Upgrade CAPO to v0.4.0 supporting CAPI v1alpha4

* This commit upgrades CAPO to v0.4.0 to support v1alpha4
  and has dependent on CAPI upgrade.

Change-Id: Ib868d2697870dd60fca0be979c543c2c12ae08cb
Signed-off-by: bijayasharma <vetbijaya@gmail.com>
Relates-To: #612
This commit is contained in:
bijayasharma 2021-07-29 14:31:25 -04:00
parent bdeafa77b6
commit 2ca277b6d4
65 changed files with 5262 additions and 116 deletions

View File

@ -48,7 +48,7 @@ spec:
capo:
manager:
repository: gcr.io/k8s-staging-capi-openstack
tag: v20200707-v0.3.1
tag: v0.4.0
auth_proxy:
repository: gcr.io/kubebuilder
tag: v0.4.1

View File

@ -0,0 +1,24 @@
# The following manifests contain a self-signed issuer CR and a certificate CR.
# More document can be found at https://docs.cert-manager.io
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
name: selfsigned-issuer
namespace: system
spec:
selfSigned: {}
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml
namespace: system
spec:
# $(SERVICE_NAME) and $(SERVICE_NAMESPACE) will be substituted by kustomize
dnsNames:
- $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc
- $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc.cluster.local
issuerRef:
kind: Issuer
name: selfsigned-issuer
secretName: $(SERVICE_NAME)-cert # this secret will not be prefixed, since it's not managed by kustomize

View File

@ -0,0 +1,7 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- certificate.yaml
configurations:
- kustomizeconfig.yaml

View File

@ -0,0 +1,19 @@
# This configuration is for teaching kustomize how to update name ref and var substitution
nameReference:
- kind: Issuer
group: cert-manager.io
fieldSpecs:
- kind: Certificate
group: cert-manager.io
path: spec/issuerRef/name
varReference:
- kind: Certificate
group: cert-manager.io
path: spec/commonName
- kind: Certificate
group: cert-manager.io
path: spec/dnsNames
- kind: Certificate
group: cert-manager.io
path: spec/secretName

View File

@ -0,0 +1,646 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.5.0
creationTimestamp: null
name: openstackclustertemplates.infrastructure.cluster.x-k8s.io
spec:
group: infrastructure.cluster.x-k8s.io
names:
categories:
- cluster-api
kind: OpenStackClusterTemplate
listKind: OpenStackClusterTemplateList
plural: openstackclustertemplates
shortNames:
- osct
singular: openstackclustertemplate
scope: Namespaced
versions:
- name: v1alpha4
schema:
openAPIV3Schema:
description: OpenStackClusterTemplate is the Schema for the openstackclustertemplates
API.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: OpenStackClusterTemplateSpec defines the desired state of
OpenStackClusterTemplate.
properties:
template:
description: OpenStackClusterTemplateResource describes the data needed
to create a OpenStackCluster from a template.
properties:
spec:
description: OpenStackClusterSpec defines the desired state of
OpenStackCluster.
properties:
apiServerFloatingIP:
description: APIServerFloatingIP is the floatingIP which will
be associated to the APIServer. The floatingIP will be created
if it not already exists.
type: string
apiServerLoadBalancerAdditionalPorts:
description: APIServerLoadBalancerAdditionalPorts adds additional
ports to the APIServerLoadBalancer
items:
type: integer
type: array
apiServerPort:
description: APIServerPort is the port on which the listener
on the APIServer will be created
type: integer
bastion:
description: Bastion is the OpenStack instance to login the
nodes
properties:
availabilityZone:
type: string
enabled:
type: boolean
instance:
description: Instance for the bastion itself
properties:
cloudName:
description: The name of the cloud to use from the
clouds secret
type: string
configDrive:
description: Config Drive support
type: boolean
flavor:
description: The flavor reference for the flavor for
your server instance.
type: string
floatingIP:
description: The floatingIP which will be associated
to the machine, only used for master. The floatingIP
should have been created and haven't been associated.
type: string
identityRef:
description: IdentityRef is a reference to a identity
to be used when reconciling this cluster
properties:
kind:
description: Kind of the identity. Must be supported
by the infrastructure provider and may be either
cluster or namespace-scoped.
minLength: 1
type: string
name:
description: Name of the infrastructure identity
to be used. Must be either a cluster-scoped
resource, or namespaced-scoped resource the
same namespace as the resource(s) being provisioned.
type: string
required:
- kind
- name
type: object
image:
description: The name of the image to use for your
server instance. If the RootVolume is specified,
this will be ignored and use rootVolume directly.
type: string
instanceID:
description: InstanceID is the OpenStack instance
ID for this machine.
type: string
networks:
description: A networks object. Required parameter
when there are multiple networks defined for the
tenant. When you do not specify both networks and
ports parameters, the server attaches to the only
network created for the current tenant.
items:
properties:
filter:
description: Filters for optional network query
properties:
adminStateUp:
type: boolean
description:
type: string
id:
type: string
limit:
type: integer
marker:
type: string
name:
type: string
notTags:
type: string
notTagsAny:
type: string
projectId:
type: string
shared:
type: boolean
sortDir:
type: string
sortKey:
type: string
status:
type: string
tags:
type: string
tagsAny:
type: string
tenantId:
type: string
type: object
fixedIP:
description: A fixed IPv4 address for the NIC.
type: string
subnets:
description: Subnet within a network to use
items:
properties:
filter:
description: Filters for optional network
query
properties:
cidr:
type: string
description:
type: string
enableDhcp:
type: boolean
gateway_ip:
type: string
id:
type: string
ipVersion:
type: integer
ipv6AddressMode:
type: string
ipv6RaMode:
type: string
limit:
type: integer
marker:
type: string
name:
type: string
networkId:
type: string
notTags:
type: string
notTagsAny:
type: string
projectId:
type: string
sortDir:
type: string
sortKey:
type: string
subnetpoolId:
type: string
tags:
type: string
tagsAny:
type: string
tenantId:
type: string
type: object
uuid:
description: The UUID of the network.
Required if you omit the port attribute.
type: string
type: object
type: array
uuid:
description: The UUID of the network. Required
if you omit the port attribute.
type: string
type: object
type: array
ports:
description: Ports to be attached to the server instance.
They are created if a port with the given name does
not already exist. When you do not specify both
networks and ports parameters, the server attaches
to the only network created for the current tenant.
items:
properties:
adminStateUp:
type: boolean
allowedAddressPairs:
items:
properties:
ipAddress:
type: string
macAddress:
type: string
type: object
type: array
description:
type: string
fixedIPs:
description: Specify pairs of subnet and/or
IP address. These should be subnets of the
network with the given NetworkID.
items:
properties:
ipAddress:
type: string
subnetId:
type: string
required:
- subnetId
type: object
type: array
hostId:
description: The ID of the host where the port
is allocated
type: string
macAddress:
type: string
nameSuffix:
description: Used to make the name of the port
unique. If unspecified, instead the 0-based
index of the port in the list is used.
type: string
networkId:
description: ID of the OpenStack network on
which to create the port. If unspecified,
create the port on the default cluster network.
type: string
projectId:
type: string
securityGroups:
items:
type: string
type: array
tenantId:
type: string
vnicType:
description: The virtual network interface card
(vNIC) type that is bound to the neutron port.
type: string
type: object
type: array
providerID:
description: ProviderID is the unique identifier as
specified by the cloud provider.
type: string
rootVolume:
description: The volume metadata to boot from
properties:
deviceType:
type: string
diskSize:
type: integer
sourceType:
type: string
sourceUUID:
type: string
type: object
securityGroups:
description: The names of the security groups to assign
to the instance
items:
properties:
filter:
description: Filters used to query security
groups in openstack
properties:
description:
type: string
id:
type: string
limit:
type: integer
marker:
type: string
name:
type: string
notTags:
type: string
notTagsAny:
type: string
projectId:
type: string
sortDir:
type: string
sortKey:
type: string
tags:
type: string
tagsAny:
type: string
tenantId:
type: string
type: object
name:
description: Security Group name
type: string
uuid:
description: Security Group UID
type: string
type: object
type: array
serverGroupID:
description: The server group to assign the machine
to
type: string
serverMetadata:
additionalProperties:
type: string
description: Metadata mapping. Allows you to create
a map of key value pairs to add to the server instance.
type: object
sshKeyName:
description: The ssh key to inject in the instance
type: string
subnet:
description: UUID, IP address of a port from this
subnet will be marked as AccessIPv4 on the created
compute instance
type: string
tags:
description: Machine tags Requires Nova api 2.52 minimum!
items:
type: string
type: array
trunk:
description: Whether the server instance is created
on a trunk port or not.
type: boolean
required:
- flavor
type: object
type: object
cloudName:
description: The name of the cloud to use from the clouds
secret
type: string
controlPlaneAvailabilityZones:
description: ControlPlaneAvailabilityZones is the az to deploy
control plane to
items:
type: string
type: array
controlPlaneEndpoint:
description: ControlPlaneEndpoint represents the endpoint
used to communicate with the control plane.
properties:
host:
description: The hostname on which the API server is serving.
type: string
port:
description: The port on which the API server is serving.
format: int32
type: integer
required:
- host
- port
type: object
disablePortSecurity:
description: DisablePortSecurity disables the port security
of the network created for the Kubernetes cluster, which
also disables SecurityGroups
type: boolean
dnsNameservers:
description: DNSNameservers is the list of nameservers for
OpenStack Subnet being created. Set this value when you
need create a new network/subnet while the access through
DNS is required.
items:
type: string
type: array
externalNetworkId:
description: ExternalNetworkID is the ID of an external OpenStack
Network. This is necessary to get public internet to the
VMs.
type: string
externalRouterIPs:
description: ExternalRouterIPs is an array of externalIPs
on the respective subnets. This is necessary if the router
needs a fixed ip in a specific subnet.
items:
properties:
fixedIP:
description: The FixedIP in the corresponding subnet
type: string
subnet:
description: The subnet in which the FixedIP is used
for the Gateway of this router
properties:
filter:
description: Filters for optional network query
properties:
cidr:
type: string
description:
type: string
enableDhcp:
type: boolean
gateway_ip:
type: string
id:
type: string
ipVersion:
type: integer
ipv6AddressMode:
type: string
ipv6RaMode:
type: string
limit:
type: integer
marker:
type: string
name:
type: string
networkId:
type: string
notTags:
type: string
notTagsAny:
type: string
projectId:
type: string
sortDir:
type: string
sortKey:
type: string
subnetpoolId:
type: string
tags:
type: string
tagsAny:
type: string
tenantId:
type: string
type: object
uuid:
description: The UUID of the network. Required if
you omit the port attribute.
type: string
type: object
required:
- subnet
type: object
type: array
identityRef:
description: IdentityRef is a reference to a identity to be
used when reconciling this cluster
properties:
kind:
description: Kind of the identity. Must be supported by
the infrastructure provider and may be either cluster
or namespace-scoped.
minLength: 1
type: string
name:
description: Name of the infrastructure identity to be
used. Must be either a cluster-scoped resource, or namespaced-scoped
resource the same namespace as the resource(s) being
provisioned.
type: string
required:
- kind
- name
type: object
managedAPIServerLoadBalancer:
description: 'ManagedAPIServerLoadBalancer defines whether
a LoadBalancer for the APIServer should be created. If set
to true the following properties are mandatory: APIServerFloatingIP,
APIServerPort'
type: boolean
managedSecurityGroups:
description: 'ManagedSecurityGroups defines that kubernetes
manages the OpenStack security groups for now, that means
that we''ll create security group allows traffic to/from
machines belonging to that group based on Calico CNI plugin
default network requirements: BGP and IP-in-IP for master
node(s) and worker node(s) respectively. In the future,
we could make this more flexible.'
type: boolean
network:
description: If NodeCIDR cannot be set this can be used to
detect an existing network.
properties:
adminStateUp:
type: boolean
description:
type: string
id:
type: string
limit:
type: integer
marker:
type: string
name:
type: string
notTags:
type: string
notTagsAny:
type: string
projectId:
type: string
shared:
type: boolean
sortDir:
type: string
sortKey:
type: string
status:
type: string
tags:
type: string
tagsAny:
type: string
tenantId:
type: string
type: object
nodeCidr:
description: NodeCIDR is the OpenStack Subnet to be created.
Cluster actuator will create a network, a subnet with NodeCIDR,
and a router connected to this subnet. If you leave this
empty, no network will be created.
type: string
subnet:
description: If NodeCIDR cannot be set this can be used to
detect an existing subnet.
properties:
cidr:
type: string
description:
type: string
enableDhcp:
type: boolean
gateway_ip:
type: string
id:
type: string
ipVersion:
type: integer
ipv6AddressMode:
type: string
ipv6RaMode:
type: string
limit:
type: integer
marker:
type: string
name:
type: string
networkId:
type: string
notTags:
type: string
notTagsAny:
type: string
projectId:
type: string
sortDir:
type: string
sortKey:
type: string
subnetpoolId:
type: string
tags:
type: string
tagsAny:
type: string
tenantId:
type: string
type: object
tags:
description: Tags for all resources in cluster
items:
type: string
type: array
type: object
required:
- spec
type: object
required:
- template
type: object
type: object
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

View File

@ -0,0 +1,752 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.5.0
creationTimestamp: null
name: openstackmachines.infrastructure.cluster.x-k8s.io
spec:
group: infrastructure.cluster.x-k8s.io
names:
categories:
- cluster-api
kind: OpenStackMachine
listKind: OpenStackMachineList
plural: openstackmachines
shortNames:
- osm
singular: openstackmachine
scope: Namespaced
versions:
- additionalPrinterColumns:
- description: Cluster to which this OpenStackMachine belongs
jsonPath: .metadata.labels.cluster\.x-k8s\.io/cluster-name
name: Cluster
type: string
- description: OpenStack instance state
jsonPath: .status.instanceState
name: InstanceState
type: string
- description: Machine ready status
jsonPath: .status.ready
name: Ready
type: string
- description: OpenStack instance ID
jsonPath: .spec.providerID
name: ProviderID
type: string
- description: Machine object which owns with this OpenStackMachine
jsonPath: .metadata.ownerReferences[?(@.kind=="Machine")].name
name: Machine
type: string
name: v1alpha3
schema:
openAPIV3Schema:
description: OpenStackMachine is the Schema for the openstackmachines API.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: OpenStackMachineSpec defines the desired state of OpenStackMachine.
properties:
cloudName:
description: The name of the cloud to use from the clouds secret
type: string
cloudsSecret:
description: The name of the secret containing the openstack credentials
properties:
name:
description: Name is unique within a namespace to reference a
secret resource.
type: string
namespace:
description: Namespace defines the space within which the secret
name must be unique.
type: string
type: object
configDrive:
description: Config Drive support
type: boolean
flavor:
description: The flavor reference for the flavor for your server instance.
type: string
floatingIP:
description: The floatingIP which will be associated to the machine,
only used for master. The floatingIP should have been created and
haven't been associated.
type: string
image:
description: The name of the image to use for your server instance.
If the RootVolume is specified, this will be ignored and use rootVolume
directly.
type: string
instanceID:
description: InstanceID is the OpenStack instance ID for this machine.
type: string
networks:
description: A networks object. Required parameter when there are
multiple networks defined for the tenant. When you do not specify
the networks parameter, the server attaches to the only network
created for the current tenant.
items:
properties:
filter:
description: Filters for optional network query
properties:
adminStateUp:
type: boolean
description:
type: string
id:
type: string
limit:
type: integer
marker:
type: string
name:
type: string
notTags:
type: string
notTagsAny:
type: string
projectId:
type: string
shared:
type: boolean
sortDir:
type: string
sortKey:
type: string
status:
type: string
tags:
type: string
tagsAny:
type: string
tenantId:
type: string
type: object
fixedIp:
description: A fixed IPv4 address for the NIC.
type: string
subnets:
description: Subnet within a network to use
items:
properties:
filter:
description: Filters for optional network query
properties:
cidr:
type: string
description:
type: string
enableDhcp:
type: boolean
gateway_ip:
type: string
id:
type: string
ipVersion:
type: integer
ipv6AddressMode:
type: string
ipv6RaMode:
type: string
limit:
type: integer
marker:
type: string
name:
type: string
networkId:
type: string
notTags:
type: string
notTagsAny:
type: string
projectId:
type: string
sortDir:
type: string
sortKey:
type: string
subnetpoolId:
type: string
tags:
type: string
tagsAny:
type: string
tenantId:
type: string
type: object
uuid:
description: The UUID of the network. Required if you
omit the port attribute.
type: string
type: object
type: array
uuid:
description: The UUID of the network. Required if you omit the
port attribute.
type: string
type: object
type: array
providerID:
description: ProviderID is the unique identifier as specified by the
cloud provider.
type: string
rootVolume:
description: The volume metadata to boot from
properties:
deviceType:
type: string
diskSize:
type: integer
sourceType:
type: string
sourceUUID:
type: string
type: object
securityGroups:
description: The names of the security groups to assign to the instance
items:
properties:
filter:
description: Filters used to query security groups in openstack
properties:
description:
type: string
id:
type: string
limit:
type: integer
marker:
type: string
name:
type: string
notTags:
type: string
notTagsAny:
type: string
projectId:
type: string
sortDir:
type: string
sortKey:
type: string
tags:
type: string
tagsAny:
type: string
tenantId:
type: string
type: object
name:
description: Security Group name
type: string
uuid:
description: Security Group UID
type: string
type: object
type: array
serverGroupID:
description: The server group to assign the machine to
type: string
serverMetadata:
additionalProperties:
type: string
description: Metadata mapping. Allows you to create a map of key value
pairs to add to the server instance.
type: object
sshKeyName:
description: The ssh key to inject in the instance
type: string
subnet:
description: UUID, IP address of a port from this subnet will be marked
as AccessIPv4 on the created compute instance
type: string
tags:
description: Machine tags Requires Nova api 2.52 minimum!
items:
type: string
type: array
trunk:
description: Whether the server instance is created on a trunk port
or not.
type: boolean
userDataSecret:
description: The name of the secret containing the user data (startup
script in most cases)
properties:
name:
description: Name is unique within a namespace to reference a
secret resource.
type: string
namespace:
description: Namespace defines the space within which the secret
name must be unique.
type: string
type: object
required:
- flavor
type: object
status:
description: OpenStackMachineStatus defines the observed state of OpenStackMachine.
properties:
addresses:
description: Addresses contains the OpenStack instance associated
addresses.
items:
description: NodeAddress contains information for the node's address.
properties:
address:
description: The node address.
type: string
type:
description: Node address type, one of Hostname, ExternalIP
or InternalIP.
type: string
required:
- address
- type
type: object
type: array
errorMessage:
description: "FailureMessage will be set in the event that there is
a terminal problem reconciling the Machine and will contain a more
verbose string suitable for logging and human consumption. \n This
field should not be set for transitive errors that a controller
faces that are expected to be fixed automatically over time (like
service outages), but instead indicate that something is fundamentally
wrong with the Machine's spec or the configuration of the controller,
and that manual intervention is required. Examples of terminal errors
would be invalid combinations of settings in the spec, values that
are unsupported by the controller, or the responsible controller
itself being critically misconfigured. \n Any transient errors that
occur during the reconciliation of Machines can be added as events
to the Machine object and/or logged in the controller's output."
type: string
errorReason:
description: MachineStatusError defines errors states for Machine
objects.
type: string
instanceState:
description: InstanceState is the state of the OpenStack instance
for this machine.
type: string
ready:
description: Ready is true when the provider resource is ready.
type: boolean
type: object
type: object
served: true
storage: false
subresources:
status: {}
- additionalPrinterColumns:
- description: Cluster to which this OpenStackMachine belongs
jsonPath: .metadata.labels.cluster\.x-k8s\.io/cluster-name
name: Cluster
type: string
- description: OpenStack instance state
jsonPath: .status.instanceState
name: InstanceState
type: string
- description: Machine ready status
jsonPath: .status.ready
name: Ready
type: string
- description: OpenStack instance ID
jsonPath: .spec.providerID
name: ProviderID
type: string
- description: Machine object which owns with this OpenStackMachine
jsonPath: .metadata.ownerReferences[?(@.kind=="Machine")].name
name: Machine
type: string
name: v1alpha4
schema:
openAPIV3Schema:
description: OpenStackMachine is the Schema for the openstackmachines API.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: OpenStackMachineSpec defines the desired state of OpenStackMachine.
properties:
cloudName:
description: The name of the cloud to use from the clouds secret
type: string
configDrive:
description: Config Drive support
type: boolean
flavor:
description: The flavor reference for the flavor for your server instance.
type: string
floatingIP:
description: The floatingIP which will be associated to the machine,
only used for master. The floatingIP should have been created and
haven't been associated.
type: string
identityRef:
description: IdentityRef is a reference to a identity to be used when
reconciling this cluster
properties:
kind:
description: Kind of the identity. Must be supported by the infrastructure
provider and may be either cluster or namespace-scoped.
minLength: 1
type: string
name:
description: Name of the infrastructure identity to be used. Must
be either a cluster-scoped resource, or namespaced-scoped resource
the same namespace as the resource(s) being provisioned.
type: string
required:
- kind
- name
type: object
image:
description: The name of the image to use for your server instance.
If the RootVolume is specified, this will be ignored and use rootVolume
directly.
type: string
instanceID:
description: InstanceID is the OpenStack instance ID for this machine.
type: string
networks:
description: A networks object. Required parameter when there are
multiple networks defined for the tenant. When you do not specify
both networks and ports parameters, the server attaches to the only
network created for the current tenant.
items:
properties:
filter:
description: Filters for optional network query
properties:
adminStateUp:
type: boolean
description:
type: string
id:
type: string
limit:
type: integer
marker:
type: string
name:
type: string
notTags:
type: string
notTagsAny:
type: string
projectId:
type: string
shared:
type: boolean
sortDir:
type: string
sortKey:
type: string
status:
type: string
tags:
type: string
tagsAny:
type: string
tenantId:
type: string
type: object
fixedIP:
description: A fixed IPv4 address for the NIC.
type: string
subnets:
description: Subnet within a network to use
items:
properties:
filter:
description: Filters for optional network query
properties:
cidr:
type: string
description:
type: string
enableDhcp:
type: boolean
gateway_ip:
type: string
id:
type: string
ipVersion:
type: integer
ipv6AddressMode:
type: string
ipv6RaMode:
type: string
limit:
type: integer
marker:
type: string
name:
type: string
networkId:
type: string
notTags:
type: string
notTagsAny:
type: string
projectId:
type: string
sortDir:
type: string
sortKey:
type: string
subnetpoolId:
type: string
tags:
type: string
tagsAny:
type: string
tenantId:
type: string
type: object
uuid:
description: The UUID of the network. Required if you
omit the port attribute.
type: string
type: object
type: array
uuid:
description: The UUID of the network. Required if you omit the
port attribute.
type: string
type: object
type: array
ports:
description: Ports to be attached to the server instance. They are
created if a port with the given name does not already exist. When
you do not specify both networks and ports parameters, the server
attaches to the only network created for the current tenant.
items:
properties:
adminStateUp:
type: boolean
allowedAddressPairs:
items:
properties:
ipAddress:
type: string
macAddress:
type: string
type: object
type: array
description:
type: string
fixedIPs:
description: Specify pairs of subnet and/or IP address. These
should be subnets of the network with the given NetworkID.
items:
properties:
ipAddress:
type: string
subnetId:
type: string
required:
- subnetId
type: object
type: array
hostId:
description: The ID of the host where the port is allocated
type: string
macAddress:
type: string
nameSuffix:
description: Used to make the name of the port unique. If unspecified,
instead the 0-based index of the port in the list is used.
type: string
networkId:
description: ID of the OpenStack network on which to create
the port. If unspecified, create the port on the default cluster
network.
type: string
projectId:
type: string
securityGroups:
items:
type: string
type: array
tenantId:
type: string
vnicType:
description: The virtual network interface card (vNIC) type
that is bound to the neutron port.
type: string
type: object
type: array
providerID:
description: ProviderID is the unique identifier as specified by the
cloud provider.
type: string
rootVolume:
description: The volume metadata to boot from
properties:
deviceType:
type: string
diskSize:
type: integer
sourceType:
type: string
sourceUUID:
type: string
type: object
securityGroups:
description: The names of the security groups to assign to the instance
items:
properties:
filter:
description: Filters used to query security groups in openstack
properties:
description:
type: string
id:
type: string
limit:
type: integer
marker:
type: string
name:
type: string
notTags:
type: string
notTagsAny:
type: string
projectId:
type: string
sortDir:
type: string
sortKey:
type: string
tags:
type: string
tagsAny:
type: string
tenantId:
type: string
type: object
name:
description: Security Group name
type: string
uuid:
description: Security Group UID
type: string
type: object
type: array
serverGroupID:
description: The server group to assign the machine to
type: string
serverMetadata:
additionalProperties:
type: string
description: Metadata mapping. Allows you to create a map of key value
pairs to add to the server instance.
type: object
sshKeyName:
description: The ssh key to inject in the instance
type: string
subnet:
description: UUID, IP address of a port from this subnet will be marked
as AccessIPv4 on the created compute instance
type: string
tags:
description: Machine tags Requires Nova api 2.52 minimum!
items:
type: string
type: array
trunk:
description: Whether the server instance is created on a trunk port
or not.
type: boolean
required:
- flavor
type: object
status:
description: OpenStackMachineStatus defines the observed state of OpenStackMachine.
properties:
addresses:
description: Addresses contains the OpenStack instance associated
addresses.
items:
description: NodeAddress contains information for the node's address.
properties:
address:
description: The node address.
type: string
type:
description: Node address type, one of Hostname, ExternalIP
or InternalIP.
type: string
required:
- address
- type
type: object
type: array
errorMessage:
description: "FailureMessage will be set in the event that there is
a terminal problem reconciling the Machine and will contain a more
verbose string suitable for logging and human consumption. \n This
field should not be set for transitive errors that a controller
faces that are expected to be fixed automatically over time (like
service outages), but instead indicate that something is fundamentally
wrong with the Machine's spec or the configuration of the controller,
and that manual intervention is required. Examples of terminal errors
would be invalid combinations of settings in the spec, values that
are unsupported by the controller, or the responsible controller
itself being critically misconfigured. \n Any transient errors that
occur during the reconciliation of Machines can be added as events
to the Machine object and/or logged in the controller's output."
type: string
errorReason:
description: MachineStatusError defines errors states for Machine
objects.
type: string
instanceState:
description: InstanceState is the state of the OpenStack instance
for this machine.
type: string
ready:
description: Ready is true when the provider resource is ready.
type: boolean
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

View File

@ -0,0 +1,658 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.5.0
creationTimestamp: null
name: openstackmachinetemplates.infrastructure.cluster.x-k8s.io
spec:
group: infrastructure.cluster.x-k8s.io
names:
categories:
- cluster-api
kind: OpenStackMachineTemplate
listKind: OpenStackMachineTemplateList
plural: openstackmachinetemplates
shortNames:
- osmt
singular: openstackmachinetemplate
scope: Namespaced
versions:
- name: v1alpha3
schema:
openAPIV3Schema:
description: OpenStackMachineTemplate is the Schema for the openstackmachinetemplates
API.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: OpenStackMachineTemplateSpec defines the desired state of
OpenStackMachineTemplate.
properties:
template:
description: OpenStackMachineTemplateResource describes the data needed
to create a OpenStackMachine from a template.
properties:
spec:
description: Spec is the specification of the desired behavior
of the machine.
properties:
cloudName:
description: The name of the cloud to use from the clouds
secret
type: string
cloudsSecret:
description: The name of the secret containing the openstack
credentials
properties:
name:
description: Name is unique within a namespace to reference
a secret resource.
type: string
namespace:
description: Namespace defines the space within which
the secret name must be unique.
type: string
type: object
configDrive:
description: Config Drive support
type: boolean
flavor:
description: The flavor reference for the flavor for your
server instance.
type: string
floatingIP:
description: The floatingIP which will be associated to the
machine, only used for master. The floatingIP should have
been created and haven't been associated.
type: string
image:
description: The name of the image to use for your server
instance. If the RootVolume is specified, this will be ignored
and use rootVolume directly.
type: string
instanceID:
description: InstanceID is the OpenStack instance ID for this
machine.
type: string
networks:
description: A networks object. Required parameter when there
are multiple networks defined for the tenant. When you do
not specify the networks parameter, the server attaches
to the only network created for the current tenant.
items:
properties:
filter:
description: Filters for optional network query
properties:
adminStateUp:
type: boolean
description:
type: string
id:
type: string
limit:
type: integer
marker:
type: string
name:
type: string
notTags:
type: string
notTagsAny:
type: string
projectId:
type: string
shared:
type: boolean
sortDir:
type: string
sortKey:
type: string
status:
type: string
tags:
type: string
tagsAny:
type: string
tenantId:
type: string
type: object
fixedIp:
description: A fixed IPv4 address for the NIC.
type: string
subnets:
description: Subnet within a network to use
items:
properties:
filter:
description: Filters for optional network query
properties:
cidr:
type: string
description:
type: string
enableDhcp:
type: boolean
gateway_ip:
type: string
id:
type: string
ipVersion:
type: integer
ipv6AddressMode:
type: string
ipv6RaMode:
type: string
limit:
type: integer
marker:
type: string
name:
type: string
networkId:
type: string
notTags:
type: string
notTagsAny:
type: string
projectId:
type: string
sortDir:
type: string
sortKey:
type: string
subnetpoolId:
type: string
tags:
type: string
tagsAny:
type: string
tenantId:
type: string
type: object
uuid:
description: The UUID of the network. Required
if you omit the port attribute.
type: string
type: object
type: array
uuid:
description: The UUID of the network. Required if you
omit the port attribute.
type: string
type: object
type: array
providerID:
description: ProviderID is the unique identifier as specified
by the cloud provider.
type: string
rootVolume:
description: The volume metadata to boot from
properties:
deviceType:
type: string
diskSize:
type: integer
sourceType:
type: string
sourceUUID:
type: string
type: object
securityGroups:
description: The names of the security groups to assign to
the instance
items:
properties:
filter:
description: Filters used to query security groups in
openstack
properties:
description:
type: string
id:
type: string
limit:
type: integer
marker:
type: string
name:
type: string
notTags:
type: string
notTagsAny:
type: string
projectId:
type: string
sortDir:
type: string
sortKey:
type: string
tags:
type: string
tagsAny:
type: string
tenantId:
type: string
type: object
name:
description: Security Group name
type: string
uuid:
description: Security Group UID
type: string
type: object
type: array
serverGroupID:
description: The server group to assign the machine to
type: string
serverMetadata:
additionalProperties:
type: string
description: Metadata mapping. Allows you to create a map
of key value pairs to add to the server instance.
type: object
sshKeyName:
description: The ssh key to inject in the instance
type: string
subnet:
description: UUID, IP address of a port from this subnet will
be marked as AccessIPv4 on the created compute instance
type: string
tags:
description: Machine tags Requires Nova api 2.52 minimum!
items:
type: string
type: array
trunk:
description: Whether the server instance is created on a trunk
port or not.
type: boolean
userDataSecret:
description: The name of the secret containing the user data
(startup script in most cases)
properties:
name:
description: Name is unique within a namespace to reference
a secret resource.
type: string
namespace:
description: Namespace defines the space within which
the secret name must be unique.
type: string
type: object
required:
- flavor
type: object
required:
- spec
type: object
required:
- template
type: object
type: object
served: true
storage: false
- name: v1alpha4
schema:
openAPIV3Schema:
description: OpenStackMachineTemplate is the Schema for the openstackmachinetemplates
API.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: OpenStackMachineTemplateSpec defines the desired state of
OpenStackMachineTemplate.
properties:
template:
description: OpenStackMachineTemplateResource describes the data needed
to create a OpenStackMachine from a template.
properties:
spec:
description: Spec is the specification of the desired behavior
of the machine.
properties:
cloudName:
description: The name of the cloud to use from the clouds
secret
type: string
configDrive:
description: Config Drive support
type: boolean
flavor:
description: The flavor reference for the flavor for your
server instance.
type: string
floatingIP:
description: The floatingIP which will be associated to the
machine, only used for master. The floatingIP should have
been created and haven't been associated.
type: string
identityRef:
description: IdentityRef is a reference to a identity to be
used when reconciling this cluster
properties:
kind:
description: Kind of the identity. Must be supported by
the infrastructure provider and may be either cluster
or namespace-scoped.
minLength: 1
type: string
name:
description: Name of the infrastructure identity to be
used. Must be either a cluster-scoped resource, or namespaced-scoped
resource the same namespace as the resource(s) being
provisioned.
type: string
required:
- kind
- name
type: object
image:
description: The name of the image to use for your server
instance. If the RootVolume is specified, this will be ignored
and use rootVolume directly.
type: string
instanceID:
description: InstanceID is the OpenStack instance ID for this
machine.
type: string
networks:
description: A networks object. Required parameter when there
are multiple networks defined for the tenant. When you do
not specify both networks and ports parameters, the server
attaches to the only network created for the current tenant.
items:
properties:
filter:
description: Filters for optional network query
properties:
adminStateUp:
type: boolean
description:
type: string
id:
type: string
limit:
type: integer
marker:
type: string
name:
type: string
notTags:
type: string
notTagsAny:
type: string
projectId:
type: string
shared:
type: boolean
sortDir:
type: string
sortKey:
type: string
status:
type: string
tags:
type: string
tagsAny:
type: string
tenantId:
type: string
type: object
fixedIP:
description: A fixed IPv4 address for the NIC.
type: string
subnets:
description: Subnet within a network to use
items:
properties:
filter:
description: Filters for optional network query
properties:
cidr:
type: string
description:
type: string
enableDhcp:
type: boolean
gateway_ip:
type: string
id:
type: string
ipVersion:
type: integer
ipv6AddressMode:
type: string
ipv6RaMode:
type: string
limit:
type: integer
marker:
type: string
name:
type: string
networkId:
type: string
notTags:
type: string
notTagsAny:
type: string
projectId:
type: string
sortDir:
type: string
sortKey:
type: string
subnetpoolId:
type: string
tags:
type: string
tagsAny:
type: string
tenantId:
type: string
type: object
uuid:
description: The UUID of the network. Required
if you omit the port attribute.
type: string
type: object
type: array
uuid:
description: The UUID of the network. Required if you
omit the port attribute.
type: string
type: object
type: array
ports:
description: Ports to be attached to the server instance.
They are created if a port with the given name does not
already exist. When you do not specify both networks and
ports parameters, the server attaches to the only network
created for the current tenant.
items:
properties:
adminStateUp:
type: boolean
allowedAddressPairs:
items:
properties:
ipAddress:
type: string
macAddress:
type: string
type: object
type: array
description:
type: string
fixedIPs:
description: Specify pairs of subnet and/or IP address.
These should be subnets of the network with the given
NetworkID.
items:
properties:
ipAddress:
type: string
subnetId:
type: string
required:
- subnetId
type: object
type: array
hostId:
description: The ID of the host where the port is allocated
type: string
macAddress:
type: string
nameSuffix:
description: Used to make the name of the port unique.
If unspecified, instead the 0-based index of the port
in the list is used.
type: string
networkId:
description: ID of the OpenStack network on which to
create the port. If unspecified, create the port on
the default cluster network.
type: string
projectId:
type: string
securityGroups:
items:
type: string
type: array
tenantId:
type: string
vnicType:
description: The virtual network interface card (vNIC)
type that is bound to the neutron port.
type: string
type: object
type: array
providerID:
description: ProviderID is the unique identifier as specified
by the cloud provider.
type: string
rootVolume:
description: The volume metadata to boot from
properties:
deviceType:
type: string
diskSize:
type: integer
sourceType:
type: string
sourceUUID:
type: string
type: object
securityGroups:
description: The names of the security groups to assign to
the instance
items:
properties:
filter:
description: Filters used to query security groups in
openstack
properties:
description:
type: string
id:
type: string
limit:
type: integer
marker:
type: string
name:
type: string
notTags:
type: string
notTagsAny:
type: string
projectId:
type: string
sortDir:
type: string
sortKey:
type: string
tags:
type: string
tagsAny:
type: string
tenantId:
type: string
type: object
name:
description: Security Group name
type: string
uuid:
description: Security Group UID
type: string
type: object
type: array
serverGroupID:
description: The server group to assign the machine to
type: string
serverMetadata:
additionalProperties:
type: string
description: Metadata mapping. Allows you to create a map
of key value pairs to add to the server instance.
type: object
sshKeyName:
description: The ssh key to inject in the instance
type: string
subnet:
description: UUID, IP address of a port from this subnet will
be marked as AccessIPv4 on the created compute instance
type: string
tags:
description: Machine tags Requires Nova api 2.52 minimum!
items:
type: string
type: array
trunk:
description: Whether the server instance is created on a trunk
port or not.
type: boolean
required:
- flavor
type: object
required:
- spec
type: object
required:
- template
type: object
type: object
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

View File

@ -0,0 +1,34 @@
commonLabels:
cluster.x-k8s.io/v1alpha3: v1alpha3
cluster.x-k8s.io/v1alpha4: v1alpha4
# This kustomization.yaml is not intended to be run by itself,
# since it depends on service name and namespace that are out of this kustomize package.
# It should be run by config/
resources:
- bases/infrastructure.cluster.x-k8s.io_openstackclusters.yaml
- bases/infrastructure.cluster.x-k8s.io_openstackmachines.yaml
- bases/infrastructure.cluster.x-k8s.io_openstackmachinetemplates.yaml
- bases/infrastructure.cluster.x-k8s.io_openstackclustertemplates.yaml
# +kubebuilder:scaffold:crdkustomizeresource
patchesStrategicMerge:
# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix.
# patches here are for enabling the conversion webhook for each CRD
- patches/webhook_in_openstackclusters.yaml
- patches/webhook_in_openstackmachines.yaml
- patches/webhook_in_openstackmachinetemplates.yaml
- patches/webhook_in_openstackclustertemplates.yaml
# +kubebuilder:scaffold:crdkustomizewebhookpatch
# [CERTMANAGER] To enable webhook, uncomment all the sections with [CERTMANAGER] prefix.
# patches here are for enabling the CA injection for each CRD
- patches/cainjection_in_openstackclusters.yaml
- patches/cainjection_in_openstackmachines.yaml
- patches/cainjection_in_openstackmachinetemplates.yaml
- patches/cainjection_in_openstackclustertemplates.yaml
# +kubebuilder:scaffold:crdkustomizecainjectionpatch
# the following config is for teaching kustomize how to do kustomization for CRDs.
configurations:
- kustomizeconfig.yaml

View File

@ -0,0 +1,17 @@
# This file is for teaching kustomize how to substitute name and namespace reference in CRD
nameReference:
- kind: Service
version: v1
fieldSpecs:
- kind: CustomResourceDefinition
group: apiextensions.k8s.io
path: spec/conversion/webhook/clientConfig/service/name
namespace:
- kind: CustomResourceDefinition
group: apiextensions.k8s.io
path: spec/conversion/webhook/clientConfig/service/namespace
create: false
varReference:
- path: metadata/annotations

View File

@ -0,0 +1,8 @@
# The following patch adds a directive for certmanager to inject CA into the CRD
# CRD conversion requires k8s 1.13 or later.
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
name: openstackclusters.infrastructure.cluster.x-k8s.io

View File

@ -0,0 +1,8 @@
# The following patch adds a directive for certmanager to inject CA into the CRD
# CRD conversion requires k8s 1.13 or later.
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
name: openstackclustertemplates.infrastructure.cluster.x-k8s.io

View File

@ -0,0 +1,8 @@
# The following patch adds a directive for certmanager to inject CA into the CRD
# CRD conversion requires k8s 1.13 or later.
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
name: openstackmachines.infrastructure.cluster.x-k8s.io

View File

@ -0,0 +1,8 @@
# The following patch adds a directive for certmanager to inject CA into the CRD
# CRD conversion requires k8s 1.13 or later.
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
name: openstackmachinetemplates.infrastructure.cluster.x-k8s.io

View File

@ -0,0 +1,19 @@
# The following patch enables conversion webhook for CRD
# CRD conversion requires k8s 1.13 or later.
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: openstackclusters.infrastructure.cluster.x-k8s.io
spec:
conversion:
strategy: Webhook
webhook:
conversionReviewVersions: ["v1", "v1beta1"]
clientConfig:
# this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank,
# but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager)
caBundle: Cg==
service:
namespace: system
name: webhook-service
path: /convert

View File

@ -0,0 +1,19 @@
# The following patch enables conversion webhook for CRD
# CRD conversion requires k8s 1.13 or later.
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: openstackclustertemplates.infrastructure.cluster.x-k8s.io
spec:
conversion:
strategy: Webhook
webhook:
conversionReviewVersions: ["v1", "v1beta1"]
clientConfig:
# this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank,
# but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager)
caBundle: Cg==
service:
namespace: system
name: webhook-service
path: /convert

View File

@ -0,0 +1,19 @@
# The following patch enables conversion webhook for CRD
# CRD conversion requires k8s 1.13 or later.
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: openstackmachines.infrastructure.cluster.x-k8s.io
spec:
conversion:
strategy: Webhook
webhook:
conversionReviewVersions: ["v1", "v1beta1"]
clientConfig:
# this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank,
# but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager)
caBundle: Cg==
service:
namespace: system
name: webhook-service
path: /convert

View File

@ -0,0 +1,19 @@
# The following patch enables conversion webhook for CRD
# CRD conversion requires k8s 1.13 or later.
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: openstackmachinetemplates.infrastructure.cluster.x-k8s.io
spec:
conversion:
strategy: Webhook
webhook:
conversionReviewVersions: ["v1", "v1beta1"]
clientConfig:
# this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank,
# but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager)
caBundle: Cg==
service:
namespace: system
name: webhook-service
path: /convert

View File

@ -0,0 +1,2 @@
resources:
- metadata.yaml

View File

@ -0,0 +1,11 @@
---
apiVersion: clusterctl.cluster.x-k8s.io/v1alpha3
kind: Metadata
metadata:
name: repository-metadata
labels:
airshipit.org/deploy-k8s: "false"
releaseSeries:
- major: 0
minor: 4
contract: v1alpha4

View File

@ -0,0 +1,55 @@
namespace: capo-system
namePrefix: capo-
commonLabels:
cluster.x-k8s.io/provider: "infrastructure-openstack"
resources:
- namespace.yaml
bases:
- ../rbac
- ../manager
- ../webhook
- ../certmanager
patchesStrategicMerge:
# Provide customizable hook for make targets.
- manager_image_patch.yaml
- manager_pull_policy.yaml
# Enable webhook.
- manager_webhook_patch.yaml
# Inject certificate in the webhook definition.
- webhookcainjection_patch.yaml
vars:
- name: CERTIFICATE_NAMESPACE # namespace of the certificate CR
objref:
kind: Certificate
group: cert-manager.io
version: v1
name: serving-cert # this name should match the one in certificate.yaml
fieldref:
fieldpath: metadata.namespace
- name: CERTIFICATE_NAME
objref:
kind: Certificate
group: cert-manager.io
version: v1
name: serving-cert # this name should match the one in certificate.yaml
- name: SERVICE_NAMESPACE # namespace of the service
objref:
kind: Service
version: v1
name: webhook-service
fieldref:
fieldpath: metadata.namespace
- name: SERVICE_NAME
objref:
kind: Service
version: v1
name: webhook-service
configurations:
- kustomizeconfig.yaml

View File

@ -0,0 +1,4 @@
# This configuration is for teaching kustomize how to update name ref and var substitution
varReference:
- kind: Deployment
path: spec/template/spec/volumes/secret/secretName

View File

@ -0,0 +1,12 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: controller-manager
namespace: system
spec:
template:
spec:
containers:
# Change the value of image field below to your controller image URL
- image: gcr.io/k8s-staging-capi-openstack/capi-openstack-controller:dev
name: manager

View File

@ -0,0 +1,11 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: controller-manager
namespace: system
spec:
template:
spec:
containers:
- name: manager
imagePullPolicy: Always

View File

@ -0,0 +1,23 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: controller-manager
namespace: system
spec:
template:
spec:
containers:
- name: manager
ports:
- containerPort: 9443
name: webhook-server
protocol: TCP
volumeMounts:
- mountPath: /tmp/k8s-webhook-server/serving-certs
name: cert
readOnly: true
volumes:
- name: cert
secret:
defaultMode: 420
secretName: $(SERVICE_NAME)-cert

View File

@ -0,0 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: system

View File

@ -0,0 +1,13 @@
apiVersion: admissionregistration.k8s.io/v1
kind: MutatingWebhookConfiguration
metadata:
name: mutating-webhook-configuration
annotations:
cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
---
apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
metadata:
name: validating-webhook-configuration
annotations:
cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)

View File

@ -0,0 +1,10 @@
namePrefix: capo-
commonLabels:
cluster.x-k8s.io/provider: "infrastructure-openstack"
bases:
- crd
- default
- data
- webhook # Disable this if you're not using the webhook functionality.

View File

@ -0,0 +1,2 @@
resources:
- manager.yaml

View File

@ -0,0 +1,44 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: controller-manager
namespace: system
labels:
control-plane: capo-controller-manager
spec:
selector:
matchLabels:
control-plane: capo-controller-manager
replicas: 1
template:
metadata:
labels:
control-plane: capo-controller-manager
spec:
containers:
- command:
- /manager
args:
- "--leader-elect"
- "--v=2"
image: controller:latest
imagePullPolicy: Always
name: manager
ports:
- containerPort: 9440
name: healthz
protocol: TCP
readinessProbe:
httpGet:
path: /readyz
port: healthz
livenessProbe:
httpGet:
path: /healthz
port: healthz
terminationGracePeriodSeconds: 10
serviceAccountName: manager
tolerations:
- effect: NoSchedule
key: node-role.kubernetes.io/master

View File

@ -0,0 +1,8 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- role_binding.yaml
- role.yaml
- service_account.yaml
- leader_election_role.yaml
- leader_election_role_binding.yaml

View File

@ -0,0 +1,44 @@
# permissions to do leader election.
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: leader-election-role
rules:
- apiGroups:
- ""
resources:
- configmaps
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- ""
resources:
- configmaps/status
verbs:
- get
- update
- patch
- apiGroups:
- ""
resources:
- events
verbs:
- create
- apiGroups:
- "coordination.k8s.io"
resources:
- leases
verbs:
- get
- list
- watch
- create
- update
- patch
- delete

View File

@ -0,0 +1,12 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: leader-election-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: leader-election-role
subjects:
- kind: ServiceAccount
name: manager
namespace: system

View File

@ -0,0 +1,85 @@
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
name: manager-role
rules:
- apiGroups:
- ""
resources:
- events
verbs:
- create
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- secrets
verbs:
- get
- list
- watch
- apiGroups:
- cluster.x-k8s.io
resources:
- clusters
- clusters/status
verbs:
- get
- list
- watch
- apiGroups:
- cluster.x-k8s.io
resources:
- machines
- machines/status
verbs:
- get
- list
- watch
- apiGroups:
- infrastructure.cluster.x-k8s.io
resources:
- openstackclusters
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- infrastructure.cluster.x-k8s.io
resources:
- openstackclusters/status
verbs:
- get
- patch
- update
- apiGroups:
- infrastructure.cluster.x-k8s.io
resources:
- openstackmachines
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- infrastructure.cluster.x-k8s.io
resources:
- openstackmachines/status
verbs:
- get
- patch
- update

View File

@ -0,0 +1,12 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: manager-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: manager-role
subjects:
- kind: ServiceAccount
name: manager
namespace: system

View File

@ -0,0 +1,5 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: manager
namespace: system

View File

@ -0,0 +1,8 @@
namespace: capi-webhook-system
resources:
- manifests.yaml
- service.yaml
configurations:
- kustomizeconfig.yaml

View File

@ -0,0 +1,25 @@
# the following config is for teaching kustomize where to look at when substituting vars.
# It requires kustomize v2.1.0 or newer to work properly.
nameReference:
- kind: Service
version: v1
fieldSpecs:
- kind: MutatingWebhookConfiguration
group: admissionregistration.k8s.io
path: webhooks/clientConfig/service/name
- kind: ValidatingWebhookConfiguration
group: admissionregistration.k8s.io
path: webhooks/clientConfig/service/name
namespace:
- kind: MutatingWebhookConfiguration
group: admissionregistration.k8s.io
path: webhooks/clientConfig/service/namespace
create: true
- kind: ValidatingWebhookConfiguration
group: admissionregistration.k8s.io
path: webhooks/clientConfig/service/namespace
create: true
varReference:
- path: metadata/annotations

View File

@ -0,0 +1,163 @@
---
apiVersion: admissionregistration.k8s.io/v1
kind: MutatingWebhookConfiguration
metadata:
creationTimestamp: null
name: mutating-webhook-configuration
webhooks:
- admissionReviewVersions:
- v1beta1
clientConfig:
service:
name: webhook-service
namespace: system
path: /mutate-infrastructure-cluster-x-k8s-io-v1alpha4-openstackcluster
failurePolicy: Fail
matchPolicy: Equivalent
name: default.openstackcluster.infrastructure.cluster.x-k8s.io
rules:
- apiGroups:
- infrastructure.cluster.x-k8s.io
apiVersions:
- v1alpha4
operations:
- CREATE
- UPDATE
resources:
- openstackcluster
sideEffects: None
- admissionReviewVersions:
- v1beta1
clientConfig:
service:
name: webhook-service
namespace: system
path: /mutate-infrastructure-cluster-x-k8s-io-v1alpha4-openstackclustertemplate
failurePolicy: Fail
matchPolicy: Equivalent
name: default.openstackclustertemplate.infrastructure.cluster.x-k8s.io
rules:
- apiGroups:
- infrastructure.cluster.x-k8s.io
apiVersions:
- v1alpha4
operations:
- CREATE
- UPDATE
resources:
- openstackclustertemplates
sideEffects: None
- admissionReviewVersions:
- v1beta1
clientConfig:
service:
name: webhook-service
namespace: system
path: /mutate-infrastructure-cluster-x-k8s-io-v1alpha4-openstackmachine
failurePolicy: Fail
matchPolicy: Equivalent
name: default.openstackmachine.infrastructure.cluster.x-k8s.io
rules:
- apiGroups:
- infrastructure.cluster.x-k8s.io
apiVersions:
- v1alpha4
operations:
- CREATE
- UPDATE
resources:
- openstackmachines
sideEffects: None
---
apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
metadata:
creationTimestamp: null
name: validating-webhook-configuration
webhooks:
- admissionReviewVersions:
- v1beta1
clientConfig:
service:
name: webhook-service
namespace: system
path: /validate-infrastructure-cluster-x-k8s-io-v1alpha4-openstackcluster
failurePolicy: Fail
matchPolicy: Equivalent
name: validation.openstackcluster.infrastructure.cluster.x-k8s.io
rules:
- apiGroups:
- infrastructure.cluster.x-k8s.io
apiVersions:
- v1alpha4
operations:
- CREATE
- UPDATE
resources:
- openstackcluster
sideEffects: None
- admissionReviewVersions:
- v1beta1
clientConfig:
service:
name: webhook-service
namespace: system
path: /validate-infrastructure-cluster-x-k8s-io-v1alpha4-openstackclustertemplate
failurePolicy: Fail
matchPolicy: Equivalent
name: validation.openstackclustertemplate.infrastructure.cluster.x-k8s.io
rules:
- apiGroups:
- infrastructure.cluster.x-k8s.io
apiVersions:
- v1alpha4
operations:
- CREATE
- UPDATE
resources:
- openstackclustertemplates
sideEffects: None
- admissionReviewVersions:
- v1beta1
clientConfig:
service:
name: webhook-service
namespace: system
path: /validate-infrastructure-cluster-x-k8s-io-v1alpha4-openstackmachine
failurePolicy: Fail
matchPolicy: Equivalent
name: validation.openstackmachine.infrastructure.cluster.x-k8s.io
rules:
- apiGroups:
- infrastructure.cluster.x-k8s.io
apiVersions:
- v1alpha4
operations:
- CREATE
- UPDATE
resources:
- openstackmachines
sideEffects: None
- admissionReviewVersions:
- v1beta1
clientConfig:
service:
name: webhook-service
namespace: system
path: /validate-infrastructure-cluster-x-k8s-io-v1alpha4-openstackmachinetemplate
failurePolicy: Fail
matchPolicy: Equivalent
name: validation.openstackmachinetemplate.infrastructure.cluster.x-k8s.io
rules:
- apiGroups:
- infrastructure.cluster.x-k8s.io
apiVersions:
- v1alpha4
operations:
- CREATE
- UPDATE
resources:
- openstackmachinetemplates
sideEffects: None

View File

@ -0,0 +1,9 @@
apiVersion: v1
kind: Service
metadata:
name: webhook-service
namespace: system
spec:
ports:
- port: 443
targetPort: webhook-server

View File

@ -63,7 +63,7 @@ images:
tag: "v0.4.1"
infrastructure-openstack/capi-openstack-controller-amd64:
repository: "gcr.io/k8s-staging-capi-openstack"
tag: "v20200707-v0.3.1"
tag: "v0.4.0"
infrastructure-openstack/kube-rbac-proxy:
repository: "gcr.io/kubebuilder"
tag: "v0.4.1"

View File

@ -1,4 +1,5 @@
apiVersion: cluster.x-k8s.io/v1alpha3
---
apiVersion: cluster.x-k8s.io/v1alpha4
kind: Cluster
metadata:
name: target-cluster
@ -10,41 +11,36 @@ spec:
- 192.168.0.0/16
serviceDomain: cluster.local
controlPlaneRef:
apiVersion: controlplane.cluster.x-k8s.io/v1alpha3
apiVersion: controlplane.cluster.x-k8s.io/v1alpha4
kind: KubeadmControlPlane
name: target-cluster-control-plane
infrastructureRef:
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha3
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha4
kind: OpenStackCluster
name: target-cluster
---
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha3
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha4
kind: OpenStackCluster
metadata:
name: target-cluster
namespace: default
spec:
apiServerLoadBalancerFloatingIP: ${OPENSTACK_CONTROLPLANE_IP}
apiServerLoadBalancerPort: 6443
cloudName: devstack
cloudsSecret:
name: target-cluster-cloud-config
namespace: default
disablePortSecurity: false
disableServerTags: true
dnsNameservers:
- "${OPENSTACK_DNS_NAMESERVERS}"
externalNetworkId: "{OPENSTACK_EXTERNAL_NETWORK_ID}"
managedAPIServerLoadBalancer: true
- 8.8.8.8
identityRef:
kind: Secret
name: target-cluster-cloud-config
managedSecurityGroups: true
nodeCidr: 10.6.0.0/24
useOctavia: true
---
apiVersion: v1
data:
cacert: Cg==
clouds.yaml: Y2xvdWRzOgogIGRldnN0YWNrOgogICAgYXV0aDoKICAgICAgYXV0aF91cmw6IGh0dHA6Ly8xOTIuMTY4LjE4My4xMzUvaWRlbnRpdHkKICAgICAgcGFzc3dvcmQ6IHNlY3JldAogICAgICBwcm9qZWN0X2RvbWFpbl9pZDogZGVmYXVsdAogICAgICBwcm9qZWN0X25hbWU6IGRlbW8KICAgICAgdXNlcl9kb21haW5faWQ6IGRlZmF1bHQKICAgICAgdXNlcm5hbWU6IGRlbW8KICAgIGlkZW50aXR5X2FwaV92ZXJzaW9uOiAnMycKICAgIHJlZ2lvbl9uYW1lOiBSZWdpb25PbmUKICAgIHZvbHVtZV9hcGlfdmVyc2lvbjogJzMnCg==
kind: Secret
metadata:
labels:
clusterctl.cluster.x-k8s.io/move: "true"
name: target-cluster-cloud-config
namespace: default
data:
cacert: ${CLOUD_CERT_B64}
clouds.yaml: ${CLOUDS_YAML_B64}
namespace: default

View File

@ -1,13 +1,10 @@
apiVersion: controlplane.cluster.x-k8s.io/v1alpha3
---
apiVersion: controlplane.cluster.x-k8s.io/v1alpha4
kind: KubeadmControlPlane
metadata:
name: target-cluster-control-plane
namespace: default
spec:
infrastructureTemplate:
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha3
kind: OpenStackMachineTemplate
name: target-cluster-control-plane
kubeadmConfigSpec:
clusterConfiguration:
apiServer:
@ -19,7 +16,6 @@ spec:
mountPath: /etc/kubernetes/cloud.conf
name: cloud
readOnly: true
controlPlaneEndpoint: ${OPENSTACK_CONTROL_PLANE_IP}:6443
controllerManager:
extraArgs:
cloud-config: /etc/kubernetes/cloud.conf
@ -35,12 +31,12 @@ spec:
readOnly: true
imageRepository: k8s.gcr.io
files:
- content: ${CLOUD_CONF_B64}
- content: W0dsb2JhbF0KYXV0aC11cmw9aHR0cDovLzE5Mi4xNjguMTgzLjEzNS9pZGVudGl0eQp1c2VybmFtZT0iZGVtbyIKcGFzc3dvcmQ9InNlY3JldCIKdGVuYW50LW5hbWU9ImRlbW8iCmRvbWFpbi1pZD0iZGVmYXVsdCIKcmVnaW9uPSJSZWdpb25PbmUiCg==
encoding: base64
owner: root
path: /etc/kubernetes/cloud.conf
permissions: "0600"
- content: ${CLOUD_CERT_B64}
- content: Cg==
encoding: base64
owner: root
path: /etc/certs/cacert
@ -57,17 +53,15 @@ spec:
cloud-config: /etc/kubernetes/cloud.conf
cloud-provider: openstack
name: '{{ local_hostname }}'
ntp:
servers: []
users:
- name: capo
sshAuthorizedKeys:
- ${OPENSTACK_SSH_KEY}
sudo: ALL=(ALL) NOPASSWD:ALL
machineTemplate:
infrastructureRef:
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha4
kind: OpenStackMachineTemplate
name: target-cluster-control-plane
replicas: 1
version: v1.17.3
version: v1.21.2
---
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha3
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha4
kind: OpenStackMachineTemplate
metadata:
name: target-cluster-control-plane
@ -76,8 +70,9 @@ spec:
template:
spec:
cloudName: devstack
cloudsSecret:
flavor: m1.small
identityRef:
kind: Secret
name: target-cluster-cloud-config
namespace: default
flavor: ${CONTROLPLANE_MACHINE_FLAVOR}
image: ubuntu-1910-kube-v1.17.3
sshKeyName: devstack_vm_kp

View File

@ -1,29 +1,30 @@
apiVersion: cluster.x-k8s.io/v1alpha3
---
apiVersion: cluster.x-k8s.io/v1alpha4
kind: MachineDeployment
metadata:
name: target-cluster-md-0
namespace: default
spec:
clusterName: target-cluster
replicas: 0
replicas: 3
selector:
matchLabels: {}
matchLabels: null
template:
spec:
bootstrap:
configRef:
apiVersion: bootstrap.cluster.x-k8s.io/v1alpha3
apiVersion: bootstrap.cluster.x-k8s.io/v1alpha4
kind: KubeadmConfigTemplate
name: target-cluster-md-0
clusterName: target-cluster
failureDomain: nova
infrastructureRef:
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha3
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha4
kind: OpenStackMachineTemplate
name: target-cluster-md-0
version: v1.17.3
version: v1.21.2
---
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha3
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha4
kind: OpenStackMachineTemplate
metadata:
name: target-cluster-md-0
@ -32,13 +33,14 @@ spec:
template:
spec:
cloudName: devstack
cloudsSecret:
flavor: m1.small
identityRef:
kind: Secret
name: target-cluster-cloud-config
namespace: default
flavor: ${WORKER_MACHINE_FLAVOR}
image: ubuntu-1910-kube-v1.17.3
sshKeyName: devstack_vm_kp
---
apiVersion: bootstrap.cluster.x-k8s.io/v1alpha3
apiVersion: bootstrap.cluster.x-k8s.io/v1alpha4
kind: KubeadmConfigTemplate
metadata:
name: target-cluster-md-0
@ -47,12 +49,12 @@ spec:
template:
spec:
files:
- content: ${CLOUD_CONF_B64}
- content: W0dsb2JhbF0KYXV0aC11cmw9aHR0cDovLzE5Mi4xNjguMTgzLjEzNS9pZGVudGl0eQp1c2VybmFtZT0iZGVtbyIKcGFzc3dvcmQ9InNlY3JldCIKdGVuYW50LW5hbWU9ImRlbW8iCmRvbWFpbi1pZD0iZGVmYXVsdCIKcmVnaW9uPSJSZWdpb25PbmUiCg==
encoding: base64
owner: root
path: /etc/kubernetes/cloud.conf
permissions: "0600"
- content: ${CLOUD_CERT_B64}
- content: Cg==
encoding: base64
owner: root
path: /etc/certs/cacert
@ -62,20 +64,4 @@ spec:
kubeletExtraArgs:
cloud-config: /etc/kubernetes/cloud.conf
cloud-provider: openstack
name: '{{ local_hostname }}'
ntp:
servers: []
users:
- name: capo
sshAuthorizedKeys:
- ${OPENSTACK_SSH_KEY}
sudo: ALL=(ALL) NOPASSWD:ALL
---
apiVersion: v1
kind: Secret
metadata:
name: target-cluster-cloud-config
namespace: default
data:
cacert: ${CLOUD_CERT_B64}
clouds.yaml: ${CLOUDS_YAML_B64}
name: '{{ local_hostname }}'

View File

@ -5,4 +5,4 @@ metadata:
namespace: default
data:
cacert: Cg==
clouds.yaml: Y2xvdWRzOgogIGRldnN0YWNrOgogICAgYXV0aDoKICAgICAgYXV0aF91cmw6IGh0dHA6Ly8xMC4wLjAuNC9pZGVudGl0eQogICAgICBwYXNzd29yZDogcGFzcwogICAgICBwcm9qZWN0X2RvbWFpbl9pZDogZGVmYXVsdAogICAgICBwcm9qZWN0X25hbWU6IGRlbW8KICAgICAgdXNlcl9kb21haW5faWQ6IGRlZmF1bHQKICAgICAgdXNlcm5hbWU6IGRlbW8KICAgIGlkZW50aXR5X2FwaV92ZXJzaW9uOiAnMycKICAgIHJlZ2lvbl9uYW1lOiBSZWdpb25PbmUKICAgIHZvbHVtZV9hcGlfdmVyc2lvbjogJzMnCg==
clouds.yaml: Y2xvdWRzOgogIGRldnN0YWNrOgogICAgYXV0aDoKICAgICAgYXV0aF91cmw6IGh0dHA6Ly8xOTIuMTY4LjE4My4xMzUvaWRlbnRpdHkKICAgICAgcGFzc3dvcmQ6IHNlY3JldAogICAgICBwcm9qZWN0X2RvbWFpbl9pZDogZGVmYXVsdAogICAgICBwcm9qZWN0X25hbWU6IGRlbW8KICAgICAgdXNlcl9kb21haW5faWQ6IGRlZmF1bHQKICAgICAgdXNlcm5hbWU6IGRlbW8KICAgIGlkZW50aXR5X2FwaV92ZXJzaW9uOiAnMycKICAgIHJlZ2lvbl9uYW1lOiBSZWdpb25PbmUKICAgIHZvbHVtZV9hcGlfdmVyc2lvbjogJzMnCg==

View File

@ -1,17 +1,17 @@
apiVersion: controlplane.cluster.x-k8s.io/v1alpha3
apiVersion: controlplane.cluster.x-k8s.io/v1alpha4
kind: KubeadmControlPlane
metadata:
name: target-cluster-control-plane
namespace: default
spec:
infrastructureTemplate:
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha3
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha4
kind: OpenStackMachineTemplate
name: target-cluster-control-plane
kubeadmConfigSpec:
files:
- path: /etc/kubernetes/cloud.conf
content: W0dsb2JhbF0KYXV0aC11cmw9aHR0cDovLzEwLjAuMC40L2lkZW50aXR5CnVzZXJuYW1lPSJkZW1vIgpwYXNzd29yZD0icGFzcyIKdGVuYW50LW5hbWU9ImRlbW8iCmRvbWFpbi1pZD0iZGVmYXVsdCIKcmVnaW9uPSJSZWdpb25PbmUiCg==
content: W0dsb2JhbF0KYXV0aC11cmw9aHR0cDovLzE5Mi4xNjguMTgzLjEzNS9pZGVudGl0eQp1c2VybmFtZT0iZGVtbyIKcGFzc3dvcmQ9InNlY3JldCIKdGVuYW50LW5hbWU9ImRlbW8iCmRvbWFpbi1pZD0iZGVmYXVsdCIKcmVnaW9uPSJSZWdpb25PbmUiCg==
encoding: base64
owner: root
permissions: "0600"
@ -19,4 +19,4 @@ spec:
content: Cg==
encoding: base64
owner: root
permissions: "0600"
permissions: "0600"

View File

@ -1,3 +1,3 @@
[
{ "op": "replace","path": "/spec/apiServerLoadBalancerFloatingIP","value": "172.24.4.120" }
{ "op": "replace","path": "/spec/apiServerLoadBalancerFloatingIP","value": "172.24.4.236" }
]

View File

@ -1,4 +1,4 @@
apiVersion: controlplane.cluster.x-k8s.io/v1alpha3
apiVersion: controlplane.cluster.x-k8s.io/v1alpha4
kind: KubeadmControlPlane
metadata:
name: target-cluster-control-plane
@ -6,4 +6,4 @@ metadata:
spec:
kubeadmConfigSpec:
clusterConfiguration:
controlPlaneEndpoint: 172.24.4.120:6443
controlPlaneEndpoint: 172.24.4.236:6443

View File

@ -1,7 +1,7 @@
apiVersion: controlplane.cluster.x-k8s.io/v1alpha3
apiVersion: controlplane.cluster.x-k8s.io/v1alpha4
kind: KubeadmControlPlane
metadata:
name: target-cluster-control-plane
namespace: default
spec:
replicas: 1
replicas: 1

View File

@ -1,4 +1,4 @@
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha3
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha4
kind: OpenStackMachineTemplate
metadata:
name: target-cluster-control-plane

View File

@ -1,3 +1,3 @@
[
{ "op": "replace","path": "/spec/externalNetworkId","value": "4e9b967f-1aec-41a5-ad1b-9805af62ebdd" }
{ "op": "replace","path": "/spec/externalNetworkId","value": "47ef87ff-0506-4d0e-a6f8-e05f23531bb8" }
]

View File

@ -7,21 +7,21 @@ patchesJson6902:
- target:
group: infrastructure.cluster.x-k8s.io
version: v1alpha3
version: v1alpha4
kind: OpenStackCluster
name: "target-cluster"
path: control_plane_ip.json
- target:
group: infrastructure.cluster.x-k8s.io
version: v1alpha3
version: v1alpha4
kind: OpenStackCluster
name: "target-cluster"
path: dns_servers.json
- target:
group: infrastructure.cluster.x-k8s.io
version: v1alpha3
version: v1alpha4
kind: OpenStackCluster
name: "target-cluster"
path: external_network_id.json
@ -32,4 +32,4 @@ patchesStrategicMerge:
- control_plane_config_patch.yaml
- ssh_key_patch.yaml
- control_plane_machine_count_patch.yaml
- control_plane_machine_flavor_patch.yaml
- control_plane_machine_flavor_patch.yaml

View File

@ -1,4 +1,4 @@
apiVersion: controlplane.cluster.x-k8s.io/v1alpha3
apiVersion: controlplane.cluster.x-k8s.io/v1alpha4
kind: KubeadmControlPlane
metadata:
name: target-cluster-control-plane
@ -8,4 +8,4 @@ spec:
users:
- name: capo
sshAuthorizedKeys:
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCV+B0gfF/728wO9XOZbEpxuCP2rhZu0CIic2+O6M9d/t2weLCDl0rdOlssnVzsS5C04OQvm6IDy94xHG8ob2N2G/LGz7/jgCiysHjdQ1Yg6F16hx1rnRFeS2lLDc7PhGco8hAPbY/oN5Q0biutJRSnI5zLNhN1phXRap0ptaI8g3B3t07lxtJGPich2npyGt+ie7QwEzxoPMR81AnmCiqtRC7n2bf5p7CqMxMGHzhg30+BSOx81VlT30SKnExbXrHqV6372+kUvGw/NrUcJEQJNb/QDgAX51BBfTqYyxqZ3RDsBCRdE9IX51BgT6GJnsNjgo6h5CEIdAUNBM1MT23hpzpOTZPbSTdKsc5NHfbKKP6dlPcGYstHvtaVkvZ5x6bQr7dk9qiRs6ujuHybpE95OaH23Pg9PSbTxmZ8GZMMIzg1fToSNstaZe82crd+oY66icUgR7jvOwj7qulOklnkwLTaRUdRtbL4kYORxajLDVAuwF0qEtdGU3Pyb2NXoDs= stack@devstack
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDGEBBZxXQt2DN/8Cf9p0YmlOoOqZY9F+S2JrlOw7TT6uodpHDH0uUxwdFlrYwIqFaitXXFQkcnVXrOoyXkGINlmIQ3DPt56AULQ5wfSNJ35ndOg9ETxlXsclYGCXiddLPhwNwUL0EO9Dcc3TB1lmpwSfdxxR+fTOswuITGzMArs+IUulXO14KmUWc/95ttcJJqU4XeTgjwF891q/m/nTBLT/W1zivXDZTe30moNiEZsrNUakcfeTnh99OQZBz22e7g8YzSDvAYVsVMQQVVmCuK/JaEUknRqVOBVfi58r96Alzc+Nb388UVFy6vAB4FeSbNs45h19lKZYajgOgsDAeBXd5VzpNcMS6C7H/OsLFptK3fJbeFUau85iiB4nXeAnyvGNlyN7RSDUKqeUKQq25j7fQe4MmWr+qoVL3mdNZqo1+Hkbs5PyzlPPzmEllquFo9bI744yFfyyS5Hj8LK8fqA2lQ6rjZ8kjgfJNkfXA+LMO4ipJfJTlAJquI9YvKaGC/IS/pt3/5nhQIAtNIId3WdNk9J8fevmEkC5QYXbhlFstB6CJxq7TTDMjzrXCS8YGtXYk494jQ6vBQnf9GPwB8EEsIFFu0HOM6LIgfliAJPgCO5nRzmM1tZ4AfQFfUjA/UK6nvMYXhy0WKGgLNTFDO8j1t9i8U7GmBh/58m7Mk+w== devstack@devstack-vm

View File

@ -0,0 +1,22 @@
apiVersion: airshipit.org/v1alpha1
kind: ClusterMap
metadata:
labels:
airshipit.org/deploy-k8s: "false"
name: main-map
map:
target-cluster:
parent: ephemeral-cluster
kubeconfigSources:
- type: "filesystem"
filesystem:
path: ~/.airship/kubeconfig
contextName: target-cluster
- type: "bundle"
bundle:
contextName: target-cluster
- type: "clusterAPI"
clusterAPI:
clusterNamespacedName:
name: target-cluster
namespace: default

View File

@ -0,0 +1,7 @@
apiVersion: airshipit.org/v1alpha1
kind: Clusterctl
metadata:
name: clusterctl_move
move-options:
namespace: default
action: move

View File

@ -1,7 +1,7 @@
[{
"op": "replace",
"path": "/init-options/infrastructure-providers",
"value": ["openstack:v0.3.1"]
"value": "openstack:v0.4.0"
},
{
"op": "replace",
@ -9,10 +9,7 @@
"value": {
"name": "openstack",
"type": "InfrastructureProvider",
"variable-substitution": true,
"versions": {
"v0.3.1": "airshipctl/manifests/function/capo/v0.3.1"
"url": "airshipctl/manifests/function/capo/v0.4.0"
}
}
}
]

View File

@ -1,7 +1,10 @@
resources:
- ../../../phases
- ../../../type/gating/phases
- ../../../function/airshipctl-base-catalogues
- plan.yaml
patchesStrategicMerge:
- plan_patch.yaml
- cluster_map_patch.yaml
- executor_patch.yaml
patchesJson6902:
- target:
group: airshipit.org

View File

@ -1,11 +0,0 @@
apiVersion: airshipit.org/v1alpha1
kind: PhasePlan
metadata:
name: phasePlan
phases:
- name: clusterctl-init-ephemeral
- name: controlplane-ephemeral
- name: initinfra-target
- name: clusterctl-init-target
- name: clusterctl-move
- name: workers-target

View File

@ -0,0 +1,24 @@
apiVersion: airshipit.org/v1alpha1
kind: PhasePlan
metadata:
name: deploy-gating
phases:
- name: clusterctl-init-ephemeral
- name: controlplane-ephemeral
- name: initinfra-target
- name: clusterctl-init-target
- name: clusterctl-move
- name: workers-target
validation:
kindsToSkip:
- Clusterctl
- VariableCatalogue
crdList:
- airshipctl/manifests/function/airshipctl-schemas
- airshipctl/manifests/function/cert-manager/v1.1.0/upstream
---
apiVersion: airshipit.org/v1alpha1
kind: PhasePlan
metadata:
name: iso
$patch: delete

View File

@ -9,4 +9,3 @@ commonLabels:
transformers:
- ../../../../composite/infra/replacements

View File

@ -5,4 +5,4 @@ metadata:
namespace: default
data:
cacert: Cg==
clouds.yaml: Y2xvdWRzOgogIGRldnN0YWNrOgogICAgYXV0aDoKICAgICAgYXV0aF91cmw6IGh0dHA6Ly8xMC4wLjAuNC9pZGVudGl0eQogICAgICBwYXNzd29yZDogcGFzcwogICAgICBwcm9qZWN0X2RvbWFpbl9pZDogZGVmYXVsdAogICAgICBwcm9qZWN0X25hbWU6IGRlbW8KICAgICAgdXNlcl9kb21haW5faWQ6IGRlZmF1bHQKICAgICAgdXNlcm5hbWU6IGRlbW8KICAgIGlkZW50aXR5X2FwaV92ZXJzaW9uOiAnMycKICAgIHJlZ2lvbl9uYW1lOiBSZWdpb25PbmUKICAgIHZvbHVtZV9hcGlfdmVyc2lvbjogJzMnCg==
clouds.yaml: Y2xvdWRzOgogIGRldnN0YWNrOgogICAgYXV0aDoKICAgICAgYXV0aF91cmw6IGh0dHA6Ly8xOTIuMTY4LjE4My4xMzUvaWRlbnRpdHkKICAgICAgcGFzc3dvcmQ6IHNlY3JldAogICAgICBwcm9qZWN0X2RvbWFpbl9pZDogZGVmYXVsdAogICAgICBwcm9qZWN0X25hbWU6IGRlbW8KICAgICAgdXNlcl9kb21haW5faWQ6IGRlZmF1bHQKICAgICAgdXNlcm5hbWU6IGRlbW8KICAgIGlkZW50aXR5X2FwaV92ZXJzaW9uOiAnMycKICAgIHJlZ2lvbl9uYW1lOiBSZWdpb25PbmUKICAgIHZvbHVtZV9hcGlfdmVyc2lvbjogJzMnCg==

View File

@ -1,4 +1,4 @@
apiVersion: bootstrap.cluster.x-k8s.io/v1alpha3
apiVersion: bootstrap.cluster.x-k8s.io/v1alpha4
kind: KubeadmConfigTemplate
metadata:
name: target-cluster-md-0
@ -7,7 +7,7 @@ spec:
template:
spec:
files:
- content: W0dsb2JhbF0KYXV0aC11cmw9aHR0cDovLzEwLjAuMC40L2lkZW50aXR5CnVzZXJuYW1lPSJkZW1vIgpwYXNzd29yZD0icGFzcyIKdGVuYW50LW5hbWU9ImRlbW8iCmRvbWFpbi1pZD0iZGVmYXVsdCIKcmVnaW9uPSJSZWdpb25PbmUiCg==
- content: W0dsb2JhbF0KYXV0aC11cmw9aHR0cDovLzE5Mi4xNjguMTgzLjEzNS9pZGVudGl0eQp1c2VybmFtZT0iZGVtbyIKcGFzc3dvcmQ9InNlY3JldCIKdGVuYW50LW5hbWU9ImRlbW8iCmRvbWFpbi1pZD0iZGVmYXVsdCIKcmVnaW9uPSJSZWdpb25PbmUiCg==
encoding: base64
owner: root
path: /etc/kubernetes/cloud.conf

View File

@ -1,4 +1,4 @@
apiVersion: cluster.x-k8s.io/v1alpha3
apiVersion: cluster.x-k8s.io/v1alpha4
kind: MachineDeployment
metadata:
name: target-cluster-md-0

View File

@ -1,4 +1,4 @@
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha3
apiVersion: infrastructure.cluster.x-k8s.io/v1alpha4
kind: OpenStackMachineTemplate
metadata:
name: target-cluster-md-0
@ -6,4 +6,4 @@ metadata:
spec:
template:
spec:
flavor: m1.small
flavor: m1.small

View File

@ -1,4 +1,4 @@
apiVersion: bootstrap.cluster.x-k8s.io/v1alpha3
apiVersion: bootstrap.cluster.x-k8s.io/v1alpha4
kind: KubeadmConfigTemplate
metadata:
name: target-cluster-md-0
@ -9,4 +9,4 @@ spec:
users:
- name: capo
sshAuthorizedKeys:
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCV+B0gfF/728wO9XOZbEpxuCP2rhZu0CIic2+O6M9d/t2weLCDl0rdOlssnVzsS5C04OQvm6IDy94xHG8ob2N2G/LGz7/jgCiysHjdQ1Yg6F16hx1rnRFeS2lLDc7PhGco8hAPbY/oN5Q0biutJRSnI5zLNhN1phXRap0ptaI8g3B3t07lxtJGPich2npyGt+ie7QwEzxoPMR81AnmCiqtRC7n2bf5p7CqMxMGHzhg30+BSOx81VlT30SKnExbXrHqV6372+kUvGw/NrUcJEQJNb/QDgAX51BBfTqYyxqZ3RDsBCRdE9IX51BgT6GJnsNjgo6h5CEIdAUNBM1MT23hpzpOTZPbSTdKsc5NHfbKKP6dlPcGYstHvtaVkvZ5x6bQr7dk9qiRs6ujuHybpE95OaH23Pg9PSbTxmZ8GZMMIzg1fToSNstaZe82crd+oY66icUgR7jvOwj7qulOklnkwLTaRUdRtbL4kYORxajLDVAuwF0qEtdGU3Pyb2NXoDs= stack@devstack
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDGEBBZxXQt2DN/8Cf9p0YmlOoOqZY9F+S2JrlOw7TT6uodpHDH0uUxwdFlrYwIqFaitXXFQkcnVXrOoyXkGINlmIQ3DPt56AULQ5wfSNJ35ndOg9ETxlXsclYGCXiddLPhwNwUL0EO9Dcc3TB1lmpwSfdxxR+fTOswuITGzMArs+IUulXO14KmUWc/95ttcJJqU4XeTgjwF891q/m/nTBLT/W1zivXDZTe30moNiEZsrNUakcfeTnh99OQZBz22e7g8YzSDvAYVsVMQQVVmCuK/JaEUknRqVOBVfi58r96Alzc+Nb388UVFy6vAB4FeSbNs45h19lKZYajgOgsDAeBXd5VzpNcMS6C7H/OsLFptK3fJbeFUau85iiB4nXeAnyvGNlyN7RSDUKqeUKQq25j7fQe4MmWr+qoVL3mdNZqo1+Hkbs5PyzlPPzmEllquFo9bI744yFfyyS5Hj8LK8fqA2lQ6rjZ8kjgfJNkfXA+LMO4ipJfJTlAJquI9YvKaGC/IS/pt3/5nhQIAtNIId3WdNk9J8fevmEkC5QYXbhlFstB6CJxq7TTDMjzrXCS8YGtXYk494jQ6vBQnf9GPwB8EEsIFFu0HOM6LIgfliAJPgCO5nRzmM1tZ4AfQFfUjA/UK6nvMYXhy0WKGgLNTFDO8j1t9i8U7GmBh/58m7Mk+w== devstack@devstack-vm