airship/airshipctl
Code Issues Proposed changes

CAPD v0.4.2 manifests

Browse Source 
* The current PS adds manifests files to update CAPD components
to 0.4.2 version

Change-Id: Ie57201a901277eed122052f0a1c75ed21fa77e54
This commit is contained in:
Snehal 2021-09-29 10:54:20 +00:00
parent db16837902
commit 47041eda24
44 changed files with 2513 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
manifests/function/capd/v0.4.2/certmanager/certificate.yaml Normal file
View File

@ -0,0 +1,24 @@
# The following manifests contain a self-signed issuer CR and a certificate CR.
# More document can be found at https://docs.cert-manager.io
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
name: selfsigned-issuer
namespace: system
spec:
selfSigned: {}
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml
namespace: system
spec:
# $(SERVICE_NAME) and $(SERVICE_NAMESPACE) will be substituted by kustomize
dnsNames:
- $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc
- $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc.cluster.local
issuerRef:
kind: Issuer
name: selfsigned-issuer
secretName: $(SERVICE_NAME)-cert # this secret will not be prefixed, since it's not managed by kustomize

8
manifests/function/capd/v0.4.2/certmanager/kustomization.yaml Normal file
View File

@ -0,0 +1,8 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- certificate.yaml
configurations:
- kustomizeconfig.yaml

19
manifests/function/capd/v0.4.2/certmanager/kustomizeconfig.yaml Normal file
View File

@ -0,0 +1,19 @@
# This configuration is for teaching kustomize how to update name ref and var substitution
nameReference:
- kind: Issuer
group: cert-manager.io
fieldSpecs:
- kind: Certificate
group: cert-manager.io
path: spec/issuerRef/name
varReference:
- kind: Certificate
group: cert-manager.io
path: spec/commonName
- kind: Certificate
group: cert-manager.io
path: spec/dnsNames
- kind: Certificate
group: cert-manager.io
path: spec/secretName

380
manifests/function/capd/v0.4.2/crd/bases/exp.infrastructure.cluster.x-k8s.io_dockermachinepools.yaml Normal file
View File

@ -0,0 +1,380 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.6.2
creationTimestamp: null
name: dockermachinepools.exp.infrastructure.cluster.x-k8s.io
spec:
group: exp.infrastructure.cluster.x-k8s.io
names:
categories:
- cluster-api
kind: DockerMachinePool
listKind: DockerMachinePoolList
plural: dockermachinepools
singular: dockermachinepool
scope: Namespaced
versions:
- name: v1alpha3
schema:
openAPIV3Schema:
description: DockerMachinePool is the Schema for the dockermachinepools API.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: DockerMachinePoolSpec defines the desired state of DockerMachinePool.
properties:
providerID:
description: ProviderID is the identification ID of the Machine Pool
type: string
providerIDList:
description: ProviderIDList is the list of identification IDs of machine
instances managed by this Machine Pool
items:
type: string
type: array
template:
description: Template contains the details used to build a replica
machine within the Machine Pool
properties:
customImage:
description: CustomImage allows customizing the container image
that is used for running the machine
type: string
extraMounts:
description: ExtraMounts describes additional mount points for
the node container These may be used to bind a hostPath
items:
description: Mount specifies a host volume to mount into a container.
This is a simplified version of kind v1alpha4.Mount types.
properties:
containerPath:
description: Path of the mount within the container.
type: string
hostPath:
description: Path of the mount on the host. If the hostPath
doesn't exist, then runtimes should report error. If the
hostpath is a symbolic link, runtimes should follow the
symlink and mount the real destination to container.
type: string
readOnly:
description: If set, the mount is read-only.
type: boolean
type: object
type: array
preLoadImages:
description: PreLoadImages allows to pre-load images in a newly
created machine. This can be used to speed up tests by avoiding
e.g. to download CNI images on all the containers.
items:
type: string
type: array
type: object
type: object
status:
description: DockerMachinePoolStatus defines the observed state of DockerMachinePool.
properties:
conditions:
description: Conditions defines current service state of the DockerMachinePool.
items:
description: Condition defines an observation of a Cluster API resource
operational state.
properties:
lastTransitionTime:
description: Last time the condition transitioned from one status
to another. This should be when the underlying condition changed.
If that is not known, then using the time when the API field
changed is acceptable.
format: date-time
type: string
message:
description: A human readable message indicating details about
the transition. This field may be empty.
type: string
reason:
description: The reason for the condition's last transition
in CamelCase. The specific API may choose whether or not this
field is considered a guaranteed API. This field may not be
empty.
type: string
severity:
description: Severity provides an explicit classification of
Reason code, so the users or machines can immediately understand
the current situation and act accordingly. The Severity field
MUST be set only when Status=False.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: Type of condition in CamelCase or in foo.example.com/CamelCase.
Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important.
type: string
required:
- status
- type
type: object
type: array
instances:
description: Instances contains the status for each instance in the
pool
items:
properties:
addresses:
description: Addresses contains the associated addresses for
the docker machine.
items:
description: MachineAddress contains information for the node's
address.
properties:
address:
description: The machine address.
type: string
type:
description: Machine address type, one of Hostname, ExternalIP
or InternalIP.
type: string
required:
- address
- type
type: object
type: array
bootstrapped:
description: Bootstrapped is true when the kubeadm bootstrapping
has been run against this machine
type: boolean
instanceName:
description: InstanceName is the identification of the Machine
Instance within the Machine Pool
type: string
providerID:
description: ProviderID is the provider identification of the
Machine Pool Instance
type: string
ready:
description: Ready denotes that the machine (docker container)
is ready
type: boolean
version:
description: Version defines the Kubernetes version for the
Machine Instance
type: string
type: object
type: array
observedGeneration:
description: The generation observed by the deployment controller.
format: int64
type: integer
ready:
description: Ready denotes that the machine pool is ready
type: boolean
replicas:
description: Replicas is the most recently observed number of replicas.
format: int32
type: integer
type: object
type: object
served: true
storage: false
subresources:
status: {}
- name: v1alpha4
schema:
openAPIV3Schema:
description: DockerMachinePool is the Schema for the dockermachinepools API.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: DockerMachinePoolSpec defines the desired state of DockerMachinePool.
properties:
providerID:
description: ProviderID is the identification ID of the Machine Pool
type: string
providerIDList:
description: ProviderIDList is the list of identification IDs of machine
instances managed by this Machine Pool
items:
type: string
type: array
template:
description: Template contains the details used to build a replica
machine within the Machine Pool
properties:
customImage:
description: CustomImage allows customizing the container image
that is used for running the machine
type: string
extraMounts:
description: ExtraMounts describes additional mount points for
the node container These may be used to bind a hostPath
items:
description: Mount specifies a host volume to mount into a container.
This is a simplified version of kind v1alpha4.Mount types.
properties:
containerPath:
description: Path of the mount within the container.
type: string
hostPath:
description: Path of the mount on the host. If the hostPath
doesn't exist, then runtimes should report error. If the
hostpath is a symbolic link, runtimes should follow the
symlink and mount the real destination to container.
type: string
readOnly:
description: If set, the mount is read-only.
type: boolean
type: object
type: array
preLoadImages:
description: PreLoadImages allows to pre-load images in a newly
created machine. This can be used to speed up tests by avoiding
e.g. to download CNI images on all the containers.
items:
type: string
type: array
type: object
type: object
status:
description: DockerMachinePoolStatus defines the observed state of DockerMachinePool.
properties:
conditions:
description: Conditions defines current service state of the DockerMachinePool.
items:
description: Condition defines an observation of a Cluster API resource
operational state.
properties:
lastTransitionTime:
description: Last time the condition transitioned from one status
to another. This should be when the underlying condition changed.
If that is not known, then using the time when the API field
changed is acceptable.
format: date-time
type: string
message:
description: A human readable message indicating details about
the transition. This field may be empty.
type: string
reason:
description: The reason for the condition's last transition
in CamelCase. The specific API may choose whether or not this
field is considered a guaranteed API. This field may not be
empty.
type: string
severity:
description: Severity provides an explicit classification of
Reason code, so the users or machines can immediately understand
the current situation and act accordingly. The Severity field
MUST be set only when Status=False.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: Type of condition in CamelCase or in foo.example.com/CamelCase.
Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important.
type: string
required:
- status
- type
type: object
type: array
instances:
description: Instances contains the status for each instance in the
pool
items:
properties:
addresses:
description: Addresses contains the associated addresses for
the docker machine.
items:
description: MachineAddress contains information for the node's
address.
properties:
address:
description: The machine address.
type: string
type:
description: Machine address type, one of Hostname, ExternalIP
or InternalIP.
type: string
required:
- address
- type
type: object
type: array
bootstrapped:
description: Bootstrapped is true when the kubeadm bootstrapping
has been run against this machine
type: boolean
instanceName:
description: InstanceName is the identification of the Machine
Instance within the Machine Pool
type: string
providerID:
description: ProviderID is the provider identification of the
Machine Pool Instance
type: string
ready:
description: Ready denotes that the machine (docker container)
is ready
type: boolean
version:
description: Version defines the Kubernetes version for the
Machine Instance
type: string
type: object
type: array
observedGeneration:
description: The generation observed by the deployment controller.
format: int64
type: integer
ready:
description: Ready denotes that the machine pool is ready
type: boolean
replicas:
description: Replicas is the most recently observed number of replicas.
format: int32
type: integer
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

315
manifests/function/capd/v0.4.2/crd/bases/infrastructure.cluster.x-k8s.io_dockerclusters.yaml Normal file
View File

@ -0,0 +1,315 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.6.2
creationTimestamp: null
name: dockerclusters.infrastructure.cluster.x-k8s.io
spec:
group: infrastructure.cluster.x-k8s.io
names:
categories:
- cluster-api
kind: DockerCluster
listKind: DockerClusterList
plural: dockerclusters
singular: dockercluster
scope: Namespaced
versions:
- name: v1alpha3
schema:
openAPIV3Schema:
description: DockerCluster is the Schema for the dockerclusters API.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: DockerClusterSpec defines the desired state of DockerCluster.
properties:
controlPlaneEndpoint:
description: ControlPlaneEndpoint represents the endpoint used to
communicate with the control plane.
properties:
host:
description: Host is the hostname on which the API server is serving.
type: string
port:
description: Port is the port on which the API server is serving.
type: integer
required:
- host
- port
type: object
failureDomains:
additionalProperties:
description: FailureDomainSpec is the Schema for Cluster API failure
domains. It allows controllers to understand how many failure
domains a cluster can optionally span across.
properties:
attributes:
additionalProperties:
type: string
description: Attributes is a free form map of attributes an
infrastructure provider might use or require.
type: object
controlPlane:
description: ControlPlane determines if this failure domain
is suitable for use by control plane machines.
type: boolean
type: object
description: FailureDomains are not usulaly defined on the spec. The
docker provider is special since failure domains don't mean anything
in a local docker environment. Instead, the docker cluster controller
will simply copy these into the Status and allow the Cluster API
controllers to do what they will with the defined failure domains.
type: object
type: object
status:
description: DockerClusterStatus defines the observed state of DockerCluster.
properties:
conditions:
description: Conditions defines current service state of the DockerCluster.
items:
description: Condition defines an observation of a Cluster API resource
operational state.
properties:
lastTransitionTime:
description: Last time the condition transitioned from one status
to another. This should be when the underlying condition changed.
If that is not known, then using the time when the API field
changed is acceptable.
format: date-time
type: string
message:
description: A human readable message indicating details about
the transition. This field may be empty.
type: string
reason:
description: The reason for the condition's last transition
in CamelCase. The specific API may choose whether or not this
field is considered a guaranteed API. This field may not be
empty.
type: string
severity:
description: Severity provides an explicit classification of
Reason code, so the users or machines can immediately understand
the current situation and act accordingly. The Severity field
MUST be set only when Status=False.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: Type of condition in CamelCase or in foo.example.com/CamelCase.
Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important.
type: string
required:
- status
- type
type: object
type: array
failureDomains:
additionalProperties:
description: FailureDomainSpec is the Schema for Cluster API failure
domains. It allows controllers to understand how many failure
domains a cluster can optionally span across.
properties:
attributes:
additionalProperties:
type: string
description: Attributes is a free form map of attributes an
infrastructure provider might use or require.
type: object
controlPlane:
description: ControlPlane determines if this failure domain
is suitable for use by control plane machines.
type: boolean
type: object
description: FailureDomains don't mean much in CAPD since it's all
local, but we can see how the rest of cluster API will use this
if we populate it.
type: object
ready:
description: Ready denotes that the docker cluster (infrastructure)
is ready.
type: boolean
required:
- ready
type: object
type: object
served: true
storage: false
subresources:
status: {}
- name: v1alpha4
schema:
openAPIV3Schema:
description: DockerCluster is the Schema for the dockerclusters API.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: DockerClusterSpec defines the desired state of DockerCluster.
properties:
controlPlaneEndpoint:
description: ControlPlaneEndpoint represents the endpoint used to
communicate with the control plane.
properties:
host:
description: Host is the hostname on which the API server is serving.
type: string
port:
description: Port is the port on which the API server is serving.
type: integer
required:
- host
- port
type: object
failureDomains:
additionalProperties:
description: FailureDomainSpec is the Schema for Cluster API failure
domains. It allows controllers to understand how many failure
domains a cluster can optionally span across.
properties:
attributes:
additionalProperties:
type: string
description: Attributes is a free form map of attributes an
infrastructure provider might use or require.
type: object
controlPlane:
description: ControlPlane determines if this failure domain
is suitable for use by control plane machines.
type: boolean
type: object
description: FailureDomains are not usulaly defined on the spec. The
docker provider is special since failure domains don't mean anything
in a local docker environment. Instead, the docker cluster controller
will simply copy these into the Status and allow the Cluster API
controllers to do what they will with the defined failure domains.
type: object
loadBalancer:
description: LoadBalancer allows defining configurations for the cluster
load balancer.
properties:
imageRepository:
description: ImageRepository sets the container registry to pull
the haproxy image from. if not set, "kindest" will be used instead.
type: string
imageTag:
description: ImageTag allows to specify a tag for the haproxy
image. if not set, "v20210715-a6da3463" will be used instead.
type: string
type: object
type: object
status:
description: DockerClusterStatus defines the observed state of DockerCluster.
properties:
conditions:
description: Conditions defines current service state of the DockerCluster.
items:
description: Condition defines an observation of a Cluster API resource
operational state.
properties:
lastTransitionTime:
description: Last time the condition transitioned from one status
to another. This should be when the underlying condition changed.
If that is not known, then using the time when the API field
changed is acceptable.
format: date-time
type: string
message:
description: A human readable message indicating details about
the transition. This field may be empty.
type: string
reason:
description: The reason for the condition's last transition
in CamelCase. The specific API may choose whether or not this
field is considered a guaranteed API. This field may not be
empty.
type: string
severity:
description: Severity provides an explicit classification of
Reason code, so the users or machines can immediately understand
the current situation and act accordingly. The Severity field
MUST be set only when Status=False.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: Type of condition in CamelCase or in foo.example.com/CamelCase.
Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important.
type: string
required:
- status
- type
type: object
type: array
failureDomains:
additionalProperties:
description: FailureDomainSpec is the Schema for Cluster API failure
domains. It allows controllers to understand how many failure
domains a cluster can optionally span across.
properties:
attributes:
additionalProperties:
type: string
description: Attributes is a free form map of attributes an
infrastructure provider might use or require.
type: object
controlPlane:
description: ControlPlane determines if this failure domain
is suitable for use by control plane machines.
type: boolean
type: object
description: FailureDomains don't mean much in CAPD since it's all
local, but we can see how the rest of cluster API will use this
if we populate it.
type: object
ready:
description: Ready denotes that the docker cluster (infrastructure)
is ready.
type: boolean
required:
- ready
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

118
manifests/function/capd/v0.4.2/crd/bases/infrastructure.cluster.x-k8s.io_dockerclustertemplates.yaml Normal file
View File

@ -0,0 +1,118 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.6.2
creationTimestamp: null
name: dockerclustertemplates.infrastructure.cluster.x-k8s.io
spec:
group: infrastructure.cluster.x-k8s.io
names:
kind: DockerClusterTemplate
listKind: DockerClusterTemplateList
plural: dockerclustertemplates
singular: dockerclustertemplate
scope: Namespaced
versions:
- name: v1alpha4
schema:
openAPIV3Schema:
description: DockerClusterTemplate is the Schema for the dockerclustertemplates
API.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: DockerClusterTemplateSpec defines the desired state of DockerClusterTemplate.
properties:
template:
description: DockerClusterTemplateResource describes the data needed
to create a DockerCluster from a template.
properties:
spec:
description: DockerClusterSpec defines the desired state of DockerCluster.
properties:
controlPlaneEndpoint:
description: ControlPlaneEndpoint represents the endpoint
used to communicate with the control plane.
properties:
host:
description: Host is the hostname on which the API server
is serving.
type: string
port:
description: Port is the port on which the API server
is serving.
type: integer
required:
- host
- port
type: object
failureDomains:
additionalProperties:
description: FailureDomainSpec is the Schema for Cluster
API failure domains. It allows controllers to understand
how many failure domains a cluster can optionally span
across.
properties:
attributes:
additionalProperties:
type: string
description: Attributes is a free form map of attributes
an infrastructure provider might use or require.
type: object
controlPlane:
description: ControlPlane determines if this failure
domain is suitable for use by control plane machines.
type: boolean
type: object
description: FailureDomains are not usulaly defined on the
spec. The docker provider is special since failure domains
don't mean anything in a local docker environment. Instead,
the docker cluster controller will simply copy these into
the Status and allow the Cluster API controllers to do what
they will with the defined failure domains.
type: object
loadBalancer:
description: LoadBalancer allows defining configurations for
the cluster load balancer.
properties:
imageRepository:
description: ImageRepository sets the container registry
to pull the haproxy image from. if not set, "kindest"
will be used instead.
type: string
imageTag:
description: ImageTag allows to specify a tag for the
haproxy image. if not set, "v20210715-a6da3463" will
be used instead.
type: string
type: object
type: object
required:
- spec
type: object
required:
- template
type: object
type: object
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

380
manifests/function/capd/v0.4.2/crd/bases/infrastructure.cluster.x-k8s.io_dockermachinepools.yaml Normal file
View File

@ -0,0 +1,380 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.6.0-beta.0
creationTimestamp: null
name: dockermachinepools.infrastructure.cluster.x-k8s.io
spec:
group: infrastructure.cluster.x-k8s.io
names:
categories:
- cluster-api
kind: DockerMachinePool
listKind: DockerMachinePoolList
plural: dockermachinepools
singular: dockermachinepool
scope: Namespaced
versions:
- name: v1alpha3
schema:
openAPIV3Schema:
description: DockerMachinePool is the Schema for the dockermachinepools API.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: DockerMachinePoolSpec defines the desired state of DockerMachinePool.
properties:
providerID:
description: ProviderID is the identification ID of the Machine Pool
type: string
providerIDList:
description: ProviderIDList is the list of identification IDs of machine
instances managed by this Machine Pool
items:
type: string
type: array
template:
description: Template contains the details used to build a replica
machine within the Machine Pool
properties:
customImage:
description: CustomImage allows customizing the container image
that is used for running the machine
type: string
extraMounts:
description: ExtraMounts describes additional mount points for
the node container These may be used to bind a hostPath
items:
description: Mount specifies a host volume to mount into a container.
This is a simplified version of kind v1alpha4.Mount types.
properties:
containerPath:
description: Path of the mount within the container.
type: string
hostPath:
description: Path of the mount on the host. If the hostPath
doesn't exist, then runtimes should report error. If the
hostpath is a symbolic link, runtimes should follow the
symlink and mount the real destination to container.
type: string
readOnly:
description: If set, the mount is read-only.
type: boolean
type: object
type: array
preLoadImages:
description: PreLoadImages allows to pre-load images in a newly
created machine. This can be used to speed up tests by avoiding
e.g. to download CNI images on all the containers.
items:
type: string
type: array
type: object
type: object
status:
description: DockerMachinePoolStatus defines the observed state of DockerMachinePool.
properties:
conditions:
description: Conditions defines current service state of the DockerMachinePool.
items:
description: Condition defines an observation of a Cluster API resource
operational state.
properties:
lastTransitionTime:
description: Last time the condition transitioned from one status
to another. This should be when the underlying condition changed.
If that is not known, then using the time when the API field
changed is acceptable.
format: date-time
type: string
message:
description: A human readable message indicating details about
the transition. This field may be empty.
type: string
reason:
description: The reason for the condition's last transition
in CamelCase. The specific API may choose whether or not this
field is considered a guaranteed API. This field may not be
empty.
type: string
severity:
description: Severity provides an explicit classification of
Reason code, so the users or machines can immediately understand
the current situation and act accordingly. The Severity field
MUST be set only when Status=False.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: Type of condition in CamelCase or in foo.example.com/CamelCase.
Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important.
type: string
required:
- status
- type
type: object
type: array
instances:
description: Instances contains the status for each instance in the
pool
items:
properties:
addresses:
description: Addresses contains the associated addresses for
the docker machine.
items:
description: MachineAddress contains information for the node's
address.
properties:
address:
description: The machine address.
type: string
type:
description: Machine address type, one of Hostname, ExternalIP
or InternalIP.
type: string
required:
- address
- type
type: object
type: array
bootstrapped:
description: Bootstrapped is true when the kubeadm bootstrapping
has been run against this machine
type: boolean
instanceName:
description: InstanceName is the identification of the Machine
Instance within the Machine Pool
type: string
providerID:
description: ProviderID is the provider identification of the
Machine Pool Instance
type: string
ready:
description: Ready denotes that the machine (docker container)
is ready
type: boolean
version:
description: Version defines the Kubernetes version for the
Machine Instance
type: string
type: object
type: array
observedGeneration:
description: The generation observed by the deployment controller.
format: int64
type: integer
ready:
description: Ready denotes that the machine pool is ready
type: boolean
replicas:
description: Replicas is the most recently observed number of replicas.
format: int32
type: integer
type: object
type: object
served: true
storage: false
subresources:
status: {}
- name: v1alpha4
schema:
openAPIV3Schema:
description: DockerMachinePool is the Schema for the dockermachinepools API.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: DockerMachinePoolSpec defines the desired state of DockerMachinePool.
properties:
providerID:
description: ProviderID is the identification ID of the Machine Pool
type: string
providerIDList:
description: ProviderIDList is the list of identification IDs of machine
instances managed by this Machine Pool
items:
type: string
type: array
template:
description: Template contains the details used to build a replica
machine within the Machine Pool
properties:
customImage:
description: CustomImage allows customizing the container image
that is used for running the machine
type: string
extraMounts:
description: ExtraMounts describes additional mount points for
the node container These may be used to bind a hostPath
items:
description: Mount specifies a host volume to mount into a container.
This is a simplified version of kind v1alpha4.Mount types.
properties:
containerPath:
description: Path of the mount within the container.
type: string
hostPath:
description: Path of the mount on the host. If the hostPath
doesn't exist, then runtimes should report error. If the
hostpath is a symbolic link, runtimes should follow the
symlink and mount the real destination to container.
type: string
readOnly:
description: If set, the mount is read-only.
type: boolean
type: object
type: array
preLoadImages:
description: PreLoadImages allows to pre-load images in a newly
created machine. This can be used to speed up tests by avoiding
e.g. to download CNI images on all the containers.
items:
type: string
type: array
type: object
type: object
status:
description: DockerMachinePoolStatus defines the observed state of DockerMachinePool.
properties:
conditions:
description: Conditions defines current service state of the DockerMachinePool.
items:
description: Condition defines an observation of a Cluster API resource
operational state.
properties:
lastTransitionTime:
description: Last time the condition transitioned from one status
to another. This should be when the underlying condition changed.
If that is not known, then using the time when the API field
changed is acceptable.
format: date-time
type: string
message:
description: A human readable message indicating details about
the transition. This field may be empty.
type: string
reason:
description: The reason for the condition's last transition
in CamelCase. The specific API may choose whether or not this
field is considered a guaranteed API. This field may not be
empty.
type: string
severity:
description: Severity provides an explicit classification of
Reason code, so the users or machines can immediately understand
the current situation and act accordingly. The Severity field
MUST be set only when Status=False.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: Type of condition in CamelCase or in foo.example.com/CamelCase.
Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important.
type: string
required:
- status
- type
type: object
type: array
instances:
description: Instances contains the status for each instance in the
pool
items:
properties:
addresses:
description: Addresses contains the associated addresses for
the docker machine.
items:
description: MachineAddress contains information for the node's
address.
properties:
address:
description: The machine address.
type: string
type:
description: Machine address type, one of Hostname, ExternalIP
or InternalIP.
type: string
required:
- address
- type
type: object
type: array
bootstrapped:
description: Bootstrapped is true when the kubeadm bootstrapping
has been run against this machine
type: boolean
instanceName:
description: InstanceName is the identification of the Machine
Instance within the Machine Pool
type: string
providerID:
description: ProviderID is the provider identification of the
Machine Pool Instance
type: string
ready:
description: Ready denotes that the machine (docker container)
is ready
type: boolean
version:
description: Version defines the Kubernetes version for the
Machine Instance
type: string
type: object
type: array
observedGeneration:
description: The generation observed by the deployment controller.
format: int64
type: integer
ready:
description: Ready denotes that the machine pool is ready
type: boolean
replicas:
description: Replicas is the most recently observed number of replicas.
format: int32
type: integer
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

308
manifests/function/capd/v0.4.2/crd/bases/infrastructure.cluster.x-k8s.io_dockermachines.yaml Normal file
View File

@ -0,0 +1,308 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.6.2
creationTimestamp: null
name: dockermachines.infrastructure.cluster.x-k8s.io
spec:
group: infrastructure.cluster.x-k8s.io
names:
categories:
- cluster-api
kind: DockerMachine
listKind: DockerMachineList
plural: dockermachines
singular: dockermachine
scope: Namespaced
versions:
- name: v1alpha3
schema:
openAPIV3Schema:
description: DockerMachine is the Schema for the dockermachines API.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: DockerMachineSpec defines the desired state of DockerMachine.
properties:
bootstrapped:
description: Bootstrapped is true when the kubeadm bootstrapping has
been run against this machine
type: boolean
customImage:
description: CustomImage allows customizing the container image that
is used for running the machine
type: string
extraMounts:
description: ExtraMounts describes additional mount points for the
node container These may be used to bind a hostPath
items:
description: Mount specifies a host volume to mount into a container.
This is a simplified version of kind v1alpha4.Mount types.
properties:
containerPath:
description: Path of the mount within the container.
type: string
hostPath:
description: Path of the mount on the host. If the hostPath
doesn't exist, then runtimes should report error. If the hostpath
is a symbolic link, runtimes should follow the symlink and
mount the real destination to container.
type: string
readOnly:
description: If set, the mount is read-only.
type: boolean
type: object
type: array
preLoadImages:
description: PreLoadImages allows to pre-load images in a newly created
machine. This can be used to speed up tests by avoiding e.g. to
download CNI images on all the containers.
items:
type: string
type: array
providerID:
description: ProviderID will be the container name in ProviderID format
(docker:////<containername>)
type: string
type: object
status:
description: DockerMachineStatus defines the observed state of DockerMachine.
properties:
addresses:
description: Addresses contains the associated addresses for the docker
machine.
items:
description: MachineAddress contains information for the node's
address.
properties:
address:
description: The machine address.
type: string
type:
description: Machine address type, one of Hostname, ExternalIP
or InternalIP.
type: string
required:
- address
- type
type: object
type: array
conditions:
description: Conditions defines current service state of the DockerMachine.
items:
description: Condition defines an observation of a Cluster API resource
operational state.
properties:
lastTransitionTime:
description: Last time the condition transitioned from one status
to another. This should be when the underlying condition changed.
If that is not known, then using the time when the API field
changed is acceptable.
format: date-time
type: string
message:
description: A human readable message indicating details about
the transition. This field may be empty.
type: string
reason:
description: The reason for the condition's last transition
in CamelCase. The specific API may choose whether or not this
field is considered a guaranteed API. This field may not be
empty.
type: string
severity:
description: Severity provides an explicit classification of
Reason code, so the users or machines can immediately understand
the current situation and act accordingly. The Severity field
MUST be set only when Status=False.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: Type of condition in CamelCase or in foo.example.com/CamelCase.
Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important.
type: string
required:
- status
- type
type: object
type: array
loadBalancerConfigured:
description: LoadBalancerConfigured denotes that the machine has been
added to the load balancer
type: boolean
ready:
description: Ready denotes that the machine (docker container) is
ready
type: boolean
type: object
type: object
served: true
storage: false
subresources:
status: {}
- name: v1alpha4
schema:
openAPIV3Schema:
description: DockerMachine is the Schema for the dockermachines API.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: DockerMachineSpec defines the desired state of DockerMachine.
properties:
bootstrapped:
description: Bootstrapped is true when the kubeadm bootstrapping has
been run against this machine
type: boolean
customImage:
description: CustomImage allows customizing the container image that
is used for running the machine
type: string
extraMounts:
description: ExtraMounts describes additional mount points for the
node container These may be used to bind a hostPath
items:
description: Mount specifies a host volume to mount into a container.
This is a simplified version of kind v1alpha4.Mount types.
properties:
containerPath:
description: Path of the mount within the container.
type: string
hostPath:
description: Path of the mount on the host. If the hostPath
doesn't exist, then runtimes should report error. If the hostpath
is a symbolic link, runtimes should follow the symlink and
mount the real destination to container.
type: string
readOnly:
description: If set, the mount is read-only.
type: boolean
type: object
type: array
preLoadImages:
description: PreLoadImages allows to pre-load images in a newly created
machine. This can be used to speed up tests by avoiding e.g. to
download CNI images on all the containers.
items:
type: string
type: array
providerID:
description: ProviderID will be the container name in ProviderID format
(docker:////<containername>)
type: string
type: object
status:
description: DockerMachineStatus defines the observed state of DockerMachine.
properties:
addresses:
description: Addresses contains the associated addresses for the docker
machine.
items:
description: MachineAddress contains information for the node's
address.
properties:
address:
description: The machine address.
type: string
type:
description: Machine address type, one of Hostname, ExternalIP
or InternalIP.
type: string
required:
- address
- type
type: object
type: array
conditions:
description: Conditions defines current service state of the DockerMachine.
items:
description: Condition defines an observation of a Cluster API resource
operational state.
properties:
lastTransitionTime:
description: Last time the condition transitioned from one status
to another. This should be when the underlying condition changed.
If that is not known, then using the time when the API field
changed is acceptable.
format: date-time
type: string
message:
description: A human readable message indicating details about
the transition. This field may be empty.
type: string
reason:
description: The reason for the condition's last transition
in CamelCase. The specific API may choose whether or not this
field is considered a guaranteed API. This field may not be
empty.
type: string
severity:
description: Severity provides an explicit classification of
Reason code, so the users or machines can immediately understand
the current situation and act accordingly. The Severity field
MUST be set only when Status=False.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: Type of condition in CamelCase or in foo.example.com/CamelCase.
Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important.
type: string
required:
- status
- type
type: object
type: array
loadBalancerConfigured:
description: LoadBalancerConfigured denotes that the machine has been
added to the load balancer
type: boolean
ready:
description: Ready denotes that the machine (docker container) is
ready
type: boolean
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

188
manifests/function/capd/v0.4.2/crd/bases/infrastructure.cluster.x-k8s.io_dockermachinetemplates.yaml Normal file
View File

@ -0,0 +1,188 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.6.2
creationTimestamp: null
name: dockermachinetemplates.infrastructure.cluster.x-k8s.io
spec:
group: infrastructure.cluster.x-k8s.io
names:
categories:
- cluster-api
kind: DockerMachineTemplate
listKind: DockerMachineTemplateList
plural: dockermachinetemplates
singular: dockermachinetemplate
scope: Namespaced
versions:
- name: v1alpha3
schema:
openAPIV3Schema:
description: DockerMachineTemplate is the Schema for the dockermachinetemplates
API.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: DockerMachineTemplateSpec defines the desired state of DockerMachineTemplate.
properties:
template:
description: DockerMachineTemplateResource describes the data needed
to create a DockerMachine from a template.
properties:
spec:
description: Spec is the specification of the desired behavior
of the machine.
properties:
bootstrapped:
description: Bootstrapped is true when the kubeadm bootstrapping
has been run against this machine
type: boolean
customImage:
description: CustomImage allows customizing the container
image that is used for running the machine
type: string
extraMounts:
description: ExtraMounts describes additional mount points
for the node container These may be used to bind a hostPath
items:
description: Mount specifies a host volume to mount into
a container. This is a simplified version of kind v1alpha4.Mount
types.
properties:
containerPath:
description: Path of the mount within the container.
type: string
hostPath:
description: Path of the mount on the host. If the hostPath
doesn't exist, then runtimes should report error.
If the hostpath is a symbolic link, runtimes should
follow the symlink and mount the real destination
to container.
type: string
readOnly:
description: If set, the mount is read-only.
type: boolean
type: object
type: array
preLoadImages:
description: PreLoadImages allows to pre-load images in a
newly created machine. This can be used to speed up tests
by avoiding e.g. to download CNI images on all the containers.
items:
type: string
type: array
providerID:
description: ProviderID will be the container name in ProviderID
format (docker:////<containername>)
type: string
type: object
required:
- spec
type: object
required:
- template
type: object
type: object
served: true
storage: false
- name: v1alpha4
schema:
openAPIV3Schema:
description: DockerMachineTemplate is the Schema for the dockermachinetemplates
API.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: DockerMachineTemplateSpec defines the desired state of DockerMachineTemplate.
properties:
template:
description: DockerMachineTemplateResource describes the data needed
to create a DockerMachine from a template.
properties:
spec:
description: Spec is the specification of the desired behavior
of the machine.
properties:
bootstrapped:
description: Bootstrapped is true when the kubeadm bootstrapping
has been run against this machine
type: boolean
customImage:
description: CustomImage allows customizing the container
image that is used for running the machine
type: string
extraMounts:
description: ExtraMounts describes additional mount points
for the node container These may be used to bind a hostPath
items:
description: Mount specifies a host volume to mount into
a container. This is a simplified version of kind v1alpha4.Mount
types.
properties:
containerPath:
description: Path of the mount within the container.
type: string
hostPath:
description: Path of the mount on the host. If the hostPath
doesn't exist, then runtimes should report error.
If the hostpath is a symbolic link, runtimes should
follow the symlink and mount the real destination
to container.
type: string
readOnly:
description: If set, the mount is read-only.
type: boolean
type: object
type: array
preLoadImages:
description: PreLoadImages allows to pre-load images in a
newly created machine. This can be used to speed up tests
by avoiding e.g. to download CNI images on all the containers.
items:
type: string
type: array
providerID:
description: ProviderID will be the container name in ProviderID
format (docker:////<containername>)
type: string
type: object
required:
- spec
type: object
required:
- template
type: object
type: object
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

34
manifests/function/capd/v0.4.2/crd/kustomization.yaml Normal file
View File

@ -0,0 +1,34 @@
commonLabels:
cluster.x-k8s.io/v1alpha3: v1alpha3
cluster.x-k8s.io/v1alpha4: v1alpha4
# This kustomization.yaml is not intended to be run by itself,
# since it depends on service name and namespace that are out of this kustomize package.
# It should be run by config/
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- bases/infrastructure.cluster.x-k8s.io_dockermachines.yaml
- bases/infrastructure.cluster.x-k8s.io_dockerclusters.yaml
- bases/infrastructure.cluster.x-k8s.io_dockermachinetemplates.yaml
- bases/infrastructure.cluster.x-k8s.io_dockermachinepools.yaml
- bases/infrastructure.cluster.x-k8s.io_dockerclustertemplates.yaml
# +kubebuilder:scaffold:crdkustomizeresource
patchesStrategicMerge:
# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix.
# patches here are for enabling the conversion webhook for each CRD
#- patches/webhook_in_dockermachines.yaml
- patches/webhook_in_dockerclusters.yaml
- patches/webhook_in_dockerclustertemplates.yaml
# +kubebuilder:scaffold:crdkustomizewebhookpatch
# [CERTMANAGER] To enable webhook, uncomment all the sections with [CERTMANAGER] prefix.
# patches here are for enabling the CA injection for each CRD
#- patches/cainjection_in_dockermachines.yaml
- patches/cainjection_in_dockerclusters.yaml
- patches/cainjection_in_dockerclustertemplates.yaml
# +kubebuilder:scaffold:crdkustomizecainjectionpatch
# the following config is for teaching kustomize how to do kustomization for CRDs.
configurations:
- kustomizeconfig.yaml

17
manifests/function/capd/v0.4.2/crd/kustomizeconfig.yaml Normal file
View File

@ -0,0 +1,17 @@
# This file is for teaching kustomize how to substitute name and namespace reference in CRD
nameReference:
- kind: Service
version: v1
fieldSpecs:
- kind: CustomResourceDefinition
group: apiextensions.k8s.io
path: spec/conversion/webhook/clientConfig/service/name
namespace:
- kind: CustomResourceDefinition
group: apiextensions.k8s.io
path: spec/conversion/webhook/clientConfig/service/namespace
create: false
varReference:
- path: metadata/annotations

8
manifests/function/capd/v0.4.2/crd/patches/cainjection_in_dockerclusters.yaml Normal file
View File

@ -0,0 +1,8 @@
# The following patch adds a directive for certmanager to inject CA into the CRD
# CRD conversion requires k8s 1.13 or later.
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
name: dockerclusters.infrastructure.cluster.x-k8s.io

8
manifests/function/capd/v0.4.2/crd/patches/cainjection_in_dockerclustertemplates.yaml Normal file
View File

@ -0,0 +1,8 @@
# The following patch adds a directive for certmanager to inject CA into the CRD
# CRD conversion requires k8s 1.13 or later.
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
name: dockerclustertemplates.infrastructure.cluster.x-k8s.io

8
manifests/function/capd/v0.4.2/crd/patches/cainjection_in_dockermachinepools.yaml Normal file
View File

@ -0,0 +1,8 @@
# The following patch adds a directive for certmanager to inject CA into the CRD
# CRD conversion requires k8s 1.13 or later.
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
name: dockermachinepools.exp.infrastructure.cluster.x-k8s.io

8
manifests/function/capd/v0.4.2/crd/patches/cainjection_in_dockermachines.yaml Normal file
View File

@ -0,0 +1,8 @@
# The following patch adds a directive for certmanager to inject CA into the CRD
# CRD conversion requires k8s 1.13 or later.
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
name: dockermachines.infrastructure.cluster.x-k8s.io

19
manifests/function/capd/v0.4.2/crd/patches/webhook_in_dockerclusters.yaml Normal file
View File

@ -0,0 +1,19 @@
# The following patch enables conversion webhook for CRD
# CRD conversion requires k8s 1.13 or later.
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: dockerclusters.infrastructure.cluster.x-k8s.io
spec:
conversion:
strategy: Webhook
webhook:
conversionReviewVersions: ["v1", "v1beta1"]
clientConfig:
# this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank,
# but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager)
caBundle: Cg==
service:
namespace: system
name: webhook-service
path: /convert

19
manifests/function/capd/v0.4.2/crd/patches/webhook_in_dockerclustertemplates.yaml Normal file
View File

@ -0,0 +1,19 @@
# The following patch enables conversion webhook for CRD
# CRD conversion requires k8s 1.13 or later.
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: dockerclustertemplates.infrastructure.cluster.x-k8s.io
spec:
conversion:
strategy: Webhook
webhook:
conversionReviewVersions: ["v1", "v1beta1"]
clientConfig:
# this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank,
# but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager)
caBundle: Cg==
service:
namespace: system
name: webhook-service
path: /convert

19
manifests/function/capd/v0.4.2/crd/patches/webhook_in_dockermachinepools.yaml Normal file
View File

@ -0,0 +1,19 @@
# The following patch enables conversion webhook for CRD
# CRD conversion requires k8s 1.13 or later.
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: dockermachinepools.exp.infrastructure.cluster.x-k8s.io
spec:
conversion:
strategy: Webhook
webhook:
conversionReviewVersions: ["v1", "v1beta1"]
clientConfig:
# this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank,
# but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager)
caBundle: Cg==
service:
namespace: system
name: webhook-service
path: /convert

19
manifests/function/capd/v0.4.2/crd/patches/webhook_in_dockermachines.yaml Normal file
View File

@ -0,0 +1,19 @@
# The following patch enables conversion webhook for CRD
# CRD conversion requires k8s 1.13 or later.
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: dockermachines.infrastructure.cluster.x-k8s.io
spec:
conversion:
strategy: Webhook
webhook:
conversionReviewVersions: ["v1", "v1beta1"]
clientConfig:
# this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank,
# but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager)
caBundle: Cg==
service:
namespace: system
name: webhook-service
path: /convert

2
manifests/function/capd/v0.4.2/data/kustomization.yaml Normal file
View File

@ -0,0 +1,2 @@
resources:
- metadata.yaml

13
manifests/function/capd/v0.4.2/data/metadata.yaml Normal file
View File

@ -0,0 +1,13 @@
---
apiVersion: clusterctl.cluster.x-k8s.io/v1alpha3
kind: Metadata
metadata:
name: repository-metadata
labels:
airshipit.org/deploy-k8s: "false"
releaseSeries:
- major: 0
minor: 4
contract: v1alpha4

9
manifests/function/capd/v0.4.2/default/kustomization.yaml Normal file
View File

@ -0,0 +1,9 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: capd-system
resources:
- namespace.yaml
bases:
- ../rbac

6
manifests/function/capd/v0.4.2/default/namespace.yaml Normal file
View File

@ -0,0 +1,6 @@
apiVersion: v1
kind: Namespace
metadata:
labels:
control-plane: controller-manager
name: system

11
manifests/function/capd/v0.4.2/kustomization.yaml Normal file
View File

@ -0,0 +1,11 @@
namePrefix: capd-
commonLabels:
cluster.x-k8s.io/provider: "infrastructure-docker"
resources:
- crd
- default
- data
- webhook

9
manifests/function/capd/v0.4.2/manager/kustomization.yaml Normal file
View File

@ -0,0 +1,9 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- manager.yaml
patchesStrategicMerge:
- manager_image_patch.yaml
- manager_auth_proxy_patch.yaml

50
manifests/function/capd/v0.4.2/manager/manager.yaml Normal file
View File

@ -0,0 +1,50 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: controller-manager
namespace: system
labels:
control-plane: controller-manager
spec:
selector:
matchLabels:
control-plane: controller-manager
replicas: 1
template:
metadata:
labels:
control-plane: controller-manager
spec:
containers:
- args:
- "--leader-elect"
- "--metrics-bind-addr=localhost:8080"
- "--feature-gates=MachinePool=${EXP_MACHINE_POOL:=false},ClusterTopology=${CLUSTER_TOPOLOGY:=false}"
image: controller:latest
name: manager
ports:
- containerPort: 9440
name: healthz
protocol: TCP
readinessProbe:
httpGet:
path: /readyz
port: healthz
livenessProbe:
httpGet:
path: /healthz
port: healthz
volumeMounts:
- mountPath: /var/run/docker.sock
name: dockersock
securityContext:
privileged: true
terminationGracePeriodSeconds: 10
serviceAccountName: manager
tolerations:
- effect: NoSchedule
key: node-role.kubernetes.io/master
volumes:
- name: dockersock
hostPath:
path: /var/run/docker.sock

26
manifests/function/capd/v0.4.2/manager/manager_auth_proxy_patch.yaml Normal file
View File

@ -0,0 +1,26 @@
# This patch inject a sidecar container which is a HTTP proxy for the controller manager,
# it performs RBAC authorization against the Kubernetes API using SubjectAccessReviews.
apiVersion: apps/v1
kind: Deployment
metadata:
name: controller-manager
namespace: system
spec:
template:
spec:
containers:
- name: kube-rbac-proxy
image: gcr.io/kubebuilder/kube-rbac-proxy:v0.4.0
args:
- "--secure-listen-address=0.0.0.0:8443"
- "--upstream=http://127.0.0.1:8080/"
- "--logtostderr=true"
- "--v=10"
ports:
- containerPort: 8443
name: https
- name: manager
args:
- "--feature-gates=MachinePool=${EXP_MACHINE_POOL:=false}"
- "-v=4"

12
manifests/function/capd/v0.4.2/manager/manager_image_patch.yaml Normal file
View File

@ -0,0 +1,12 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: controller-manager
namespace: system
spec:
template:
spec:
containers:
# Change the value of image field below to your controller image URL
- image: gcr.io/k8s-staging-cluster-api/capd-manager:master
name: manager

11
manifests/function/capd/v0.4.2/manager/manager_pull_policy.yaml Normal file
View File

@ -0,0 +1,11 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: controller-manager
namespace: system
spec:
template:
spec:
containers:
- name: manager
imagePullPolicy: Always

13
manifests/function/capd/v0.4.2/rbac/auth_proxy_role.yaml Normal file
View File

@ -0,0 +1,13 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: proxy-role
rules:
- apiGroups: ["authentication.k8s.io"]
resources:
- tokenreviews
verbs: ["create"]
- apiGroups: ["authorization.k8s.io"]
resources:
- subjectaccessreviews
verbs: ["create"]

12
manifests/function/capd/v0.4.2/rbac/auth_proxy_role_binding.yaml Normal file
View File

@ -0,0 +1,12 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: proxy-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: proxy-role
subjects:
- kind: ServiceAccount
name: default
namespace: system

18
manifests/function/capd/v0.4.2/rbac/auth_proxy_service.yaml Normal file
View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Service
metadata:
annotations:
prometheus.io/port: "8443"
prometheus.io/scheme: https
prometheus.io/scrape: "true"
labels:
control-plane: controller-manager
name: controller-manager-metrics-service
namespace: system
spec:
ports:
- name: https
port: 8443
targetPort: https
selector:
control-plane: controller-manager

12
manifests/function/capd/v0.4.2/rbac/kustomization.yaml Normal file
View File

@ -0,0 +1,12 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- role.yaml
- role_binding.yaml
- service_account.yaml
- leader_election_role.yaml
- leader_election_role_binding.yaml
- auth_proxy_service.yaml
- auth_proxy_role.yaml
- auth_proxy_role_binding.yaml

44
manifests/function/capd/v0.4.2/rbac/leader_election_role.yaml Normal file
View File

@ -0,0 +1,44 @@
# permissions to do leader election.
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: leader-election-role
rules:
- apiGroups:
- ""
resources:
- configmaps
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- ""
resources:
- configmaps/status
verbs:
- get
- update
- patch
- apiGroups:
- ""
resources:
- events
verbs:
- create
- apiGroups:
- "coordination.k8s.io"
resources:
- leases
verbs:
- get
- list
- watch
- create
- update
- patch
- delete

12
manifests/function/capd/v0.4.2/rbac/leader_election_role_binding.yaml Normal file
View File

@ -0,0 +1,12 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: leader-election-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: leader-election-role
subjects:
- kind: ServiceAccount
name: manager
namespace: system

97
manifests/function/capd/v0.4.2/rbac/role.yaml Normal file
View File

@ -0,0 +1,97 @@
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
name: manager-role
rules:
- apiGroups:
- ""
resources:
- secrets
verbs:
- get
- list
- watch
- apiGroups:
- cluster.x-k8s.io
resources:
- clusters
- machines
verbs:
- get
- list
- watch
- apiGroups:
- cluster.x-k8s.io
resources:
- machinepools
- machinepools/status
verbs:
- get
- list
- watch
- apiGroups:
- infrastructure.cluster.x-k8s.io
resources:
- dockerclusters
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- infrastructure.cluster.x-k8s.io
resources:
- dockerclusters/finalizers
- dockerclusters/status
verbs:
- get
- patch
- update
- apiGroups:
- infrastructure.cluster.x-k8s.io
resources:
- dockermachinepools
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- infrastructure.cluster.x-k8s.io
resources:
- dockermachinepools/finalizers
- dockermachinepools/status
verbs:
- get
- patch
- update
- apiGroups:
- infrastructure.cluster.x-k8s.io
resources:
- dockermachines
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- infrastructure.cluster.x-k8s.io
resources:
- dockermachines/finalizers
- dockermachines/status
verbs:
- get
- patch
- update

12
manifests/function/capd/v0.4.2/rbac/role_binding.yaml Normal file
View File

@ -0,0 +1,12 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: manager-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: manager-role
subjects:
- kind: ServiceAccount
name: manager
namespace: system

5
manifests/function/capd/v0.4.2/rbac/service_account.yaml Normal file
View File

@ -0,0 +1,5 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: manager
namespace: system

44
manifests/function/capd/v0.4.2/webhook/kustomization.yaml Normal file
View File

@ -0,0 +1,44 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: capd-system
resources:
- manifests.yaml
- service.yaml
- ../certmanager
- ../manager
patchesStrategicMerge:
- manager_webhook_patch.yaml
- webhookcainjection_patch.yaml
configurations:
- kustomizeconfig.yaml
vars:
- name: SERVICE_NAMESPACE # namespace of the service
objref:
kind: Service
version: v1
name: webhook-service
fieldref:
fieldpath: metadata.namespace
- name: SERVICE_NAME
objref:
kind: Service
version: v1
name: webhook-service
- name: CERTIFICATE_NAMESPACE # namespace of the certificate CR
objref:
kind: Certificate
group: cert-manager.io
version: v1
name: serving-cert # this name should match the one in certificate.yaml
fieldref:
fieldpath: metadata.namespace
- name: CERTIFICATE_NAME
objref:
kind: Certificate
group: cert-manager.io
version: v1
name: serving-cert

22
manifests/function/capd/v0.4.2/webhook/kustomizeconfig.yaml Normal file
View File

@ -0,0 +1,22 @@
# the following config is for teaching kustomize where to look at when substituting vars.
# It requires kustomize v2.1.0 or newer to work properly.
nameReference:
- kind: Service
version: v1
fieldSpecs:
- kind: ValidatingWebhookConfiguration
group: admissionregistration.k8s.io
path: webhooks/clientConfig/service/name
namespace:
- kind: ValidatingWebhookConfiguration
group: admissionregistration.k8s.io
path: webhooks/clientConfig/service/namespace
create: true
varReference:
- path: metadata/annotations
- path: metadata/annotations
- kind: Deployment
path: spec/template/spec/volumes/secret/secretName

23
manifests/function/capd/v0.4.2/webhook/manager_webhook_patch.yaml Normal file
View File

@ -0,0 +1,23 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: controller-manager
namespace: system
spec:
template:
spec:
containers:
- name: manager
ports:
- containerPort: 9443
name: webhook-server
protocol: TCP
volumeMounts:
- mountPath: /tmp/k8s-webhook-server/serving-certs
name: cert
readOnly: true
volumes:
- name: cert
secret:
secretName: $(SERVICE_NAME)-cert # this secret will not be prefixed, since it's not managed by kustomize

126
manifests/function/capd/v0.4.2/webhook/manifests.yaml Normal file
View File

@ -0,0 +1,126 @@
---
apiVersion: admissionregistration.k8s.io/v1
kind: MutatingWebhookConfiguration
metadata:
creationTimestamp: null
name: mutating-webhook-configuration
webhooks:
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: webhook-service
namespace: system
path: /mutate-infrastructure-cluster-x-k8s-io-v1alpha4-dockercluster
failurePolicy: Fail
matchPolicy: Equivalent
name: default.dockercluster.infrastructure.cluster.x-k8s.io
rules:
- apiGroups:
- infrastructure.cluster.x-k8s.io
apiVersions:
- v1alpha4
operations:
- CREATE
- UPDATE
resources:
- dockerclusters
sideEffects: None
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: webhook-service
namespace: system
path: /mutate-infrastructure-cluster-x-k8s-io-v1alpha4-dockerclustertemplate
failurePolicy: Fail
matchPolicy: Equivalent
name: default.dockerclustertemplate.infrastructure.cluster.x-k8s.io
rules:
- apiGroups:
- infrastructure.cluster.x-k8s.io
apiVersions:
- v1alpha4
operations:
- CREATE
- UPDATE
resources:
- dockerclustertemplates
sideEffects: None
---
apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
metadata:
creationTimestamp: null
name: validating-webhook-configuration
webhooks:
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: webhook-service
namespace: system
path: /validate-infrastructure-cluster-x-k8s-io-v1alpha4-dockercluster
failurePolicy: Fail
matchPolicy: Equivalent
name: validation.dockercluster.infrastructure.cluster.x-k8s.io
rules:
- apiGroups:
- infrastructure.cluster.x-k8s.io
apiVersions:
- v1alpha4
operations:
- CREATE
- UPDATE
resources:
- dockerclusters
sideEffects: None
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: webhook-service
namespace: system
path: /validate-infrastructure-cluster-x-k8s-io-v1alpha4-dockerclustertemplate
failurePolicy: Fail
matchPolicy: Equivalent
name: validation.dockerclustertemplate.infrastructure.cluster.x-k8s.io
rules:
- apiGroups:
- infrastructure.cluster.x-k8s.io
apiVersions:
- v1alpha4
operations:
- CREATE
- UPDATE
resources:
- dockerclustertemplates
sideEffects: None
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: webhook-service
namespace: system
path: /validate-infrastructure-cluster-x-k8s-io-v1alpha4-dockermachinetemplate
failurePolicy: Fail
matchPolicy: Equivalent
name: validation.dockermachinetemplate.infrastructure.cluster.x-k8s.io
rules:
- apiGroups:
- infrastructure.cluster.x-k8s.io
apiVersions:
- v1alpha4
operations:
- CREATE
- UPDATE
resources:
- dockermachinetemplates
sideEffects: None

10
manifests/function/capd/v0.4.2/webhook/service.yaml Normal file
View File

@ -0,0 +1,10 @@
apiVersion: v1
kind: Service
metadata:
name: webhook-service
namespace: system
spec:
ports:
- port: 443
targetPort: webhook-server

15
manifests/function/capd/v0.4.2/webhook/webhookcainjection_patch.yaml Normal file
View File

@ -0,0 +1,15 @@
# This patch add annotation to admission webhook config and
# the variables $(CERTIFICATE_NAMESPACE) and $(CERTIFICATE_NAME) will be substituted by kustomize.
apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
metadata:
name: validating-webhook-configuration
annotations:
cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
---
apiVersion: admissionregistration.k8s.io/v1
kind: MutatingWebhookConfiguration
metadata:
name: mutating-webhook-configuration
annotations:
cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)