's associated addresses. + items: + description: MachineAddress contains information for the node's + address. + properties: + address: + description: The machine address. + type: string + type: + description: Machine address type, one of Hostname, ExternalIP, + InternalIP, ExternalDNS or InternalDNS. + type: string + required: + - address + - type + type: object + type: array + conditions: + description: Conditions defines current service state of the HCloudMachine. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + failureMessage: + description: FailureMessage will be set in the event that there is + a terminal problem reconciling the Machine and will contain a more + verbose string suitable for logging and human consumption. + type: string + failureReason: + description: FailureReason will be set in the event that there is + a terminal problem reconciling the Machine and will contain a succinct + value suitable for machine interpretation. + type: string + instanceState: + description: InstanceState is the state of the server for this machine. + type: string + ready: + description: Ready is true when the provider resource is ready. + type: boolean + region: + description: Region contains the name of the HCloud location the server + is running. + enum: + - fsn1 + - hel1 + - nbg1 + - ash + - hil + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: caph-system/caph-serving-cert + controller-gen.kubebuilder.io/version: v0.12.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: infrastructure-hetzner + cluster.x-k8s.io/v1beta1: v1beta1 + clusterctl.cluster.x-k8s.io: "" + name: hcloudmachinetemplates.infrastructure.cluster.x-k8s.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + name: caph-webhook-service + namespace: caph-system + path: /convert + conversionReviewVersions: + - v1 + group: infrastructure.cluster.x-k8s.io + names: + categories: + - cluster-api + kind: HCloudMachineTemplate + listKind: HCloudMachineTemplateList + plural: hcloudmachinetemplates + shortNames: + - capihcmt + singular: hcloudmachinetemplate + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Image name + jsonPath: .spec.template.spec.imageName + name: Image + type: string + - description: Placement group name + jsonPath: .spec.template.spec.placementGroupName + name: Placement group + type: string + - description: Server type + jsonPath: .spec.template.spec.type + name: Type + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: HCloudMachineTemplate is the Schema for the hcloudmachinetemplates + API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: HCloudMachineTemplateSpec defines the desired state of HCloudMachineTemplate. + properties: + template: + description: HCloudMachineTemplateResource describes the data needed + to create am HCloudMachine from a template. + properties: + metadata: + description: Standard object's metadata. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not queryable + and should be preserved when modifying objects. More info: + http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used + to organize and categorize (scope and select) objects. May + match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: Spec is the specification of the desired behavior + of the machine. + properties: + imageName: + description: ImageName is the reference to the Machine Image + from which to create the machine instance. + minLength: 1 + type: string + placementGroupName: + type: string + providerID: + description: ProviderID is the unique identifier as specified + by the cloud provider. + type: string + publicNetwork: + description: PublicNetwork specifies information for public + networks + properties: + enableIPv4: + default: true + type: boolean + enableIPv6: + default: true + type: boolean + type: object + sshKeys: + description: define Machine specific SSH keys, overrides cluster + wide SSH keys + items: + description: SSHKey defines the SSHKey for HCloud. + properties: + fingerprint: + description: Fingerprint of SSH key - added by controller + type: string + name: + description: Name of SSH key + minLength: 1 + type: string + required: + - name + type: object + type: array + type: + description: Type is the HCloud Machine Type for this machine. + enum: + - cpx11 + - cx21 + - cpx21 + - cx31 + - cpx31 + - cx41 + - cpx41 + - cx51 + - cpx51 + - ccx11 + - ccx12 + - ccx13 + - ccx21 + - ccx22 + - ccx23 + - ccx31 + - ccx32 + - ccx33 + - ccx41 + - ccx42 + - ccx43 + - ccx51 + - ccx52 + - ccx53 + - ccx62 + - ccx63 + - cax11 + - cax21 + - cax31 + - cax41 + type: string + required: + - imageName + - type + type: object + required: + - spec + type: object + required: + - template + type: object + status: + description: HCloudMachineTemplateStatus defines the observed state of + HCloudMachineTemplate. + properties: + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Capacity defines the resource capacity for this machine. + This value is used for autoscaling from zero operations as defined + in: https://github.com/kubernetes-sigs/cluster-api/blob/main/docs/proposals/20210310-opt-in-autoscaling-from-zero.md' + type: object + conditions: + description: Conditions defines current service state of the HCloudMachineTemplate. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + ownerType: + description: OwnerType is the type of object that owns the HCloudMachineTemplate. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: caph-system/caph-serving-cert + controller-gen.kubebuilder.io/version: v0.12.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: infrastructure-hetzner + cluster.x-k8s.io/v1beta1: v1beta1 + clusterctl.cluster.x-k8s.io: "" + name: hcloudremediations.infrastructure.cluster.x-k8s.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + name: caph-webhook-service + namespace: caph-system + path: /convert + conversionReviewVersions: + - v1 + group: infrastructure.cluster.x-k8s.io + names: + categories: + - cluster-api + kind: HCloudRemediation + listKind: HCloudRemediationList + plural: hcloudremediations + shortNames: + - hcr + - hcloudremediation + singular: hcloudremediation + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Timeout for the remediation + jsonPath: .spec.strategy.timeout + name: Timeout + type: string + - description: Phase of the remediation + jsonPath: .status.phase + name: Phase + type: string + - description: Timestamp of the last remediation attempt + jsonPath: .status.lastRemediated + name: Last Remediated + type: string + - description: How many times remediation controller has tried to remediate the + node + jsonPath: .status.retryCount + name: Retry count + type: string + - description: How many times remediation controller should attempt to remediate + the node + jsonPath: .spec.strategy.retryLimit + name: Retry limit + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: HCloudRemediation is the Schema for the hcloudremediations API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: HCloudRemediationSpec defines the desired state of HCloudRemediation. + properties: + strategy: + description: Strategy field defines remediation strategy. + properties: + retryLimit: + description: Sets maximum number of remediation retries. + type: integer + timeout: + description: Sets the timeout between remediation retries. + type: string + type: + default: Reboot + description: Type of remediation. + type: string + required: + - timeout + type: object + type: object + status: + description: HCloudRemediationStatus defines the observed state of HCloudRemediation. + properties: + conditions: + description: Conditions defines current service state of the HCloudRemediation. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + lastRemediated: + description: LastRemediated identifies when the host was last remediated + format: date-time + type: string + phase: + description: Phase represents the current phase of machine remediation. + E.g. Pending, Running, Done etc. + type: string + retryCount: + description: RetryCount can be used as a counter during the remediation. + Field can hold number of reboots etc. + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: caph-system/caph-serving-cert + controller-gen.kubebuilder.io/version: v0.12.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: infrastructure-hetzner + cluster.x-k8s.io/v1beta1: v1beta1 + clusterctl.cluster.x-k8s.io: "" + name: hcloudremediationtemplates.infrastructure.cluster.x-k8s.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + name: caph-webhook-service + namespace: caph-system + path: /convert + conversionReviewVersions: + - v1 + group: infrastructure.cluster.x-k8s.io + names: + categories: + - cluster-api + kind: HCloudRemediationTemplate + listKind: HCloudRemediationTemplateList + plural: hcloudremediationtemplates + shortNames: + - hcrt + - hcremediationtemplate + - hcremediationtemplates + - hcloudrt + - hcloudremediationtemplate + singular: hcloudremediationtemplate + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Type of the remediation strategy + jsonPath: .spec.template.spec.strategy.type + name: Strategy + type: string + - description: How many times remediation controller should attempt to remediate + the node + jsonPath: .spec.template.spec.strategy.retryLimit + name: Retry limit + type: string + - description: Timeout for the remediation + jsonPath: .spec.template.spec.strategy.timeout + name: Timeout + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: HCloudRemediationTemplate is the Schema for the hcloudremediationtemplates + API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: HCloudRemediationTemplateSpec defines the desired state of + HCloudRemediationTemplate. + properties: + template: + description: HCloudRemediationTemplateResource describes the data + needed to create a HCloudRemediation from a template. + properties: + spec: + description: Spec is the specification of the desired behavior + of the HCloudRemediation. + properties: + strategy: + description: Strategy field defines remediation strategy. + properties: + retryLimit: + description: Sets maximum number of remediation retries. + type: integer + timeout: + description: Sets the timeout between remediation retries. + type: string + type: + default: Reboot + description: Type of remediation. + type: string + required: + - timeout + type: object + type: object + required: + - spec + type: object + required: + - template + type: object + status: + description: HCloudRemediationTemplateStatus defines the observed state + of HCloudRemediationTemplate. + properties: + status: + description: HCloudRemediationStatus defines the observed state of + HCloudRemediation + properties: + conditions: + description: Conditions defines current service state of the HCloudRemediation. + items: + description: Condition defines an observation of a Cluster API + resource operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one + status to another. This should be when the underlying + condition changed. If that is not known, then using the + time when the API field changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details + about the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not + this field is considered a guaranteed API. This field + may not be empty. + type: string + severity: + description: Severity provides an explicit classification + of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, + Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict + is important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + lastRemediated: + description: LastRemediated identifies when the host was last + remediated + format: date-time + type: string + phase: + description: Phase represents the current phase of machine remediation. + E.g. Pending, Running, Done etc. + type: string + retryCount: + description: RetryCount can be used as a counter during the remediation. + Field can hold number of reboots etc. + type: integer + type: object + required: + - status + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: caph-system/caph-serving-cert + controller-gen.kubebuilder.io/version: v0.12.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: infrastructure-hetzner + cluster.x-k8s.io/v1beta1: v1beta1 + clusterctl.cluster.x-k8s.io: "" + name: hetznerbaremetalhosts.infrastructure.cluster.x-k8s.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + name: caph-webhook-service + namespace: caph-system + path: /convert + conversionReviewVersions: + - v1 + group: infrastructure.cluster.x-k8s.io + names: + kind: HetznerBareMetalHost + listKind: HetznerBareMetalHostList + plural: hetznerbaremetalhosts + shortNames: + - hbmh + - hbmhost + singular: hetznerbaremetalhost + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Phase of provisioning + jsonPath: .spec.status.provisioningState + name: Phase + type: string + - description: IPv4 of the host + jsonPath: .spec.status.ipv4 + name: IPv4 + type: string + - description: IPv6 of the host + jsonPath: .spec.status.ipv6 + name: IPv6 + type: string + - description: Maintenance Mode + jsonPath: .spec.maintenanceMode + name: Maintenance + type: boolean + - description: CPU threads + jsonPath: .spec.status.hardwareDetails.cpu.threads + name: CPU + type: string + - description: RAM in GB + jsonPath: .spec.status.hardwareDetails.ramGB + name: RAM + type: string + - description: HetznerBareMetalMachine using this host + jsonPath: .spec.consumerRef.name + name: HetznerBareMetalMachine + type: string + - description: Time duration since creation of BaremetalHost + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .spec.status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + - jsonPath: .spec.status.conditions[?(@.type=='Ready')].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: HetznerBareMetalHost is the Schema for the hetznerbaremetalhosts + API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: HetznerBareMetalHostSpec defines the desired state of HetznerBareMetalHost. + properties: + consumerRef: + description: ConsumerRef is a reference to the HetznerBareMetalMachine + that is using this host. When it is not empty, the host is considered + "in use". + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + description: + description: Description is a human-entered text used to help identify + the host + type: string + maintenanceMode: + description: MaintenanceMode indicates that a machine is supposed + to be deprovisioned and won't be selected by any Hetzner bare metal + machine. + type: boolean + rootDeviceHints: + description: Provide guidance about how to choose the device for the + image being provisioned. They need to be specified to provision + the host. + properties: + raid: + description: To specify multiple storage devices. + properties: + wwn: + items: + type: string + type: array + type: object + wwn: + description: Unique storage identifier. The hint must match the + actual value exactly. + type: string + type: object + serverID: + description: ServerID defines the ID of the server provided by Hetzner. + type: integer + status: + description: Status contains all status information. DO NOT EDIT!!! + properties: + conditions: + description: Conditions defines current service state of the HetznerBareMetalHost. + items: + description: Condition defines an observation of a Cluster API + resource operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one + status to another. This should be when the underlying + condition changed. If that is not known, then using the + time when the API field changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details + about the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not + this field is considered a guaranteed API. This field + may not be empty. + type: string + severity: + description: Severity provides an explicit classification + of Reason code, so the users or machines can immediately + understand the current situation and act accordingly. + The Severity field MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, + Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict + is important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + errorCount: + default: 0 + description: ErrorCount records how many times the host has encoutered + an error since the last successful operation. + type: integer + errorMessage: + description: the last error message reported by the provisioning + subsystem. + type: string + errorType: + description: ErrorType indicates the type of failure encountered + when the OperationalStatus is OperationalStatusError + type: string + hardwareDetails: + description: StatusHardwareDetails are automatically gathered + and should not be modified by the user. + properties: + cpu: + description: CPU describes one processor on the host. + properties: + arch: + type: string + clockGigahertz: + description: ClockSpeed is a clock speed in MHz + format: double + type: string + cores: + type: integer + flags: + items: + type: string + type: array + model: + type: string + threads: + type: integer + type: object + nics: + items: + description: NIC describes one network interface on the + host. + properties: + ip: + description: The IP address of the interface. This will + be an IPv4 or IPv6 address if one is present. If + both IPv4 and IPv6 addresses are present in a dual-stack + environment, two nics will be output, one with each + IP. + type: string + mac: + description: The device MAC address + pattern: '[0-9a-fA-F]{2}(:[0-9a-fA-F]{2}){5}' + type: string + model: + description: The vendor and product IDs of the NIC, + e.g. "0x8086 0x1572" + type: string + name: + description: The name of the network interface, e.g. + "en0" + type: string + speedMbps: + description: The speed of the device in Gigabits per + second + type: integer + type: object + type: array + ramGB: + type: integer + storage: + items: + description: Storage describes one storage device (disk, + SSD, etc.) on the host. + properties: + hctl: + description: The SCSI location of the device + type: string + model: + description: Hardware model + type: string + name: + description: The Linux device name of the disk, e.g. + "/dev/sda". Note that this may not be stable across + reboots. + type: string + rota: + description: Rota defines if its a HDD device or not. + type: boolean + serialNumber: + description: The serial number of the device + type: string + sizeBytes: + description: The size of the disk in Bytes + format: int64 + type: integer + sizeGB: + description: The size of the disk in GB + format: int64 + type: integer + vendor: + description: The name of the vendor of the device + type: string + wwn: + description: The WWN of the device + type: string + type: object + type: array + type: object + hetznerClusterRef: + description: HetznerClusterRef is the name of the HetznerCluster + object which is needed as some necessary information is stored + there, e.g. the hrobot password + type: string + installImage: + description: InstallImage is the configuration which is used for + the autosetup configuration for installing an OS via InstallImage. + properties: + btrfsDefinitions: + description: BTRFSDefinitions defines the btrfs subvolume + definitions to be created. + items: + description: BTRFSDefinition defines the btrfs subvolume + definitions to be created. + properties: + mount: + description: Mount defines the mountpath. + type: string + subvolume: + description: SubVolume defines the subvolume name. + type: string + volume: + description: Volume defines the btrfs volume name. + type: string + required: + - mount + - subvolume + - volume + type: object + type: array + image: + description: Image is the image to be provisioned. + properties: + name: + description: Name defines the archive name after download. + This has to be a valid name for Installimage. + type: string + path: + description: Path is the local path for a preinstalled + image from upstream. + type: string + url: + description: URL defines the remote URL for downloading + a tar, tar.gz, tar.bz, tar.bz2, tar.xz, tgz, tbz, txz + image. + type: string + type: object + logicalVolumeDefinitions: + description: LVMDefinitions defines the logical volume definitions + to be created. + items: + description: LVMDefinition defines the logical volume definitions + to be created. + properties: + filesystem: + description: FileSystem defines the filesystem for this + logical volume. + type: string + mount: + description: Mount defines the mountpath. + type: string + name: + description: Name defines the volume name. + type: string + size: + description: Size defines the size in M/G/T or MiB/GiB/TiB. + type: string + vg: + description: VG defines the vg name. + type: string + required: + - filesystem + - mount + - name + - size + - vg + type: object + type: array + partitions: + description: Partitions defines the additional Partitions + to be created. + items: + description: Partition defines the additional Partitions + to be created. + properties: + fileSystem: + description: FileSystem can be ext2, ext3, ext4, btrfs, + reiserfs, xfs, swap or name of the LVM volume group + (VG), if this PART is a VG. + type: string + mount: + description: 'Mount defines the mount path for this + filesystem. or keyword ''lvm'' to use this PART as + volume group (VG) for LVM identifier ''btrfs.X'' to + use this PART as volume for btrfs subvolumes. X can + be replaced with a unique alphanumeric keyword. NOTE: + no support btrfs multi-device volumes' + type: string + size: + description: Size can use the keyword 'all' to assign + all the remaining space of the drive to the last partition. + can use M/G/T for unit specification in MiB/GiB/TiB + type: string + required: + - fileSystem + - mount + - size + type: object + type: array + postInstallScript: + description: PostInstallScript is used for configuring commands + which should be executed after installimage. It is passed + along with the installimage command. + type: string + swraid: + default: 0 + description: Swraid defines the SWRAID in InstallImage. + enum: + - 0 + - 1 + type: integer + swraidLevel: + default: 1 + description: SwraidLevel defines the SWRAIDLEVEL in InstallImage. + Ignored if Swraid=0. + enum: + - 0 + - 1 + - 5 + - 6 + - 10 + type: integer + required: + - image + - partitions + type: object + ipv4: + description: IPv4 address of server. + type: string + ipv6: + description: IPv6 address of server. + type: string + lastUpdated: + description: the last error message reported by the provisioning + subsystem. + format: date-time + type: string + provisioningState: + description: Information tracked by the provisioner. + type: string + rebootTypes: + description: RebootTypes is a list of all available reboot types + for API reboots + items: + description: RebootType defines the reboot type of servers via + Hetzner robot API. + type: string + type: array + rebooted: + description: Rebooted shows whether the server is currently being + rebooted. + type: boolean + sshSpec: + description: SSHSpec defines specs for SSH. + properties: + portAfterCloudInit: + description: PortAfterCloudInit specifies the port that has + to be used to connect to the machine after cloud init. + type: integer + portAfterInstallImage: + default: 22 + description: PortAfterInstallImage specifies the port that + has to be used to connect to the machine after install image. + type: integer + secretRef: + description: SecretRef gives reference to the secret. + properties: + key: + description: SSHSecretKeyRef defines the key name of the + SSHSecret. + properties: + name: + type: string + privateKey: + type: string + publicKey: + type: string + required: + - name + - privateKey + - publicKey + type: object + name: + type: string + required: + - key + - name + type: object + required: + - secretRef + type: object + sshStatus: + description: HetznerRobotSSHKey contains name and fingerprint + of the in HetznerCluster spec specified SSH key. + properties: + currentOS: + description: CurrentOS gives information about the secret + where the os ssh key is stored. + properties: + credentials: + description: SecretReference represents a Secret Reference. + It has enough information to retrieve secret in any + namespace + properties: + name: + description: name is unique within a namespace to + reference a secret resource. + type: string + namespace: + description: namespace defines the space within which + the secret name must be unique. + type: string + type: object + x-kubernetes-map-type: atomic + credentialsDataHash: + format: byte + type: string + credentialsVersion: + type: string + type: object + currentRescue: + description: CurrentRescue gives information about the secret + where the rescue ssh key is stored. + properties: + credentials: + description: SecretReference represents a Secret Reference. + It has enough information to retrieve secret in any + namespace + properties: + name: + description: name is unique within a namespace to + reference a secret resource. + type: string + namespace: + description: namespace defines the space within which + the secret name must be unique. + type: string + type: object + x-kubernetes-map-type: atomic + credentialsDataHash: + format: byte + type: string + credentialsVersion: + type: string + type: object + osKey: + description: OSKey contains name and fingerprint of the in + HetznerBareMetalMachine spec specified SSH key. + properties: + fingerprint: + description: Fingerprint of SSH key - added by controller + type: string + name: + description: Name of SSH key + minLength: 1 + type: string + required: + - name + type: object + rescueKey: + description: RescueKey contains name and fingerprint of the + in HetznerCluster spec specified SSH key. + properties: + fingerprint: + description: Fingerprint of SSH key - added by controller + type: string + name: + description: Name of SSH key + minLength: 1 + type: string + required: + - name + type: object + type: object + userData: + description: UserData holds the reference to the Secret containing + the user data to be passed to the host before it boots. + properties: + name: + description: name is unique within a namespace to reference + a secret resource. + type: string + namespace: + description: namespace defines the space within which the + secret name must be unique. + type: string + type: object + x-kubernetes-map-type: atomic + required: + - errorCount + - hetznerClusterRef + type: object + required: + - serverID + type: object + status: + description: HetznerBareMetalHostStatus defines the observed state of + HetznerBareMetalHost. + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: caph-system/caph-serving-cert + controller-gen.kubebuilder.io/version: v0.12.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: infrastructure-hetzner + cluster.x-k8s.io/v1beta1: v1beta1 + clusterctl.cluster.x-k8s.io: "" + name: hetznerbaremetalmachines.infrastructure.cluster.x-k8s.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + name: caph-webhook-service + namespace: caph-system + path: /convert + conversionReviewVersions: + - v1 + group: infrastructure.cluster.x-k8s.io + names: + categories: + - cluster-api + kind: HetznerBareMetalMachine + listKind: HetznerBareMetalMachineList + plural: hetznerbaremetalmachines + shortNames: + - hbm + - hbmm + - hbmachine + - hbmachines + - hetznerbaremetalm + - hetznerbaremetalmachine + singular: hetznerbaremetalmachine + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Cluster to which this HetznerBareMetalMachine belongs + jsonPath: .metadata.labels.cluster\.x-k8s\.io/cluster-name + name: Cluster + type: string + - description: HetznerBareMetalHost + jsonPath: .metadata.annotations.infrastructure\.cluster\.x-k8s\.io/HetznerBareMetalHost + name: Host + type: string + - description: Machine object which owns with this HetznerBareMetalMachine + jsonPath: .metadata.ownerReferences[?(@.kind=="Machine")].name + name: Machine + type: string + - description: HetznerBareMetalMachine status such as Pending/Provisioning/Running + etc + jsonPath: .status.phase + name: Phase + type: string + - description: Time duration since creation of HetznerBareMetalMachine + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: HetznerBareMetalMachine is the Schema for the hetznerbaremetalmachines + API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: HetznerBareMetalMachineSpec defines the desired state of + HetznerBareMetalMachine. + properties: + hostSelector: + description: HostSelector specifies matching criteria for labels on + HetznerBareMetalHosts. This is used to limit the set of HetznerBareMetalHost + objects considered for claiming for a HetznerBareMetalMachine. + properties: + matchExpressions: + description: Label match expressions that must be true on a chosen + BareMetalHost + items: + description: HostSelectorRequirement defines a requirement used + for MatchExpressions to select host machines. + properties: + key: + type: string + operator: + description: Operator represents a key/field's relationship + to value(s). See labels.Requirement and fields.Requirement + for more details. + type: string + values: + items: + type: string + type: array + required: + - key + - operator + - values + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: Key/value pairs of labels that must exist on a chosen + BareMetalHost + type: object + type: object + installImage: + description: InstallImage is the configuration which is used for the + autosetup configuration for installing an OS via InstallImage. + properties: + btrfsDefinitions: + description: BTRFSDefinitions defines the btrfs subvolume definitions + to be created. + items: + description: BTRFSDefinition defines the btrfs subvolume definitions + to be created. + properties: + mount: + description: Mount defines the mountpath. + type: string + subvolume: + description: SubVolume defines the subvolume name. + type: string + volume: + description: Volume defines the btrfs volume name. + type: string + required: + - mount + - subvolume + - volume + type: object + type: array + image: + description: Image is the image to be provisioned. + properties: + name: + description: Name defines the archive name after download. + This has to be a valid name for Installimage. + type: string + path: + description: Path is the local path for a preinstalled image + from upstream. + type: string + url: + description: URL defines the remote URL for downloading a + tar, tar.gz, tar.bz, tar.bz2, tar.xz, tgz, tbz, txz image. + type: string + type: object + logicalVolumeDefinitions: + description: LVMDefinitions defines the logical volume definitions + to be created. + items: + description: LVMDefinition defines the logical volume definitions + to be created. + properties: + filesystem: + description: FileSystem defines the filesystem for this + logical volume. + type: string + mount: + description: Mount defines the mountpath. + type: string + name: + description: Name defines the volume name. + type: string + size: + description: Size defines the size in M/G/T or MiB/GiB/TiB. + type: string + vg: + description: VG defines the vg name. + type: string + required: + - filesystem + - mount + - name + - size + - vg + type: object + type: array + partitions: + description: Partitions defines the additional Partitions to be + created. + items: + description: Partition defines the additional Partitions to + be created. + properties: + fileSystem: + description: FileSystem can be ext2, ext3, ext4, btrfs, + reiserfs, xfs, swap or name of the LVM volume group (VG), + if this PART is a VG. + type: string + mount: + description: 'Mount defines the mount path for this filesystem. + or keyword ''lvm'' to use this PART as volume group (VG) + for LVM identifier ''btrfs.X'' to use this PART as volume + for btrfs subvolumes. X can be replaced with a unique + alphanumeric keyword. NOTE: no support btrfs multi-device + volumes' + type: string + size: + description: Size can use the keyword 'all' to assign all + the remaining space of the drive to the last partition. + can use M/G/T for unit specification in MiB/GiB/TiB + type: string + required: + - fileSystem + - mount + - size + type: object + type: array + postInstallScript: + description: PostInstallScript is used for configuring commands + which should be executed after installimage. It is passed along + with the installimage command. + type: string + swraid: + default: 0 + description: Swraid defines the SWRAID in InstallImage. + enum: + - 0 + - 1 + type: integer + swraidLevel: + default: 1 + description: SwraidLevel defines the SWRAIDLEVEL in InstallImage. + Ignored if Swraid=0. + enum: + - 0 + - 1 + - 5 + - 6 + - 10 + type: integer + required: + - image + - partitions + type: object + providerID: + description: ProviderID will be the hetznerbaremetalmachine in ProviderID + format (hcloud://) + type: string + sshSpec: + description: SSHSpec gives a reference on the secret where SSH details + are specified as well as ports for ssh. + properties: + portAfterCloudInit: + description: PortAfterCloudInit specifies the port that has to + be used to connect to the machine after cloud init. + type: integer + portAfterInstallImage: + default: 22 + description: PortAfterInstallImage specifies the port that has + to be used to connect to the machine after install image. + type: integer + secretRef: + description: SecretRef gives reference to the secret. + properties: + key: + description: SSHSecretKeyRef defines the key name of the SSHSecret. + properties: + name: + type: string + privateKey: + type: string + publicKey: + type: string + required: + - name + - privateKey + - publicKey + type: object + name: + type: string + required: + - key + - name + type: object + required: + - secretRef + type: object + required: + - installImage + type: object + status: + description: HetznerBareMetalMachineStatus defines the observed state + of HetznerBareMetalMachine. + properties: + addresses: + description: Addresses is a list of addresses assigned to the machine. + This field is copied from the infrastructure provider reference. + items: + description: MachineAddress contains information for the node's + address. + properties: + address: + description: The machine address. + type: string + type: + description: Machine address type, one of Hostname, ExternalIP, + InternalIP, ExternalDNS or InternalDNS. + type: string + required: + - address + - type + type: object + type: array + conditions: + description: Conditions defines current service state of the HetznerBareMetalMachine. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + failureMessage: + description: FailureMessage will be set in the event that there is + a terminal problem. + type: string + failureReason: + description: FailureReason will be set in the event that there is + a terminal problem. + type: string + lastUpdated: + description: LastUpdated identifies when this status was last observed. + format: date-time + type: string + phase: + description: Phase represents the current phase of HetznerBareMetalMachineStatus + actuation. E.g. Pending, Running, Terminating, Failed etc. + type: string + ready: + description: Ready is the state of the hetznerbaremetalmachine. + type: boolean + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: caph-system/caph-serving-cert + controller-gen.kubebuilder.io/version: v0.12.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: infrastructure-hetzner + cluster.x-k8s.io/v1beta1: v1beta1 + clusterctl.cluster.x-k8s.io: "" + name: hetznerbaremetalmachinetemplates.infrastructure.cluster.x-k8s.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + name: caph-webhook-service + namespace: caph-system + path: /convert + conversionReviewVersions: + - v1 + group: infrastructure.cluster.x-k8s.io + names: + categories: + - cluster-api + kind: HetznerBareMetalMachineTemplate + listKind: HetznerBareMetalMachineTemplateList + plural: hetznerbaremetalmachinetemplates + shortNames: + - hbmt + - hbmmtemplate + - hetznerbaremetalmachinetemplates + - hetznerbaremetalmachinetemplate + singular: hetznerbaremetalmachinetemplate + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Time duration since creation of HetznerBareMetalMachineTemplate + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: HetznerBareMetalMachineTemplate is the Schema for the hetznerbaremetalmachinetemplates + API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: HetznerBareMetalMachineTemplateSpec defines the desired state + of HetznerBareMetalMachineTemplate. + properties: + template: + description: HetznerBareMetalMachineTemplateResource describes the + data needed to create a HetznerBareMetalMachine from a template. + properties: + spec: + description: Spec is the specification of the desired behavior + of the machine. + properties: + hostSelector: + description: HostSelector specifies matching criteria for + labels on HetznerBareMetalHosts. This is used to limit the + set of HetznerBareMetalHost objects considered for claiming + for a HetznerBareMetalMachine. + properties: + matchExpressions: + description: Label match expressions that must be true + on a chosen BareMetalHost + items: + description: HostSelectorRequirement defines a requirement + used for MatchExpressions to select host machines. + properties: + key: + type: string + operator: + description: Operator represents a key/field's relationship + to value(s). See labels.Requirement and fields.Requirement + for more details. + type: string + values: + items: + type: string + type: array + required: + - key + - operator + - values + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: Key/value pairs of labels that must exist + on a chosen BareMetalHost + type: object + type: object + installImage: + description: InstallImage is the configuration which is used + for the autosetup configuration for installing an OS via + InstallImage. + properties: + btrfsDefinitions: + description: BTRFSDefinitions defines the btrfs subvolume + definitions to be created. + items: + description: BTRFSDefinition defines the btrfs subvolume + definitions to be created. + properties: + mount: + description: Mount defines the mountpath. + type: string + subvolume: + description: SubVolume defines the subvolume name. + type: string + volume: + description: Volume defines the btrfs volume name. + type: string + required: + - mount + - subvolume + - volume + type: object + type: array + image: + description: Image is the image to be provisioned. + properties: + name: + description: Name defines the archive name after download. + This has to be a valid name for Installimage. + type: string + path: + description: Path is the local path for a preinstalled + image from upstream. + type: string + url: + description: URL defines the remote URL for downloading + a tar, tar.gz, tar.bz, tar.bz2, tar.xz, tgz, tbz, + txz image. + type: string + type: object + logicalVolumeDefinitions: + description: LVMDefinitions defines the logical volume + definitions to be created. + items: + description: LVMDefinition defines the logical volume + definitions to be created. + properties: + filesystem: + description: FileSystem defines the filesystem for + this logical volume. + type: string + mount: + description: Mount defines the mountpath. + type: string + name: + description: Name defines the volume name. + type: string + size: + description: Size defines the size in M/G/T or MiB/GiB/TiB. + type: string + vg: + description: VG defines the vg name. + type: string + required: + - filesystem + - mount + - name + - size + - vg + type: object + type: array + partitions: + description: Partitions defines the additional Partitions + to be created. + items: + description: Partition defines the additional Partitions + to be created. + properties: + fileSystem: + description: FileSystem can be ext2, ext3, ext4, + btrfs, reiserfs, xfs, swap or name of the LVM + volume group (VG), if this PART is a VG. + type: string + mount: + description: 'Mount defines the mount path for this + filesystem. or keyword ''lvm'' to use this PART + as volume group (VG) for LVM identifier ''btrfs.X'' + to use this PART as volume for btrfs subvolumes. + X can be replaced with a unique alphanumeric keyword. + NOTE: no support btrfs multi-device volumes' + type: string + size: + description: Size can use the keyword 'all' to assign + all the remaining space of the drive to the last + partition. can use M/G/T for unit specification + in MiB/GiB/TiB + type: string + required: + - fileSystem + - mount + - size + type: object + type: array + postInstallScript: + description: PostInstallScript is used for configuring + commands which should be executed after installimage. + It is passed along with the installimage command. + type: string + swraid: + default: 0 + description: Swraid defines the SWRAID in InstallImage. + enum: + - 0 + - 1 + type: integer + swraidLevel: + default: 1 + description: SwraidLevel defines the SWRAIDLEVEL in InstallImage. + Ignored if Swraid=0. + enum: + - 0 + - 1 + - 5 + - 6 + - 10 + type: integer + required: + - image + - partitions + type: object + providerID: + description: ProviderID will be the hetznerbaremetalmachine + in ProviderID format (hcloud://) + type: string + sshSpec: + description: SSHSpec gives a reference on the secret where + SSH details are specified as well as ports for ssh. + properties: + portAfterCloudInit: + description: PortAfterCloudInit specifies the port that + has to be used to connect to the machine after cloud + init. + type: integer + portAfterInstallImage: + default: 22 + description: PortAfterInstallImage specifies the port + that has to be used to connect to the machine after + install image. + type: integer + secretRef: + description: SecretRef gives reference to the secret. + properties: + key: + description: SSHSecretKeyRef defines the key name + of the SSHSecret. + properties: + name: + type: string + privateKey: + type: string + publicKey: + type: string + required: + - name + - privateKey + - publicKey + type: object + name: + type: string + required: + - key + - name + type: object + required: + - secretRef + type: object + required: + - installImage + type: object + required: + - spec + type: object + required: + - template + type: object + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: caph-system/caph-serving-cert + controller-gen.kubebuilder.io/version: v0.12.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: infrastructure-hetzner + cluster.x-k8s.io/v1beta1: v1beta1 + clusterctl.cluster.x-k8s.io: "" + name: hetznerbaremetalremediations.infrastructure.cluster.x-k8s.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + name: caph-webhook-service + namespace: caph-system + path: /convert + conversionReviewVersions: + - v1 + group: infrastructure.cluster.x-k8s.io + names: + categories: + - cluster-api + kind: HetznerBareMetalRemediation + listKind: HetznerBareMetalRemediationList + plural: hetznerbaremetalremediations + shortNames: + - hbr + - hbremediation + singular: hetznerbaremetalremediation + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Type of the remediation strategy + jsonPath: .spec.strategy.type + name: Strategy + type: string + - description: How many times remediation controller should attempt to remediate + the host + jsonPath: .spec.strategy.retryLimit + name: Retry limit + type: string + - description: Timeout for the remediation + jsonPath: .spec.strategy.timeout + name: Timeout + type: string + - description: Phase of the remediation + jsonPath: .status.phase + name: Phase + type: string + - description: Timestamp of the last remediation attempt + jsonPath: .status.lastRemediated + name: Last Remediated + type: string + - description: How many times remediation controller has tried to remediate the + node + jsonPath: .status.retryCount + name: Retry count + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: HetznerBareMetalRemediation is the Schema for the hetznerbaremetalremediations + API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: HetznerBareMetalRemediationSpec defines the desired state + of HetznerBareMetalRemediation. + properties: + strategy: + description: Strategy field defines remediation strategy. + properties: + retryLimit: + description: Sets maximum number of remediation retries. + type: integer + timeout: + description: Sets the timeout between remediation retries. + type: string + type: + default: Reboot + description: Type of remediation. + type: string + required: + - timeout + type: object + type: object + status: + description: HetznerBareMetalRemediationStatus defines the observed state + of HetznerBareMetalRemediation. + properties: + lastRemediated: + description: LastRemediated identifies when the host was last remediated + format: date-time + type: string + phase: + description: Phase represents the current phase of machine remediation. + E.g. Pending, Running, Done etc. + type: string + retryCount: + description: RetryCount can be used as a counter during the remediation. + Field can hold number of reboots etc. + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: caph-system/caph-serving-cert + controller-gen.kubebuilder.io/version: v0.12.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: infrastructure-hetzner + cluster.x-k8s.io/v1beta1: v1beta1 + clusterctl.cluster.x-k8s.io: "" + name: hetznerbaremetalremediationtemplates.infrastructure.cluster.x-k8s.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + name: caph-webhook-service + namespace: caph-system + path: /convert + conversionReviewVersions: + - v1 + group: infrastructure.cluster.x-k8s.io + names: + categories: + - cluster-api + kind: HetznerBareMetalRemediationTemplate + listKind: HetznerBareMetalRemediationTemplateList + plural: hetznerbaremetalremediationtemplates + shortNames: + - hbrt + - hbremediationtemplate + - hbremediationtemplates + - hetznerbaremetalrt + - hetznerbaremetalremediationtemplate + singular: hetznerbaremetalremediationtemplate + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Type of the remediation strategy + jsonPath: .spec.template.spec.strategy.type + name: Strategy + type: string + - description: How many times remediation controller should attempt to remediate + the host + jsonPath: .spec.template.spec.strategy.retryLimit + name: Retry limit + type: string + - description: Timeout for the remediation + jsonPath: .spec.template.spec.strategy.timeout + name: Timeout + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: HetznerBareMetalRemediationTemplate is the Schema for the hetznerbaremetalremediationtemplates + API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: HetznerBareMetalRemediationTemplateSpec defines the desired + state of HetznerBareMetalRemediationTemplate. + properties: + template: + description: HetznerBareMetalRemediationTemplateResource describes + the data needed to create a HetznerBareMetalRemediation from a template. + properties: + spec: + description: Spec is the specification of the desired behavior + of the HetznerBareMetalRemediation. + properties: + strategy: + description: Strategy field defines remediation strategy. + properties: + retryLimit: + description: Sets maximum number of remediation retries. + type: integer + timeout: + description: Sets the timeout between remediation retries. + type: string + type: + default: Reboot + description: Type of remediation. + type: string + required: + - timeout + type: object + type: object + required: + - spec + type: object + required: + - template + type: object + status: + description: HetznerBareMetalRemediationTemplateStatus defines the observed + state of HetznerBareMetalRemediationTemplate. + properties: + status: + description: HetznerBareMetalRemediationStatus defines the observed + state of HetznerBareMetalRemediation + properties: + lastRemediated: + description: LastRemediated identifies when the host was last + remediated + format: date-time + type: string + phase: + description: Phase represents the current phase of machine remediation. + E.g. Pending, Running, Done etc. + type: string + retryCount: + description: RetryCount can be used as a counter during the remediation. + Field can hold number of reboots etc. + type: integer + type: object + required: + - status + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: caph-system/caph-serving-cert + controller-gen.kubebuilder.io/version: v0.12.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: infrastructure-hetzner + cluster.x-k8s.io/v1beta1: v1beta1 + clusterctl.cluster.x-k8s.io: "" + name: hetznerclusters.infrastructure.cluster.x-k8s.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + name: caph-webhook-service + namespace: caph-system + path: /convert + conversionReviewVersions: + - v1 + group: infrastructure.cluster.x-k8s.io + names: + categories: + - cluster-api + kind: HetznerCluster + listKind: HetznerClusterList + plural: hetznerclusters + shortNames: + - capihc + singular: hetznercluster + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Cluster to which this HetznerCluster belongs + jsonPath: .metadata.labels.cluster\.x-k8s\.io/cluster-name + name: Cluster + type: string + - description: Cluster infrastructure is ready for Nodes + jsonPath: .status.ready + name: Ready + type: string + - description: API Endpoint + jsonPath: .spec.controlPlaneEndpoint + name: Endpoint + priority: 1 + type: string + - description: Control plane regions + jsonPath: .spec.controlPlaneRegions + name: Regions + type: string + - description: Indicates if private network is enabled. + jsonPath: .spec.hcloudNetwork.enabled + name: Network enabled + type: boolean + - jsonPath: .status.conditions[?(@.type=='Ready')].reason + name: Reason + type: string + - jsonPath: .status.conditions[?(@.type=='Ready')].message + name: Message + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: HetznerCluster is the Schema for the hetznercluster API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: HetznerClusterSpec defines the desired state of HetznerCluster. + properties: + controlPlaneEndpoint: + description: ControlPlaneEndpoint represents the endpoint used to + communicate with the control plane. + properties: + host: + description: The hostname on which the API server is serving. + type: string + port: + description: The port on which the API server is serving. + format: int32 + type: integer + required: + - host + - port + type: object + controlPlaneLoadBalancer: + description: ControlPlaneLoadBalancer is optional configuration for + customizing control plane behavior. Naming convention is from upstream + cluster-api project. + properties: + algorithm: + allOf: + - enum: + - round_robin + - least_connections + - enum: + - round_robin + - least_connections + default: round_robin + description: Could be round_robin or least_connection. The default + value is "round_robin". + type: string + enabled: + default: true + type: boolean + extraServices: + description: Defines how traffic will be routed from the Load + Balancer to your target server. + items: + description: LoadBalancerServiceSpec defines a Loadbalancer + Target. + properties: + destinationPort: + description: DestinationPort defines the port on the server. + maximum: 65535 + minimum: 1 + type: integer + listenPort: + description: ListenPort, i.e. source port, defines the incoming + port open on the loadbalancer. + maximum: 65535 + minimum: 1 + type: integer + protocol: + description: Protocol specifies the supported Loadbalancer + Protocol. + enum: + - http + - https + - tcp + type: string + type: object + type: array + name: + type: string + port: + default: 6443 + description: API Server port. It must be valid ports range (1-65535). + If omitted, default value is 6443. + maximum: 65535 + minimum: 1 + type: integer + region: + description: Region contains the name of the HCloud location the + load balancer is running. + enum: + - fsn1 + - hel1 + - nbg1 + - ash + - hil + type: string + type: + default: lb11 + description: Loadbalancer type + enum: + - lb11 + - lb21 + - lb31 + type: string + type: object + controlPlaneRegions: + description: ControlPlaneRegion consists of a list of HCloud Regions + (fsn, nbg, hel). Because HCloud Networks have a very low latency + we could assume in some use-cases that a region is behaving like + a zone https://kubernetes.io/docs/reference/labels-annotations-taints/#topologykubernetesiozone + items: + description: Region is a Hetzner Location + enum: + - fsn1 + - hel1 + - nbg1 + - ash + - hil + type: string + type: array + hcloudNetwork: + description: HCloudNetworkSpec defines the Network for Hetzner Cloud. + If left empty no private Network is configured. + properties: + cidrBlock: + default: 10.0.0.0/16 + description: CIDRBlock defines the cidrBlock of the HCloud Network. + A Subnet is required. + type: string + enabled: + description: Enabled defines whether the network should be enabled + or not + type: boolean + networkZone: + default: eu-central + description: NetworkZone specifies the HCloud network zone of + the private network. + enum: + - eu-central + - us-east + - us-west + type: string + subnetCidrBlock: + default: 10.0.0.0/24 + description: SubnetCIDRBlock defines the cidrBlock for the subnet + of the HCloud Network. + type: string + required: + - enabled + type: object + hcloudPlacementGroups: + items: + description: HCloudPlacementGroupSpec defines a PlacementGroup. + properties: + name: + minLength: 1 + type: string + type: + default: spread + enum: + - spread + type: string + required: + - name + type: object + type: array + hetznerSecretRef: + description: HetznerSecretRef is a reference to a token to be used + when reconciling this cluster. This is generated in the security + section under API TOKENS. Read & write is necessary. + properties: + key: + description: HetznerSecretKeyRef defines the key name of the HetznerSecret. + Need to specify either HCloudToken or both HetznerRobotUser + and HetznerRobotPassword. + properties: + hcloudToken: + type: string + hetznerRobotPassword: + type: string + hetznerRobotUser: + type: string + type: object + name: + type: string + required: + - key + - name + type: object + sshKeys: + description: SSHKeys are cluster wide. Valid values are a valid SSH + key name. + properties: + hcloud: + items: + description: SSHKey defines the SSHKey for HCloud. + properties: + fingerprint: + description: Fingerprint of SSH key - added by controller + type: string + name: + description: Name of SSH key + minLength: 1 + type: string + required: + - name + type: object + type: array + robotRescueSecretRef: + description: SSHSecretRef defines the secret containing all information + of the SSH key used for Hetzner robot. + properties: + key: + description: SSHSecretKeyRef defines the key name of the SSHSecret. + properties: + name: + type: string + privateKey: + type: string + publicKey: + type: string + required: + - name + - privateKey + - publicKey + type: object + name: + type: string + required: + - key + - name + type: object + type: object + required: + - controlPlaneRegions + - hetznerSecretRef + - sshKeys + type: object + status: + description: HetznerClusterStatus defines the observed state of HetznerCluster. + properties: + conditions: + description: Conditions provide observations of the operational state + of a Cluster API resource. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + controlPlaneLoadBalancer: + description: LoadBalancerStatus defines the obeserved state of the + control plane loadbalancer. + properties: + id: + format: int64 + type: integer + internalIP: + type: string + ipv4: + type: string + ipv6: + type: string + protected: + type: boolean + targets: + items: + description: LoadBalancerTarget defines the target of a load + balancer. + properties: + ip: + type: string + serverID: + format: int64 + type: integer + type: + description: LoadBalancerTargetType defines the target type. + enum: + - server + - ip + type: string + required: + - type + type: object + type: array + type: object + failureDomains: + additionalProperties: + description: FailureDomainSpec is the Schema for Cluster API failure + domains. It allows controllers to understand how many failure + domains a cluster can optionally span across. + properties: + attributes: + additionalProperties: + type: string + description: Attributes is a free form map of attributes an + infrastructure provider might use or require. + type: object + controlPlane: + description: ControlPlane determines if this failure domain + is suitable for use by control plane machines. + type: boolean + type: object + description: FailureDomains is a slice of FailureDomains. + type: object + hcloudPlacementGroups: + items: + description: HCloudPlacementGroupStatus returns the status of a + Placementgroup. + properties: + id: + format: int64 + type: integer + name: + type: string + servers: + items: + format: int64 + type: integer + type: array + type: + type: string + type: object + type: array + networkStatus: + description: NetworkStatus defines the observed state of the HCloud + Private Network. + properties: + attachedServers: + items: + format: int64 + type: integer + type: array + id: + format: int64 + type: integer + type: object + ready: + default: false + type: boolean + required: + - ready + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: caph-system/caph-serving-cert + controller-gen.kubebuilder.io/version: v0.12.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: infrastructure-hetzner + cluster.x-k8s.io/v1beta1: v1beta1 + clusterctl.cluster.x-k8s.io: "" + name: hetznerclustertemplates.infrastructure.cluster.x-k8s.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + name: caph-webhook-service + namespace: caph-system + path: /convert + conversionReviewVersions: + - v1 + group: infrastructure.cluster.x-k8s.io + names: + categories: + - cluster-api + kind: HetznerClusterTemplate + listKind: HetznerClusterTemplateList + plural: hetznerclustertemplates + shortNames: + - capihct + singular: hetznerclustertemplate + scope: Namespaced + versions: + - name: v1beta1 + schema: + openAPIV3Schema: + description: HetznerClusterTemplate is the Schema for the hetznerclustertemplates + API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: HetznerClusterTemplateSpec defines the desired state of HetznerClusterTemplate. + properties: + template: + description: HetznerClusterTemplateResource contains spec for HetznerClusterSpec. + properties: + metadata: + description: "ObjectMeta is metadata that all persisted resources + must have, which includes all objects users must create. This + is a copy of customizable fields from metav1.ObjectMeta. \n + ObjectMeta is embedded in `Machine.Spec`, `MachineDeployment.Template` + and `MachineSet.Template`, which are not top-level Kubernetes + objects. Given that metav1.ObjectMeta has lots of special cases + and read-only fields which end up in the generated CRD validation, + having it as a subset simplifies the API and some issues that + can impact user experience. \n During the [upgrade to controller-tools@v2](https://github.com/kubernetes-sigs/cluster-api/pull/1054) + for v1alpha2, we noticed a failure would occur running Cluster + API test suite against the new CRDs, specifically `spec.metadata.creationTimestamp + in body must be of type string: \"null\"`. The investigation + showed that `controller-tools@v2` behaves differently than its + previous version when handling types from [metav1](k8s.io/apimachinery/pkg/apis/meta/v1) + package. \n In more details, we found that embedded (non-top + level) types that embedded `metav1.ObjectMeta` had validation + properties, including for `creationTimestamp` (metav1.Time). + The `metav1.Time` type specifies a custom json marshaller that, + when IsZero() is true, returns `null` which breaks validation + because the field isn't marked as nullable. \n In future versions, + controller-tools@v2 might allow overriding the type and validation + for embedded types. When that happens, this hack should be revisited." + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not queryable + and should be preserved when modifying objects. More info: + http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used + to organize and categorize (scope and select) objects. May + match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: HetznerClusterSpec defines the desired state of HetznerCluster. + properties: + controlPlaneEndpoint: + description: ControlPlaneEndpoint represents the endpoint + used to communicate with the control plane. + properties: + host: + description: The hostname on which the API server is serving. + type: string + port: + description: The port on which the API server is serving. + format: int32 + type: integer + required: + - host + - port + type: object + controlPlaneLoadBalancer: + description: ControlPlaneLoadBalancer is optional configuration + for customizing control plane behavior. Naming convention + is from upstream cluster-api project. + properties: + algorithm: + allOf: + - enum: + - round_robin + - least_connections + - enum: + - round_robin + - least_connections + default: round_robin + description: Could be round_robin or least_connection. + The default value is "round_robin". + type: string + enabled: + default: true + type: boolean + extraServices: + description: Defines how traffic will be routed from the + Load Balancer to your target server. + items: + description: LoadBalancerServiceSpec defines a Loadbalancer + Target. + properties: + destinationPort: + description: DestinationPort defines the port on + the server. + maximum: 65535 + minimum: 1 + type: integer + listenPort: + description: ListenPort, i.e. source port, defines + the incoming port open on the loadbalancer. + maximum: 65535 + minimum: 1 + type: integer + protocol: + description: Protocol specifies the supported Loadbalancer + Protocol. + enum: + - http + - https + - tcp + type: string + type: object + type: array + name: + type: string + port: + default: 6443 + description: API Server port. It must be valid ports range + (1-65535). If omitted, default value is 6443. + maximum: 65535 + minimum: 1 + type: integer + region: + description: Region contains the name of the HCloud location + the load balancer is running. + enum: + - fsn1 + - hel1 + - nbg1 + - ash + - hil + type: string + type: + default: lb11 + description: Loadbalancer type + enum: + - lb11 + - lb21 + - lb31 + type: string + type: object + controlPlaneRegions: + description: ControlPlaneRegion consists of a list of HCloud + Regions (fsn, nbg, hel). Because HCloud Networks have a + very low latency we could assume in some use-cases that + a region is behaving like a zone https://kubernetes.io/docs/reference/labels-annotations-taints/#topologykubernetesiozone + items: + description: Region is a Hetzner Location + enum: + - fsn1 + - hel1 + - nbg1 + - ash + - hil + type: string + type: array + hcloudNetwork: + description: HCloudNetworkSpec defines the Network for Hetzner + Cloud. If left empty no private Network is configured. + properties: + cidrBlock: + default: 10.0.0.0/16 + description: CIDRBlock defines the cidrBlock of the HCloud + Network. A Subnet is required. + type: string + enabled: + description: Enabled defines whether the network should + be enabled or not + type: boolean + networkZone: + default: eu-central + description: NetworkZone specifies the HCloud network + zone of the private network. + enum: + - eu-central + - us-east + - us-west + type: string + subnetCidrBlock: + default: 10.0.0.0/24 + description: SubnetCIDRBlock defines the cidrBlock for + the subnet of the HCloud Network. + type: string + required: + - enabled + type: object + hcloudPlacementGroups: + items: + description: HCloudPlacementGroupSpec defines a PlacementGroup. + properties: + name: + minLength: 1 + type: string + type: + default: spread + enum: + - spread + type: string + required: + - name + type: object + type: array + hetznerSecretRef: + description: HetznerSecretRef is a reference to a token to + be used when reconciling this cluster. This is generated + in the security section under API TOKENS. Read & write is + necessary. + properties: + key: + description: HetznerSecretKeyRef defines the key name + of the HetznerSecret. Need to specify either HCloudToken + or both HetznerRobotUser and HetznerRobotPassword. + properties: + hcloudToken: + type: string + hetznerRobotPassword: + type: string + hetznerRobotUser: + type: string + type: object + name: + type: string + required: + - key + - name + type: object + sshKeys: + description: SSHKeys are cluster wide. Valid values are a + valid SSH key name. + properties: + hcloud: + items: + description: SSHKey defines the SSHKey for HCloud. + properties: + fingerprint: + description: Fingerprint of SSH key - added by controller + type: string + name: + description: Name of SSH key + minLength: 1 + type: string + required: + - name + type: object + type: array + robotRescueSecretRef: + description: SSHSecretRef defines the secret containing + all information of the SSH key used for Hetzner robot. + properties: + key: + description: SSHSecretKeyRef defines the key name + of the SSHSecret. + properties: + name: + type: string + privateKey: + type: string + publicKey: + type: string + required: + - name + - privateKey + - publicKey + type: object + name: + type: string + required: + - key + - name + type: object + type: object + required: + - controlPlaneRegions + - hetznerSecretRef + - sshKeys + type: object + required: + - spec + type: object + required: + - template + type: object + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + cluster.x-k8s.io/provider: infrastructure-hetzner + clusterctl.cluster.x-k8s.io: "" + name: caph-controller-manager + namespace: caph-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + labels: + cluster.x-k8s.io/provider: infrastructure-hetzner + clusterctl.cluster.x-k8s.io: "" + name: caph-leader-election-role + namespace: caph-system +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + cluster.x-k8s.io/provider: infrastructure-hetzner + clusterctl.cluster.x-k8s.io: "" + name: caph-manager-role +rules: +- apiGroups: + - "" + resources: + - events + verbs: + - create + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - update + - watch +- apiGroups: + - certificates.k8s.io + resources: + - certificatesigningrequests + verbs: + - get + - list + - watch +- apiGroups: + - certificates.k8s.io + resources: + - certificatesigningrequests/approval + verbs: + - update +- apiGroups: + - certificates.k8s.io + resourceNames: + - kubernetes.io/kubelet-serving + resources: + - signers + verbs: + - approve +- apiGroups: + - cluster.x-k8s.io + resources: + - clusters + - clusters/status + verbs: + - get + - list + - watch +- apiGroups: + - cluster.x-k8s.io + resources: + - machines + - machines/status + verbs: + - get + - list + - patch + - update + - watch +- apiGroups: + - infrastructure.cluster.x-k8s.io + resources: + - hcloudmachines + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - infrastructure.cluster.x-k8s.io + resources: + - hcloudmachines/finalizers + verbs: + - update +- apiGroups: + - infrastructure.cluster.x-k8s.io + resources: + - hcloudmachines/status + verbs: + - get + - patch + - update +- apiGroups: + - infrastructure.cluster.x-k8s.io + resources: + - hcloudmachinetemplates + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - infrastructure.cluster.x-k8s.io + resources: + - hcloudmachinetemplates/status + verbs: + - get + - patch + - update +- apiGroups: + - infrastructure.cluster.x-k8s.io + resources: + - hcloudremediations + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - infrastructure.cluster.x-k8s.io + resources: + - hcloudremediations/finalizers + verbs: + - update +- apiGroups: + - infrastructure.cluster.x-k8s.io + resources: + - hcloudremediations/status + verbs: + - get + - patch + - update +- apiGroups: + - infrastructure.cluster.x-k8s.io + resources: + - hetznerbaremetalhosts + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - infrastructure.cluster.x-k8s.io + resources: + - hetznerbaremetalhosts/finalizers + verbs: + - update +- apiGroups: + - infrastructure.cluster.x-k8s.io + resources: + - hetznerbaremetalhosts/status + verbs: + - get + - patch + - update +- apiGroups: + - infrastructure.cluster.x-k8s.io + resources: + - hetznerbaremetalmachines + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - infrastructure.cluster.x-k8s.io + resources: + - hetznerbaremetalmachines/finalizers + verbs: + - update +- apiGroups: + - infrastructure.cluster.x-k8s.io + resources: + - hetznerbaremetalmachines/status + verbs: + - get + - patch + - update +- apiGroups: + - infrastructure.cluster.x-k8s.io + resources: + - hetznerbaremetalremediations + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - infrastructure.cluster.x-k8s.io + resources: + - hetznerbaremetalremediations/finalizers + verbs: + - update +- apiGroups: + - infrastructure.cluster.x-k8s.io + resources: + - hetznerbaremetalremediations/status + verbs: + - get + - patch + - update +- apiGroups: + - infrastructure.cluster.x-k8s.io + resources: + - hetznerclusters + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - infrastructure.cluster.x-k8s.io + resources: + - hetznerclusters/finalizers + verbs: + - update +- apiGroups: + - infrastructure.cluster.x-k8s.io + resources: + - hetznerclusters/status + verbs: + - get + - patch + - update +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + cluster.x-k8s.io/provider: infrastructure-hetzner + clusterctl.cluster.x-k8s.io: "" + name: caph-metrics-reader +rules: +- nonResourceURLs: + - /metrics + verbs: + - get +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: infrastructure-hetzner + clusterctl.cluster.x-k8s.io: "" + name: caph-leader-election-rolebinding + namespace: caph-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: caph-leader-election-role +subjects: +- kind: ServiceAccount + name: caph-controller-manager + namespace: caph-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: infrastructure-hetzner + clusterctl.cluster.x-k8s.io: "" + name: caph-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: caph-manager-role +subjects: +- kind: ServiceAccount + name: caph-controller-manager + namespace: caph-system +--- +apiVersion: v1 +kind: Service +metadata: + labels: + cluster.x-k8s.io/provider: infrastructure-hetzner + clusterctl.cluster.x-k8s.io: "" + name: caph-webhook-service + namespace: caph-system +spec: + ports: + - port: 443 + targetPort: 9443 + selector: + cluster.x-k8s.io/provider: infrastructure-hetzner + control-plane: caph-controller-manager +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: infrastructure-hetzner + clusterctl.cluster.x-k8s.io: "" + control-plane: caph-controller-manager + name: caph-controller-manager + namespace: caph-system +spec: + replicas: 1 + selector: + matchLabels: + cluster.x-k8s.io/provider: infrastructure-hetzner + control-plane: caph-controller-manager + strategy: {} + template: + metadata: + annotations: + kubectl.kubernetes.io/default-logs-container: manager + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: infrastructure-hetzner + control-plane: caph-controller-manager + spec: + containers: + - args: + - --leader-elect=true + command: + - /manager + image: ghcr.io/syself/caph:v1.0.0-beta.26 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: healthz + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: manager + ports: + - containerPort: 9443 + name: webhook-server + protocol: TCP + - containerPort: 9440 + name: healthz + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /readyz + port: healthz + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: + limits: + cpu: 150m + memory: 250Mi + requests: + cpu: 100m + memory: 100Mi + volumeMounts: + - mountPath: /tmp/k8s-webhook-server/serving-certs + name: cert + readOnly: true + serviceAccountName: caph-controller-manager + terminationGracePeriodSeconds: 10 + tolerations: + - effect: NoSchedule + key: node-role.kubernetes.io/control-plane + volumes: + - name: cert + secret: + defaultMode: 420 + secretName: caph-webhook-server-cert +status: {} +--- +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + labels: + cluster.x-k8s.io/provider: infrastructure-hetzner + clusterctl.cluster.x-k8s.io: "" + name: caph-serving-cert + namespace: caph-system +spec: + dnsNames: + - caph-webhook-service.caph-system.svc + - caph-webhook-service.caph-system.svc.cluster.local + issuerRef: + kind: Issuer + name: caph-selfsigned-issuer + secretName: caph-webhook-server-cert + subject: + organizations: + - k8s-sig-cluster-lifecycle +--- +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + labels: + cluster.x-k8s.io/provider: infrastructure-hetzner + clusterctl.cluster.x-k8s.io: "" + name: caph-selfsigned-issuer + namespace: caph-system +spec: + selfSigned: {} +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: MutatingWebhookConfiguration +metadata: + annotations: + cert-manager.io/inject-ca-from: caph-system/caph-serving-cert + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: infrastructure-hetzner + clusterctl.cluster.x-k8s.io: "" + name: caph-mutating-webhook-configuration +webhooks: +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: caph-webhook-service + namespace: caph-system + path: /mutate-infrastructure-cluster-x-k8s-io-v1beta1-hcloudremediationtemplate + failurePolicy: Fail + name: mhcloudremediationtemplate.kb.io + rules: + - apiGroups: + - infrastructure.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - hcloudremediationtemplates + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: caph-webhook-service + namespace: caph-system + path: /mutate-infrastructure-cluster-x-k8s-io-v1beta1-hetznerbaremetalremediationtemplate + failurePolicy: Fail + name: mhetznerbaremetalremediationtemplate.kb.io + rules: + - apiGroups: + - infrastructure.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - hetznerbaremetalremediationtemplates + sideEffects: None +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: caph-webhook-service + namespace: caph-system + path: /mutate-infrastructure-cluster-x-k8s-io-v1beta1-hcloudmachine + failurePolicy: Fail + name: mutation.hcloudmachine.infrastructure.cluster.x-k8s.io + rules: + - apiGroups: + - infrastructure.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - hcloudmachines + sideEffects: None +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: caph-webhook-service + namespace: caph-system + path: /mutate-infrastructure-cluster-x-k8s-io-v1beta1-hcloudremediation + failurePolicy: Fail + name: mutation.hcloudremediation.infrastructure.cluster.x-k8s.io + rules: + - apiGroups: + - infrastructure.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - hcloudremediations + sideEffects: None +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: caph-webhook-service + namespace: caph-system + path: /mutate-infrastructure-cluster-x-k8s-io-v1beta1-hetznerbaremetalhost + failurePolicy: Fail + name: mutation.hetznerbaremetalhost.infrastructure.cluster.x-k8s.io + rules: + - apiGroups: + - infrastructure.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - hetznerbaremetalhosts + sideEffects: None +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: caph-webhook-service + namespace: caph-system + path: /mutate-infrastructure-cluster-x-k8s-io-v1beta1-hetznerbaremetalmachine + failurePolicy: Fail + name: mutation.hetznerbaremetalmachine.infrastructure.cluster.x-k8s.io + rules: + - apiGroups: + - infrastructure.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - hetznerbaremetalmachines + sideEffects: None +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: caph-webhook-service + namespace: caph-system + path: /mutate-infrastructure-cluster-x-k8s-io-v1beta1-hetznerbaremetalremediation + failurePolicy: Fail + name: mutation.hetznerbaremetalremediation.infrastructure.cluster.x-k8s.io + rules: + - apiGroups: + - infrastructure.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - hetznerbaremetalremediations + sideEffects: None +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: caph-webhook-service + namespace: caph-system + path: /mutate-infrastructure-cluster-x-k8s-io-v1beta1-hetznercluster + failurePolicy: Fail + name: mutation.hetznercluster.infrastructure.cluster.x-k8s.io + rules: + - apiGroups: + - infrastructure.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - hetznerclusters + sideEffects: None +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration +metadata: + annotations: + cert-manager.io/inject-ca-from: caph-system/caph-serving-cert + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: infrastructure-hetzner + clusterctl.cluster.x-k8s.io: "" + name: caph-validating-webhook-configuration +webhooks: +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: caph-webhook-service + namespace: caph-system + path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-hcloudmachine + failurePolicy: Fail + name: validation.hcloudmachine.infrastructure.cluster.x-k8s.io + rules: + - apiGroups: + - infrastructure.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - hcloudmachines + sideEffects: None +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: caph-webhook-service + namespace: caph-system + path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-hcloudmachinetemplate + failurePolicy: Fail + name: validation.hcloudmachinetemplate.infrastructure.x-k8s.io + rules: + - apiGroups: + - infrastructure.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - hcloudmachinetemplates + sideEffects: None +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: caph-webhook-service + namespace: caph-system + path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-hcloudremediation + failurePolicy: Fail + name: validation.hcloudremediation.infrastructure.cluster.x-k8s.io + rules: + - apiGroups: + - infrastructure.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - hcloudremediations + sideEffects: None +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: caph-webhook-service + namespace: caph-system + path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-hetznerbaremetalhost + failurePolicy: Fail + name: validation.hetznerbaremetalhost.infrastructure.cluster.x-k8s.io + rules: + - apiGroups: + - infrastructure.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - hetznerbaremetalhosts + sideEffects: None +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: caph-webhook-service + namespace: caph-system + path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-hetznerbaremetalmachine + failurePolicy: Fail + name: validation.hetznerbaremetalmachine.infrastructure.cluster.x-k8s.io + rules: + - apiGroups: + - infrastructure.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - hetznerbaremetalmachines + sideEffects: None +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: caph-webhook-service + namespace: caph-system + path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-hetznerbaremetalmachinetemplate + failurePolicy: Fail + name: validation.hetznerbaremetalmachinetemplate.infrastructure.cluster.x-k8s.io + rules: + - apiGroups: + - infrastructure.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - hetznerbaremetalmachinetemplates + sideEffects: None +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: caph-webhook-service + namespace: caph-system + path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-hetznerbaremetalremediation + failurePolicy: Fail + name: validation.hetznerbaremetalremediation.infrastructure.cluster.x-k8s.io + rules: + - apiGroups: + - infrastructure.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - hetznerbaremetalremediations + sideEffects: None +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: caph-webhook-service + namespace: caph-system + path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-hetznercluster + failurePolicy: Fail + name: validation.hetznercluster.infrastructure.cluster.x-k8s.io + rules: + - apiGroups: + - infrastructure.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - hetznerclusters + sideEffects: None +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: caph-webhook-service + namespace: caph-system + path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-hetznerclustertemplate + failurePolicy: Fail + name: validation.hetznerclustertemplate.infrastructure.cluster.x-k8s.io + rules: + - apiGroups: + - infrastructure.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - hetznerclustertemplates + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: caph-webhook-service + namespace: caph-system + path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-hcloudremediationtemplate + failurePolicy: Fail + name: vhcloudremediationtemplate.kb.io + rules: + - apiGroups: + - infrastructure.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - hcloudremediationtemplates + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: caph-webhook-service + namespace: caph-system + path: /validate-infrastructure-cluster-x-k8s-io-v1beta1-hetznerbaremetalremediationtemplate + failurePolicy: Fail + name: vhetznerbaremetalremediationtemplate.kb.io + rules: + - apiGroups: + - infrastructure.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - hetznerbaremetalremediationtemplates + sideEffects: None diff --git a/manifests/prod/addons/capi-system/gen-yaml.sh b/manifests/prod/addons/capi-system/gen-yaml.sh new file mode 100755 index 0000000..882f259 --- /dev/null +++ b/manifests/prod/addons/capi-system/gen-yaml.sh @@ -0,0 +1,9 @@ +#!/usr/bin/env bash + +set -o errexit +set -o nounset +set -o pipefail + +cd "$(dirname "${BASH_SOURCE[0]}")" + +clusterctl generate provider --core cluster-api:v1.6.0 > resources/provider.yaml diff --git a/manifests/prod/addons/capi-system/kustomization.yaml b/manifests/prod/addons/capi-system/kustomization.yaml new file mode 100644 index 0000000..adeff1e --- /dev/null +++ b/manifests/prod/addons/capi-system/kustomization.yaml @@ -0,0 +1,17 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - resources/provider.yaml + +patches: + - target: + kind: Deployment + name: capi-controller-manager + patch: |- + spec: + template: + spec: + tolerations: + - key: node-role.kubernetes.io/master + effect: NoSchedule diff --git a/manifests/prod/addons/capi-system/resources/provider.yaml b/manifests/prod/addons/capi-system/resources/provider.yaml new file mode 100644 index 0000000..b7d726c --- /dev/null +++ b/manifests/prod/addons/capi-system/resources/provider.yaml @@ -0,0 +1,9937 @@ +apiVersion: v1 +kind: Namespace +metadata: + labels: + cluster.x-k8s.io/provider: cluster-api + clusterctl.cluster.x-k8s.io: "" + control-plane: controller-manager + name: capi-system +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: capi-system/capi-serving-cert + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: cluster-api + clusterctl.cluster.x-k8s.io: "" + name: clusterclasses.cluster.x-k8s.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + caBundle: Cg== + service: + name: capi-webhook-service + namespace: capi-system + path: /convert + conversionReviewVersions: + - v1 + - v1beta1 + group: cluster.x-k8s.io + names: + categories: + - cluster-api + kind: ClusterClass + listKind: ClusterClassList + plural: clusterclasses + shortNames: + - cc + singular: clusterclass + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Time duration since creation of ClusterClass + jsonPath: .metadata.creationTimestamp + name: Age + type: date + deprecated: true + name: v1alpha4 + schema: + openAPIV3Schema: + description: "ClusterClass is a template which can be used to create managed + topologies. \n Deprecated: This type will be removed in one of the next + releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ClusterClassSpec describes the desired state of the ClusterClass. + properties: + controlPlane: + description: ControlPlane is a reference to a local struct that holds + the details for provisioning the Control Plane for the Cluster. + properties: + machineInfrastructure: + description: "MachineTemplate defines the metadata and infrastructure + information for control plane machines. \n This field is supported + if and only if the control plane provider template referenced + above is Machine based and supports setting replicas." + properties: + ref: + description: Ref is a required reference to a custom resource + offered by a provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that + triggered the event) or if no container name is specified + "spec.containers[2]" (container with index 2 in this + pod). This syntax is chosen only to have some well-defined + way of referencing a part of an object. TODO: this design + is not final and this field is subject to change in + the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - ref + type: object + metadata: + description: "Metadata is the metadata applied to the machines + of the ControlPlane. At runtime this metadata is merged with + the corresponding metadata from the topology. \n This field + is supported if and only if the control plane provider template + referenced is Machine based." + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not queryable + and should be preserved when modifying objects. More info: + http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used + to organize and categorize (scope and select) objects. May + match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + ref: + description: Ref is a required reference to a custom resource + offered by a provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part + of an object. TODO: this design is not final and this field + is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - ref + type: object + infrastructure: + description: Infrastructure is a reference to a provider-specific + template that holds the details for provisioning infrastructure + specific cluster for the underlying provider. The underlying provider + is responsible for the implementation of the template to an infrastructure + cluster. + properties: + ref: + description: Ref is a required reference to a custom resource + offered by a provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part + of an object. TODO: this design is not final and this field + is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - ref + type: object + workers: + description: Workers describes the worker nodes for the cluster. It + is a collection of node types which can be used to create the worker + nodes of the cluster. + properties: + machineDeployments: + description: MachineDeployments is a list of machine deployment + classes that can be used to create a set of worker nodes. + items: + description: MachineDeploymentClass serves as a template to + define a set of worker nodes of the cluster provisioned using + the `ClusterClass`. + properties: + class: + description: Class denotes a type of worker node present + in the cluster, this name MUST be unique within a ClusterClass + and can be referenced in the Cluster to create a managed + MachineDeployment. + type: string + template: + description: Template is a local struct containing a collection + of templates for creation of MachineDeployment objects + representing a set of worker nodes. + properties: + bootstrap: + description: Bootstrap contains the bootstrap template + reference to be used for the creation of worker Machines. + properties: + ref: + description: Ref is a required reference to a custom + resource offered by a provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an + object instead of an entire object, this string + should contain a valid JSON/Go field access + statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to + a container within a pod, this would take + on a value like: "spec.containers{name}" (where + "name" refers to the name of the container + that triggered the event) or if no container + name is specified "spec.containers[2]" (container + with index 2 in this pod). This syntax is + chosen only to have some well-defined way + of referencing a part of an object. TODO: + this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which + this reference is made, if any. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - ref + type: object + infrastructure: + description: Infrastructure contains the infrastructure + template reference to be used for the creation of + worker Machines. + properties: + ref: + description: Ref is a required reference to a custom + resource offered by a provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an + object instead of an entire object, this string + should contain a valid JSON/Go field access + statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to + a container within a pod, this would take + on a value like: "spec.containers{name}" (where + "name" refers to the name of the container + that triggered the event) or if no container + name is specified "spec.containers[2]" (container + with index 2 in this pod). This syntax is + chosen only to have some well-defined way + of referencing a part of an object. TODO: + this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which + this reference is made, if any. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - ref + type: object + metadata: + description: Metadata is the metadata applied to the + machines of the MachineDeployment. At runtime this + metadata is merged with the corresponding metadata + from the topology. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key + value map stored with a resource that may be set + by external tools to store and retrieve arbitrary + metadata. They are not queryable and should be + preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that + can be used to organize and categorize (scope + and select) objects. May match selectors of replication + controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + required: + - bootstrap + - infrastructure + type: object + required: + - class + - template + type: object + type: array + type: object + type: object + type: object + served: false + storage: false + subresources: {} + - additionalPrinterColumns: + - description: Time duration since creation of ClusterClass + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: ClusterClass is a template which can be used to create managed + topologies. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ClusterClassSpec describes the desired state of the ClusterClass. + properties: + controlPlane: + description: ControlPlane is a reference to a local struct that holds + the details for provisioning the Control Plane for the Cluster. + properties: + machineHealthCheck: + description: MachineHealthCheck defines a MachineHealthCheck for + this ControlPlaneClass. This field is supported if and only + if the ControlPlane provider template referenced above is Machine + based and supports setting replicas. + properties: + maxUnhealthy: + anyOf: + - type: integer + - type: string + description: Any further remediation is only allowed if at + most "MaxUnhealthy" machines selected by "selector" are + not healthy. + x-kubernetes-int-or-string: true + nodeStartupTimeout: + description: Machines older than this duration without a node + will be considered to have failed and will be remediated. + If you wish to disable this feature, set the value explicitly + to 0. + type: string + remediationTemplate: + description: "RemediationTemplate is a reference to a remediation + template provided by an infrastructure provider. \n This + field is completely optional, when filled, the MachineHealthCheck + controller creates a new object from the template referenced + and hands off remediation of the machine to a controller + that lives outside of Cluster API." + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that + triggered the event) or if no container name is specified + "spec.containers[2]" (container with index 2 in this + pod). This syntax is chosen only to have some well-defined + way of referencing a part of an object. TODO: this design + is not final and this field is subject to change in + the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + unhealthyConditions: + description: UnhealthyConditions contains a list of the conditions + that determine whether a node is considered unhealthy. The + conditions are combined in a logical OR, i.e. if any of + the conditions is met, the node is unhealthy. + items: + description: UnhealthyCondition represents a Node condition + type and value with a timeout specified as a duration. When + the named condition has been in the given status for at + least the timeout value, a node is considered unhealthy. + properties: + status: + minLength: 1 + type: string + timeout: + type: string + type: + minLength: 1 + type: string + required: + - status + - timeout + - type + type: object + type: array + unhealthyRange: + description: 'Any further remediation is only allowed if the + number of machines selected by "selector" as not healthy + is within the range of "UnhealthyRange". Takes precedence + over MaxUnhealthy. Eg. "[3-5]" - This means that remediation + will be allowed only when: (a) there are at least 3 unhealthy + machines (and) (b) there are at most 5 unhealthy machines' + pattern: ^\[[0-9]+-[0-9]+\]$ + type: string + type: object + machineInfrastructure: + description: "MachineInfrastructure defines the metadata and infrastructure + information for control plane machines. \n This field is supported + if and only if the control plane provider template referenced + above is Machine based and supports setting replicas." + properties: + ref: + description: Ref is a required reference to a custom resource + offered by a provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that + triggered the event) or if no container name is specified + "spec.containers[2]" (container with index 2 in this + pod). This syntax is chosen only to have some well-defined + way of referencing a part of an object. TODO: this design + is not final and this field is subject to change in + the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - ref + type: object + metadata: + description: "Metadata is the metadata applied to the ControlPlane + and the Machines of the ControlPlane if the ControlPlaneTemplate + referenced is machine based. If not, it is applied only to the + ControlPlane. At runtime this metadata is merged with the corresponding + metadata from the topology. \n This field is supported if and + only if the control plane provider template referenced is Machine + based." + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not queryable + and should be preserved when modifying objects. More info: + http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used + to organize and categorize (scope and select) objects. May + match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + namingStrategy: + description: NamingStrategy allows changing the naming pattern + used when creating the control plane provider object. + properties: + template: + description: 'Template defines the template to use for generating + the name of the ControlPlane object. If not defined, it + will fallback to `{{ .cluster.name }}-{{ .random }}`. If + the templated string exceeds 63 characters, it will be trimmed + to 58 characters and will get concatenated with a random + suffix of length 5. The templating mechanism provides the + following arguments: * `.cluster.name`: The name of the + cluster object. * `.random`: A random alphanumeric string, + without vowels, of length 5.' + type: string + type: object + nodeDeletionTimeout: + description: 'NodeDeletionTimeout defines how long the controller + will attempt to delete the Node that the Machine hosts after + the Machine is marked for deletion. A duration of 0 will retry + deletion indefinitely. Defaults to 10 seconds. NOTE: This value + can be overridden while defining a Cluster.Topology.' + type: string + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time that + the controller will spend on draining a node. The default value + is 0, meaning that the node can be drained without any time + limitations. NOTE: NodeDrainTimeout is different from `kubectl + drain --timeout` NOTE: This value can be overridden while defining + a Cluster.Topology.' + type: string + nodeVolumeDetachTimeout: + description: 'NodeVolumeDetachTimeout is the total amount of time + that the controller will spend on waiting for all volumes to + be detached. The default value is 0, meaning that the volumes + can be detached without any time limitations. NOTE: This value + can be overridden while defining a Cluster.Topology.' + type: string + ref: + description: Ref is a required reference to a custom resource + offered by a provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part + of an object. TODO: this design is not final and this field + is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - ref + type: object + infrastructure: + description: Infrastructure is a reference to a provider-specific + template that holds the details for provisioning infrastructure + specific cluster for the underlying provider. The underlying provider + is responsible for the implementation of the template to an infrastructure + cluster. + properties: + ref: + description: Ref is a required reference to a custom resource + offered by a provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part + of an object. TODO: this design is not final and this field + is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - ref + type: object + patches: + description: 'Patches defines the patches which are applied to customize + referenced templates of a ClusterClass. Note: Patches will be applied + in the order of the array.' + items: + description: ClusterClassPatch defines a patch which is applied + to customize the referenced templates. + properties: + definitions: + description: 'Definitions define inline patches. Note: Patches + will be applied in the order of the array. Note: Exactly one + of Definitions or External must be set.' + items: + description: PatchDefinition defines a patch which is applied + to customize the referenced templates. + properties: + jsonPatches: + description: 'JSONPatches defines the patches which should + be applied on the templates matching the selector. Note: + Patches will be applied in the order of the array.' + items: + description: JSONPatch defines a JSON patch. + properties: + op: + description: 'Op defines the operation of the patch. + Note: Only `add`, `replace` and `remove` are supported.' + type: string + path: + description: 'Path defines the path of the patch. + Note: Only the spec of a template can be patched, + thus the path has to start with /spec/. Note: + For now the only allowed array modifications are + `append` and `prepend`, i.e.: * for op: `add`: + only index 0 (prepend) and - (append) are allowed + * for op: `replace` or `remove`: no indexes are + allowed' + type: string + value: + description: 'Value defines the value of the patch. + Note: Either Value or ValueFrom is required for + add and replace operations. Only one of them is + allowed to be set at the same time. Note: We have + to use apiextensionsv1.JSON instead of our JSON + type, because controller-tools has a hard-coded + schema for apiextensionsv1.JSON which cannot be + produced by another type (unset type field). Ref: + https://github.com/kubernetes-sigs/controller-tools/blob/d0e03a142d0ecdd5491593e941ee1d6b5d91dba6/pkg/crd/known_types.go#L106-L111' + x-kubernetes-preserve-unknown-fields: true + valueFrom: + description: 'ValueFrom defines the value of the + patch. Note: Either Value or ValueFrom is required + for add and replace operations. Only one of them + is allowed to be set at the same time.' + properties: + template: + description: 'Template is the Go template to + be used to calculate the value. A template + can reference variables defined in .spec.variables + and builtin variables. Note: The template + must evaluate to a valid YAML or JSON value.' + type: string + variable: + description: Variable is the variable to be + used as value. Variable can be one of the + variables defined in .spec.variables or a + builtin variable. + type: string + type: object + required: + - op + - path + type: object + type: array + selector: + description: Selector defines on which templates the patch + should be applied. + properties: + apiVersion: + description: APIVersion filters templates by apiVersion. + type: string + kind: + description: Kind filters templates by kind. + type: string + matchResources: + description: MatchResources selects templates based + on where they are referenced. + properties: + controlPlane: + description: 'ControlPlane selects templates referenced + in .spec.ControlPlane. Note: this will match + the controlPlane and also the controlPlane machineInfrastructure + (depending on the kind and apiVersion).' + type: boolean + infrastructureCluster: + description: InfrastructureCluster selects templates + referenced in .spec.infrastructure. + type: boolean + machineDeploymentClass: + description: MachineDeploymentClass selects templates + referenced in specific MachineDeploymentClasses + in .spec.workers.machineDeployments. + properties: + names: + description: Names selects templates by class + names. + items: + type: string + type: array + type: object + machinePoolClass: + description: MachinePoolClass selects templates + referenced in specific MachinePoolClasses in + .spec.workers.machinePools. + properties: + names: + description: Names selects templates by class + names. + items: + type: string + type: array + type: object + type: object + required: + - apiVersion + - kind + - matchResources + type: object + required: + - jsonPatches + - selector + type: object + type: array + description: + description: Description is a human-readable description of + this patch. + type: string + enabledIf: + description: EnabledIf is a Go template to be used to calculate + if a patch should be enabled. It can reference variables defined + in .spec.variables and builtin variables. The patch will be + enabled if the template evaluates to `true`, otherwise it + will be disabled. If EnabledIf is not set, the patch will + be enabled per default. + type: string + external: + description: 'External defines an external patch. Note: Exactly + one of Definitions or External must be set.' + properties: + discoverVariablesExtension: + description: DiscoverVariablesExtension references an extension + which is called to discover variables. + type: string + generateExtension: + description: GenerateExtension references an extension which + is called to generate patches. + type: string + settings: + additionalProperties: + type: string + description: Settings defines key value pairs to be passed + to the extensions. Values defined here take precedence + over the values defined in the corresponding ExtensionConfig. + type: object + validateExtension: + description: ValidateExtension references an extension which + is called to validate the topology. + type: string + type: object + name: + description: Name of the patch. + type: string + required: + - name + type: object + type: array + variables: + description: Variables defines the variables which can be configured + in the Cluster topology and are then used in patches. + items: + description: ClusterClassVariable defines a variable which can be + configured in the Cluster topology and used in patches. + properties: + name: + description: Name of the variable. + type: string + required: + description: 'Required specifies if the variable is required. + Note: this applies to the variable as a whole and thus the + top-level object defined in the schema. If nested fields are + required, this will be specified inside the schema.' + type: boolean + schema: + description: Schema defines the schema of the variable. + properties: + openAPIV3Schema: + description: OpenAPIV3Schema defines the schema of a variable + via OpenAPI v3 schema. The schema is a subset of the schema + used in Kubernetes CRDs. + properties: + additionalProperties: + description: 'AdditionalProperties specifies the schema + of values in a map (keys are always strings). NOTE: + Can only be set if type is object. NOTE: AdditionalProperties + is mutually exclusive with Properties. NOTE: This + field uses PreserveUnknownFields and Schemaless, because + recursive validation is not possible.' + x-kubernetes-preserve-unknown-fields: true + default: + description: 'Default is the default value of the variable. + NOTE: Can be set for all types.' + x-kubernetes-preserve-unknown-fields: true + description: + description: Description is a human-readable description + of this variable. + type: string + enum: + description: 'Enum is the list of valid values of the + variable. NOTE: Can be set for all types.' + items: + x-kubernetes-preserve-unknown-fields: true + type: array + example: + description: Example is an example for this variable. + x-kubernetes-preserve-unknown-fields: true + exclusiveMaximum: + description: 'ExclusiveMaximum specifies if the Maximum + is exclusive. NOTE: Can only be set if type is integer + or number.' + type: boolean + exclusiveMinimum: + description: 'ExclusiveMinimum specifies if the Minimum + is exclusive. NOTE: Can only be set if type is integer + or number.' + type: boolean + format: + description: 'Format is an OpenAPI v3 format string. + Unknown formats are ignored. For a list of supported + formats please see: (of the k8s.io/apiextensions-apiserver + version we''re currently using) https://github.com/kubernetes/apiextensions-apiserver/blob/master/pkg/apiserver/validation/formats.go + NOTE: Can only be set if type is string.' + type: string + items: + description: 'Items specifies fields of an array. NOTE: + Can only be set if type is array. NOTE: This field + uses PreserveUnknownFields and Schemaless, because + recursive validation is not possible.' + x-kubernetes-preserve-unknown-fields: true + maxItems: + description: 'MaxItems is the max length of an array + variable. NOTE: Can only be set if type is array.' + format: int64 + type: integer + maxLength: + description: 'MaxLength is the max length of a string + variable. NOTE: Can only be set if type is string.' + format: int64 + type: integer + maximum: + description: 'Maximum is the maximum of an integer or + number variable. If ExclusiveMaximum is false, the + variable is valid if it is lower than, or equal to, + the value of Maximum. If ExclusiveMaximum is true, + the variable is valid if it is strictly lower than + the value of Maximum. NOTE: Can only be set if type + is integer or number.' + format: int64 + type: integer + minItems: + description: 'MinItems is the min length of an array + variable. NOTE: Can only be set if type is array.' + format: int64 + type: integer + minLength: + description: 'MinLength is the min length of a string + variable. NOTE: Can only be set if type is string.' + format: int64 + type: integer + minimum: + description: 'Minimum is the minimum of an integer or + number variable. If ExclusiveMinimum is false, the + variable is valid if it is greater than, or equal + to, the value of Minimum. If ExclusiveMinimum is true, + the variable is valid if it is strictly greater than + the value of Minimum. NOTE: Can only be set if type + is integer or number.' + format: int64 + type: integer + pattern: + description: 'Pattern is the regex which a string variable + must match. NOTE: Can only be set if type is string.' + type: string + properties: + description: 'Properties specifies fields of an object. + NOTE: Can only be set if type is object. NOTE: Properties + is mutually exclusive with AdditionalProperties. NOTE: + This field uses PreserveUnknownFields and Schemaless, + because recursive validation is not possible.' + x-kubernetes-preserve-unknown-fields: true + required: + description: 'Required specifies which fields of an + object are required. NOTE: Can only be set if type + is object.' + items: + type: string + type: array + type: + description: 'Type is the type of the variable. Valid + values are: object, array, string, integer, number + or boolean.' + type: string + uniqueItems: + description: 'UniqueItems specifies if items in an array + must be unique. NOTE: Can only be set if type is array.' + type: boolean + x-kubernetes-preserve-unknown-fields: + description: XPreserveUnknownFields allows setting fields + in a variable object which are not defined in the + variable schema. This affects fields recursively, + except if nested properties or additionalProperties + are specified in the schema. + type: boolean + required: + - type + type: object + required: + - openAPIV3Schema + type: object + required: + - name + - required + - schema + type: object + type: array + workers: + description: Workers describes the worker nodes for the cluster. It + is a collection of node types which can be used to create the worker + nodes of the cluster. + properties: + machineDeployments: + description: MachineDeployments is a list of machine deployment + classes that can be used to create a set of worker nodes. + items: + description: MachineDeploymentClass serves as a template to + define a set of worker nodes of the cluster provisioned using + the `ClusterClass`. + properties: + class: + description: Class denotes a type of worker node present + in the cluster, this name MUST be unique within a ClusterClass + and can be referenced in the Cluster to create a managed + MachineDeployment. + type: string + failureDomain: + description: 'FailureDomain is the failure domain the machines + will be created in. Must match a key in the FailureDomains + map stored on the cluster object. NOTE: This value can + be overridden while defining a Cluster.Topology using + this MachineDeploymentClass.' + type: string + machineHealthCheck: + description: MachineHealthCheck defines a MachineHealthCheck + for this MachineDeploymentClass. + properties: + maxUnhealthy: + anyOf: + - type: integer + - type: string + description: Any further remediation is only allowed + if at most "MaxUnhealthy" machines selected by "selector" + are not healthy. + x-kubernetes-int-or-string: true + nodeStartupTimeout: + description: Machines older than this duration without + a node will be considered to have failed and will + be remediated. If you wish to disable this feature, + set the value explicitly to 0. + type: string + remediationTemplate: + description: "RemediationTemplate is a reference to + a remediation template provided by an infrastructure + provider. \n This field is completely optional, when + filled, the MachineHealthCheck controller creates + a new object from the template referenced and hands + off remediation of the machine to a controller that + lives outside of Cluster API." + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to + the name of the container that triggered the event) + or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax + is chosen only to have some well-defined way of + referencing a part of an object. TODO: this design + is not final and this field is subject to change + in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which + this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + unhealthyConditions: + description: UnhealthyConditions contains a list of + the conditions that determine whether a node is considered + unhealthy. The conditions are combined in a logical + OR, i.e. if any of the conditions is met, the node + is unhealthy. + items: + description: UnhealthyCondition represents a Node + condition type and value with a timeout specified + as a duration. When the named condition has been + in the given status for at least the timeout value, + a node is considered unhealthy. + properties: + status: + minLength: 1 + type: string + timeout: + type: string + type: + minLength: 1 + type: string + required: + - status + - timeout + - type + type: object + type: array + unhealthyRange: + description: 'Any further remediation is only allowed + if the number of machines selected by "selector" as + not healthy is within the range of "UnhealthyRange". + Takes precedence over MaxUnhealthy. Eg. "[3-5]" - + This means that remediation will be allowed only when: + (a) there are at least 3 unhealthy machines (and) + (b) there are at most 5 unhealthy machines' + pattern: ^\[[0-9]+-[0-9]+\]$ + type: string + type: object + minReadySeconds: + description: 'Minimum number of seconds for which a newly + created machine should be ready. Defaults to 0 (machine + will be considered available as soon as it is ready) NOTE: + This value can be overridden while defining a Cluster.Topology + using this MachineDeploymentClass.' + format: int32 + type: integer + namingStrategy: + description: NamingStrategy allows changing the naming pattern + used when creating the MachineDeployment. + properties: + template: + description: 'Template defines the template to use for + generating the name of the MachineDeployment object. + If not defined, it will fallback to `{{ .cluster.name + }}-{{ .machineDeployment.topologyName }}-{{ .random + }}`. If the templated string exceeds 63 characters, + it will be trimmed to 58 characters and will get concatenated + with a random suffix of length 5. The templating mechanism + provides the following arguments: * `.cluster.name`: + The name of the cluster object. * `.random`: A random + alphanumeric string, without vowels, of length 5. + * `.machineDeployment.topologyName`: The name of the + MachineDeployment topology (Cluster.spec.topology.workers.machineDeployments[].name).' + type: string + type: object + nodeDeletionTimeout: + description: 'NodeDeletionTimeout defines how long the controller + will attempt to delete the Node that the Machine hosts + after the Machine is marked for deletion. A duration of + 0 will retry deletion indefinitely. Defaults to 10 seconds. + NOTE: This value can be overridden while defining a Cluster.Topology + using this MachineDeploymentClass.' + type: string + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time + that the controller will spend on draining a node. The + default value is 0, meaning that the node can be drained + without any time limitations. NOTE: NodeDrainTimeout is + different from `kubectl drain --timeout` NOTE: This value + can be overridden while defining a Cluster.Topology using + this MachineDeploymentClass.' + type: string + nodeVolumeDetachTimeout: + description: 'NodeVolumeDetachTimeout is the total amount + of time that the controller will spend on waiting for + all volumes to be detached. The default value is 0, meaning + that the volumes can be detached without any time limitations. + NOTE: This value can be overridden while defining a Cluster.Topology + using this MachineDeploymentClass.' + type: string + strategy: + description: 'The deployment strategy to use to replace + existing machines with new ones. NOTE: This value can + be overridden while defining a Cluster.Topology using + this MachineDeploymentClass.' + properties: + rollingUpdate: + description: Rolling update config params. Present only + if MachineDeploymentStrategyType = RollingUpdate. + properties: + deletePolicy: + description: DeletePolicy defines the policy used + by the MachineDeployment to identify nodes to + delete when downscaling. Valid values are "Random, + "Newest", "Oldest" When no value is supplied, + the default DeletePolicy of MachineSet is used + enum: + - Random + - Newest + - Oldest + type: string + maxSurge: + anyOf: + - type: integer + - type: string + description: 'The maximum number of machines that + can be scheduled above the desired number of machines. + Value can be an absolute number (ex: 5) or a percentage + of desired machines (ex: 10%). This can not be + 0 if MaxUnavailable is 0. Absolute number is calculated + from percentage by rounding up. Defaults to 1. + Example: when this is set to 30%, the new MachineSet + can be scaled up immediately when the rolling + update starts, such that the total number of old + and new machines do not exceed 130% of desired + machines. Once old machines have been killed, + new MachineSet can be scaled up further, ensuring + that total number of machines running at any time + during the update is at most 130% of desired machines.' + x-kubernetes-int-or-string: true + maxUnavailable: + anyOf: + - type: integer + - type: string + description: 'The maximum number of machines that + can be unavailable during the update. Value can + be an absolute number (ex: 5) or a percentage + of desired machines (ex: 10%). Absolute number + is calculated from percentage by rounding down. + This can not be 0 if MaxSurge is 0. Defaults to + 0. Example: when this is set to 30%, the old MachineSet + can be scaled down to 70% of desired machines + immediately when the rolling update starts. Once + new machines are ready, old MachineSet can be + scaled down further, followed by scaling up the + new MachineSet, ensuring that the total number + of machines available at all times during the + update is at least 70% of desired machines.' + x-kubernetes-int-or-string: true + type: object + type: + description: Type of deployment. Allowed values are + RollingUpdate and OnDelete. The default is RollingUpdate. + enum: + - RollingUpdate + - OnDelete + type: string + type: object + template: + description: Template is a local struct containing a collection + of templates for creation of MachineDeployment objects + representing a set of worker nodes. + properties: + bootstrap: + description: Bootstrap contains the bootstrap template + reference to be used for the creation of worker Machines. + properties: + ref: + description: Ref is a required reference to a custom + resource offered by a provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an + object instead of an entire object, this string + should contain a valid JSON/Go field access + statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to + a container within a pod, this would take + on a value like: "spec.containers{name}" (where + "name" refers to the name of the container + that triggered the event) or if no container + name is specified "spec.containers[2]" (container + with index 2 in this pod). This syntax is + chosen only to have some well-defined way + of referencing a part of an object. TODO: + this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which + this reference is made, if any. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - ref + type: object + infrastructure: + description: Infrastructure contains the infrastructure + template reference to be used for the creation of + worker Machines. + properties: + ref: + description: Ref is a required reference to a custom + resource offered by a provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an + object instead of an entire object, this string + should contain a valid JSON/Go field access + statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to + a container within a pod, this would take + on a value like: "spec.containers{name}" (where + "name" refers to the name of the container + that triggered the event) or if no container + name is specified "spec.containers[2]" (container + with index 2 in this pod). This syntax is + chosen only to have some well-defined way + of referencing a part of an object. TODO: + this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which + this reference is made, if any. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - ref + type: object + metadata: + description: Metadata is the metadata applied to the + MachineDeployment and the machines of the MachineDeployment. + At runtime this metadata is merged with the corresponding + metadata from the topology. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key + value map stored with a resource that may be set + by external tools to store and retrieve arbitrary + metadata. They are not queryable and should be + preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that + can be used to organize and categorize (scope + and select) objects. May match selectors of replication + controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + required: + - bootstrap + - infrastructure + type: object + required: + - class + - template + type: object + type: array + machinePools: + description: MachinePools is a list of machine pool classes that + can be used to create a set of worker nodes. + items: + description: MachinePoolClass serves as a template to define + a pool of worker nodes of the cluster provisioned using `ClusterClass`. + properties: + class: + description: Class denotes a type of machine pool present + in the cluster, this name MUST be unique within a ClusterClass + and can be referenced in the Cluster to create a managed + MachinePool. + type: string + failureDomains: + description: 'FailureDomains is the list of failure domains + the MachinePool should be attached to. Must match a key + in the FailureDomains map stored on the cluster object. + NOTE: This value can be overridden while defining a Cluster.Topology + using this MachinePoolClass.' + items: + type: string + type: array + minReadySeconds: + description: 'Minimum number of seconds for which a newly + created machine pool should be ready. Defaults to 0 (machine + will be considered available as soon as it is ready) NOTE: + This value can be overridden while defining a Cluster.Topology + using this MachinePoolClass.' + format: int32 + type: integer + namingStrategy: + description: NamingStrategy allows changing the naming pattern + used when creating the MachinePool. + properties: + template: + description: 'Template defines the template to use for + generating the name of the MachinePool object. If + not defined, it will fallback to `{{ .cluster.name + }}-{{ .machinePool.topologyName }}-{{ .random }}`. + If the templated string exceeds 63 characters, it + will be trimmed to 58 characters and will get concatenated + with a random suffix of length 5. The templating mechanism + provides the following arguments: * `.cluster.name`: + The name of the cluster object. * `.random`: A random + alphanumeric string, without vowels, of length 5. + * `.machinePool.topologyName`: The name of the MachinePool + topology (Cluster.spec.topology.workers.machinePools[].name).' + type: string + type: object + nodeDeletionTimeout: + description: 'NodeDeletionTimeout defines how long the controller + will attempt to delete the Node that the Machine hosts + after the Machine Pool is marked for deletion. A duration + of 0 will retry deletion indefinitely. Defaults to 10 + seconds. NOTE: This value can be overridden while defining + a Cluster.Topology using this MachinePoolClass.' + type: string + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time + that the controller will spend on draining a node. The + default value is 0, meaning that the node can be drained + without any time limitations. NOTE: NodeDrainTimeout is + different from `kubectl drain --timeout` NOTE: This value + can be overridden while defining a Cluster.Topology using + this MachinePoolClass.' + type: string + nodeVolumeDetachTimeout: + description: 'NodeVolumeDetachTimeout is the total amount + of time that the controller will spend on waiting for + all volumes to be detached. The default value is 0, meaning + that the volumes can be detached without any time limitations. + NOTE: This value can be overridden while defining a Cluster.Topology + using this MachinePoolClass.' + type: string + template: + description: Template is a local struct containing a collection + of templates for creation of MachinePools objects representing + a pool of worker nodes. + properties: + bootstrap: + description: Bootstrap contains the bootstrap template + reference to be used for the creation of the Machines + in the MachinePool. + properties: + ref: + description: Ref is a required reference to a custom + resource offered by a provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an + object instead of an entire object, this string + should contain a valid JSON/Go field access + statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to + a container within a pod, this would take + on a value like: "spec.containers{name}" (where + "name" refers to the name of the container + that triggered the event) or if no container + name is specified "spec.containers[2]" (container + with index 2 in this pod). This syntax is + chosen only to have some well-defined way + of referencing a part of an object. TODO: + this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which + this reference is made, if any. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - ref + type: object + infrastructure: + description: Infrastructure contains the infrastructure + template reference to be used for the creation of + the MachinePool. + properties: + ref: + description: Ref is a required reference to a custom + resource offered by a provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an + object instead of an entire object, this string + should contain a valid JSON/Go field access + statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to + a container within a pod, this would take + on a value like: "spec.containers{name}" (where + "name" refers to the name of the container + that triggered the event) or if no container + name is specified "spec.containers[2]" (container + with index 2 in this pod). This syntax is + chosen only to have some well-defined way + of referencing a part of an object. TODO: + this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which + this reference is made, if any. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - ref + type: object + metadata: + description: Metadata is the metadata applied to the + MachinePool. At runtime this metadata is merged with + the corresponding metadata from the topology. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key + value map stored with a resource that may be set + by external tools to store and retrieve arbitrary + metadata. They are not queryable and should be + preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that + can be used to organize and categorize (scope + and select) objects. May match selectors of replication + controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + required: + - bootstrap + - infrastructure + type: object + required: + - class + - template + type: object + type: array + type: object + type: object + status: + description: ClusterClassStatus defines the observed state of the ClusterClass. + properties: + conditions: + description: Conditions defines current observed state of the ClusterClass. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + observedGeneration: + description: ObservedGeneration is the latest generation observed + by the controller. + format: int64 + type: integer + variables: + description: Variables is a list of ClusterClassStatusVariable that + are defined for the ClusterClass. + items: + description: ClusterClassStatusVariable defines a variable which + appears in the status of a ClusterClass. + properties: + definitions: + description: Definitions is a list of definitions for a variable. + items: + description: ClusterClassStatusVariableDefinition defines + a variable which appears in the status of a ClusterClass. + properties: + from: + description: From specifies the origin of the variable + definition. This will be `inline` for variables defined + in the ClusterClass or the name of a patch defined in + the ClusterClass for variables discovered from a DiscoverVariables + runtime extensions. + type: string + required: + description: 'Required specifies if the variable is required. + Note: this applies to the variable as a whole and thus + the top-level object defined in the schema. If nested + fields are required, this will be specified inside the + schema.' + type: boolean + schema: + description: Schema defines the schema of the variable. + properties: + openAPIV3Schema: + description: OpenAPIV3Schema defines the schema of + a variable via OpenAPI v3 schema. The schema is + a subset of the schema used in Kubernetes CRDs. + properties: + additionalProperties: + description: 'AdditionalProperties specifies the + schema of values in a map (keys are always strings). + NOTE: Can only be set if type is object. NOTE: + AdditionalProperties is mutually exclusive with + Properties. NOTE: This field uses PreserveUnknownFields + and Schemaless, because recursive validation + is not possible.' + x-kubernetes-preserve-unknown-fields: true + default: + description: 'Default is the default value of + the variable. NOTE: Can be set for all types.' + x-kubernetes-preserve-unknown-fields: true + description: + description: Description is a human-readable description + of this variable. + type: string + enum: + description: 'Enum is the list of valid values + of the variable. NOTE: Can be set for all types.' + items: + x-kubernetes-preserve-unknown-fields: true + type: array + example: + description: Example is an example for this variable. + x-kubernetes-preserve-unknown-fields: true + exclusiveMaximum: + description: 'ExclusiveMaximum specifies if the + Maximum is exclusive. NOTE: Can only be set + if type is integer or number.' + type: boolean + exclusiveMinimum: + description: 'ExclusiveMinimum specifies if the + Minimum is exclusive. NOTE: Can only be set + if type is integer or number.' + type: boolean + format: + description: 'Format is an OpenAPI v3 format string. + Unknown formats are ignored. For a list of supported + formats please see: (of the k8s.io/apiextensions-apiserver + version we''re currently using) https://github.com/kubernetes/apiextensions-apiserver/blob/master/pkg/apiserver/validation/formats.go + NOTE: Can only be set if type is string.' + type: string + items: + description: 'Items specifies fields of an array. + NOTE: Can only be set if type is array. NOTE: + This field uses PreserveUnknownFields and Schemaless, + because recursive validation is not possible.' + x-kubernetes-preserve-unknown-fields: true + maxItems: + description: 'MaxItems is the max length of an + array variable. NOTE: Can only be set if type + is array.' + format: int64 + type: integer + maxLength: + description: 'MaxLength is the max length of a + string variable. NOTE: Can only be set if type + is string.' + format: int64 + type: integer + maximum: + description: 'Maximum is the maximum of an integer + or number variable. If ExclusiveMaximum is false, + the variable is valid if it is lower than, or + equal to, the value of Maximum. If ExclusiveMaximum + is true, the variable is valid if it is strictly + lower than the value of Maximum. NOTE: Can only + be set if type is integer or number.' + format: int64 + type: integer + minItems: + description: 'MinItems is the min length of an + array variable. NOTE: Can only be set if type + is array.' + format: int64 + type: integer + minLength: + description: 'MinLength is the min length of a + string variable. NOTE: Can only be set if type + is string.' + format: int64 + type: integer + minimum: + description: 'Minimum is the minimum of an integer + or number variable. If ExclusiveMinimum is false, + the variable is valid if it is greater than, + or equal to, the value of Minimum. If ExclusiveMinimum + is true, the variable is valid if it is strictly + greater than the value of Minimum. NOTE: Can + only be set if type is integer or number.' + format: int64 + type: integer + pattern: + description: 'Pattern is the regex which a string + variable must match. NOTE: Can only be set if + type is string.' + type: string + properties: + description: 'Properties specifies fields of an + object. NOTE: Can only be set if type is object. + NOTE: Properties is mutually exclusive with + AdditionalProperties. NOTE: This field uses + PreserveUnknownFields and Schemaless, because + recursive validation is not possible.' + x-kubernetes-preserve-unknown-fields: true + required: + description: 'Required specifies which fields + of an object are required. NOTE: Can only be + set if type is object.' + items: + type: string + type: array + type: + description: 'Type is the type of the variable. + Valid values are: object, array, string, integer, + number or boolean.' + type: string + uniqueItems: + description: 'UniqueItems specifies if items in + an array must be unique. NOTE: Can only be set + if type is array.' + type: boolean + x-kubernetes-preserve-unknown-fields: + description: XPreserveUnknownFields allows setting + fields in a variable object which are not defined + in the variable schema. This affects fields + recursively, except if nested properties or + additionalProperties are specified in the schema. + type: boolean + required: + - type + type: object + required: + - openAPIV3Schema + type: object + required: + - from + - required + - schema + type: object + type: array + definitionsConflict: + description: DefinitionsConflict specifies whether or not there + are conflicting definitions for a single variable name. + type: boolean + name: + description: Name is the name of the variable. + type: string + required: + - definitions + - name + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: capi-system/capi-serving-cert + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: cluster-api + clusterctl.cluster.x-k8s.io: "" + name: clusterresourcesetbindings.addons.cluster.x-k8s.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + caBundle: Cg== + service: + name: capi-webhook-service + namespace: capi-system + path: /convert + conversionReviewVersions: + - v1 + - v1beta1 + group: addons.cluster.x-k8s.io + names: + categories: + - cluster-api + kind: ClusterResourceSetBinding + listKind: ClusterResourceSetBindingList + plural: clusterresourcesetbindings + singular: clusterresourcesetbinding + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Time duration since creation of ClusterResourceSetBinding + jsonPath: .metadata.creationTimestamp + name: Age + type: date + deprecated: true + name: v1alpha4 + schema: + openAPIV3Schema: + description: "ClusterResourceSetBinding lists all matching ClusterResourceSets + with the cluster it belongs to. \n Deprecated: This type will be removed + in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ClusterResourceSetBindingSpec defines the desired state of + ClusterResourceSetBinding. + properties: + bindings: + description: Bindings is a list of ClusterResourceSets and their resources. + items: + description: ResourceSetBinding keeps info on all of the resources + in a ClusterResourceSet. + properties: + clusterResourceSetName: + description: ClusterResourceSetName is the name of the ClusterResourceSet + that is applied to the owner cluster of the binding. + type: string + resources: + description: Resources is a list of resources that the ClusterResourceSet + has. + items: + description: ResourceBinding shows the status of a resource + that belongs to a ClusterResourceSet matched by the owner + cluster of the ClusterResourceSetBinding object. + properties: + applied: + description: Applied is to track if a resource is applied + to the cluster or not. + type: boolean + hash: + description: Hash is the hash of a resource's data. This + can be used to decide if a resource is changed. For + "ApplyOnce" ClusterResourceSet.spec.strategy, this is + no-op as that strategy does not act on change. + type: string + kind: + description: 'Kind of the resource. Supported kinds are: + Secrets and ConfigMaps.' + enum: + - Secret + - ConfigMap + type: string + lastAppliedTime: + description: LastAppliedTime identifies when this resource + was last applied to the cluster. + format: date-time + type: string + name: + description: Name of the resource that is in the same + namespace with ClusterResourceSet object. + minLength: 1 + type: string + required: + - applied + - kind + - name + type: object + type: array + required: + - clusterResourceSetName + type: object + type: array + type: object + type: object + served: false + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Time duration since creation of ClusterResourceSetBinding + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: ClusterResourceSetBinding lists all matching ClusterResourceSets + with the cluster it belongs to. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ClusterResourceSetBindingSpec defines the desired state of + ClusterResourceSetBinding. + properties: + bindings: + description: Bindings is a list of ClusterResourceSets and their resources. + items: + description: ResourceSetBinding keeps info on all of the resources + in a ClusterResourceSet. + properties: + clusterResourceSetName: + description: ClusterResourceSetName is the name of the ClusterResourceSet + that is applied to the owner cluster of the binding. + type: string + resources: + description: Resources is a list of resources that the ClusterResourceSet + has. + items: + description: ResourceBinding shows the status of a resource + that belongs to a ClusterResourceSet matched by the owner + cluster of the ClusterResourceSetBinding object. + properties: + applied: + description: Applied is to track if a resource is applied + to the cluster or not. + type: boolean + hash: + description: Hash is the hash of a resource's data. This + can be used to decide if a resource is changed. For + "ApplyOnce" ClusterResourceSet.spec.strategy, this is + no-op as that strategy does not act on change. + type: string + kind: + description: 'Kind of the resource. Supported kinds are: + Secrets and ConfigMaps.' + enum: + - Secret + - ConfigMap + type: string + lastAppliedTime: + description: LastAppliedTime identifies when this resource + was last applied to the cluster. + format: date-time + type: string + name: + description: Name of the resource that is in the same + namespace with ClusterResourceSet object. + minLength: 1 + type: string + required: + - applied + - kind + - name + type: object + type: array + required: + - clusterResourceSetName + type: object + type: array + clusterName: + description: 'ClusterName is the name of the Cluster this binding + applies to. Note: this field mandatory in v1beta2.' + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: capi-system/capi-serving-cert + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: cluster-api + clusterctl.cluster.x-k8s.io: "" + name: clusterresourcesets.addons.cluster.x-k8s.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + caBundle: Cg== + service: + name: capi-webhook-service + namespace: capi-system + path: /convert + conversionReviewVersions: + - v1 + - v1beta1 + group: addons.cluster.x-k8s.io + names: + categories: + - cluster-api + kind: ClusterResourceSet + listKind: ClusterResourceSetList + plural: clusterresourcesets + singular: clusterresourceset + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Time duration since creation of ClusterResourceSet + jsonPath: .metadata.creationTimestamp + name: Age + type: date + deprecated: true + name: v1alpha4 + schema: + openAPIV3Schema: + description: "ClusterResourceSet is the Schema for the clusterresourcesets + API. \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ClusterResourceSetSpec defines the desired state of ClusterResourceSet. + properties: + clusterSelector: + description: Label selector for Clusters. The Clusters that are selected + by this will be the ones affected by this ClusterResourceSet. It + must match the Cluster labels. This field is immutable. Label selector + cannot be empty. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + resources: + description: Resources is a list of Secrets/ConfigMaps where each + contains 1 or more resources to be applied to remote clusters. + items: + description: ResourceRef specifies a resource. + properties: + kind: + description: 'Kind of the resource. Supported kinds are: Secrets + and ConfigMaps.' + enum: + - Secret + - ConfigMap + type: string + name: + description: Name of the resource that is in the same namespace + with ClusterResourceSet object. + minLength: 1 + type: string + required: + - kind + - name + type: object + type: array + strategy: + description: Strategy is the strategy to be used during applying resources. + Defaults to ApplyOnce. This field is immutable. + enum: + - ApplyOnce + type: string + required: + - clusterSelector + type: object + status: + description: ClusterResourceSetStatus defines the observed state of ClusterResourceSet. + properties: + conditions: + description: Conditions defines current state of the ClusterResourceSet. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - status + - type + type: object + type: array + observedGeneration: + description: ObservedGeneration reflects the generation of the most + recently observed ClusterResourceSet. + format: int64 + type: integer + type: object + type: object + served: false + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Time duration since creation of ClusterResourceSet + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: ClusterResourceSet is the Schema for the clusterresourcesets + API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ClusterResourceSetSpec defines the desired state of ClusterResourceSet. + properties: + clusterSelector: + description: Label selector for Clusters. The Clusters that are selected + by this will be the ones affected by this ClusterResourceSet. It + must match the Cluster labels. This field is immutable. Label selector + cannot be empty. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + resources: + description: Resources is a list of Secrets/ConfigMaps where each + contains 1 or more resources to be applied to remote clusters. + items: + description: ResourceRef specifies a resource. + properties: + kind: + description: 'Kind of the resource. Supported kinds are: Secrets + and ConfigMaps.' + enum: + - Secret + - ConfigMap + type: string + name: + description: Name of the resource that is in the same namespace + with ClusterResourceSet object. + minLength: 1 + type: string + required: + - kind + - name + type: object + type: array + strategy: + description: Strategy is the strategy to be used during applying resources. + Defaults to ApplyOnce. This field is immutable. + enum: + - ApplyOnce + - Reconcile + type: string + required: + - clusterSelector + type: object + status: + description: ClusterResourceSetStatus defines the observed state of ClusterResourceSet. + properties: + conditions: + description: Conditions defines current state of the ClusterResourceSet. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + observedGeneration: + description: ObservedGeneration reflects the generation of the most + recently observed ClusterResourceSet. + format: int64 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: capi-system/capi-serving-cert + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: cluster-api + clusterctl.cluster.x-k8s.io: "" + name: clusters.cluster.x-k8s.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + caBundle: Cg== + service: + name: capi-webhook-service + namespace: capi-system + path: /convert + conversionReviewVersions: + - v1 + - v1beta1 + group: cluster.x-k8s.io + names: + categories: + - cluster-api + kind: Cluster + listKind: ClusterList + plural: clusters + shortNames: + - cl + singular: cluster + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Time duration since creation of Cluster + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Cluster status such as Pending/Provisioning/Provisioned/Deleting/Failed + jsonPath: .status.phase + name: Phase + type: string + deprecated: true + name: v1alpha4 + schema: + openAPIV3Schema: + description: "Cluster is the Schema for the clusters API. \n Deprecated: This + type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ClusterSpec defines the desired state of Cluster. + properties: + clusterNetwork: + description: Cluster network configuration. + properties: + apiServerPort: + description: APIServerPort specifies the port the API Server should + bind to. Defaults to 6443. + format: int32 + type: integer + pods: + description: The network ranges from which Pod networks are allocated. + properties: + cidrBlocks: + items: + type: string + type: array + required: + - cidrBlocks + type: object + serviceDomain: + description: Domain name for services. + type: string + services: + description: The network ranges from which service VIPs are allocated. + properties: + cidrBlocks: + items: + type: string + type: array + required: + - cidrBlocks + type: object + type: object + controlPlaneEndpoint: + description: ControlPlaneEndpoint represents the endpoint used to + communicate with the control plane. + properties: + host: + description: The hostname on which the API server is serving. + type: string + port: + description: The port on which the API server is serving. + format: int32 + type: integer + required: + - host + - port + type: object + controlPlaneRef: + description: ControlPlaneRef is an optional reference to a provider-specific + resource that holds the details for provisioning the Control Plane + for a Cluster. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + infrastructureRef: + description: InfrastructureRef is a reference to a provider-specific + resource that holds the details for provisioning infrastructure + for a cluster in said provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + paused: + description: Paused can be used to prevent controllers from processing + the Cluster and all its associated objects. + type: boolean + topology: + description: 'This encapsulates the topology for the cluster. NOTE: + It is required to enable the ClusterTopology feature gate flag to + activate managed topologies support; this feature is highly experimental, + and parts of it might still be not implemented.' + properties: + class: + description: The name of the ClusterClass object to create the + topology. + type: string + controlPlane: + description: ControlPlane describes the cluster control plane. + properties: + metadata: + description: "Metadata is the metadata applied to the machines + of the ControlPlane. At runtime this metadata is merged + with the corresponding metadata from the ClusterClass. \n + This field is supported if and only if the control plane + provider template referenced in the ClusterClass is Machine + based." + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value + map stored with a resource that may be set by external + tools to store and retrieve arbitrary metadata. They + are not queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + replicas: + description: Replicas is the number of control plane nodes. + If the value is nil, the ControlPlane object is created + without the number of Replicas and it's assumed that the + control plane controller does not implement support for + this field. When specified against a control plane provider + that lacks support for this field, this value will be ignored. + format: int32 + type: integer + type: object + rolloutAfter: + description: RolloutAfter performs a rollout of the entire cluster + one component at a time, control plane first and then machine + deployments. + format: date-time + type: string + version: + description: The Kubernetes version of the cluster. + type: string + workers: + description: Workers encapsulates the different constructs that + form the worker nodes for the cluster. + properties: + machineDeployments: + description: MachineDeployments is a list of machine deployments + in the cluster. + items: + description: MachineDeploymentTopology specifies the different + parameters for a set of worker nodes in the topology. + This set of nodes is managed by a MachineDeployment object + whose lifecycle is managed by the Cluster controller. + properties: + class: + description: Class is the name of the MachineDeploymentClass + used to create the set of worker nodes. This should + match one of the deployment classes defined in the + ClusterClass object mentioned in the `Cluster.Spec.Class` + field. + type: string + metadata: + description: Metadata is the metadata applied to the + machines of the MachineDeployment. At runtime this + metadata is merged with the corresponding metadata + from the ClusterClass. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key + value map stored with a resource that may be set + by external tools to store and retrieve arbitrary + metadata. They are not queryable and should be + preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that + can be used to organize and categorize (scope + and select) objects. May match selectors of replication + controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + name: + description: Name is the unique identifier for this + MachineDeploymentTopology. The value is used with + other unique identifiers to create a MachineDeployment's + Name (e.g. cluster's name, etc). In case the name + is greater than the allowed maximum length, the values + are hashed together. + type: string + replicas: + description: Replicas is the number of worker nodes + belonging to this set. If the value is nil, the MachineDeployment + is created without the number of Replicas (defaulting + to zero) and it's assumed that an external entity + (like cluster autoscaler) is responsible for the management + of this value. + format: int32 + type: integer + required: + - class + - name + type: object + type: array + type: object + required: + - class + - version + type: object + type: object + status: + description: ClusterStatus defines the observed state of Cluster. + properties: + conditions: + description: Conditions defines current service state of the cluster. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - status + - type + type: object + type: array + controlPlaneReady: + description: ControlPlaneReady defines if the control plane is ready. + type: boolean + failureDomains: + additionalProperties: + description: FailureDomainSpec is the Schema for Cluster API failure + domains. It allows controllers to understand how many failure + domains a cluster can optionally span across. + properties: + attributes: + additionalProperties: + type: string + description: Attributes is a free form map of attributes an + infrastructure provider might use or require. + type: object + controlPlane: + description: ControlPlane determines if this failure domain + is suitable for use by control plane machines. + type: boolean + type: object + description: FailureDomains is a slice of failure domain objects synced + from the infrastructure provider. + type: object + failureMessage: + description: FailureMessage indicates that there is a fatal problem + reconciling the state, and will be set to a descriptive error message. + type: string + failureReason: + description: FailureReason indicates that there is a fatal problem + reconciling the state, and will be set to a token value suitable + for programmatic interpretation. + type: string + infrastructureReady: + description: InfrastructureReady is the state of the infrastructure + provider. + type: boolean + observedGeneration: + description: ObservedGeneration is the latest generation observed + by the controller. + format: int64 + type: integer + phase: + description: Phase represents the current phase of cluster actuation. + E.g. Pending, Running, Terminating, Failed etc. + type: string + type: object + type: object + served: false + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: ClusterClass of this Cluster, empty if the Cluster is not using + a ClusterClass + jsonPath: .spec.topology.class + name: ClusterClass + type: string + - description: Cluster status such as Pending/Provisioning/Provisioned/Deleting/Failed + jsonPath: .status.phase + name: Phase + type: string + - description: Time duration since creation of Cluster + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Kubernetes version associated with this Cluster + jsonPath: .spec.topology.version + name: Version + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: Cluster is the Schema for the clusters API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ClusterSpec defines the desired state of Cluster. + properties: + clusterNetwork: + description: Cluster network configuration. + properties: + apiServerPort: + description: APIServerPort specifies the port the API Server should + bind to. Defaults to 6443. + format: int32 + type: integer + pods: + description: The network ranges from which Pod networks are allocated. + properties: + cidrBlocks: + items: + type: string + type: array + required: + - cidrBlocks + type: object + serviceDomain: + description: Domain name for services. + type: string + services: + description: The network ranges from which service VIPs are allocated. + properties: + cidrBlocks: + items: + type: string + type: array + required: + - cidrBlocks + type: object + type: object + controlPlaneEndpoint: + description: ControlPlaneEndpoint represents the endpoint used to + communicate with the control plane. + properties: + host: + description: The hostname on which the API server is serving. + type: string + port: + description: The port on which the API server is serving. + format: int32 + type: integer + required: + - host + - port + type: object + controlPlaneRef: + description: ControlPlaneRef is an optional reference to a provider-specific + resource that holds the details for provisioning the Control Plane + for a Cluster. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + infrastructureRef: + description: InfrastructureRef is a reference to a provider-specific + resource that holds the details for provisioning infrastructure + for a cluster in said provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + paused: + description: Paused can be used to prevent controllers from processing + the Cluster and all its associated objects. + type: boolean + topology: + description: 'This encapsulates the topology for the cluster. NOTE: + It is required to enable the ClusterTopology feature gate flag to + activate managed topologies support; this feature is highly experimental, + and parts of it might still be not implemented.' + properties: + class: + description: The name of the ClusterClass object to create the + topology. + type: string + controlPlane: + description: ControlPlane describes the cluster control plane. + properties: + machineHealthCheck: + description: MachineHealthCheck allows to enable, disable + and override the MachineHealthCheck configuration in the + ClusterClass for this control plane. + properties: + enable: + description: "Enable controls if a MachineHealthCheck + should be created for the target machines. \n If false: + No MachineHealthCheck will be created. \n If not set(default): + A MachineHealthCheck will be created if it is defined + here or in the associated ClusterClass. If no MachineHealthCheck + is defined then none will be created. \n If true: A + MachineHealthCheck is guaranteed to be created. Cluster + validation will block if `enable` is true and no MachineHealthCheck + definition is available." + type: boolean + maxUnhealthy: + anyOf: + - type: integer + - type: string + description: Any further remediation is only allowed if + at most "MaxUnhealthy" machines selected by "selector" + are not healthy. + x-kubernetes-int-or-string: true + nodeStartupTimeout: + description: Machines older than this duration without + a node will be considered to have failed and will be + remediated. If you wish to disable this feature, set + the value explicitly to 0. + type: string + remediationTemplate: + description: "RemediationTemplate is a reference to a + remediation template provided by an infrastructure provider. + \n This field is completely optional, when filled, the + MachineHealthCheck controller creates a new object from + the template referenced and hands off remediation of + the machine to a controller that lives outside of Cluster + API." + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only + to have some well-defined way of referencing a part + of an object. TODO: this design is not final and + this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + unhealthyConditions: + description: UnhealthyConditions contains a list of the + conditions that determine whether a node is considered + unhealthy. The conditions are combined in a logical + OR, i.e. if any of the conditions is met, the node is + unhealthy. + items: + description: UnhealthyCondition represents a Node condition + type and value with a timeout specified as a duration. When + the named condition has been in the given status for + at least the timeout value, a node is considered unhealthy. + properties: + status: + minLength: 1 + type: string + timeout: + type: string + type: + minLength: 1 + type: string + required: + - status + - timeout + - type + type: object + type: array + unhealthyRange: + description: 'Any further remediation is only allowed + if the number of machines selected by "selector" as + not healthy is within the range of "UnhealthyRange". + Takes precedence over MaxUnhealthy. Eg. "[3-5]" - This + means that remediation will be allowed only when: (a) + there are at least 3 unhealthy machines (and) (b) there + are at most 5 unhealthy machines' + pattern: ^\[[0-9]+-[0-9]+\]$ + type: string + type: object + metadata: + description: Metadata is the metadata applied to the ControlPlane + and the Machines of the ControlPlane if the ControlPlaneTemplate + referenced by the ClusterClass is machine based. If not, + it is applied only to the ControlPlane. At runtime this + metadata is merged with the corresponding metadata from + the ClusterClass. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value + map stored with a resource that may be set by external + tools to store and retrieve arbitrary metadata. They + are not queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be + used to organize and categorize (scope and select) objects. + May match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + nodeDeletionTimeout: + description: NodeDeletionTimeout defines how long the controller + will attempt to delete the Node that the Machine hosts after + the Machine is marked for deletion. A duration of 0 will + retry deletion indefinitely. Defaults to 10 seconds. + type: string + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time + that the controller will spend on draining a node. The default + value is 0, meaning that the node can be drained without + any time limitations. NOTE: NodeDrainTimeout is different + from `kubectl drain --timeout`' + type: string + nodeVolumeDetachTimeout: + description: NodeVolumeDetachTimeout is the total amount of + time that the controller will spend on waiting for all volumes + to be detached. The default value is 0, meaning that the + volumes can be detached without any time limitations. + type: string + replicas: + description: Replicas is the number of control plane nodes. + If the value is nil, the ControlPlane object is created + without the number of Replicas and it's assumed that the + control plane controller does not implement support for + this field. When specified against a control plane provider + that lacks support for this field, this value will be ignored. + format: int32 + type: integer + type: object + rolloutAfter: + description: "RolloutAfter performs a rollout of the entire cluster + one component at a time, control plane first and then machine + deployments. \n Deprecated: This field has no function and is + going to be removed in the next apiVersion." + format: date-time + type: string + variables: + description: Variables can be used to customize the Cluster through + patches. They must comply to the corresponding VariableClasses + defined in the ClusterClass. + items: + description: ClusterVariable can be used to customize the Cluster + through patches. Each ClusterVariable is associated with a + Variable definition in the ClusterClass `status` variables. + properties: + definitionFrom: + description: 'DefinitionFrom specifies where the definition + of this Variable is from. DefinitionFrom is `inline` when + the definition is from the ClusterClass `.spec.variables` + or the name of a patch defined in the ClusterClass `.spec.patches` + where the patch is external and provides external variables. + This field is mandatory if the variable has `DefinitionsConflict: + true` in ClusterClass `status.variables[]`' + type: string + name: + description: Name of the variable. + type: string + value: + description: 'Value of the variable. Note: the value will + be validated against the schema of the corresponding ClusterClassVariable + from the ClusterClass. Note: We have to use apiextensionsv1.JSON + instead of a custom JSON type, because controller-tools + has a hard-coded schema for apiextensionsv1.JSON which + cannot be produced by another type via controller-tools, + i.e. it is not possible to have no type field. Ref: https://github.com/kubernetes-sigs/controller-tools/blob/d0e03a142d0ecdd5491593e941ee1d6b5d91dba6/pkg/crd/known_types.go#L106-L111' + x-kubernetes-preserve-unknown-fields: true + required: + - name + - value + type: object + type: array + version: + description: The Kubernetes version of the cluster. + type: string + workers: + description: Workers encapsulates the different constructs that + form the worker nodes for the cluster. + properties: + machineDeployments: + description: MachineDeployments is a list of machine deployments + in the cluster. + items: + description: MachineDeploymentTopology specifies the different + parameters for a set of worker nodes in the topology. + This set of nodes is managed by a MachineDeployment object + whose lifecycle is managed by the Cluster controller. + properties: + class: + description: Class is the name of the MachineDeploymentClass + used to create the set of worker nodes. This should + match one of the deployment classes defined in the + ClusterClass object mentioned in the `Cluster.Spec.Class` + field. + type: string + failureDomain: + description: FailureDomain is the failure domain the + machines will be created in. Must match a key in the + FailureDomains map stored on the cluster object. + type: string + machineHealthCheck: + description: MachineHealthCheck allows to enable, disable + and override the MachineHealthCheck configuration + in the ClusterClass for this MachineDeployment. + properties: + enable: + description: "Enable controls if a MachineHealthCheck + should be created for the target machines. \n + If false: No MachineHealthCheck will be created. + \n If not set(default): A MachineHealthCheck will + be created if it is defined here or in the associated + ClusterClass. If no MachineHealthCheck is defined + then none will be created. \n If true: A MachineHealthCheck + is guaranteed to be created. Cluster validation + will block if `enable` is true and no MachineHealthCheck + definition is available." + type: boolean + maxUnhealthy: + anyOf: + - type: integer + - type: string + description: Any further remediation is only allowed + if at most "MaxUnhealthy" machines selected by + "selector" are not healthy. + x-kubernetes-int-or-string: true + nodeStartupTimeout: + description: Machines older than this duration without + a node will be considered to have failed and will + be remediated. If you wish to disable this feature, + set the value explicitly to 0. + type: string + remediationTemplate: + description: "RemediationTemplate is a reference + to a remediation template provided by an infrastructure + provider. \n This field is completely optional, + when filled, the MachineHealthCheck controller + creates a new object from the template referenced + and hands off remediation of the machine to a + controller that lives outside of Cluster API." + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an + object instead of an entire object, this string + should contain a valid JSON/Go field access + statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to + a container within a pod, this would take + on a value like: "spec.containers{name}" (where + "name" refers to the name of the container + that triggered the event) or if no container + name is specified "spec.containers[2]" (container + with index 2 in this pod). This syntax is + chosen only to have some well-defined way + of referencing a part of an object. TODO: + this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which + this reference is made, if any. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + unhealthyConditions: + description: UnhealthyConditions contains a list + of the conditions that determine whether a node + is considered unhealthy. The conditions are combined + in a logical OR, i.e. if any of the conditions + is met, the node is unhealthy. + items: + description: UnhealthyCondition represents a Node + condition type and value with a timeout specified + as a duration. When the named condition has + been in the given status for at least the timeout + value, a node is considered unhealthy. + properties: + status: + minLength: 1 + type: string + timeout: + type: string + type: + minLength: 1 + type: string + required: + - status + - timeout + - type + type: object + type: array + unhealthyRange: + description: 'Any further remediation is only allowed + if the number of machines selected by "selector" + as not healthy is within the range of "UnhealthyRange". + Takes precedence over MaxUnhealthy. Eg. "[3-5]" + - This means that remediation will be allowed + only when: (a) there are at least 3 unhealthy + machines (and) (b) there are at most 5 unhealthy + machines' + pattern: ^\[[0-9]+-[0-9]+\]$ + type: string + type: object + metadata: + description: Metadata is the metadata applied to the + MachineDeployment and the machines of the MachineDeployment. + At runtime this metadata is merged with the corresponding + metadata from the ClusterClass. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key + value map stored with a resource that may be set + by external tools to store and retrieve arbitrary + metadata. They are not queryable and should be + preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that + can be used to organize and categorize (scope + and select) objects. May match selectors of replication + controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + minReadySeconds: + description: Minimum number of seconds for which a newly + created machine should be ready. Defaults to 0 (machine + will be considered available as soon as it is ready) + format: int32 + type: integer + name: + description: Name is the unique identifier for this + MachineDeploymentTopology. The value is used with + other unique identifiers to create a MachineDeployment's + Name (e.g. cluster's name, etc). In case the name + is greater than the allowed maximum length, the values + are hashed together. + type: string + nodeDeletionTimeout: + description: NodeDeletionTimeout defines how long the + controller will attempt to delete the Node that the + Machine hosts after the Machine is marked for deletion. + A duration of 0 will retry deletion indefinitely. + Defaults to 10 seconds. + type: string + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of + time that the controller will spend on draining a + node. The default value is 0, meaning that the node + can be drained without any time limitations. NOTE: + NodeDrainTimeout is different from `kubectl drain + --timeout`' + type: string + nodeVolumeDetachTimeout: + description: NodeVolumeDetachTimeout is the total amount + of time that the controller will spend on waiting + for all volumes to be detached. The default value + is 0, meaning that the volumes can be detached without + any time limitations. + type: string + replicas: + description: Replicas is the number of worker nodes + belonging to this set. If the value is nil, the MachineDeployment + is created without the number of Replicas (defaulting + to 1) and it's assumed that an external entity (like + cluster autoscaler) is responsible for the management + of this value. + format: int32 + type: integer + strategy: + description: The deployment strategy to use to replace + existing machines with new ones. + properties: + rollingUpdate: + description: Rolling update config params. Present + only if MachineDeploymentStrategyType = RollingUpdate. + properties: + deletePolicy: + description: DeletePolicy defines the policy + used by the MachineDeployment to identify + nodes to delete when downscaling. Valid values + are "Random, "Newest", "Oldest" When no value + is supplied, the default DeletePolicy of MachineSet + is used + enum: + - Random + - Newest + - Oldest + type: string + maxSurge: + anyOf: + - type: integer + - type: string + description: 'The maximum number of machines + that can be scheduled above the desired number + of machines. Value can be an absolute number + (ex: 5) or a percentage of desired machines + (ex: 10%). This can not be 0 if MaxUnavailable + is 0. Absolute number is calculated from percentage + by rounding up. Defaults to 1. Example: when + this is set to 30%, the new MachineSet can + be scaled up immediately when the rolling + update starts, such that the total number + of old and new machines do not exceed 130% + of desired machines. Once old machines have + been killed, new MachineSet can be scaled + up further, ensuring that total number of + machines running at any time during the update + is at most 130% of desired machines.' + x-kubernetes-int-or-string: true + maxUnavailable: + anyOf: + - type: integer + - type: string + description: 'The maximum number of machines + that can be unavailable during the update. + Value can be an absolute number (ex: 5) or + a percentage of desired machines (ex: 10%). + Absolute number is calculated from percentage + by rounding down. This can not be 0 if MaxSurge + is 0. Defaults to 0. Example: when this is + set to 30%, the old MachineSet can be scaled + down to 70% of desired machines immediately + when the rolling update starts. Once new machines + are ready, old MachineSet can be scaled down + further, followed by scaling up the new MachineSet, + ensuring that the total number of machines + available at all times during the update is + at least 70% of desired machines.' + x-kubernetes-int-or-string: true + type: object + type: + description: Type of deployment. Allowed values + are RollingUpdate and OnDelete. The default is + RollingUpdate. + enum: + - RollingUpdate + - OnDelete + type: string + type: object + variables: + description: Variables can be used to customize the + MachineDeployment through patches. + properties: + overrides: + description: Overrides can be used to override Cluster + level variables. + items: + description: ClusterVariable can be used to customize + the Cluster through patches. Each ClusterVariable + is associated with a Variable definition in + the ClusterClass `status` variables. + properties: + definitionFrom: + description: 'DefinitionFrom specifies where + the definition of this Variable is from. + DefinitionFrom is `inline` when the definition + is from the ClusterClass `.spec.variables` + or the name of a patch defined in the ClusterClass + `.spec.patches` where the patch is external + and provides external variables. This field + is mandatory if the variable has `DefinitionsConflict: + true` in ClusterClass `status.variables[]`' + type: string + name: + description: Name of the variable. + type: string + value: + description: 'Value of the variable. Note: + the value will be validated against the + schema of the corresponding ClusterClassVariable + from the ClusterClass. Note: We have to + use apiextensionsv1.JSON instead of a custom + JSON type, because controller-tools has + a hard-coded schema for apiextensionsv1.JSON + which cannot be produced by another type + via controller-tools, i.e. it is not possible + to have no type field. Ref: https://github.com/kubernetes-sigs/controller-tools/blob/d0e03a142d0ecdd5491593e941ee1d6b5d91dba6/pkg/crd/known_types.go#L106-L111' + x-kubernetes-preserve-unknown-fields: true + required: + - name + - value + type: object + type: array + type: object + required: + - class + - name + type: object + type: array + machinePools: + description: MachinePools is a list of machine pools in the + cluster. + items: + description: MachinePoolTopology specifies the different + parameters for a pool of worker nodes in the topology. + This pool of nodes is managed by a MachinePool object + whose lifecycle is managed by the Cluster controller. + properties: + class: + description: Class is the name of the MachinePoolClass + used to create the pool of worker nodes. This should + match one of the deployment classes defined in the + ClusterClass object mentioned in the `Cluster.Spec.Class` + field. + type: string + failureDomains: + description: FailureDomains is the list of failure domains + the machine pool will be created in. Must match a + key in the FailureDomains map stored on the cluster + object. + items: + type: string + type: array + metadata: + description: Metadata is the metadata applied to the + MachinePool. At runtime this metadata is merged with + the corresponding metadata from the ClusterClass. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key + value map stored with a resource that may be set + by external tools to store and retrieve arbitrary + metadata. They are not queryable and should be + preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that + can be used to organize and categorize (scope + and select) objects. May match selectors of replication + controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + minReadySeconds: + description: Minimum number of seconds for which a newly + created machine pool should be ready. Defaults to + 0 (machine will be considered available as soon as + it is ready) + format: int32 + type: integer + name: + description: Name is the unique identifier for this + MachinePoolTopology. The value is used with other + unique identifiers to create a MachinePool's Name + (e.g. cluster's name, etc). In case the name is greater + than the allowed maximum length, the values are hashed + together. + type: string + nodeDeletionTimeout: + description: NodeDeletionTimeout defines how long the + controller will attempt to delete the Node that the + MachinePool hosts after the MachinePool is marked + for deletion. A duration of 0 will retry deletion + indefinitely. Defaults to 10 seconds. + type: string + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of + time that the controller will spend on draining a + node. The default value is 0, meaning that the node + can be drained without any time limitations. NOTE: + NodeDrainTimeout is different from `kubectl drain + --timeout`' + type: string + nodeVolumeDetachTimeout: + description: NodeVolumeDetachTimeout is the total amount + of time that the controller will spend on waiting + for all volumes to be detached. The default value + is 0, meaning that the volumes can be detached without + any time limitations. + type: string + replicas: + description: Replicas is the number of nodes belonging + to this pool. If the value is nil, the MachinePool + is created without the number of Replicas (defaulting + to 1) and it's assumed that an external entity (like + cluster autoscaler) is responsible for the management + of this value. + format: int32 + type: integer + variables: + description: Variables can be used to customize the + MachinePool through patches. + properties: + overrides: + description: Overrides can be used to override Cluster + level variables. + items: + description: ClusterVariable can be used to customize + the Cluster through patches. Each ClusterVariable + is associated with a Variable definition in + the ClusterClass `status` variables. + properties: + definitionFrom: + description: 'DefinitionFrom specifies where + the definition of this Variable is from. + DefinitionFrom is `inline` when the definition + is from the ClusterClass `.spec.variables` + or the name of a patch defined in the ClusterClass + `.spec.patches` where the patch is external + and provides external variables. This field + is mandatory if the variable has `DefinitionsConflict: + true` in ClusterClass `status.variables[]`' + type: string + name: + description: Name of the variable. + type: string + value: + description: 'Value of the variable. Note: + the value will be validated against the + schema of the corresponding ClusterClassVariable + from the ClusterClass. Note: We have to + use apiextensionsv1.JSON instead of a custom + JSON type, because controller-tools has + a hard-coded schema for apiextensionsv1.JSON + which cannot be produced by another type + via controller-tools, i.e. it is not possible + to have no type field. Ref: https://github.com/kubernetes-sigs/controller-tools/blob/d0e03a142d0ecdd5491593e941ee1d6b5d91dba6/pkg/crd/known_types.go#L106-L111' + x-kubernetes-preserve-unknown-fields: true + required: + - name + - value + type: object + type: array + type: object + required: + - class + - name + type: object + type: array + type: object + required: + - class + - version + type: object + type: object + status: + description: ClusterStatus defines the observed state of Cluster. + properties: + conditions: + description: Conditions defines current service state of the cluster. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + controlPlaneReady: + description: ControlPlaneReady defines if the control plane is ready. + type: boolean + failureDomains: + additionalProperties: + description: FailureDomainSpec is the Schema for Cluster API failure + domains. It allows controllers to understand how many failure + domains a cluster can optionally span across. + properties: + attributes: + additionalProperties: + type: string + description: Attributes is a free form map of attributes an + infrastructure provider might use or require. + type: object + controlPlane: + description: ControlPlane determines if this failure domain + is suitable for use by control plane machines. + type: boolean + type: object + description: FailureDomains is a slice of failure domain objects synced + from the infrastructure provider. + type: object + failureMessage: + description: FailureMessage indicates that there is a fatal problem + reconciling the state, and will be set to a descriptive error message. + type: string + failureReason: + description: FailureReason indicates that there is a fatal problem + reconciling the state, and will be set to a token value suitable + for programmatic interpretation. + type: string + infrastructureReady: + description: InfrastructureReady is the state of the infrastructure + provider. + type: boolean + observedGeneration: + description: ObservedGeneration is the latest generation observed + by the controller. + format: int64 + type: integer + phase: + description: Phase represents the current phase of cluster actuation. + E.g. Pending, Running, Terminating, Failed etc. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: cluster-api + clusterctl.cluster.x-k8s.io: "" + name: extensionconfigs.runtime.cluster.x-k8s.io +spec: + group: runtime.cluster.x-k8s.io + names: + categories: + - cluster-api + kind: ExtensionConfig + listKind: ExtensionConfigList + plural: extensionconfigs + shortNames: + - ext + singular: extensionconfig + scope: Cluster + versions: + - additionalPrinterColumns: + - description: Time duration since creation of ExtensionConfig + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: ExtensionConfig is the Schema for the ExtensionConfig API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ExtensionConfigSpec is the desired state of the ExtensionConfig + properties: + clientConfig: + description: ClientConfig defines how to communicate with the Extension + server. + properties: + caBundle: + description: CABundle is a PEM encoded CA bundle which will be + used to validate the Extension server's server certificate. + format: byte + type: string + service: + description: "Service is a reference to the Kubernetes service + for the Extension server. Note: Exactly one of `url` or `service` + must be specified. \n If the Extension server is running within + a cluster, then you should use `service`." + properties: + name: + description: Name is the name of the service. + type: string + namespace: + description: Namespace is the namespace of the service. + type: string + path: + description: Path is an optional URL path and if present may + be any string permissible in a URL. If a path is set it + will be used as prefix to the hook-specific path. + type: string + port: + description: Port is the port on the service that's hosting + the Extension server. Defaults to 443. Port should be a + valid port number (1-65535, inclusive). + format: int32 + type: integer + required: + - name + - namespace + type: object + url: + description: "URL gives the location of the Extension server, + in standard URL form (`scheme://host:port/path`). Note: Exactly + one of `url` or `service` must be specified. \n The scheme must + be \"https\". \n The `host` should not refer to a service running + in the cluster; use the `service` field instead. \n A path is + optional, and if present may be any string permissible in a + URL. If a path is set it will be used as prefix to the hook-specific + path. \n Attempting to use a user or basic auth e.g. \"user:password@\" + is not allowed. Fragments (\"#...\") and query parameters (\"?...\") + are not allowed either." + type: string + type: object + namespaceSelector: + description: NamespaceSelector decides whether to call the hook for + an object based on whether the namespace for that object matches + the selector. Defaults to the empty LabelSelector, which matches + all objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + settings: + additionalProperties: + type: string + description: 'Settings defines key value pairs to be passed to all + calls to all supported RuntimeExtensions. Note: Settings can be + overridden on the ClusterClass.' + type: object + required: + - clientConfig + type: object + status: + description: ExtensionConfigStatus is the current state of the ExtensionConfig + properties: + conditions: + description: Conditions define the current service state of the ExtensionConfig. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + handlers: + description: Handlers defines the current ExtensionHandlers supported + by an Extension. + items: + description: ExtensionHandler specifies the details of a handler + for a particular runtime hook registered by an Extension server. + properties: + failurePolicy: + description: FailurePolicy defines how failures in calls to + the ExtensionHandler should be handled by a client. Defaults + to Fail if not set. + type: string + name: + description: Name is the unique name of the ExtensionHandler. + type: string + requestHook: + description: RequestHook defines the versioned runtime hook + which this ExtensionHandler serves. + properties: + apiVersion: + description: APIVersion is the group and version of the + Hook. + type: string + hook: + description: Hook is the name of the hook. + type: string + required: + - apiVersion + - hook + type: object + timeoutSeconds: + description: TimeoutSeconds defines the timeout duration for + client calls to the ExtensionHandler. Defaults to 10 is not + set. + format: int32 + type: integer + required: + - name + - requestHook + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: cluster-api + clusterctl.cluster.x-k8s.io: "" + name: ipaddressclaims.ipam.cluster.x-k8s.io +spec: + group: ipam.cluster.x-k8s.io + names: + categories: + - cluster-api + kind: IPAddressClaim + listKind: IPAddressClaimList + plural: ipaddressclaims + singular: ipaddressclaim + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Name of the pool to allocate an address from + jsonPath: .spec.poolRef.name + name: Pool Name + type: string + - description: Kind of the pool to allocate an address from + jsonPath: .spec.poolRef.kind + name: Pool Kind + type: string + - description: Time duration since creation of IPAdressClaim + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: IPAddressClaim is the Schema for the ipaddressclaim API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: IPAddressClaimSpec is the desired state of an IPAddressClaim. + properties: + poolRef: + description: PoolRef is a reference to the pool from which an IP address + should be created. + properties: + apiGroup: + description: APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in + the core API group. For any other third-party types, APIGroup + is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + required: + - poolRef + type: object + status: + description: IPAddressClaimStatus is the observed status of a IPAddressClaim. + properties: + addressRef: + description: AddressRef is a reference to the address that was created + for this claim. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + conditions: + description: Conditions summarises the current state of the IPAddressClaim + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Name of the pool to allocate an address from + jsonPath: .spec.poolRef.name + name: Pool Name + type: string + - description: Kind of the pool to allocate an address from + jsonPath: .spec.poolRef.kind + name: Pool Kind + type: string + - description: Time duration since creation of IPAdressClaim + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: IPAddressClaim is the Schema for the ipaddressclaim API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: IPAddressClaimSpec is the desired state of an IPAddressClaim. + properties: + poolRef: + description: PoolRef is a reference to the pool from which an IP address + should be created. + properties: + apiGroup: + description: APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in + the core API group. For any other third-party types, APIGroup + is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + required: + - poolRef + type: object + status: + description: IPAddressClaimStatus is the observed status of a IPAddressClaim. + properties: + addressRef: + description: AddressRef is a reference to the address that was created + for this claim. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + conditions: + description: Conditions summarises the current state of the IPAddressClaim + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: cluster-api + clusterctl.cluster.x-k8s.io: "" + name: ipaddresses.ipam.cluster.x-k8s.io +spec: + group: ipam.cluster.x-k8s.io + names: + categories: + - cluster-api + kind: IPAddress + listKind: IPAddressList + plural: ipaddresses + singular: ipaddress + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Address + jsonPath: .spec.address + name: Address + type: string + - description: Name of the pool the address is from + jsonPath: .spec.poolRef.name + name: Pool Name + type: string + - description: Kind of the pool the address is from + jsonPath: .spec.poolRef.kind + name: Pool Kind + type: string + - description: Time duration since creation of IPAdress + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: IPAddress is the Schema for the ipaddress API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: IPAddressSpec is the desired state of an IPAddress. + properties: + address: + description: Address is the IP address. + type: string + claimRef: + description: ClaimRef is a reference to the claim this IPAddress was + created for. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + gateway: + description: Gateway is the network gateway of the network the address + is from. + type: string + poolRef: + description: PoolRef is a reference to the pool that this IPAddress + was created from. + properties: + apiGroup: + description: APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in + the core API group. For any other third-party types, APIGroup + is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + prefix: + description: Prefix is the prefix of the address. + type: integer + required: + - address + - claimRef + - poolRef + - prefix + type: object + type: object + served: true + storage: false + subresources: {} + - additionalPrinterColumns: + - description: Address + jsonPath: .spec.address + name: Address + type: string + - description: Name of the pool the address is from + jsonPath: .spec.poolRef.name + name: Pool Name + type: string + - description: Kind of the pool the address is from + jsonPath: .spec.poolRef.kind + name: Pool Kind + type: string + - description: Time duration since creation of IPAdress + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: IPAddress is the Schema for the ipaddress API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: IPAddressSpec is the desired state of an IPAddress. + properties: + address: + description: Address is the IP address. + type: string + claimRef: + description: ClaimRef is a reference to the claim this IPAddress was + created for. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + x-kubernetes-map-type: atomic + gateway: + description: Gateway is the network gateway of the network the address + is from. + type: string + poolRef: + description: PoolRef is a reference to the pool that this IPAddress + was created from. + properties: + apiGroup: + description: APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in + the core API group. For any other third-party types, APIGroup + is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + prefix: + description: Prefix is the prefix of the address. + type: integer + required: + - address + - claimRef + - poolRef + - prefix + type: object + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: capi-system/capi-serving-cert + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: cluster-api + clusterctl.cluster.x-k8s.io: "" + name: machinedeployments.cluster.x-k8s.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + caBundle: Cg== + service: + name: capi-webhook-service + namespace: capi-system + path: /convert + conversionReviewVersions: + - v1 + - v1beta1 + group: cluster.x-k8s.io + names: + categories: + - cluster-api + kind: MachineDeployment + listKind: MachineDeploymentList + plural: machinedeployments + shortNames: + - md + singular: machinedeployment + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Cluster + jsonPath: .spec.clusterName + name: Cluster + type: string + - description: Time duration since creation of MachineDeployment + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: MachineDeployment status such as ScalingUp/ScalingDown/Running/Failed/Unknown + jsonPath: .status.phase + name: Phase + type: string + - description: Total number of non-terminated machines targeted by this MachineDeployment + jsonPath: .status.replicas + name: Replicas + type: integer + - description: Total number of ready machines targeted by this MachineDeployment + jsonPath: .status.readyReplicas + name: Ready + type: integer + - description: Total number of non-terminated machines targeted by this deployment + that have the desired template spec + jsonPath: .status.updatedReplicas + name: Updated + type: integer + - description: Total number of unavailable machines targeted by this MachineDeployment + jsonPath: .status.unavailableReplicas + name: Unavailable + type: integer + deprecated: true + name: v1alpha4 + schema: + openAPIV3Schema: + description: "MachineDeployment is the Schema for the machinedeployments API. + \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MachineDeploymentSpec defines the desired state of MachineDeployment. + properties: + clusterName: + description: ClusterName is the name of the Cluster this object belongs + to. + minLength: 1 + type: string + minReadySeconds: + description: Minimum number of seconds for which a newly created machine + should be ready. Defaults to 0 (machine will be considered available + as soon as it is ready) + format: int32 + type: integer + paused: + description: Indicates that the deployment is paused. + type: boolean + progressDeadlineSeconds: + description: The maximum time in seconds for a deployment to make + progress before it is considered to be failed. The deployment controller + will continue to process failed deployments and a condition with + a ProgressDeadlineExceeded reason will be surfaced in the deployment + status. Note that progress will not be estimated during the time + a deployment is paused. Defaults to 600s. + format: int32 + type: integer + replicas: + default: 1 + description: Number of desired machines. Defaults to 1. This is a + pointer to distinguish between explicit zero and not specified. + format: int32 + type: integer + revisionHistoryLimit: + description: The number of old MachineSets to retain to allow rollback. + This is a pointer to distinguish between explicit zero and not specified. + Defaults to 1. + format: int32 + type: integer + selector: + description: Label selector for machines. Existing MachineSets whose + machines are selected by this will be the ones affected by this + deployment. It must match the machine template's labels. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + strategy: + description: The deployment strategy to use to replace existing machines + with new ones. + properties: + rollingUpdate: + description: Rolling update config params. Present only if MachineDeploymentStrategyType + = RollingUpdate. + properties: + deletePolicy: + description: DeletePolicy defines the policy used by the MachineDeployment + to identify nodes to delete when downscaling. Valid values + are "Random, "Newest", "Oldest" When no value is supplied, + the default DeletePolicy of MachineSet is used + enum: + - Random + - Newest + - Oldest + type: string + maxSurge: + anyOf: + - type: integer + - type: string + description: 'The maximum number of machines that can be scheduled + above the desired number of machines. Value can be an absolute + number (ex: 5) or a percentage of desired machines (ex: + 10%). This can not be 0 if MaxUnavailable is 0. Absolute + number is calculated from percentage by rounding up. Defaults + to 1. Example: when this is set to 30%, the new MachineSet + can be scaled up immediately when the rolling update starts, + such that the total number of old and new machines do not + exceed 130% of desired machines. Once old machines have + been killed, new MachineSet can be scaled up further, ensuring + that total number of machines running at any time during + the update is at most 130% of desired machines.' + x-kubernetes-int-or-string: true + maxUnavailable: + anyOf: + - type: integer + - type: string + description: 'The maximum number of machines that can be unavailable + during the update. Value can be an absolute number (ex: + 5) or a percentage of desired machines (ex: 10%). Absolute + number is calculated from percentage by rounding down. This + can not be 0 if MaxSurge is 0. Defaults to 0. Example: when + this is set to 30%, the old MachineSet can be scaled down + to 70% of desired machines immediately when the rolling + update starts. Once new machines are ready, old MachineSet + can be scaled down further, followed by scaling up the new + MachineSet, ensuring that the total number of machines available + at all times during the update is at least 70% of desired + machines.' + x-kubernetes-int-or-string: true + type: object + type: + description: Type of deployment. Default is RollingUpdate. + enum: + - RollingUpdate + - OnDelete + type: string + type: object + template: + description: Template describes the machines that will be created. + properties: + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not queryable + and should be preserved when modifying objects. More info: + http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used + to organize and categorize (scope and select) objects. May + match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: 'Specification of the desired behavior of the machine. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + bootstrap: + description: Bootstrap is a reference to a local struct which + encapsulates fields to configure the Machine’s bootstrapping + mechanism. + properties: + configRef: + description: ConfigRef is a reference to a bootstrap provider-specific + resource that holds configuration details. The reference + is optional to allow users/operators to specify Bootstrap.DataSecretName + without the need of a controller. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only + to have some well-defined way of referencing a part + of an object. TODO: this design is not final and + this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + dataSecretName: + description: DataSecretName is the name of the secret + that stores the bootstrap data script. If nil, the Machine + should remain in the Pending state. + type: string + type: object + clusterName: + description: ClusterName is the name of the Cluster this object + belongs to. + minLength: 1 + type: string + failureDomain: + description: FailureDomain is the failure domain the machine + will be created in. Must match a key in the FailureDomains + map stored on the cluster object. + type: string + infrastructureRef: + description: InfrastructureRef is a required reference to + a custom resource offered by an infrastructure provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that + triggered the event) or if no container name is specified + "spec.containers[2]" (container with index 2 in this + pod). This syntax is chosen only to have some well-defined + way of referencing a part of an object. TODO: this design + is not final and this field is subject to change in + the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time + that the controller will spend on draining a node. The default + value is 0, meaning that the node can be drained without + any time limitations. NOTE: NodeDrainTimeout is different + from `kubectl drain --timeout`' + type: string + providerID: + description: ProviderID is the identification ID of the machine + provided by the provider. This field must match the provider + ID as seen on the node object corresponding to this machine. + This field is required by higher level consumers of cluster-api. + Example use case is cluster autoscaler with cluster-api + as provider. Clean-up logic in the autoscaler compares machines + to nodes to find out machines at provider which could not + get registered as Kubernetes nodes. With cluster-api as + a generic out-of-tree provider for autoscaler, this field + is required by autoscaler to be able to have a provider + view of the list of machines. Another list of nodes is queried + from the k8s apiserver and then a comparison is done to + find out unregistered machines and are marked for delete. + This field will be set by the actuators and consumed by + higher level entities like autoscaler that will be interfacing + with cluster-api as generic provider. + type: string + version: + description: Version defines the desired Kubernetes version. + This field is meant to be optionally used by bootstrap providers. + type: string + required: + - bootstrap + - clusterName + - infrastructureRef + type: object + type: object + required: + - clusterName + - selector + - template + type: object + status: + description: MachineDeploymentStatus defines the observed state of MachineDeployment. + properties: + availableReplicas: + description: Total number of available machines (ready for at least + minReadySeconds) targeted by this deployment. + format: int32 + type: integer + conditions: + description: Conditions defines current service state of the MachineDeployment. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - status + - type + type: object + type: array + observedGeneration: + description: The generation observed by the deployment controller. + format: int64 + type: integer + phase: + description: Phase represents the current phase of a MachineDeployment + (ScalingUp, ScalingDown, Running, Failed, or Unknown). + type: string + readyReplicas: + description: Total number of ready machines targeted by this deployment. + format: int32 + type: integer + replicas: + description: Total number of non-terminated machines targeted by this + deployment (their labels match the selector). + format: int32 + type: integer + selector: + description: 'Selector is the same as the label selector but in the + string format to avoid introspection by clients. The string will + be in the same format as the query-param syntax. More info about + label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors' + type: string + unavailableReplicas: + description: Total number of unavailable machines targeted by this + deployment. This is the total number of machines that are still + required for the deployment to have 100% available capacity. They + may either be machines that are running but not yet available or + machines that still have not been created. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated machines targeted by this + deployment that have the desired template spec. + format: int32 + type: integer + type: object + type: object + served: false + storage: false + subresources: + scale: + labelSelectorPath: .status.selector + specReplicasPath: .spec.replicas + statusReplicasPath: .status.replicas + status: {} + - additionalPrinterColumns: + - description: Cluster + jsonPath: .spec.clusterName + name: Cluster + type: string + - description: Total number of machines desired by this MachineDeployment + jsonPath: .spec.replicas + name: Desired + priority: 10 + type: integer + - description: Total number of non-terminated machines targeted by this MachineDeployment + jsonPath: .status.replicas + name: Replicas + type: integer + - description: Total number of ready machines targeted by this MachineDeployment + jsonPath: .status.readyReplicas + name: Ready + type: integer + - description: Total number of non-terminated machines targeted by this deployment + that have the desired template spec + jsonPath: .status.updatedReplicas + name: Updated + type: integer + - description: Total number of unavailable machines targeted by this MachineDeployment + jsonPath: .status.unavailableReplicas + name: Unavailable + type: integer + - description: MachineDeployment status such as ScalingUp/ScalingDown/Running/Failed/Unknown + jsonPath: .status.phase + name: Phase + type: string + - description: Time duration since creation of MachineDeployment + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Kubernetes version associated with this MachineDeployment + jsonPath: .spec.template.spec.version + name: Version + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: MachineDeployment is the Schema for the machinedeployments API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MachineDeploymentSpec defines the desired state of MachineDeployment. + properties: + clusterName: + description: ClusterName is the name of the Cluster this object belongs + to. + minLength: 1 + type: string + minReadySeconds: + description: MinReadySeconds is the minimum number of seconds for + which a Node for a newly created machine should be ready before + considering the replica available. Defaults to 0 (machine will be + considered available as soon as the Node is ready) + format: int32 + type: integer + paused: + description: Indicates that the deployment is paused. + type: boolean + progressDeadlineSeconds: + description: The maximum time in seconds for a deployment to make + progress before it is considered to be failed. The deployment controller + will continue to process failed deployments and a condition with + a ProgressDeadlineExceeded reason will be surfaced in the deployment + status. Note that progress will not be estimated during the time + a deployment is paused. Defaults to 600s. + format: int32 + type: integer + replicas: + description: "Number of desired machines. This is a pointer to distinguish + between explicit zero and not specified. \n Defaults to: * if the + Kubernetes autoscaler min size and max size annotations are set: + - if it's a new MachineDeployment, use min size - if the replicas + field of the old MachineDeployment is < min size, use min size - + if the replicas field of the old MachineDeployment is > max size, + use max size - if the replicas field of the old MachineDeployment + is in the (min size, max size) range, keep the value from the oldMD + * otherwise use 1 Note: Defaulting will be run whenever the replicas + field is not set: * A new MachineDeployment is created with replicas + not set. * On an existing MachineDeployment the replicas field was + first set and is now unset. Those cases are especially relevant + for the following Kubernetes autoscaler use cases: * A new MachineDeployment + is created and replicas should be managed by the autoscaler * An + existing MachineDeployment which initially wasn't controlled by + the autoscaler should be later controlled by the autoscaler" + format: int32 + type: integer + revisionHistoryLimit: + description: The number of old MachineSets to retain to allow rollback. + This is a pointer to distinguish between explicit zero and not specified. + Defaults to 1. + format: int32 + type: integer + rolloutAfter: + description: 'RolloutAfter is a field to indicate a rollout should + be performed after the specified time even if no changes have been + made to the MachineDeployment. Example: In the YAML the time can + be specified in the RFC3339 format. To specify the rolloutAfter + target as March 9, 2023, at 9 am UTC use "2023-03-09T09:00:00Z".' + format: date-time + type: string + selector: + description: Label selector for machines. Existing MachineSets whose + machines are selected by this will be the ones affected by this + deployment. It must match the machine template's labels. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + strategy: + description: The deployment strategy to use to replace existing machines + with new ones. + properties: + rollingUpdate: + description: Rolling update config params. Present only if MachineDeploymentStrategyType + = RollingUpdate. + properties: + deletePolicy: + description: DeletePolicy defines the policy used by the MachineDeployment + to identify nodes to delete when downscaling. Valid values + are "Random, "Newest", "Oldest" When no value is supplied, + the default DeletePolicy of MachineSet is used + enum: + - Random + - Newest + - Oldest + type: string + maxSurge: + anyOf: + - type: integer + - type: string + description: 'The maximum number of machines that can be scheduled + above the desired number of machines. Value can be an absolute + number (ex: 5) or a percentage of desired machines (ex: + 10%). This can not be 0 if MaxUnavailable is 0. Absolute + number is calculated from percentage by rounding up. Defaults + to 1. Example: when this is set to 30%, the new MachineSet + can be scaled up immediately when the rolling update starts, + such that the total number of old and new machines do not + exceed 130% of desired machines. Once old machines have + been killed, new MachineSet can be scaled up further, ensuring + that total number of machines running at any time during + the update is at most 130% of desired machines.' + x-kubernetes-int-or-string: true + maxUnavailable: + anyOf: + - type: integer + - type: string + description: 'The maximum number of machines that can be unavailable + during the update. Value can be an absolute number (ex: + 5) or a percentage of desired machines (ex: 10%). Absolute + number is calculated from percentage by rounding down. This + can not be 0 if MaxSurge is 0. Defaults to 0. Example: when + this is set to 30%, the old MachineSet can be scaled down + to 70% of desired machines immediately when the rolling + update starts. Once new machines are ready, old MachineSet + can be scaled down further, followed by scaling up the new + MachineSet, ensuring that the total number of machines available + at all times during the update is at least 70% of desired + machines.' + x-kubernetes-int-or-string: true + type: object + type: + description: Type of deployment. Allowed values are RollingUpdate + and OnDelete. The default is RollingUpdate. + enum: + - RollingUpdate + - OnDelete + type: string + type: object + template: + description: Template describes the machines that will be created. + properties: + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not queryable + and should be preserved when modifying objects. More info: + http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used + to organize and categorize (scope and select) objects. May + match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: 'Specification of the desired behavior of the machine. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + bootstrap: + description: Bootstrap is a reference to a local struct which + encapsulates fields to configure the Machine’s bootstrapping + mechanism. + properties: + configRef: + description: ConfigRef is a reference to a bootstrap provider-specific + resource that holds configuration details. The reference + is optional to allow users/operators to specify Bootstrap.DataSecretName + without the need of a controller. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only + to have some well-defined way of referencing a part + of an object. TODO: this design is not final and + this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + dataSecretName: + description: DataSecretName is the name of the secret + that stores the bootstrap data script. If nil, the Machine + should remain in the Pending state. + type: string + type: object + clusterName: + description: ClusterName is the name of the Cluster this object + belongs to. + minLength: 1 + type: string + failureDomain: + description: FailureDomain is the failure domain the machine + will be created in. Must match a key in the FailureDomains + map stored on the cluster object. + type: string + infrastructureRef: + description: InfrastructureRef is a required reference to + a custom resource offered by an infrastructure provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that + triggered the event) or if no container name is specified + "spec.containers[2]" (container with index 2 in this + pod). This syntax is chosen only to have some well-defined + way of referencing a part of an object. TODO: this design + is not final and this field is subject to change in + the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + nodeDeletionTimeout: + description: NodeDeletionTimeout defines how long the controller + will attempt to delete the Node that the Machine hosts after + the Machine is marked for deletion. A duration of 0 will + retry deletion indefinitely. Defaults to 10 seconds. + type: string + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time + that the controller will spend on draining a node. The default + value is 0, meaning that the node can be drained without + any time limitations. NOTE: NodeDrainTimeout is different + from `kubectl drain --timeout`' + type: string + nodeVolumeDetachTimeout: + description: NodeVolumeDetachTimeout is the total amount of + time that the controller will spend on waiting for all volumes + to be detached. The default value is 0, meaning that the + volumes can be detached without any time limitations. + type: string + providerID: + description: ProviderID is the identification ID of the machine + provided by the provider. This field must match the provider + ID as seen on the node object corresponding to this machine. + This field is required by higher level consumers of cluster-api. + Example use case is cluster autoscaler with cluster-api + as provider. Clean-up logic in the autoscaler compares machines + to nodes to find out machines at provider which could not + get registered as Kubernetes nodes. With cluster-api as + a generic out-of-tree provider for autoscaler, this field + is required by autoscaler to be able to have a provider + view of the list of machines. Another list of nodes is queried + from the k8s apiserver and then a comparison is done to + find out unregistered machines and are marked for delete. + This field will be set by the actuators and consumed by + higher level entities like autoscaler that will be interfacing + with cluster-api as generic provider. + type: string + version: + description: Version defines the desired Kubernetes version. + This field is meant to be optionally used by bootstrap providers. + type: string + required: + - bootstrap + - clusterName + - infrastructureRef + type: object + type: object + required: + - clusterName + - selector + - template + type: object + status: + description: MachineDeploymentStatus defines the observed state of MachineDeployment. + properties: + availableReplicas: + description: Total number of available machines (ready for at least + minReadySeconds) targeted by this deployment. + format: int32 + type: integer + conditions: + description: Conditions defines current service state of the MachineDeployment. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + observedGeneration: + description: The generation observed by the deployment controller. + format: int64 + type: integer + phase: + description: Phase represents the current phase of a MachineDeployment + (ScalingUp, ScalingDown, Running, Failed, or Unknown). + type: string + readyReplicas: + description: Total number of ready machines targeted by this deployment. + format: int32 + type: integer + replicas: + description: Total number of non-terminated machines targeted by this + deployment (their labels match the selector). + format: int32 + type: integer + selector: + description: 'Selector is the same as the label selector but in the + string format to avoid introspection by clients. The string will + be in the same format as the query-param syntax. More info about + label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors' + type: string + unavailableReplicas: + description: Total number of unavailable machines targeted by this + deployment. This is the total number of machines that are still + required for the deployment to have 100% available capacity. They + may either be machines that are running but not yet available or + machines that still have not been created. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated machines targeted by this + deployment that have the desired template spec. + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + scale: + labelSelectorPath: .status.selector + specReplicasPath: .spec.replicas + statusReplicasPath: .status.replicas + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: capi-system/capi-serving-cert + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: cluster-api + clusterctl.cluster.x-k8s.io: "" + name: machinehealthchecks.cluster.x-k8s.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + caBundle: Cg== + service: + name: capi-webhook-service + namespace: capi-system + path: /convert + conversionReviewVersions: + - v1 + - v1beta1 + group: cluster.x-k8s.io + names: + categories: + - cluster-api + kind: MachineHealthCheck + listKind: MachineHealthCheckList + plural: machinehealthchecks + shortNames: + - mhc + - mhcs + singular: machinehealthcheck + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Cluster + jsonPath: .spec.clusterName + name: Cluster + type: string + - description: Time duration since creation of MachineHealthCheck + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Maximum number of unhealthy machines allowed + jsonPath: .spec.maxUnhealthy + name: MaxUnhealthy + type: string + - description: Number of machines currently monitored + jsonPath: .status.expectedMachines + name: ExpectedMachines + type: integer + - description: Current observed healthy machines + jsonPath: .status.currentHealthy + name: CurrentHealthy + type: integer + deprecated: true + name: v1alpha4 + schema: + openAPIV3Schema: + description: "MachineHealthCheck is the Schema for the machinehealthchecks + API. \n Deprecated: This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Specification of machine health check policy + properties: + clusterName: + description: ClusterName is the name of the Cluster this object belongs + to. + minLength: 1 + type: string + maxUnhealthy: + anyOf: + - type: integer + - type: string + description: Any further remediation is only allowed if at most "MaxUnhealthy" + machines selected by "selector" are not healthy. + x-kubernetes-int-or-string: true + nodeStartupTimeout: + description: Machines older than this duration without a node will + be considered to have failed and will be remediated. If not set, + this value is defaulted to 10 minutes. If you wish to disable this + feature, set the value explicitly to 0. + type: string + remediationTemplate: + description: "RemediationTemplate is a reference to a remediation + template provided by an infrastructure provider. \n This field is + completely optional, when filled, the MachineHealthCheck controller + creates a new object from the template referenced and hands off + remediation of the machine to a controller that lives outside of + Cluster API." + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + selector: + description: Label selector to match machines whose health will be + exercised + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + unhealthyConditions: + description: UnhealthyConditions contains a list of the conditions + that determine whether a node is considered unhealthy. The conditions + are combined in a logical OR, i.e. if any of the conditions is met, + the node is unhealthy. + items: + description: UnhealthyCondition represents a Node condition type + and value with a timeout specified as a duration. When the named + condition has been in the given status for at least the timeout + value, a node is considered unhealthy. + properties: + status: + minLength: 1 + type: string + timeout: + type: string + type: + minLength: 1 + type: string + required: + - status + - timeout + - type + type: object + minItems: 1 + type: array + unhealthyRange: + description: 'Any further remediation is only allowed if the number + of machines selected by "selector" as not healthy is within the + range of "UnhealthyRange". Takes precedence over MaxUnhealthy. Eg. + "[3-5]" - This means that remediation will be allowed only when: + (a) there are at least 3 unhealthy machines (and) (b) there are + at most 5 unhealthy machines' + pattern: ^\[[0-9]+-[0-9]+\]$ + type: string + required: + - clusterName + - selector + - unhealthyConditions + type: object + status: + description: Most recently observed status of MachineHealthCheck resource + properties: + conditions: + description: Conditions defines current service state of the MachineHealthCheck. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - status + - type + type: object + type: array + currentHealthy: + description: total number of healthy machines counted by this machine + health check + format: int32 + minimum: 0 + type: integer + expectedMachines: + description: total number of machines counted by this machine health + check + format: int32 + minimum: 0 + type: integer + observedGeneration: + description: ObservedGeneration is the latest generation observed + by the controller. + format: int64 + type: integer + remediationsAllowed: + description: RemediationsAllowed is the number of further remediations + allowed by this machine health check before maxUnhealthy short circuiting + will be applied + format: int32 + minimum: 0 + type: integer + targets: + description: Targets shows the current list of machines the machine + health check is watching + items: + type: string + type: array + type: object + type: object + served: false + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Cluster + jsonPath: .spec.clusterName + name: Cluster + type: string + - description: Number of machines currently monitored + jsonPath: .status.expectedMachines + name: ExpectedMachines + type: integer + - description: Maximum number of unhealthy machines allowed + jsonPath: .spec.maxUnhealthy + name: MaxUnhealthy + type: string + - description: Current observed healthy machines + jsonPath: .status.currentHealthy + name: CurrentHealthy + type: integer + - description: Time duration since creation of MachineHealthCheck + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: MachineHealthCheck is the Schema for the machinehealthchecks + API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Specification of machine health check policy + properties: + clusterName: + description: ClusterName is the name of the Cluster this object belongs + to. + minLength: 1 + type: string + maxUnhealthy: + anyOf: + - type: integer + - type: string + description: Any further remediation is only allowed if at most "MaxUnhealthy" + machines selected by "selector" are not healthy. + x-kubernetes-int-or-string: true + nodeStartupTimeout: + description: Machines older than this duration without a node will + be considered to have failed and will be remediated. If not set, + this value is defaulted to 10 minutes. If you wish to disable this + feature, set the value explicitly to 0. + type: string + remediationTemplate: + description: "RemediationTemplate is a reference to a remediation + template provided by an infrastructure provider. \n This field is + completely optional, when filled, the MachineHealthCheck controller + creates a new object from the template referenced and hands off + remediation of the machine to a controller that lives outside of + Cluster API." + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + selector: + description: Label selector to match machines whose health will be + exercised + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + unhealthyConditions: + description: UnhealthyConditions contains a list of the conditions + that determine whether a node is considered unhealthy. The conditions + are combined in a logical OR, i.e. if any of the conditions is met, + the node is unhealthy. + items: + description: UnhealthyCondition represents a Node condition type + and value with a timeout specified as a duration. When the named + condition has been in the given status for at least the timeout + value, a node is considered unhealthy. + properties: + status: + minLength: 1 + type: string + timeout: + type: string + type: + minLength: 1 + type: string + required: + - status + - timeout + - type + type: object + minItems: 1 + type: array + unhealthyRange: + description: 'Any further remediation is only allowed if the number + of machines selected by "selector" as not healthy is within the + range of "UnhealthyRange". Takes precedence over MaxUnhealthy. Eg. + "[3-5]" - This means that remediation will be allowed only when: + (a) there are at least 3 unhealthy machines (and) (b) there are + at most 5 unhealthy machines' + pattern: ^\[[0-9]+-[0-9]+\]$ + type: string + required: + - clusterName + - selector + - unhealthyConditions + type: object + status: + description: Most recently observed status of MachineHealthCheck resource + properties: + conditions: + description: Conditions defines current service state of the MachineHealthCheck. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + currentHealthy: + description: total number of healthy machines counted by this machine + health check + format: int32 + minimum: 0 + type: integer + expectedMachines: + description: total number of machines counted by this machine health + check + format: int32 + minimum: 0 + type: integer + observedGeneration: + description: ObservedGeneration is the latest generation observed + by the controller. + format: int64 + type: integer + remediationsAllowed: + description: RemediationsAllowed is the number of further remediations + allowed by this machine health check before maxUnhealthy short circuiting + will be applied + format: int32 + minimum: 0 + type: integer + targets: + description: Targets shows the current list of machines the machine + health check is watching + items: + type: string + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: capi-system/capi-serving-cert + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: cluster-api + clusterctl.cluster.x-k8s.io: "" + name: machinepools.cluster.x-k8s.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + caBundle: Cg== + service: + name: capi-webhook-service + namespace: capi-system + path: /convert + conversionReviewVersions: + - v1 + - v1beta1 + group: cluster.x-k8s.io + names: + categories: + - cluster-api + kind: MachinePool + listKind: MachinePoolList + plural: machinepools + shortNames: + - mp + singular: machinepool + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Time duration since creation of MachinePool + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: MachinePool replicas count + jsonPath: .status.replicas + name: Replicas + type: string + - description: MachinePool status such as Terminating/Pending/Provisioning/Running/Failed + etc + jsonPath: .status.phase + name: Phase + type: string + - description: Kubernetes version associated with this MachinePool + jsonPath: .spec.template.spec.version + name: Version + type: string + deprecated: true + name: v1alpha4 + schema: + openAPIV3Schema: + description: "MachinePool is the Schema for the machinepools API. \n Deprecated: + This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MachinePoolSpec defines the desired state of MachinePool. + properties: + clusterName: + description: ClusterName is the name of the Cluster this object belongs + to. + minLength: 1 + type: string + failureDomains: + description: FailureDomains is the list of failure domains this MachinePool + should be attached to. + items: + type: string + type: array + minReadySeconds: + description: Minimum number of seconds for which a newly created machine + instances should be ready. Defaults to 0 (machine instance will + be considered available as soon as it is ready) + format: int32 + type: integer + providerIDList: + description: ProviderIDList are the identification IDs of machine + instances provided by the provider. This field must match the provider + IDs as seen on the node objects corresponding to a machine pool's + machine instances. + items: + type: string + type: array + replicas: + description: Number of desired machines. Defaults to 1. This is a + pointer to distinguish between explicit zero and not specified. + format: int32 + type: integer + template: + description: Template describes the machines that will be created. + properties: + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not queryable + and should be preserved when modifying objects. More info: + http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used + to organize and categorize (scope and select) objects. May + match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: 'Specification of the desired behavior of the machine. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + bootstrap: + description: Bootstrap is a reference to a local struct which + encapsulates fields to configure the Machine’s bootstrapping + mechanism. + properties: + configRef: + description: ConfigRef is a reference to a bootstrap provider-specific + resource that holds configuration details. The reference + is optional to allow users/operators to specify Bootstrap.DataSecretName + without the need of a controller. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only + to have some well-defined way of referencing a part + of an object. TODO: this design is not final and + this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + dataSecretName: + description: DataSecretName is the name of the secret + that stores the bootstrap data script. If nil, the Machine + should remain in the Pending state. + type: string + type: object + clusterName: + description: ClusterName is the name of the Cluster this object + belongs to. + minLength: 1 + type: string + failureDomain: + description: FailureDomain is the failure domain the machine + will be created in. Must match a key in the FailureDomains + map stored on the cluster object. + type: string + infrastructureRef: + description: InfrastructureRef is a required reference to + a custom resource offered by an infrastructure provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that + triggered the event) or if no container name is specified + "spec.containers[2]" (container with index 2 in this + pod). This syntax is chosen only to have some well-defined + way of referencing a part of an object. TODO: this design + is not final and this field is subject to change in + the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time + that the controller will spend on draining a node. The default + value is 0, meaning that the node can be drained without + any time limitations. NOTE: NodeDrainTimeout is different + from `kubectl drain --timeout`' + type: string + providerID: + description: ProviderID is the identification ID of the machine + provided by the provider. This field must match the provider + ID as seen on the node object corresponding to this machine. + This field is required by higher level consumers of cluster-api. + Example use case is cluster autoscaler with cluster-api + as provider. Clean-up logic in the autoscaler compares machines + to nodes to find out machines at provider which could not + get registered as Kubernetes nodes. With cluster-api as + a generic out-of-tree provider for autoscaler, this field + is required by autoscaler to be able to have a provider + view of the list of machines. Another list of nodes is queried + from the k8s apiserver and then a comparison is done to + find out unregistered machines and are marked for delete. + This field will be set by the actuators and consumed by + higher level entities like autoscaler that will be interfacing + with cluster-api as generic provider. + type: string + version: + description: Version defines the desired Kubernetes version. + This field is meant to be optionally used by bootstrap providers. + type: string + required: + - bootstrap + - clusterName + - infrastructureRef + type: object + type: object + required: + - clusterName + - template + type: object + status: + description: MachinePoolStatus defines the observed state of MachinePool. + properties: + availableReplicas: + description: The number of available replicas (ready for at least + minReadySeconds) for this MachinePool. + format: int32 + type: integer + bootstrapReady: + description: BootstrapReady is the state of the bootstrap provider. + type: boolean + conditions: + description: Conditions define the current service state of the MachinePool. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - status + - type + type: object + type: array + failureMessage: + description: FailureMessage indicates that there is a problem reconciling + the state, and will be set to a descriptive error message. + type: string + failureReason: + description: FailureReason indicates that there is a problem reconciling + the state, and will be set to a token value suitable for programmatic + interpretation. + type: string + infrastructureReady: + description: InfrastructureReady is the state of the infrastructure + provider. + type: boolean + nodeRefs: + description: NodeRefs will point to the corresponding Nodes if it + they exist. + items: + description: "ObjectReference contains enough information to let + you inspect or modify the referred object. --- New uses of this + type are discouraged because of difficulty describing its usage + when embedded in APIs. 1. Ignored fields. It includes many fields + which are not generally honored. For instance, ResourceVersion + and FieldPath are both very rarely valid in actual usage. 2. Invalid + usage help. It is impossible to add specific help for individual + usage. In most embedded usages, there are particular restrictions + like, \"must refer only to types A and B\" or \"UID not honored\" + or \"name must be restricted\". Those cannot be well described + when embedded. 3. Inconsistent validation. Because the usages + are different, the validation rules are different by usage, which + makes it hard for users to predict what will happen. 4. The fields + are both imprecise and overly precise. Kind is not a precise + mapping to a URL. This can produce ambiguity during interpretation + and require a REST mapping. In most cases, the dependency is + on the group,resource tuple and the version of the actual struct + is irrelevant. 5. We cannot easily change it. Because this type + is embedded in many locations, updates to this type will affect + numerous schemas. Don't make new APIs embed an underspecified + API type they do not control. \n Instead of using this type, create + a locally provided and used type that is well-focused on your + reference. For example, ServiceReferences for admission registration: + https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 + ." + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + type: array + observedGeneration: + description: ObservedGeneration is the latest generation observed + by the controller. + format: int64 + type: integer + phase: + description: Phase represents the current phase of cluster actuation. + E.g. Pending, Running, Terminating, Failed etc. + type: string + readyReplicas: + description: The number of ready replicas for this MachinePool. A + machine is considered ready when the node has been created and is + "Ready". + format: int32 + type: integer + replicas: + description: Replicas is the most recently observed number of replicas. + format: int32 + type: integer + unavailableReplicas: + description: Total number of unavailable machine instances targeted + by this machine pool. This is the total number of machine instances + that are still required for the machine pool to have 100% available + capacity. They may either be machine instances that are running + but not yet available or machine instances that still have not been + created. + format: int32 + type: integer + type: object + type: object + served: false + storage: false + subresources: + scale: + specReplicasPath: .spec.replicas + statusReplicasPath: .status.replicas + status: {} + - additionalPrinterColumns: + - description: Cluster + jsonPath: .spec.clusterName + name: Cluster + type: string + - description: Total number of machines desired by this MachinePool + jsonPath: .spec.replicas + name: Desired + priority: 10 + type: integer + - description: MachinePool replicas count + jsonPath: .status.replicas + name: Replicas + type: string + - description: MachinePool status such as Terminating/Pending/Provisioning/Running/Failed + etc + jsonPath: .status.phase + name: Phase + type: string + - description: Time duration since creation of MachinePool + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Kubernetes version associated with this MachinePool + jsonPath: .spec.template.spec.version + name: Version + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: MachinePool is the Schema for the machinepools API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MachinePoolSpec defines the desired state of MachinePool. + properties: + clusterName: + description: ClusterName is the name of the Cluster this object belongs + to. + minLength: 1 + type: string + failureDomains: + description: FailureDomains is the list of failure domains this MachinePool + should be attached to. + items: + type: string + type: array + minReadySeconds: + description: 'Minimum number of seconds for which a newly created + machine instances should be ready. Defaults to 0 (machine instance + will be considered available as soon as it is ready) NOTE: No logic + is implemented for this field and it currently has no behaviour.' + format: int32 + type: integer + providerIDList: + description: ProviderIDList are the identification IDs of machine + instances provided by the provider. This field must match the provider + IDs as seen on the node objects corresponding to a machine pool's + machine instances. + items: + type: string + type: array + replicas: + description: Number of desired machines. Defaults to 1. This is a + pointer to distinguish between explicit zero and not specified. + format: int32 + type: integer + template: + description: Template describes the machines that will be created. + properties: + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not queryable + and should be preserved when modifying objects. More info: + http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used + to organize and categorize (scope and select) objects. May + match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: 'Specification of the desired behavior of the machine. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + bootstrap: + description: Bootstrap is a reference to a local struct which + encapsulates fields to configure the Machine’s bootstrapping + mechanism. + properties: + configRef: + description: ConfigRef is a reference to a bootstrap provider-specific + resource that holds configuration details. The reference + is optional to allow users/operators to specify Bootstrap.DataSecretName + without the need of a controller. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only + to have some well-defined way of referencing a part + of an object. TODO: this design is not final and + this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + dataSecretName: + description: DataSecretName is the name of the secret + that stores the bootstrap data script. If nil, the Machine + should remain in the Pending state. + type: string + type: object + clusterName: + description: ClusterName is the name of the Cluster this object + belongs to. + minLength: 1 + type: string + failureDomain: + description: FailureDomain is the failure domain the machine + will be created in. Must match a key in the FailureDomains + map stored on the cluster object. + type: string + infrastructureRef: + description: InfrastructureRef is a required reference to + a custom resource offered by an infrastructure provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that + triggered the event) or if no container name is specified + "spec.containers[2]" (container with index 2 in this + pod). This syntax is chosen only to have some well-defined + way of referencing a part of an object. TODO: this design + is not final and this field is subject to change in + the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + nodeDeletionTimeout: + description: NodeDeletionTimeout defines how long the controller + will attempt to delete the Node that the Machine hosts after + the Machine is marked for deletion. A duration of 0 will + retry deletion indefinitely. Defaults to 10 seconds. + type: string + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time + that the controller will spend on draining a node. The default + value is 0, meaning that the node can be drained without + any time limitations. NOTE: NodeDrainTimeout is different + from `kubectl drain --timeout`' + type: string + nodeVolumeDetachTimeout: + description: NodeVolumeDetachTimeout is the total amount of + time that the controller will spend on waiting for all volumes + to be detached. The default value is 0, meaning that the + volumes can be detached without any time limitations. + type: string + providerID: + description: ProviderID is the identification ID of the machine + provided by the provider. This field must match the provider + ID as seen on the node object corresponding to this machine. + This field is required by higher level consumers of cluster-api. + Example use case is cluster autoscaler with cluster-api + as provider. Clean-up logic in the autoscaler compares machines + to nodes to find out machines at provider which could not + get registered as Kubernetes nodes. With cluster-api as + a generic out-of-tree provider for autoscaler, this field + is required by autoscaler to be able to have a provider + view of the list of machines. Another list of nodes is queried + from the k8s apiserver and then a comparison is done to + find out unregistered machines and are marked for delete. + This field will be set by the actuators and consumed by + higher level entities like autoscaler that will be interfacing + with cluster-api as generic provider. + type: string + version: + description: Version defines the desired Kubernetes version. + This field is meant to be optionally used by bootstrap providers. + type: string + required: + - bootstrap + - clusterName + - infrastructureRef + type: object + type: object + required: + - clusterName + - template + type: object + status: + description: MachinePoolStatus defines the observed state of MachinePool. + properties: + availableReplicas: + description: The number of available replicas (ready for at least + minReadySeconds) for this MachinePool. + format: int32 + type: integer + bootstrapReady: + description: BootstrapReady is the state of the bootstrap provider. + type: boolean + conditions: + description: Conditions define the current service state of the MachinePool. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + failureMessage: + description: FailureMessage indicates that there is a problem reconciling + the state, and will be set to a descriptive error message. + type: string + failureReason: + description: FailureReason indicates that there is a problem reconciling + the state, and will be set to a token value suitable for programmatic + interpretation. + type: string + infrastructureReady: + description: InfrastructureReady is the state of the infrastructure + provider. + type: boolean + nodeRefs: + description: NodeRefs will point to the corresponding Nodes if it + they exist. + items: + description: "ObjectReference contains enough information to let + you inspect or modify the referred object. --- New uses of this + type are discouraged because of difficulty describing its usage + when embedded in APIs. 1. Ignored fields. It includes many fields + which are not generally honored. For instance, ResourceVersion + and FieldPath are both very rarely valid in actual usage. 2. Invalid + usage help. It is impossible to add specific help for individual + usage. In most embedded usages, there are particular restrictions + like, \"must refer only to types A and B\" or \"UID not honored\" + or \"name must be restricted\". Those cannot be well described + when embedded. 3. Inconsistent validation. Because the usages + are different, the validation rules are different by usage, which + makes it hard for users to predict what will happen. 4. The fields + are both imprecise and overly precise. Kind is not a precise + mapping to a URL. This can produce ambiguity during interpretation + and require a REST mapping. In most cases, the dependency is + on the group,resource tuple and the version of the actual struct + is irrelevant. 5. We cannot easily change it. Because this type + is embedded in many locations, updates to this type will affect + numerous schemas. Don't make new APIs embed an underspecified + API type they do not control. \n Instead of using this type, create + a locally provided and used type that is well-focused on your + reference. For example, ServiceReferences for admission registration: + https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 + ." + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + type: array + observedGeneration: + description: ObservedGeneration is the latest generation observed + by the controller. + format: int64 + type: integer + phase: + description: Phase represents the current phase of cluster actuation. + E.g. Pending, Running, Terminating, Failed etc. + type: string + readyReplicas: + description: The number of ready replicas for this MachinePool. A + machine is considered ready when the node has been created and is + "Ready". + format: int32 + type: integer + replicas: + description: Replicas is the most recently observed number of replicas. + format: int32 + type: integer + unavailableReplicas: + description: Total number of unavailable machine instances targeted + by this machine pool. This is the total number of machine instances + that are still required for the machine pool to have 100% available + capacity. They may either be machine instances that are running + but not yet available or machine instances that still have not been + created. + format: int32 + type: integer + type: object + type: object + served: true + storage: true + subresources: + scale: + specReplicasPath: .spec.replicas + statusReplicasPath: .status.replicas + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: capi-system/capi-serving-cert + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: cluster-api + clusterctl.cluster.x-k8s.io: "" + name: machines.cluster.x-k8s.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + caBundle: Cg== + service: + name: capi-webhook-service + namespace: capi-system + path: /convert + conversionReviewVersions: + - v1 + - v1beta1 + group: cluster.x-k8s.io + names: + categories: + - cluster-api + kind: Machine + listKind: MachineList + plural: machines + shortNames: + - ma + singular: machine + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Cluster + jsonPath: .spec.clusterName + name: Cluster + type: string + - description: Time duration since creation of Machine + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Provider ID + jsonPath: .spec.providerID + name: ProviderID + type: string + - description: Machine status such as Terminating/Pending/Running/Failed etc + jsonPath: .status.phase + name: Phase + type: string + - description: Kubernetes version associated with this Machine + jsonPath: .spec.version + name: Version + type: string + - description: Node name associated with this machine + jsonPath: .status.nodeRef.name + name: NodeName + priority: 1 + type: string + deprecated: true + name: v1alpha4 + schema: + openAPIV3Schema: + description: "Machine is the Schema for the machines API. \n Deprecated: This + type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MachineSpec defines the desired state of Machine. + properties: + bootstrap: + description: Bootstrap is a reference to a local struct which encapsulates + fields to configure the Machine’s bootstrapping mechanism. + properties: + configRef: + description: ConfigRef is a reference to a bootstrap provider-specific + resource that holds configuration details. The reference is + optional to allow users/operators to specify Bootstrap.DataSecretName + without the need of a controller. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part + of an object. TODO: this design is not final and this field + is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + dataSecretName: + description: DataSecretName is the name of the secret that stores + the bootstrap data script. If nil, the Machine should remain + in the Pending state. + type: string + type: object + clusterName: + description: ClusterName is the name of the Cluster this object belongs + to. + minLength: 1 + type: string + failureDomain: + description: FailureDomain is the failure domain the machine will + be created in. Must match a key in the FailureDomains map stored + on the cluster object. + type: string + infrastructureRef: + description: InfrastructureRef is a required reference to a custom + resource offered by an infrastructure provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time that the + controller will spend on draining a node. The default value is 0, + meaning that the node can be drained without any time limitations. + NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`' + type: string + providerID: + description: ProviderID is the identification ID of the machine provided + by the provider. This field must match the provider ID as seen on + the node object corresponding to this machine. This field is required + by higher level consumers of cluster-api. Example use case is cluster + autoscaler with cluster-api as provider. Clean-up logic in the autoscaler + compares machines to nodes to find out machines at provider which + could not get registered as Kubernetes nodes. With cluster-api as + a generic out-of-tree provider for autoscaler, this field is required + by autoscaler to be able to have a provider view of the list of + machines. Another list of nodes is queried from the k8s apiserver + and then a comparison is done to find out unregistered machines + and are marked for delete. This field will be set by the actuators + and consumed by higher level entities like autoscaler that will + be interfacing with cluster-api as generic provider. + type: string + version: + description: Version defines the desired Kubernetes version. This + field is meant to be optionally used by bootstrap providers. + type: string + required: + - bootstrap + - clusterName + - infrastructureRef + type: object + status: + description: MachineStatus defines the observed state of Machine. + properties: + addresses: + description: Addresses is a list of addresses assigned to the machine. + This field is copied from the infrastructure provider reference. + items: + description: MachineAddress contains information for the node's + address. + properties: + address: + description: The machine address. + type: string + type: + description: Machine address type, one of Hostname, ExternalIP + or InternalIP. + type: string + required: + - address + - type + type: object + type: array + bootstrapReady: + description: BootstrapReady is the state of the bootstrap provider. + type: boolean + conditions: + description: Conditions defines current service state of the Machine. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - status + - type + type: object + type: array + failureMessage: + description: "FailureMessage will be set in the event that there is + a terminal problem reconciling the Machine and will contain a more + verbose string suitable for logging and human consumption. \n This + field should not be set for transitive errors that a controller + faces that are expected to be fixed automatically over time (like + service outages), but instead indicate that something is fundamentally + wrong with the Machine's spec or the configuration of the controller, + and that manual intervention is required. Examples of terminal errors + would be invalid combinations of settings in the spec, values that + are unsupported by the controller, or the responsible controller + itself being critically misconfigured. \n Any transient errors that + occur during the reconciliation of Machines can be added as events + to the Machine object and/or logged in the controller's output." + type: string + failureReason: + description: "FailureReason will be set in the event that there is + a terminal problem reconciling the Machine and will contain a succinct + value suitable for machine interpretation. \n This field should + not be set for transitive errors that a controller faces that are + expected to be fixed automatically over time (like service outages), + but instead indicate that something is fundamentally wrong with + the Machine's spec or the configuration of the controller, and that + manual intervention is required. Examples of terminal errors would + be invalid combinations of settings in the spec, values that are + unsupported by the controller, or the responsible controller itself + being critically misconfigured. \n Any transient errors that occur + during the reconciliation of Machines can be added as events to + the Machine object and/or logged in the controller's output." + type: string + infrastructureReady: + description: InfrastructureReady is the state of the infrastructure + provider. + type: boolean + lastUpdated: + description: LastUpdated identifies when the phase of the Machine + last transitioned. + format: date-time + type: string + nodeInfo: + description: 'NodeInfo is a set of ids/uuids to uniquely identify + the node. More info: https://kubernetes.io/docs/concepts/nodes/node/#info' + properties: + architecture: + description: The Architecture reported by the node + type: string + bootID: + description: Boot ID reported by the node. + type: string + containerRuntimeVersion: + description: ContainerRuntime Version reported by the node through + runtime remote API (e.g. containerd://1.4.2). + type: string + kernelVersion: + description: Kernel Version reported by the node from 'uname -r' + (e.g. 3.16.0-0.bpo.4-amd64). + type: string + kubeProxyVersion: + description: KubeProxy Version reported by the node. + type: string + kubeletVersion: + description: Kubelet Version reported by the node. + type: string + machineID: + description: 'MachineID reported by the node. For unique machine + identification in the cluster this field is preferred. Learn + more from man(5) machine-id: http://man7.org/linux/man-pages/man5/machine-id.5.html' + type: string + operatingSystem: + description: The Operating System reported by the node + type: string + osImage: + description: OS Image reported by the node from /etc/os-release + (e.g. Debian GNU/Linux 7 (wheezy)). + type: string + systemUUID: + description: SystemUUID reported by the node. For unique machine + identification MachineID is preferred. This field is specific + to Red Hat hosts https://access.redhat.com/documentation/en-us/red_hat_subscription_management/1/html/rhsm/uuid + type: string + required: + - architecture + - bootID + - containerRuntimeVersion + - kernelVersion + - kubeProxyVersion + - kubeletVersion + - machineID + - operatingSystem + - osImage + - systemUUID + type: object + nodeRef: + description: NodeRef will point to the corresponding Node if it exists. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + observedGeneration: + description: ObservedGeneration is the latest generation observed + by the controller. + format: int64 + type: integer + phase: + description: Phase represents the current phase of machine actuation. + E.g. Pending, Running, Terminating, Failed etc. + type: string + version: + description: Version specifies the current version of Kubernetes running + on the corresponding Node. This is meant to be a means of bubbling + up status from the Node to the Machine. It is entirely optional, + but useful for end-user UX if it’s present. + type: string + type: object + type: object + served: false + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - description: Cluster + jsonPath: .spec.clusterName + name: Cluster + type: string + - description: Node name associated with this machine + jsonPath: .status.nodeRef.name + name: NodeName + type: string + - description: Provider ID + jsonPath: .spec.providerID + name: ProviderID + type: string + - description: Machine status such as Terminating/Pending/Running/Failed etc + jsonPath: .status.phase + name: Phase + type: string + - description: Time duration since creation of Machine + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Kubernetes version associated with this Machine + jsonPath: .spec.version + name: Version + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: Machine is the Schema for the machines API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MachineSpec defines the desired state of Machine. + properties: + bootstrap: + description: Bootstrap is a reference to a local struct which encapsulates + fields to configure the Machine’s bootstrapping mechanism. + properties: + configRef: + description: ConfigRef is a reference to a bootstrap provider-specific + resource that holds configuration details. The reference is + optional to allow users/operators to specify Bootstrap.DataSecretName + without the need of a controller. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part + of an object. TODO: this design is not final and this field + is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + dataSecretName: + description: DataSecretName is the name of the secret that stores + the bootstrap data script. If nil, the Machine should remain + in the Pending state. + type: string + type: object + clusterName: + description: ClusterName is the name of the Cluster this object belongs + to. + minLength: 1 + type: string + failureDomain: + description: FailureDomain is the failure domain the machine will + be created in. Must match a key in the FailureDomains map stored + on the cluster object. + type: string + infrastructureRef: + description: InfrastructureRef is a required reference to a custom + resource offered by an infrastructure provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + nodeDeletionTimeout: + description: NodeDeletionTimeout defines how long the controller will + attempt to delete the Node that the Machine hosts after the Machine + is marked for deletion. A duration of 0 will retry deletion indefinitely. + Defaults to 10 seconds. + type: string + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time that the + controller will spend on draining a node. The default value is 0, + meaning that the node can be drained without any time limitations. + NOTE: NodeDrainTimeout is different from `kubectl drain --timeout`' + type: string + nodeVolumeDetachTimeout: + description: NodeVolumeDetachTimeout is the total amount of time that + the controller will spend on waiting for all volumes to be detached. + The default value is 0, meaning that the volumes can be detached + without any time limitations. + type: string + providerID: + description: ProviderID is the identification ID of the machine provided + by the provider. This field must match the provider ID as seen on + the node object corresponding to this machine. This field is required + by higher level consumers of cluster-api. Example use case is cluster + autoscaler with cluster-api as provider. Clean-up logic in the autoscaler + compares machines to nodes to find out machines at provider which + could not get registered as Kubernetes nodes. With cluster-api as + a generic out-of-tree provider for autoscaler, this field is required + by autoscaler to be able to have a provider view of the list of + machines. Another list of nodes is queried from the k8s apiserver + and then a comparison is done to find out unregistered machines + and are marked for delete. This field will be set by the actuators + and consumed by higher level entities like autoscaler that will + be interfacing with cluster-api as generic provider. + type: string + version: + description: Version defines the desired Kubernetes version. This + field is meant to be optionally used by bootstrap providers. + type: string + required: + - bootstrap + - clusterName + - infrastructureRef + type: object + status: + description: MachineStatus defines the observed state of Machine. + properties: + addresses: + description: Addresses is a list of addresses assigned to the machine. + This field is copied from the infrastructure provider reference. + items: + description: MachineAddress contains information for the node's + address. + properties: + address: + description: The machine address. + type: string + type: + description: Machine address type, one of Hostname, ExternalIP, + InternalIP, ExternalDNS or InternalDNS. + type: string + required: + - address + - type + type: object + type: array + bootstrapReady: + description: BootstrapReady is the state of the bootstrap provider. + type: boolean + certificatesExpiryDate: + description: CertificatesExpiryDate is the expiry date of the machine + certificates. This value is only set for control plane machines. + format: date-time + type: string + conditions: + description: Conditions defines current service state of the Machine. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + failureMessage: + description: "FailureMessage will be set in the event that there is + a terminal problem reconciling the Machine and will contain a more + verbose string suitable for logging and human consumption. \n This + field should not be set for transitive errors that a controller + faces that are expected to be fixed automatically over time (like + service outages), but instead indicate that something is fundamentally + wrong with the Machine's spec or the configuration of the controller, + and that manual intervention is required. Examples of terminal errors + would be invalid combinations of settings in the spec, values that + are unsupported by the controller, or the responsible controller + itself being critically misconfigured. \n Any transient errors that + occur during the reconciliation of Machines can be added as events + to the Machine object and/or logged in the controller's output." + type: string + failureReason: + description: "FailureReason will be set in the event that there is + a terminal problem reconciling the Machine and will contain a succinct + value suitable for machine interpretation. \n This field should + not be set for transitive errors that a controller faces that are + expected to be fixed automatically over time (like service outages), + but instead indicate that something is fundamentally wrong with + the Machine's spec or the configuration of the controller, and that + manual intervention is required. Examples of terminal errors would + be invalid combinations of settings in the spec, values that are + unsupported by the controller, or the responsible controller itself + being critically misconfigured. \n Any transient errors that occur + during the reconciliation of Machines can be added as events to + the Machine object and/or logged in the controller's output." + type: string + infrastructureReady: + description: InfrastructureReady is the state of the infrastructure + provider. + type: boolean + lastUpdated: + description: LastUpdated identifies when the phase of the Machine + last transitioned. + format: date-time + type: string + nodeInfo: + description: 'NodeInfo is a set of ids/uuids to uniquely identify + the node. More info: https://kubernetes.io/docs/concepts/nodes/node/#info' + properties: + architecture: + description: The Architecture reported by the node + type: string + bootID: + description: Boot ID reported by the node. + type: string + containerRuntimeVersion: + description: ContainerRuntime Version reported by the node through + runtime remote API (e.g. containerd://1.4.2). + type: string + kernelVersion: + description: Kernel Version reported by the node from 'uname -r' + (e.g. 3.16.0-0.bpo.4-amd64). + type: string + kubeProxyVersion: + description: KubeProxy Version reported by the node. + type: string + kubeletVersion: + description: Kubelet Version reported by the node. + type: string + machineID: + description: 'MachineID reported by the node. For unique machine + identification in the cluster this field is preferred. Learn + more from man(5) machine-id: http://man7.org/linux/man-pages/man5/machine-id.5.html' + type: string + operatingSystem: + description: The Operating System reported by the node + type: string + osImage: + description: OS Image reported by the node from /etc/os-release + (e.g. Debian GNU/Linux 7 (wheezy)). + type: string + systemUUID: + description: SystemUUID reported by the node. For unique machine + identification MachineID is preferred. This field is specific + to Red Hat hosts https://access.redhat.com/documentation/en-us/red_hat_subscription_management/1/html/rhsm/uuid + type: string + required: + - architecture + - bootID + - containerRuntimeVersion + - kernelVersion + - kubeProxyVersion + - kubeletVersion + - machineID + - operatingSystem + - osImage + - systemUUID + type: object + nodeRef: + description: NodeRef will point to the corresponding Node if it exists. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + observedGeneration: + description: ObservedGeneration is the latest generation observed + by the controller. + format: int64 + type: integer + phase: + description: Phase represents the current phase of machine actuation. + E.g. Pending, Running, Terminating, Failed etc. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: capi-system/capi-serving-cert + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: cluster-api + clusterctl.cluster.x-k8s.io: "" + name: machinesets.cluster.x-k8s.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + caBundle: Cg== + service: + name: capi-webhook-service + namespace: capi-system + path: /convert + conversionReviewVersions: + - v1 + - v1beta1 + group: cluster.x-k8s.io + names: + categories: + - cluster-api + kind: MachineSet + listKind: MachineSetList + plural: machinesets + shortNames: + - ms + singular: machineset + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Cluster + jsonPath: .spec.clusterName + name: Cluster + type: string + - description: Time duration since creation of MachineSet + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Total number of non-terminated machines targeted by this machineset + jsonPath: .status.replicas + name: Replicas + type: integer + - description: Total number of available machines (ready for at least minReadySeconds) + jsonPath: .status.availableReplicas + name: Available + type: integer + - description: Total number of ready machines targeted by this machineset. + jsonPath: .status.readyReplicas + name: Ready + type: integer + deprecated: true + name: v1alpha4 + schema: + openAPIV3Schema: + description: "MachineSet is the Schema for the machinesets API. \n Deprecated: + This type will be removed in one of the next releases." + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MachineSetSpec defines the desired state of MachineSet. + properties: + clusterName: + description: ClusterName is the name of the Cluster this object belongs + to. + minLength: 1 + type: string + deletePolicy: + description: DeletePolicy defines the policy used to identify nodes + to delete when downscaling. Defaults to "Random". Valid values + are "Random, "Newest", "Oldest" + enum: + - Random + - Newest + - Oldest + type: string + minReadySeconds: + description: MinReadySeconds is the minimum number of seconds for + which a newly created machine should be ready. Defaults to 0 (machine + will be considered available as soon as it is ready) + format: int32 + type: integer + replicas: + default: 1 + description: Replicas is the number of desired replicas. This is a + pointer to distinguish between explicit zero and unspecified. Defaults + to 1. + format: int32 + type: integer + selector: + description: 'Selector is a label query over machines that should + match the replica count. Label keys and values that must match in + order to be controlled by this MachineSet. It must match the machine + template''s labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors' + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + template: + description: Template is the object that describes the machine that + will be created if insufficient replicas are detected. Object references + to custom resources are treated as templates. + properties: + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not queryable + and should be preserved when modifying objects. More info: + http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used + to organize and categorize (scope and select) objects. May + match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: 'Specification of the desired behavior of the machine. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + bootstrap: + description: Bootstrap is a reference to a local struct which + encapsulates fields to configure the Machine’s bootstrapping + mechanism. + properties: + configRef: + description: ConfigRef is a reference to a bootstrap provider-specific + resource that holds configuration details. The reference + is optional to allow users/operators to specify Bootstrap.DataSecretName + without the need of a controller. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only + to have some well-defined way of referencing a part + of an object. TODO: this design is not final and + this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + dataSecretName: + description: DataSecretName is the name of the secret + that stores the bootstrap data script. If nil, the Machine + should remain in the Pending state. + type: string + type: object + clusterName: + description: ClusterName is the name of the Cluster this object + belongs to. + minLength: 1 + type: string + failureDomain: + description: FailureDomain is the failure domain the machine + will be created in. Must match a key in the FailureDomains + map stored on the cluster object. + type: string + infrastructureRef: + description: InfrastructureRef is a required reference to + a custom resource offered by an infrastructure provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that + triggered the event) or if no container name is specified + "spec.containers[2]" (container with index 2 in this + pod). This syntax is chosen only to have some well-defined + way of referencing a part of an object. TODO: this design + is not final and this field is subject to change in + the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time + that the controller will spend on draining a node. The default + value is 0, meaning that the node can be drained without + any time limitations. NOTE: NodeDrainTimeout is different + from `kubectl drain --timeout`' + type: string + providerID: + description: ProviderID is the identification ID of the machine + provided by the provider. This field must match the provider + ID as seen on the node object corresponding to this machine. + This field is required by higher level consumers of cluster-api. + Example use case is cluster autoscaler with cluster-api + as provider. Clean-up logic in the autoscaler compares machines + to nodes to find out machines at provider which could not + get registered as Kubernetes nodes. With cluster-api as + a generic out-of-tree provider for autoscaler, this field + is required by autoscaler to be able to have a provider + view of the list of machines. Another list of nodes is queried + from the k8s apiserver and then a comparison is done to + find out unregistered machines and are marked for delete. + This field will be set by the actuators and consumed by + higher level entities like autoscaler that will be interfacing + with cluster-api as generic provider. + type: string + version: + description: Version defines the desired Kubernetes version. + This field is meant to be optionally used by bootstrap providers. + type: string + required: + - bootstrap + - clusterName + - infrastructureRef + type: object + type: object + required: + - clusterName + - selector + type: object + status: + description: MachineSetStatus defines the observed state of MachineSet. + properties: + availableReplicas: + description: The number of available replicas (ready for at least + minReadySeconds) for this MachineSet. + format: int32 + type: integer + conditions: + description: Conditions defines current service state of the MachineSet. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - status + - type + type: object + type: array + failureMessage: + type: string + failureReason: + description: "In the event that there is a terminal problem reconciling + the replicas, both FailureReason and FailureMessage will be set. + FailureReason will be populated with a succinct value suitable for + machine interpretation, while FailureMessage will contain a more + verbose string suitable for logging and human consumption. \n These + fields should not be set for transitive errors that a controller + faces that are expected to be fixed automatically over time (like + service outages), but instead indicate that something is fundamentally + wrong with the MachineTemplate's spec or the configuration of the + machine controller, and that manual intervention is required. Examples + of terminal errors would be invalid combinations of settings in + the spec, values that are unsupported by the machine controller, + or the responsible machine controller itself being critically misconfigured. + \n Any transient errors that occur during the reconciliation of + Machines can be added as events to the MachineSet object and/or + logged in the controller's output." + type: string + fullyLabeledReplicas: + description: The number of replicas that have labels matching the + labels of the machine template of the MachineSet. + format: int32 + type: integer + observedGeneration: + description: ObservedGeneration reflects the generation of the most + recently observed MachineSet. + format: int64 + type: integer + readyReplicas: + description: The number of ready replicas for this MachineSet. A machine + is considered ready when the node has been created and is "Ready". + format: int32 + type: integer + replicas: + description: Replicas is the most recently observed number of replicas. + format: int32 + type: integer + selector: + description: 'Selector is the same as the label selector but in the + string format to avoid introspection by clients. The string will + be in the same format as the query-param syntax. More info about + label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors' + type: string + type: object + type: object + served: false + storage: false + subresources: + scale: + labelSelectorPath: .status.selector + specReplicasPath: .spec.replicas + statusReplicasPath: .status.replicas + status: {} + - additionalPrinterColumns: + - description: Cluster + jsonPath: .spec.clusterName + name: Cluster + type: string + - description: Total number of machines desired by this machineset + jsonPath: .spec.replicas + name: Desired + priority: 10 + type: integer + - description: Total number of non-terminated machines targeted by this machineset + jsonPath: .status.replicas + name: Replicas + type: integer + - description: Total number of ready machines targeted by this machineset. + jsonPath: .status.readyReplicas + name: Ready + type: integer + - description: Total number of available machines (ready for at least minReadySeconds) + jsonPath: .status.availableReplicas + name: Available + type: integer + - description: Time duration since creation of MachineSet + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Kubernetes version associated with this MachineSet + jsonPath: .spec.template.spec.version + name: Version + type: string + name: v1beta1 + schema: + openAPIV3Schema: + description: MachineSet is the Schema for the machinesets API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MachineSetSpec defines the desired state of MachineSet. + properties: + clusterName: + description: ClusterName is the name of the Cluster this object belongs + to. + minLength: 1 + type: string + deletePolicy: + description: DeletePolicy defines the policy used to identify nodes + to delete when downscaling. Defaults to "Random". Valid values + are "Random, "Newest", "Oldest" + enum: + - Random + - Newest + - Oldest + type: string + minReadySeconds: + description: MinReadySeconds is the minimum number of seconds for + which a Node for a newly created machine should be ready before + considering the replica available. Defaults to 0 (machine will be + considered available as soon as the Node is ready) + format: int32 + type: integer + replicas: + default: 1 + description: Replicas is the number of desired replicas. This is a + pointer to distinguish between explicit zero and unspecified. Defaults + to 1. + format: int32 + type: integer + selector: + description: 'Selector is a label query over machines that should + match the replica count. Label keys and values that must match in + order to be controlled by this MachineSet. It must match the machine + template''s labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors' + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + template: + description: Template is the object that describes the machine that + will be created if insufficient replicas are detected. Object references + to custom resources are treated as templates. + properties: + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not queryable + and should be preserved when modifying objects. More info: + http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used + to organize and categorize (scope and select) objects. May + match selectors of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: 'Specification of the desired behavior of the machine. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + bootstrap: + description: Bootstrap is a reference to a local struct which + encapsulates fields to configure the Machine’s bootstrapping + mechanism. + properties: + configRef: + description: ConfigRef is a reference to a bootstrap provider-specific + resource that holds configuration details. The reference + is optional to allow users/operators to specify Bootstrap.DataSecretName + without the need of a controller. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only + to have some well-defined way of referencing a part + of an object. TODO: this design is not final and + this field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + dataSecretName: + description: DataSecretName is the name of the secret + that stores the bootstrap data script. If nil, the Machine + should remain in the Pending state. + type: string + type: object + clusterName: + description: ClusterName is the name of the Cluster this object + belongs to. + minLength: 1 + type: string + failureDomain: + description: FailureDomain is the failure domain the machine + will be created in. Must match a key in the FailureDomains + map stored on the cluster object. + type: string + infrastructureRef: + description: InfrastructureRef is a required reference to + a custom resource offered by an infrastructure provider. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that + triggered the event) or if no container name is specified + "spec.containers[2]" (container with index 2 in this + pod). This syntax is chosen only to have some well-defined + way of referencing a part of an object. TODO: this design + is not final and this field is subject to change in + the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + nodeDeletionTimeout: + description: NodeDeletionTimeout defines how long the controller + will attempt to delete the Node that the Machine hosts after + the Machine is marked for deletion. A duration of 0 will + retry deletion indefinitely. Defaults to 10 seconds. + type: string + nodeDrainTimeout: + description: 'NodeDrainTimeout is the total amount of time + that the controller will spend on draining a node. The default + value is 0, meaning that the node can be drained without + any time limitations. NOTE: NodeDrainTimeout is different + from `kubectl drain --timeout`' + type: string + nodeVolumeDetachTimeout: + description: NodeVolumeDetachTimeout is the total amount of + time that the controller will spend on waiting for all volumes + to be detached. The default value is 0, meaning that the + volumes can be detached without any time limitations. + type: string + providerID: + description: ProviderID is the identification ID of the machine + provided by the provider. This field must match the provider + ID as seen on the node object corresponding to this machine. + This field is required by higher level consumers of cluster-api. + Example use case is cluster autoscaler with cluster-api + as provider. Clean-up logic in the autoscaler compares machines + to nodes to find out machines at provider which could not + get registered as Kubernetes nodes. With cluster-api as + a generic out-of-tree provider for autoscaler, this field + is required by autoscaler to be able to have a provider + view of the list of machines. Another list of nodes is queried + from the k8s apiserver and then a comparison is done to + find out unregistered machines and are marked for delete. + This field will be set by the actuators and consumed by + higher level entities like autoscaler that will be interfacing + with cluster-api as generic provider. + type: string + version: + description: Version defines the desired Kubernetes version. + This field is meant to be optionally used by bootstrap providers. + type: string + required: + - bootstrap + - clusterName + - infrastructureRef + type: object + type: object + required: + - clusterName + - selector + type: object + status: + description: MachineSetStatus defines the observed state of MachineSet. + properties: + availableReplicas: + description: The number of available replicas (ready for at least + minReadySeconds) for this MachineSet. + format: int32 + type: integer + conditions: + description: Conditions defines current service state of the MachineSet. + items: + description: Condition defines an observation of a Cluster API resource + operational state. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. This should be when the underlying condition changed. + If that is not known, then using the time when the API field + changed is acceptable. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. This field may be empty. + type: string + reason: + description: The reason for the condition's last transition + in CamelCase. The specific API may choose whether or not this + field is considered a guaranteed API. This field may not be + empty. + type: string + severity: + description: Severity provides an explicit classification of + Reason code, so the users or machines can immediately understand + the current situation and act accordingly. The Severity field + MUST be set only when Status=False. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition in CamelCase or in foo.example.com/CamelCase. + Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. + type: string + required: + - lastTransitionTime + - status + - type + type: object + type: array + failureMessage: + type: string + failureReason: + description: "In the event that there is a terminal problem reconciling + the replicas, both FailureReason and FailureMessage will be set. + FailureReason will be populated with a succinct value suitable for + machine interpretation, while FailureMessage will contain a more + verbose string suitable for logging and human consumption. \n These + fields should not be set for transitive errors that a controller + faces that are expected to be fixed automatically over time (like + service outages), but instead indicate that something is fundamentally + wrong with the MachineTemplate's spec or the configuration of the + machine controller, and that manual intervention is required. Examples + of terminal errors would be invalid combinations of settings in + the spec, values that are unsupported by the machine controller, + or the responsible machine controller itself being critically misconfigured. + \n Any transient errors that occur during the reconciliation of + Machines can be added as events to the MachineSet object and/or + logged in the controller's output." + type: string + fullyLabeledReplicas: + description: The number of replicas that have labels matching the + labels of the machine template of the MachineSet. + format: int32 + type: integer + observedGeneration: + description: ObservedGeneration reflects the generation of the most + recently observed MachineSet. + format: int64 + type: integer + readyReplicas: + description: The number of ready replicas for this MachineSet. A machine + is considered ready when the node has been created and is "Ready". + format: int32 + type: integer + replicas: + description: Replicas is the most recently observed number of replicas. + format: int32 + type: integer + selector: + description: 'Selector is the same as the label selector but in the + string format to avoid introspection by clients. The string will + be in the same format as the query-param syntax. More info about + label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors' + type: string + type: object + type: object + served: true + storage: true + subresources: + scale: + labelSelectorPath: .status.selector + specReplicasPath: .spec.replicas + statusReplicasPath: .status.replicas + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + cluster.x-k8s.io/provider: cluster-api + clusterctl.cluster.x-k8s.io: "" + name: capi-manager + namespace: capi-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + labels: + cluster.x-k8s.io/provider: cluster-api + clusterctl.cluster.x-k8s.io: "" + name: capi-leader-election-role + namespace: capi-system +rules: +- apiGroups: + - "" + resources: + - events + verbs: + - create +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +--- +aggregationRule: + clusterRoleSelectors: + - matchLabels: + cluster.x-k8s.io/aggregate-to-manager: "true" +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + cluster.x-k8s.io/provider: cluster-api + clusterctl.cluster.x-k8s.io: "" + name: capi-aggregated-manager-role +rules: [] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + cluster.x-k8s.io/aggregate-to-manager: "true" + cluster.x-k8s.io/provider: cluster-api + clusterctl.cluster.x-k8s.io: "" + name: capi-manager-role +rules: +- apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - list + - watch +- apiGroups: + - addons.cluster.x-k8s.io + resources: + - '*' + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - addons.cluster.x-k8s.io + resources: + - clusterresourcesets/finalizers + - clusterresourcesets/status + verbs: + - get + - patch + - update +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - get + - list + - watch +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +- apiGroups: + - bootstrap.cluster.x-k8s.io + - controlplane.cluster.x-k8s.io + - infrastructure.cluster.x-k8s.io + resources: + - '*' + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - bootstrap.cluster.x-k8s.io + - infrastructure.cluster.x-k8s.io + resources: + - '*' + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - cluster.x-k8s.io + resources: + - clusterclasses + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - cluster.x-k8s.io + resources: + - clusterclasses + - clusterclasses/status + verbs: + - get + - list + - patch + - update + - watch +- apiGroups: + - cluster.x-k8s.io + resources: + - clusters + verbs: + - get + - list + - watch +- apiGroups: + - cluster.x-k8s.io + resources: + - clusters + - clusters/finalizers + - clusters/status + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - cluster.x-k8s.io + resources: + - clusters + - clusters/status + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - cluster.x-k8s.io + resources: + - machinedeployments + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - cluster.x-k8s.io + resources: + - machinedeployments + - machinedeployments/finalizers + verbs: + - get + - list + - patch + - update + - watch +- apiGroups: + - cluster.x-k8s.io + resources: + - machinedeployments + - machinedeployments/finalizers + - machinedeployments/status + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - cluster.x-k8s.io + resources: + - machinehealthchecks + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - cluster.x-k8s.io + resources: + - machinehealthchecks + - machinehealthchecks/finalizers + - machinehealthchecks/status + verbs: + - get + - list + - patch + - update + - watch +- apiGroups: + - cluster.x-k8s.io + resources: + - machinepools + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - cluster.x-k8s.io + resources: + - machinepools + - machinepools/finalizers + - machinepools/status + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - cluster.x-k8s.io + resources: + - machines + - machines/finalizers + - machines/status + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - cluster.x-k8s.io + resources: + - machines + - machines/status + verbs: + - delete + - get + - list + - watch +- apiGroups: + - cluster.x-k8s.io + resources: + - machinesets + verbs: + - get + - list + - watch +- apiGroups: + - cluster.x-k8s.io + resources: + - machinesets + - machinesets/finalizers + verbs: + - get + - list + - patch + - update + - watch +- apiGroups: + - cluster.x-k8s.io + resources: + - machinesets + - machinesets/finalizers + - machinesets/status + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - patch + - watch +- apiGroups: + - "" + resources: + - events + verbs: + - create + - get + - list + - patch + - watch +- apiGroups: + - "" + resources: + - nodes + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - patch + - watch +- apiGroups: + - ipam.cluster.x-k8s.io + resources: + - ipaddressclaims + verbs: + - get + - list + - watch +- apiGroups: + - runtime.cluster.x-k8s.io + resources: + - extensionconfigs + - extensionconfigs/status + verbs: + - get + - list + - patch + - update + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: cluster-api + clusterctl.cluster.x-k8s.io: "" + name: capi-leader-election-rolebinding + namespace: capi-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: capi-leader-election-role +subjects: +- kind: ServiceAccount + name: capi-manager + namespace: capi-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: cluster-api + clusterctl.cluster.x-k8s.io: "" + name: capi-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: capi-aggregated-manager-role +subjects: +- kind: ServiceAccount + name: capi-manager + namespace: capi-system +--- +apiVersion: v1 +kind: Service +metadata: + labels: + cluster.x-k8s.io/provider: cluster-api + clusterctl.cluster.x-k8s.io: "" + name: capi-webhook-service + namespace: capi-system +spec: + ports: + - port: 443 + targetPort: webhook-server + selector: + cluster.x-k8s.io/provider: cluster-api +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: cluster-api + clusterctl.cluster.x-k8s.io: "" + control-plane: controller-manager + name: capi-controller-manager + namespace: capi-system +spec: + replicas: 1 + selector: + matchLabels: + cluster.x-k8s.io/provider: cluster-api + control-plane: controller-manager + strategy: {} + template: + metadata: + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: cluster-api + control-plane: controller-manager + spec: + containers: + - args: + - --leader-elect + - --diagnostics-address=:8443 + - --insecure-diagnostics=false + - --feature-gates=MachinePool=false,ClusterResourceSet=false,ClusterTopology=false,RuntimeSDK=false,MachineSetPreflightChecks=false + command: + - /manager + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_UID + valueFrom: + fieldRef: + fieldPath: metadata.uid + image: registry.k8s.io/cluster-api/cluster-api-controller:v1.6.0 + imagePullPolicy: IfNotPresent + livenessProbe: + httpGet: + path: /healthz + port: healthz + name: manager + ports: + - containerPort: 9443 + name: webhook-server + protocol: TCP + - containerPort: 9440 + name: healthz + protocol: TCP + - containerPort: 8443 + name: metrics + protocol: TCP + readinessProbe: + httpGet: + path: /readyz + port: healthz + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + privileged: false + runAsGroup: 65532 + runAsUser: 65532 + volumeMounts: + - mountPath: /tmp/k8s-webhook-server/serving-certs + name: cert + readOnly: true + securityContext: + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + serviceAccountName: capi-manager + terminationGracePeriodSeconds: 10 + tolerations: + - effect: NoSchedule + key: node-role.kubernetes.io/master + - effect: NoSchedule + key: node-role.kubernetes.io/control-plane + volumes: + - name: cert + secret: + secretName: capi-webhook-service-cert +status: {} +--- +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + labels: + cluster.x-k8s.io/provider: cluster-api + clusterctl.cluster.x-k8s.io: "" + name: capi-serving-cert + namespace: capi-system +spec: + dnsNames: + - capi-webhook-service.capi-system.svc + - capi-webhook-service.capi-system.svc.cluster.local + issuerRef: + kind: Issuer + name: capi-selfsigned-issuer + secretName: capi-webhook-service-cert + subject: + organizations: + - k8s-sig-cluster-lifecycle +--- +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + labels: + cluster.x-k8s.io/provider: cluster-api + clusterctl.cluster.x-k8s.io: "" + name: capi-selfsigned-issuer + namespace: capi-system +spec: + selfSigned: {} +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: MutatingWebhookConfiguration +metadata: + annotations: + cert-manager.io/inject-ca-from: capi-system/capi-serving-cert + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: cluster-api + clusterctl.cluster.x-k8s.io: "" + name: capi-mutating-webhook-configuration +webhooks: +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /mutate-cluster-x-k8s-io-v1beta1-cluster + failurePolicy: Fail + matchPolicy: Equivalent + name: default.cluster.cluster.x-k8s.io + rules: + - apiGroups: + - cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - clusters + sideEffects: None +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /mutate-cluster-x-k8s-io-v1beta1-clusterclass + failurePolicy: Fail + matchPolicy: Equivalent + name: default.clusterclass.cluster.x-k8s.io + rules: + - apiGroups: + - cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - clusterclasses + sideEffects: None +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /mutate-cluster-x-k8s-io-v1beta1-machine + failurePolicy: Fail + matchPolicy: Equivalent + name: default.machine.cluster.x-k8s.io + rules: + - apiGroups: + - cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - machines + sideEffects: None +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /mutate-cluster-x-k8s-io-v1beta1-machinedeployment + failurePolicy: Fail + matchPolicy: Equivalent + name: default.machinedeployment.cluster.x-k8s.io + rules: + - apiGroups: + - cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - machinedeployments + sideEffects: None +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /mutate-cluster-x-k8s-io-v1beta1-machinehealthcheck + failurePolicy: Fail + matchPolicy: Equivalent + name: default.machinehealthcheck.cluster.x-k8s.io + rules: + - apiGroups: + - cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - machinehealthchecks + sideEffects: None +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /mutate-cluster-x-k8s-io-v1beta1-machineset + failurePolicy: Fail + matchPolicy: Equivalent + name: default.machineset.cluster.x-k8s.io + rules: + - apiGroups: + - cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - machinesets + sideEffects: None +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /mutate-runtime-cluster-x-k8s-io-v1alpha1-extensionconfig + failurePolicy: Fail + matchPolicy: Equivalent + name: default.extensionconfig.runtime.addons.cluster.x-k8s.io + rules: + - apiGroups: + - runtime.cluster.x-k8s.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - extensionconfigs + sideEffects: None +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /mutate-cluster-x-k8s-io-v1beta1-machinepool + failurePolicy: Fail + matchPolicy: Equivalent + name: default.machinepool.cluster.x-k8s.io + rules: + - apiGroups: + - cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - machinepools + sideEffects: None +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /mutate-addons-cluster-x-k8s-io-v1beta1-clusterresourceset + failurePolicy: Fail + matchPolicy: Equivalent + name: default.clusterresourceset.addons.cluster.x-k8s.io + rules: + - apiGroups: + - addons.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - clusterresourcesets + sideEffects: None +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration +metadata: + annotations: + cert-manager.io/inject-ca-from: capi-system/capi-serving-cert + creationTimestamp: null + labels: + cluster.x-k8s.io/provider: cluster-api + clusterctl.cluster.x-k8s.io: "" + name: capi-validating-webhook-configuration +webhooks: +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /validate-cluster-x-k8s-io-v1beta1-cluster + failurePolicy: Fail + matchPolicy: Equivalent + name: validation.cluster.cluster.x-k8s.io + rules: + - apiGroups: + - cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - clusters + sideEffects: None +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /validate-cluster-x-k8s-io-v1beta1-clusterclass + failurePolicy: Fail + matchPolicy: Equivalent + name: validation.clusterclass.cluster.x-k8s.io + rules: + - apiGroups: + - cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - clusterclasses + sideEffects: None +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /validate-cluster-x-k8s-io-v1beta1-machine + failurePolicy: Fail + matchPolicy: Equivalent + name: validation.machine.cluster.x-k8s.io + rules: + - apiGroups: + - cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - machines + sideEffects: None +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /validate-cluster-x-k8s-io-v1beta1-machinedeployment + failurePolicy: Fail + matchPolicy: Equivalent + name: validation.machinedeployment.cluster.x-k8s.io + rules: + - apiGroups: + - cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - machinedeployments + sideEffects: None +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /validate-cluster-x-k8s-io-v1beta1-machinehealthcheck + failurePolicy: Fail + matchPolicy: Equivalent + name: validation.machinehealthcheck.cluster.x-k8s.io + rules: + - apiGroups: + - cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - machinehealthchecks + sideEffects: None +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /validate-cluster-x-k8s-io-v1beta1-machineset + failurePolicy: Fail + matchPolicy: Equivalent + name: validation.machineset.cluster.x-k8s.io + rules: + - apiGroups: + - cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - machinesets + sideEffects: None +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /validate-runtime-cluster-x-k8s-io-v1alpha1-extensionconfig + failurePolicy: Fail + matchPolicy: Equivalent + name: validation.extensionconfig.runtime.cluster.x-k8s.io + rules: + - apiGroups: + - runtime.cluster.x-k8s.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - extensionconfigs + sideEffects: None +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /validate-cluster-x-k8s-io-v1beta1-machinepool + failurePolicy: Fail + matchPolicy: Equivalent + name: validation.machinepool.cluster.x-k8s.io + rules: + - apiGroups: + - cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - machinepools + sideEffects: None +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /validate-addons-cluster-x-k8s-io-v1beta1-clusterresourceset + failurePolicy: Fail + matchPolicy: Equivalent + name: validation.clusterresourceset.addons.cluster.x-k8s.io + rules: + - apiGroups: + - addons.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - clusterresourcesets + sideEffects: None +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /validate-addons-cluster-x-k8s-io-v1beta1-clusterresourcesetbinding + failurePolicy: Fail + matchPolicy: Equivalent + name: validation.clusterresourcesetbinding.addons.cluster.x-k8s.io + rules: + - apiGroups: + - addons.cluster.x-k8s.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - clusterresourcesetbindings + sideEffects: None +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /validate-ipam-cluster-x-k8s-io-v1alpha1-ipaddress + failurePolicy: Fail + matchPolicy: Equivalent + name: validation.ipaddress.ipam.cluster.x-k8s.io + rules: + - apiGroups: + - ipam.cluster.x-k8s.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - ipaddresses + sideEffects: None +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: capi-webhook-service + namespace: capi-system + path: /validate-ipam-cluster-x-k8s-io-v1alpha1-ipaddressclaim + failurePolicy: Fail + matchPolicy: Equivalent + name: validation.ipaddressclaim.ipam.cluster.x-k8s.io + rules: + - apiGroups: + - ipam.cluster.x-k8s.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - ipaddressclaims + sideEffects: None diff --git a/terraform/modules/authentik-config/main.tf b/terraform/modules/authentik-config/main.tf new file mode 100644 index 0000000..e69de29 diff --git a/terraform/modules/authentik-config/vars.tf b/terraform/modules/authentik-config/vars.tf new file mode 100644 index 0000000..8b13789 --- /dev/null +++ b/terraform/modules/authentik-config/vars.tf @@ -0,0 +1 @@ +